* [GIT PULL] Crypto Fixes for 6.16
@ 2025-07-19 0:36 Herbert Xu
2025-07-19 1:34 ` pr-tracker-bot
0 siblings, 1 reply; 16+ messages in thread
From: Herbert Xu @ 2025-07-19 0:36 UTC (permalink / raw)
To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
Hi Linus:
The following changes since commit 20d71750cc72e80859d52548cf5c2a7513983b0d:
crypto: wp512 - Use API partial block handling (2025-06-23 16:56:56 +0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p7
for you to fetch changes up to ccafe2821cfaa880cf4461307111b76df07c48fb:
crypto: qat - Use crypto_shash_export_core (2025-06-26 12:55:22 +0800)
----------------------------------------------------------------
This push fixes a buffer overflows in qat and chelsio.
----------------------------------------------------------------
Herbert Xu (2):
crypto: chelsio - Use crypto_shash_export_core
crypto: qat - Use crypto_shash_export_core
drivers/crypto/chelsio/chcr_algo.c | 10 +++++-----
drivers/crypto/intel/qat/qat_common/qat_algs.c | 14 +++++++-------
2 files changed, 12 insertions(+), 12 deletions(-)
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 16+ messages in thread* [GIT PULL] Crypto Fixes for 6.16
@ 2025-06-25 2:44 Herbert Xu
2025-06-25 3:04 ` Eric Biggers
2025-06-27 5:08 ` pr-tracker-bot
0 siblings, 2 replies; 16+ messages in thread
From: Herbert Xu @ 2025-06-25 2:44 UTC (permalink / raw)
To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
Hi Linus:
The following changes since commit df29f60369ccec0aa17d7eed7e2ae1fcdc9be6d4:
crypto: ahash - Fix infinite recursion in ahash_def_finup (2025-06-18 17:02:02 +0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p6
for you to fetch changes up to 20d71750cc72e80859d52548cf5c2a7513983b0d:
crypto: wp512 - Use API partial block handling (2025-06-23 16:56:56 +0800)
----------------------------------------------------------------
This push fixes a regression where wp512 can no longer be used
with hmac.
----------------------------------------------------------------
Herbert Xu (1):
crypto: wp512 - Use API partial block handling
crypto/wp512.c | 125 ++++++++++++++++++++++-----------------------------------
1 file changed, 47 insertions(+), 78 deletions(-)
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 16+ messages in thread* Re: [GIT PULL] Crypto Fixes for 6.16
2025-06-25 2:44 Herbert Xu
@ 2025-06-25 3:04 ` Eric Biggers
2025-06-25 3:14 ` Herbert Xu
2025-06-27 5:08 ` pr-tracker-bot
1 sibling, 1 reply; 16+ messages in thread
From: Eric Biggers @ 2025-06-25 3:04 UTC (permalink / raw)
To: Herbert Xu
Cc: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
On Wed, Jun 25, 2025 at 10:44:04AM +0800, Herbert Xu wrote:
> Hi Linus:
>
> The following changes since commit df29f60369ccec0aa17d7eed7e2ae1fcdc9be6d4:
>
> crypto: ahash - Fix infinite recursion in ahash_def_finup (2025-06-18 17:02:02 +0800)
>
> are available in the Git repository at:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p6
>
> for you to fetch changes up to 20d71750cc72e80859d52548cf5c2a7513983b0d:
>
> crypto: wp512 - Use API partial block handling (2025-06-23 16:56:56 +0800)
>
> ----------------------------------------------------------------
> This push fixes a regression where wp512 can no longer be used
> with hmac.
> ----------------------------------------------------------------
>
> Herbert Xu (1):
> crypto: wp512 - Use API partial block handling
>
Wouldn't it make more sense to revert the "Crypto API partial block handling"
stuff? It's been causing a huge number of problems, and it's been getting
superseded by the librarification changes anyway.
This is already the fourth 6.16 fixes pull request for regressions caused by
your partial block handling changes. And I have another one queued in
libcrypto-fixes. I expect there will need to be more...
Indeed, I just found that a lot of drivers in drivers/crypto/ haven't been
updated to be aware of the extra byte that comes back from
crypto_shash_export(). So there are a bunch of buffer overflows there too.
(Not like drivers/crypto/ actually matters, but apparently your changes are for
its benefit? So it's interesting that it was actually broken by them.)
- Eric
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [GIT PULL] Crypto Fixes for 6.16
2025-06-25 3:04 ` Eric Biggers
@ 2025-06-25 3:14 ` Herbert Xu
2025-06-25 3:32 ` Eric Biggers
0 siblings, 1 reply; 16+ messages in thread
From: Herbert Xu @ 2025-06-25 3:14 UTC (permalink / raw)
To: Eric Biggers
Cc: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
On Tue, Jun 24, 2025 at 08:04:04PM -0700, Eric Biggers wrote:
>
> Wouldn't it make more sense to revert the "Crypto API partial block handling"
> stuff? It's been causing a huge number of problems, and it's been getting
> superseded by the librarification changes anyway.
The partial block handling simplifies the implementation of both
software and hardware hash algorithms. Just look at the diffstat.
In this particular instance, I thought nobody used hmac on wp512
which is why I didn't do the conversion for it initially. But
apparently someone does use it.
> Indeed, I just found that a lot of drivers in drivers/crypto/ haven't been
> updated to be aware of the extra byte that comes back from
> crypto_shash_export(). So there are a bunch of buffer overflows there too.
> (Not like drivers/crypto/ actually matters, but apparently your changes are for
> its benefit? So it's interesting that it was actually broken by them.)
If anything this proves that enforcing a consistent hash format
is the right thing to do. All those buggy code paths were assuming
that the export format is fixed which was not the case prior to the
partial blocks work.
But thanks for pointing me to these buggy drivers and I will send
out fixes for them.
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [GIT PULL] Crypto Fixes for 6.16
2025-06-25 3:14 ` Herbert Xu
@ 2025-06-25 3:32 ` Eric Biggers
2025-06-25 3:49 ` Herbert Xu
0 siblings, 1 reply; 16+ messages in thread
From: Eric Biggers @ 2025-06-25 3:32 UTC (permalink / raw)
To: Herbert Xu
Cc: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
On Wed, Jun 25, 2025 at 11:14:23AM +0800, Herbert Xu wrote:
> On Tue, Jun 24, 2025 at 08:04:04PM -0700, Eric Biggers wrote:
> >
> > Wouldn't it make more sense to revert the "Crypto API partial block handling"
> > stuff? It's been causing a huge number of problems, and it's been getting
> > superseded by the librarification changes anyway.
>
> The partial block handling simplifies the implementation of both
> software and hardware hash algorithms. Just look at the diffstat.
Not software, since the library functions have to handle partial blocks anyway.
There will be a negative diffstat for algorithms that haven't been converted to
have a library API yet, but it will go away once they are.
> > Indeed, I just found that a lot of drivers in drivers/crypto/ haven't been
> > updated to be aware of the extra byte that comes back from
> > crypto_shash_export(). So there are a bunch of buffer overflows there too.
> > (Not like drivers/crypto/ actually matters, but apparently your changes are for
> > its benefit? So it's interesting that it was actually broken by them.)
>
> If anything this proves that enforcing a consistent hash format
> is the right thing to do. All those buggy code paths were assuming
> that the export format is fixed which was not the case prior to the
> partial blocks work.
>
> But thanks for pointing me to these buggy drivers and I will send
> out fixes for them.
Well, they (reasonably enough) assume the format that all the CPU-based code
previously used. So they weren't really broken until your changes.
Of course, the lack of type safety here is an artificial problem created by the
generic crypto API which uses a 'void *' state. The library functions simply
use the C type system, so they just work and do not have this sort of silly
issue where different places disagree about what struct a 'void *' points to...
These legacy drivers should just use the library functions.
- Eric
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [GIT PULL] Crypto Fixes for 6.16
2025-06-25 2:44 Herbert Xu
2025-06-25 3:04 ` Eric Biggers
@ 2025-06-27 5:08 ` pr-tracker-bot
1 sibling, 0 replies; 16+ messages in thread
From: pr-tracker-bot @ 2025-06-27 5:08 UTC (permalink / raw)
To: Herbert Xu
Cc: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
The pull request you sent on Wed, 25 Jun 2025 10:44:04 +0800:
> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p6
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/67a993863163cb88b1b68974c31b0d84ece4293e
Thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html
^ permalink raw reply [flat|nested] 16+ messages in thread
* [GIT PULL] Crypto Fixes for 6.16
@ 2025-06-20 3:17 Herbert Xu
2025-06-20 6:34 ` pr-tracker-bot
0 siblings, 1 reply; 16+ messages in thread
From: Herbert Xu @ 2025-06-20 3:17 UTC (permalink / raw)
To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
Hi Linus:
The following changes since commit 40a98e702b528c631094f2e524d309faf33dc774:
crypto: hkdf - move to late_initcall (2025-06-11 10:59:45 +0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p5
for you to fetch changes up to df29f60369ccec0aa17d7eed7e2ae1fcdc9be6d4:
crypto: ahash - Fix infinite recursion in ahash_def_finup (2025-06-18 17:02:02 +0800)
----------------------------------------------------------------
This push fixes a regression in ahash (broken fallback finup)
and reinstates a Kconfig option to control the extra self-tests.
----------------------------------------------------------------
Eric Biggers (1):
crypto: testmgr - reinstate kconfig control over full self-tests
Herbert Xu (1):
crypto: ahash - Fix infinite recursion in ahash_def_finup
crypto/Kconfig | 25 +++++++++++++++++++++----
crypto/ahash.c | 4 +++-
crypto/testmgr.c | 15 ++++++++++++---
include/crypto/internal/simd.h | 6 ++++--
lib/crypto/Makefile | 2 +-
5 files changed, 41 insertions(+), 11 deletions(-)
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 16+ messages in thread* [GIT PULL] Crypto Fixes for 6.16
@ 2025-06-13 4:30 Herbert Xu
2025-06-13 18:04 ` pr-tracker-bot
0 siblings, 1 reply; 16+ messages in thread
From: Herbert Xu @ 2025-06-13 4:30 UTC (permalink / raw)
To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
Hi Linus:
The following changes since commit 19272b37aa4f83ca52bdf9c16d5d81bdd1354494:
Linux 6.16-rc1 (2025-06-08 13:44:43 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p4
for you to fetch changes up to 40a98e702b528c631094f2e524d309faf33dc774:
crypto: hkdf - move to late_initcall (2025-06-11 10:59:45 +0800)
----------------------------------------------------------------
This push fixes a broken self-test in hkdf (new regression).
----------------------------------------------------------------
Eric Biggers (1):
crypto: hkdf - move to late_initcall
crypto/hkdf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 16+ messages in thread* [GIT PULL] Crypto Fixes for 6.16
@ 2025-06-03 5:03 Herbert Xu
2025-06-03 16:09 ` pr-tracker-bot
0 siblings, 1 reply; 16+ messages in thread
From: Herbert Xu @ 2025-06-03 5:03 UTC (permalink / raw)
To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
Hi Linus:
The following changes since commit 0a84874c7e7dde5cdddc80a82093120e924a348b:
crypto: shash - Fix buffer overrun in import function (2025-05-27 13:43:32 +0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p3
for you to fetch changes up to b9802b54d41bbe98f673e08bc148b0c563fdc02e:
asm-generic: Add sched.h inclusion in simd.h (2025-05-30 20:56:48 +0800)
----------------------------------------------------------------
This push fixes a loongarch header regression and a module name
collision on s390.
----------------------------------------------------------------
Eric Biggers (1):
crypto: s390/sha256 - rename module to sha256-s390
Huacai Chen (1):
asm-generic: Add sched.h inclusion in simd.h
arch/s390/lib/crypto/Makefile | 3 ++-
include/asm-generic/simd.h | 1 +
2 files changed, 3 insertions(+), 1 deletion(-)
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 16+ messages in thread* [GIT PULL] Crypto Fixes for 6.16
@ 2025-05-28 3:03 Herbert Xu
2025-05-28 22:16 ` pr-tracker-bot
0 siblings, 1 reply; 16+ messages in thread
From: Herbert Xu @ 2025-05-28 3:03 UTC (permalink / raw)
To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
Hi Linus:
The following changes since commit 2297554f01df6d3d4e98a3915c183ce3e491740a:
x86/fpu: Fix irq_fpu_usable() to return false during CPU onlining (2025-05-26 10:58:50 +0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p2
for you to fetch changes up to 0a84874c7e7dde5cdddc80a82093120e924a348b:
crypto: shash - Fix buffer overrun in import function (2025-05-27 13:43:32 +0800)
----------------------------------------------------------------
This push fixes a buffer overflow regression in shash.
----------------------------------------------------------------
Herbert Xu (1):
crypto: shash - Fix buffer overrun in import function
crypto/shash.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 16+ messages in thread
end of thread, other threads:[~2025-07-19 1:34 UTC | newest]
Thread overview: 16+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-19 0:36 [GIT PULL] Crypto Fixes for 6.16 Herbert Xu
2025-07-19 1:34 ` pr-tracker-bot
-- strict thread matches above, loose matches on Subject: below --
2025-06-25 2:44 Herbert Xu
2025-06-25 3:04 ` Eric Biggers
2025-06-25 3:14 ` Herbert Xu
2025-06-25 3:32 ` Eric Biggers
2025-06-25 3:49 ` Herbert Xu
2025-06-27 5:08 ` pr-tracker-bot
2025-06-20 3:17 Herbert Xu
2025-06-20 6:34 ` pr-tracker-bot
2025-06-13 4:30 Herbert Xu
2025-06-13 18:04 ` pr-tracker-bot
2025-06-03 5:03 Herbert Xu
2025-06-03 16:09 ` pr-tracker-bot
2025-05-28 3:03 Herbert Xu
2025-05-28 22:16 ` pr-tracker-bot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox