[PATCH v3 0/7] Clean up the crypto testing options

Linux cryptographic layer development
 help / color / mirror / Atom feed

* [PATCH v3 0/7] Clean up the crypto testing options
@ 2025-05-05 20:33 Eric Biggers
  2025-05-05 20:33 ` [PATCH v3 1/7] crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK Eric Biggers
                   ` (7 more replies)
  0 siblings, 8 replies; 13+ messages in thread
From: Eric Biggers @ 2025-05-05 20:33 UTC (permalink / raw)
  To: linux-crypto; +Cc: linux-kernel

This series reworks the crypto testing kconfig options to fix some
longstanding issues:

- Replace the inverted option CONFIG_CRYPTO_MANAGER_DISABLE_TESTS with a
  regular option CONFIG_CRYPTO_SELFTESTS.

- Make CONFIG_CRYPTO_SELFTESTS enable the full set of tests by default,
  removing CONFIG_CRYPTO_MANAGER_EXTRA_TESTS.

- Automatically enable CONFIG_CRYPTO_MANAGER when needed for the tests.

- Rename cryptomgr.noextratests to cryptomgr.noslowtests.

- Remove cryptomgr.panic_on_fail, as panic_on_warn can be used instead.

- Rename CONFIG_CRYPTO_TEST to CONFIG_CRYPTO_BENCHMARK.

Changed in v3:
  - Keep options in defconfigs.
  - Make CRYPTO_SELFTESTS depend on DEBUG_KERNEL.

Changed in v2:
  - Moved selftest lines in lib/crypto/Makefile to appropriate places.
  - Fixed a commit message.

Eric Biggers (7):
  crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK
  crypto: testmgr - remove panic_on_fail
  crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with
    CRYPTO_SELFTESTS
  crypto: testmgr - make it easier to enable the full set of tests
  crypto: testmgr - rename noextratests to noslowtests
  crypto: Kconfig - make CRYPTO_MANAGER a hidden symbol
  crypto: testmgr - enable CRYPTO_MANAGER when CRYPTO_SELFTESTS

 arch/arm/configs/exynos_defconfig           |   2 +-
 arch/arm/configs/milbeaut_m10v_defconfig    |   3 +-
 arch/arm/configs/pxa_defconfig              |   3 +-
 arch/arm/configs/spitz_defconfig            |   2 +-
 arch/arm64/configs/defconfig                |   2 +-
 arch/loongarch/configs/loongson3_defconfig  |   2 +-
 arch/m68k/configs/amiga_defconfig           |   2 +-
 arch/m68k/configs/apollo_defconfig          |   2 +-
 arch/m68k/configs/atari_defconfig           |   2 +-
 arch/m68k/configs/bvme6000_defconfig        |   2 +-
 arch/m68k/configs/hp300_defconfig           |   2 +-
 arch/m68k/configs/mac_defconfig             |   2 +-
 arch/m68k/configs/multi_defconfig           |   2 +-
 arch/m68k/configs/mvme147_defconfig         |   2 +-
 arch/m68k/configs/mvme16x_defconfig         |   2 +-
 arch/m68k/configs/q40_defconfig             |   2 +-
 arch/m68k/configs/sun3_defconfig            |   2 +-
 arch/m68k/configs/sun3x_defconfig           |   2 +-
 arch/mips/configs/decstation_64_defconfig   |   1 -
 arch/mips/configs/decstation_defconfig      |   1 -
 arch/mips/configs/decstation_r4k_defconfig  |   1 -
 arch/mips/configs/gpr_defconfig             |   2 +-
 arch/mips/configs/ip28_defconfig            |   1 -
 arch/mips/configs/lemote2f_defconfig        |   2 +-
 arch/mips/configs/mtx1_defconfig            |   2 +-
 arch/mips/configs/rb532_defconfig           |   2 +-
 arch/parisc/configs/generic-32bit_defconfig |   2 +-
 arch/parisc/configs/generic-64bit_defconfig |   1 -
 arch/powerpc/configs/g5_defconfig           |   2 +-
 arch/powerpc/configs/powernv_defconfig      |   2 +-
 arch/powerpc/configs/ppc64_defconfig        |   2 +-
 arch/powerpc/configs/ppc64e_defconfig       |   2 +-
 arch/powerpc/configs/ppc6xx_defconfig       |   2 +-
 arch/s390/configs/debug_defconfig           |   4 +-
 arch/s390/configs/defconfig                 |   4 +-
 arch/sh/configs/migor_defconfig             |   1 -
 arch/sparc/configs/sparc64_defconfig        |   2 +-
 crypto/Kconfig                              |  45 ++++----
 crypto/Makefile                             |   2 +-
 crypto/algapi.c                             |   5 +-
 crypto/algboss.c                            |   2 +-
 crypto/api.c                                |   3 +-
 crypto/hkdf.c                               |   2 +-
 crypto/internal.h                           |   5 +-
 crypto/kdf_sp800108.c                       |   2 +-
 crypto/tcrypt.c                             |   8 +-
 crypto/tcrypt.h                             |   4 +-
 crypto/testmgr.c                            | 115 +++++---------------
 include/crypto/internal/simd.h              |   6 +-
 lib/crypto/Makefile                         |  11 +-
 lib/crypto/aescfb.c                         |   2 +-
 lib/crypto/aesgcm.c                         |   2 +-
 lib/crypto/blake2s.c                        |   2 +-
 lib/crypto/chacha20poly1305.c               |   2 +-
 lib/crypto/curve25519.c                     |   2 +-
 55 files changed, 111 insertions(+), 183 deletions(-)


base-commit: 64745a9ca890ed60d78162ec511e1983e1946d73
-- 
2.49.0


^ permalink raw reply	[flat|nested] 13+ messages in thread

* [PATCH v3 1/7] crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK
  2025-05-05 20:33 [PATCH v3 0/7] Clean up the crypto testing options Eric Biggers
@ 2025-05-05 20:33 ` Eric Biggers
  2025-05-08 12:59   ` Geert Uytterhoeven
  2025-05-05 20:33 ` [PATCH v3 2/7] crypto: testmgr - remove panic_on_fail Eric Biggers
                   ` (6 subsequent siblings)
  7 siblings, 1 reply; 13+ messages in thread
From: Eric Biggers @ 2025-05-05 20:33 UTC (permalink / raw)
  To: linux-crypto; +Cc: linux-kernel

From: Eric Biggers <ebiggers@google.com>

tcrypt is actually a benchmarking module and not the actual tests.  This
regularly causes confusion.  Update the kconfig option name and help
text accordingly.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 arch/arm/configs/exynos_defconfig           |  2 +-
 arch/arm/configs/pxa_defconfig              |  2 +-
 arch/arm/configs/spitz_defconfig            |  2 +-
 arch/arm64/configs/defconfig                |  2 +-
 arch/m68k/configs/amiga_defconfig           |  2 +-
 arch/m68k/configs/apollo_defconfig          |  2 +-
 arch/m68k/configs/atari_defconfig           |  2 +-
 arch/m68k/configs/bvme6000_defconfig        |  2 +-
 arch/m68k/configs/hp300_defconfig           |  2 +-
 arch/m68k/configs/mac_defconfig             |  2 +-
 arch/m68k/configs/multi_defconfig           |  2 +-
 arch/m68k/configs/mvme147_defconfig         |  2 +-
 arch/m68k/configs/mvme16x_defconfig         |  2 +-
 arch/m68k/configs/q40_defconfig             |  2 +-
 arch/m68k/configs/sun3_defconfig            |  2 +-
 arch/m68k/configs/sun3x_defconfig           |  2 +-
 arch/mips/configs/gpr_defconfig             |  2 +-
 arch/mips/configs/lemote2f_defconfig        |  2 +-
 arch/mips/configs/mtx1_defconfig            |  2 +-
 arch/mips/configs/rb532_defconfig           |  2 +-
 arch/parisc/configs/generic-32bit_defconfig |  2 +-
 arch/powerpc/configs/g5_defconfig           |  2 +-
 arch/powerpc/configs/powernv_defconfig      |  2 +-
 arch/powerpc/configs/ppc64_defconfig        |  2 +-
 arch/powerpc/configs/ppc64e_defconfig       |  2 +-
 arch/powerpc/configs/ppc6xx_defconfig       |  2 +-
 arch/s390/configs/debug_defconfig           |  2 +-
 arch/s390/configs/defconfig                 |  2 +-
 arch/sparc/configs/sparc64_defconfig        |  2 +-
 crypto/Kconfig                              | 10 +++++++---
 crypto/Makefile                             |  2 +-
 crypto/tcrypt.c                             |  8 ++++----
 crypto/tcrypt.h                             |  4 ++--
 33 files changed, 43 insertions(+), 39 deletions(-)

diff --git a/arch/arm/configs/exynos_defconfig b/arch/arm/configs/exynos_defconfig
index c6792c0256a6..e81964cce516 100644
--- a/arch/arm/configs/exynos_defconfig
+++ b/arch/arm/configs/exynos_defconfig
@@ -347,11 +347,11 @@ CONFIG_ROOT_NFS=y
 CONFIG_NLS_CODEPAGE_437=y
 CONFIG_NLS_ASCII=y
 CONFIG_NLS_ISO8859_1=y
 CONFIG_NLS_UTF8=y
 CONFIG_CRYPTO_USER=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_LRW=m
 CONFIG_CRYPTO_XTS=m
 CONFIG_CRYPTO_MD5=m
 CONFIG_CRYPTO_SHA512=m
diff --git a/arch/arm/configs/pxa_defconfig b/arch/arm/configs/pxa_defconfig
index 56be85752909..edc5b4d17f77 100644
--- a/arch/arm/configs/pxa_defconfig
+++ b/arch/arm/configs/pxa_defconfig
@@ -637,11 +637,11 @@ CONFIG_NLS_UTF8=m
 CONFIG_TIMER_STATS=y
 CONFIG_SECURITY=y
 CONFIG_CRYPTO_MANAGER=y
 CONFIG_CRYPTO_CRYPTD=m
 CONFIG_CRYPTO_AUTHENC=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_BLOWFISH=m
 CONFIG_CRYPTO_CAST5=m
 CONFIG_CRYPTO_CAST6=m
 CONFIG_CRYPTO_FCRYPT=m
 CONFIG_CRYPTO_KHAZAD=m
diff --git a/arch/arm/configs/spitz_defconfig b/arch/arm/configs/spitz_defconfig
index ffec59e3f49c..ac2a0f998c73 100644
--- a/arch/arm/configs/spitz_defconfig
+++ b/arch/arm/configs/spitz_defconfig
@@ -213,11 +213,11 @@ CONFIG_NLS_DEFAULT="cp437"
 CONFIG_NLS_CODEPAGE_437=y
 CONFIG_NLS_ISO8859_1=y
 CONFIG_NLS_UTF8=y
 CONFIG_DEBUG_KERNEL=y
 CONFIG_CRYPTO_NULL=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_ECB=m
 CONFIG_CRYPTO_SHA256=m
 CONFIG_CRYPTO_AES=m
 CONFIG_CRYPTO_ANUBIS=m
 CONFIG_CRYPTO_ARC4=m
diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig
index b0d4c7d173ea..4166bc4d3cec 100644
--- a/arch/arm64/configs/defconfig
+++ b/arch/arm64/configs/defconfig
@@ -1727,11 +1727,11 @@ CONFIG_ROOT_NFS=y
 CONFIG_9P_FS=y
 CONFIG_NLS_CODEPAGE_437=y
 CONFIG_NLS_ISO8859_1=y
 CONFIG_SECURITY=y
 CONFIG_CRYPTO_USER=y
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_ECHAINIV=y
 CONFIG_CRYPTO_MICHAEL_MIC=m
 CONFIG_CRYPTO_ANSI_CPRNG=y
 CONFIG_CRYPTO_USER_API_RNG=m
 CONFIG_CRYPTO_CHACHA20_NEON=m
diff --git a/arch/m68k/configs/amiga_defconfig b/arch/m68k/configs/amiga_defconfig
index 31ecb8b7b9f1..77f78d326a32 100644
--- a/arch/m68k/configs/amiga_defconfig
+++ b/arch/m68k/configs/amiga_defconfig
@@ -549,11 +549,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/apollo_defconfig b/arch/m68k/configs/apollo_defconfig
index 1f57514624d5..f4031aa5d37f 100644
--- a/arch/m68k/configs/apollo_defconfig
+++ b/arch/m68k/configs/apollo_defconfig
@@ -506,11 +506,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/atari_defconfig b/arch/m68k/configs/atari_defconfig
index 02db7a48e57e..fa92131cf4b3 100644
--- a/arch/m68k/configs/atari_defconfig
+++ b/arch/m68k/configs/atari_defconfig
@@ -526,11 +526,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/bvme6000_defconfig b/arch/m68k/configs/bvme6000_defconfig
index f0e673cb17eb..9c2afc477061 100644
--- a/arch/m68k/configs/bvme6000_defconfig
+++ b/arch/m68k/configs/bvme6000_defconfig
@@ -498,11 +498,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/hp300_defconfig b/arch/m68k/configs/hp300_defconfig
index e8ca5a50b86d..e7cdab059d96 100644
--- a/arch/m68k/configs/hp300_defconfig
+++ b/arch/m68k/configs/hp300_defconfig
@@ -508,11 +508,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/mac_defconfig b/arch/m68k/configs/mac_defconfig
index b3a270441bb1..0a79751c20a5 100644
--- a/arch/m68k/configs/mac_defconfig
+++ b/arch/m68k/configs/mac_defconfig
@@ -525,11 +525,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/multi_defconfig b/arch/m68k/configs/multi_defconfig
index d215dba006ce..f8ca490ee65a 100644
--- a/arch/m68k/configs/multi_defconfig
+++ b/arch/m68k/configs/multi_defconfig
@@ -612,11 +612,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/mvme147_defconfig b/arch/m68k/configs/mvme147_defconfig
index a888ed93ff82..88fdcea906f3 100644
--- a/arch/m68k/configs/mvme147_defconfig
+++ b/arch/m68k/configs/mvme147_defconfig
@@ -498,11 +498,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/mvme16x_defconfig b/arch/m68k/configs/mvme16x_defconfig
index b481782375f6..8acbe83dac72 100644
--- a/arch/m68k/configs/mvme16x_defconfig
+++ b/arch/m68k/configs/mvme16x_defconfig
@@ -499,11 +499,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/q40_defconfig b/arch/m68k/configs/q40_defconfig
index 6eba743d8eb5..e3095301f3c5 100644
--- a/arch/m68k/configs/q40_defconfig
+++ b/arch/m68k/configs/q40_defconfig
@@ -515,11 +515,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/sun3_defconfig b/arch/m68k/configs/sun3_defconfig
index 9bdbb418ffa8..948e48ddd128 100644
--- a/arch/m68k/configs/sun3_defconfig
+++ b/arch/m68k/configs/sun3_defconfig
@@ -496,11 +496,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/m68k/configs/sun3x_defconfig b/arch/m68k/configs/sun3x_defconfig
index e1cf20fa5343..5bcf9181c37c 100644
--- a/arch/m68k/configs/sun3x_defconfig
+++ b/arch/m68k/configs/sun3x_defconfig
@@ -496,11 +496,11 @@ CONFIG_NLS_MAC_TURKISH=m
 CONFIG_DLM=m
 CONFIG_ENCRYPTED_KEYS=m
 CONFIG_HARDENED_USERCOPY=y
 CONFIG_CRYPTO_USER=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_RSA=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
diff --git a/arch/mips/configs/gpr_defconfig b/arch/mips/configs/gpr_defconfig
index 12f3eed8a946..48c8feec958f 100644
--- a/arch/mips/configs/gpr_defconfig
+++ b/arch/mips/configs/gpr_defconfig
@@ -271,11 +271,11 @@ CONFIG_NFS_V4=y
 CONFIG_ROOT_NFS=y
 CONFIG_NLS_CODEPAGE_437=y
 CONFIG_NLS_CODEPAGE_850=y
 CONFIG_NLS_ISO8859_1=y
 CONFIG_CRYPTO_AUTHENC=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_PCBC=m
 CONFIG_CRYPTO_MD4=m
 CONFIG_CRYPTO_MICHAEL_MIC=m
 CONFIG_CRYPTO_SHA512=m
 CONFIG_CRYPTO_WP512=m
diff --git a/arch/mips/configs/lemote2f_defconfig b/arch/mips/configs/lemote2f_defconfig
index 71d6340497c9..5038a27d035f 100644
--- a/arch/mips/configs/lemote2f_defconfig
+++ b/arch/mips/configs/lemote2f_defconfig
@@ -295,11 +295,11 @@ CONFIG_NLS_ISO8859_14=m
 CONFIG_NLS_ISO8859_15=m
 CONFIG_NLS_KOI8_R=m
 CONFIG_NLS_KOI8_U=m
 CONFIG_NLS_UTF8=y
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_BLOWFISH=m
 CONFIG_CRYPTO_CAMELLIA=m
 CONFIG_CRYPTO_CAST5=m
 CONFIG_CRYPTO_CAST6=m
 CONFIG_CRYPTO_FCRYPT=m
diff --git a/arch/mips/configs/mtx1_defconfig b/arch/mips/configs/mtx1_defconfig
index 06b7a0b97eca..cbf9c35a6177 100644
--- a/arch/mips/configs/mtx1_defconfig
+++ b/arch/mips/configs/mtx1_defconfig
@@ -660,11 +660,11 @@ CONFIG_NLS_ISO8859_13=m
 CONFIG_NLS_ISO8859_14=m
 CONFIG_NLS_ISO8859_15=m
 CONFIG_NLS_KOI8_R=m
 CONFIG_NLS_KOI8_U=m
 CONFIG_NLS_UTF8=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_PCBC=m
 CONFIG_CRYPTO_HMAC=y
 CONFIG_CRYPTO_MD5=y
 CONFIG_CRYPTO_MICHAEL_MIC=m
 CONFIG_CRYPTO_WP512=m
diff --git a/arch/mips/configs/rb532_defconfig b/arch/mips/configs/rb532_defconfig
index 42b161d587c7..9fb114ef5e2d 100644
--- a/arch/mips/configs/rb532_defconfig
+++ b/arch/mips/configs/rb532_defconfig
@@ -151,8 +151,8 @@ CONFIG_TMPFS=y
 CONFIG_CONFIGFS_FS=y
 CONFIG_JFFS2_FS=y
 CONFIG_JFFS2_SUMMARY=y
 CONFIG_JFFS2_COMPRESSION_OPTIONS=y
 CONFIG_SQUASHFS=y
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 # CONFIG_CRYPTO_HW is not set
 CONFIG_STRIP_ASM_SYMS=y
diff --git a/arch/parisc/configs/generic-32bit_defconfig b/arch/parisc/configs/generic-32bit_defconfig
index 5b65c9859613..94928d114d4c 100644
--- a/arch/parisc/configs/generic-32bit_defconfig
+++ b/arch/parisc/configs/generic-32bit_defconfig
@@ -249,11 +249,11 @@ CONFIG_NFS_FS=m
 CONFIG_NFSD=m
 CONFIG_CIFS=m
 CONFIG_CIFS_XATTR=y
 CONFIG_CIFS_POSIX=y
 # CONFIG_CIFS_DEBUG is not set
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_BLOWFISH=m
 CONFIG_CRYPTO_CAST5=m
 CONFIG_CRYPTO_CAST6=m
 CONFIG_CRYPTO_DES=y
 CONFIG_CRYPTO_SERPENT=m
diff --git a/arch/powerpc/configs/g5_defconfig b/arch/powerpc/configs/g5_defconfig
index 7e58f3e6c987..428f17b45513 100644
--- a/arch/powerpc/configs/g5_defconfig
+++ b/arch/powerpc/configs/g5_defconfig
@@ -233,11 +233,11 @@ CONFIG_NLS_ISO8859_15=y
 CONFIG_NLS_UTF8=y
 CONFIG_MAGIC_SYSRQ=y
 CONFIG_DEBUG_KERNEL=y
 CONFIG_DEBUG_MUTEXES=y
 CONFIG_BOOTX_TEXT=y
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_PCBC=m
 CONFIG_CRYPTO_HMAC=y
 CONFIG_CRYPTO_MICHAEL_MIC=m
 CONFIG_CRYPTO_SHA512=m
 CONFIG_CRYPTO_WP512=m
diff --git a/arch/powerpc/configs/powernv_defconfig b/arch/powerpc/configs/powernv_defconfig
index 6b6d7467fecf..379229c982a4 100644
--- a/arch/powerpc/configs/powernv_defconfig
+++ b/arch/powerpc/configs/powernv_defconfig
@@ -315,11 +315,11 @@ CONFIG_BLK_DEV_IO_TRACE=y
 CONFIG_PPC_EMULATED_STATS=y
 CONFIG_CODE_PATCHING_SELFTEST=y
 CONFIG_FTR_FIXUP_SELFTEST=y
 CONFIG_MSI_BITMAP_SELFTEST=y
 CONFIG_XMON=y
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_PCBC=m
 CONFIG_CRYPTO_HMAC=y
 CONFIG_CRYPTO_MD5_PPC=m
 CONFIG_CRYPTO_MICHAEL_MIC=m
 CONFIG_CRYPTO_SHA1_PPC=m
diff --git a/arch/powerpc/configs/ppc64_defconfig b/arch/powerpc/configs/ppc64_defconfig
index 5fa154185efa..3423c405cad4 100644
--- a/arch/powerpc/configs/ppc64_defconfig
+++ b/arch/powerpc/configs/ppc64_defconfig
@@ -375,11 +375,11 @@ CONFIG_IMA_KEXEC=y
 CONFIG_IMA_DEFAULT_HASH_SHA256=y
 CONFIG_IMA_WRITE_POLICY=y
 CONFIG_IMA_APPRAISE=y
 CONFIG_IMA_ARCH_POLICY=y
 CONFIG_IMA_APPRAISE_MODSIG=y
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_BLOWFISH=m
 CONFIG_CRYPTO_CAST6=m
 CONFIG_CRYPTO_SERPENT=m
 CONFIG_CRYPTO_TWOFISH=m
 CONFIG_CRYPTO_PCBC=m
diff --git a/arch/powerpc/configs/ppc64e_defconfig b/arch/powerpc/configs/ppc64e_defconfig
index d2e659a2d8cb..90247b2a0ab0 100644
--- a/arch/powerpc/configs/ppc64e_defconfig
+++ b/arch/powerpc/configs/ppc64e_defconfig
@@ -218,11 +218,11 @@ CONFIG_SCHED_TRACER=y
 CONFIG_BLK_DEV_IO_TRACE=y
 CONFIG_CODE_PATCHING_SELFTEST=y
 CONFIG_FTR_FIXUP_SELFTEST=y
 CONFIG_MSI_BITMAP_SELFTEST=y
 CONFIG_XMON=y
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_CCM=m
 CONFIG_CRYPTO_GCM=m
 CONFIG_CRYPTO_PCBC=m
 CONFIG_CRYPTO_HMAC=y
 CONFIG_CRYPTO_MICHAEL_MIC=m
diff --git a/arch/powerpc/configs/ppc6xx_defconfig b/arch/powerpc/configs/ppc6xx_defconfig
index a91a766b71a4..242c1fab9d46 100644
--- a/arch/powerpc/configs/ppc6xx_defconfig
+++ b/arch/powerpc/configs/ppc6xx_defconfig
@@ -1071,11 +1071,11 @@ CONFIG_SECURITY=y
 CONFIG_SECURITY_NETWORK=y
 CONFIG_SECURITY_NETWORK_XFRM=y
 CONFIG_SECURITY_SELINUX=y
 CONFIG_SECURITY_SELINUX_BOOTPARAM=y
 CONFIG_SECURITY_SELINUX_DISABLE=y
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_CTS=m
 CONFIG_CRYPTO_LRW=m
 CONFIG_CRYPTO_PCBC=m
 CONFIG_CRYPTO_XTS=m
 CONFIG_CRYPTO_HMAC=y
diff --git a/arch/s390/configs/debug_defconfig b/arch/s390/configs/debug_defconfig
index de69faa4d94f..e6f7c8f4ee8b 100644
--- a/arch/s390/configs/debug_defconfig
+++ b/arch/s390/configs/debug_defconfig
@@ -744,11 +744,11 @@ CONFIG_IMA_APPRAISE=y
 CONFIG_BUG_ON_DATA_CORRUPTION=y
 CONFIG_CRYPTO_USER=m
 # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
 CONFIG_CRYPTO_PCRYPT=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
 CONFIG_CRYPTO_CURVE25519=m
diff --git a/arch/s390/configs/defconfig b/arch/s390/configs/defconfig
index f12679448e97..7495bf8e483c 100644
--- a/arch/s390/configs/defconfig
+++ b/arch/s390/configs/defconfig
@@ -730,11 +730,11 @@ CONFIG_BUG_ON_DATA_CORRUPTION=y
 CONFIG_CRYPTO_FIPS=y
 CONFIG_CRYPTO_USER=m
 # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
 CONFIG_CRYPTO_PCRYPT=m
 CONFIG_CRYPTO_CRYPTD=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
 CONFIG_CRYPTO_ECDSA=m
 CONFIG_CRYPTO_ECRDSA=m
 CONFIG_CRYPTO_CURVE25519=m
diff --git a/arch/sparc/configs/sparc64_defconfig b/arch/sparc/configs/sparc64_defconfig
index f1ba0fefe1f9..7a7c4dec2925 100644
--- a/arch/sparc/configs/sparc64_defconfig
+++ b/arch/sparc/configs/sparc64_defconfig
@@ -203,11 +203,11 @@ CONFIG_DETECT_HUNG_TASK=y
 CONFIG_SCHEDSTATS=y
 CONFIG_BLK_DEV_IO_TRACE=y
 CONFIG_UPROBE_EVENTS=y
 CONFIG_KEYS=y
 CONFIG_CRYPTO_NULL=m
-CONFIG_CRYPTO_TEST=m
+CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_LRW=m
 CONFIG_CRYPTO_PCBC=m
 CONFIG_CRYPTO_XTS=m
 CONFIG_CRYPTO_XCBC=y
 CONFIG_CRYPTO_MD4=y
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 7bfad077f308..da352f1984ea 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -244,16 +244,20 @@ config CRYPTO_KRB5ENC
 	help
 	  Combined hash and cipher support for Kerberos 5 RFC3961 simplified
 	  profile.  This is required for Kerberos 5-style encryption, used by
 	  sunrpc/NFS and rxrpc/AFS.
 
-config CRYPTO_TEST
-	tristate "Testing module"
+config CRYPTO_BENCHMARK
+	tristate "Crypto benchmarking module"
 	depends on m || EXPERT
 	select CRYPTO_MANAGER
 	help
-	  Quick & dirty crypto test module.
+	  Quick & dirty crypto benchmarking module.
+
+	  This is mainly intended for use by people developing cryptographic
+	  algorithms in the kernel.  It should not be enabled in production
+	  kernels.
 
 config CRYPTO_SIMD
 	tristate
 	select CRYPTO_CRYPTD
 
diff --git a/crypto/Makefile b/crypto/Makefile
index 84f6911dc9ba..e2223265b91a 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -170,11 +170,11 @@ obj-$(CONFIG_CRYPTO_JITTERENTROPY) += jitterentropy_rng.o
 CFLAGS_jitterentropy.o = -O0
 KASAN_SANITIZE_jitterentropy.o = n
 UBSAN_SANITIZE_jitterentropy.o = n
 jitterentropy_rng-y := jitterentropy.o jitterentropy-kcapi.o
 obj-$(CONFIG_CRYPTO_JITTERENTROPY_TESTINTERFACE) += jitterentropy-testing.o
-obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o
+obj-$(CONFIG_CRYPTO_BENCHMARK) += tcrypt.o
 obj-$(CONFIG_CRYPTO_GHASH) += ghash-generic.o
 obj-$(CONFIG_CRYPTO_POLYVAL) += polyval-generic.o
 obj-$(CONFIG_CRYPTO_USER_API) += af_alg.o
 obj-$(CONFIG_CRYPTO_USER_API_HASH) += algif_hash.o
 obj-$(CONFIG_CRYPTO_USER_API_SKCIPHER) += algif_skcipher.o
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 879fc21dcc16..d1d88debbd71 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -1,10 +1,10 @@
 // SPDX-License-Identifier: GPL-2.0-or-later
 /*
- * Quick & dirty crypto testing module.
+ * Quick & dirty crypto benchmarking module.
  *
- * This will only exist until we have a better testing mechanism
+ * This will only exist until we have a better benchmarking mechanism
  * (e.g. a char device).
  *
  * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
  * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org>
  * Copyright (c) 2007 Nokia Siemens Networks
@@ -37,11 +37,11 @@
 
 #include "internal.h"
 #include "tcrypt.h"
 
 /*
- * Need slab memory for testing (size in number of pages).
+ * Need slab memory for benchmarking (size in number of pages).
  */
 #define TVMEMSIZE	4
 
 /*
 * Used by test_cipher_speed()
@@ -2866,7 +2866,7 @@ module_param(num_mb, uint, 0000);
 MODULE_PARM_DESC(num_mb, "Number of concurrent requests to be used in mb speed tests (defaults to 8)");
 module_param(klen, uint, 0);
 MODULE_PARM_DESC(klen, "Key length (defaults to 0)");
 
 MODULE_LICENSE("GPL");
-MODULE_DESCRIPTION("Quick & dirty crypto testing module");
+MODULE_DESCRIPTION("Quick & dirty crypto benchmarking module");
 MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>");
diff --git a/crypto/tcrypt.h b/crypto/tcrypt.h
index 96c843a24607..7f938ac93e58 100644
--- a/crypto/tcrypt.h
+++ b/crypto/tcrypt.h
@@ -1,10 +1,10 @@
 /* SPDX-License-Identifier: GPL-2.0-or-later */
 /*
- * Quick & dirty crypto testing module.
+ * Quick & dirty crypto benchmarking module.
  *
- * This will only exist until we have a better testing mechanism
+ * This will only exist until we have a better benchmarking mechanism
  * (e.g. a char device).
  *
  * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
  * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org>
  * Copyright (c) 2007 Nokia Siemens Networks
-- 
2.49.0


^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [PATCH v3 2/7] crypto: testmgr - remove panic_on_fail
  2025-05-05 20:33 [PATCH v3 0/7] Clean up the crypto testing options Eric Biggers
  2025-05-05 20:33 ` [PATCH v3 1/7] crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK Eric Biggers
@ 2025-05-05 20:33 ` Eric Biggers
  2025-05-05 20:33 ` [PATCH v3 3/7] crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS Eric Biggers
                   ` (5 subsequent siblings)
  7 siblings, 0 replies; 13+ messages in thread
From: Eric Biggers @ 2025-05-05 20:33 UTC (permalink / raw)
  To: linux-crypto; +Cc: linux-kernel

From: Eric Biggers <ebiggers@google.com>

The cryptomgr.panic_on_fail=1 kernel command-line parameter is not very
useful now that the tests have been fixed to WARN on failure, since
developers can just use panic_on_warn=1 instead.  There's no need for a
special option just for the crypto self-tests.  Remove it.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/testmgr.c | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index f100be516f52..1c71616ae2cf 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -43,13 +43,10 @@ MODULE_IMPORT_NS("CRYPTO_INTERNAL");
 
 static bool notests;
 module_param(notests, bool, 0644);
 MODULE_PARM_DESC(notests, "disable crypto self-tests");
 
-static bool panic_on_fail;
-module_param(panic_on_fail, bool, 0444);
-
 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
 static bool noextratests;
 module_param(noextratests, bool, 0644);
 MODULE_PARM_DESC(noextratests, "disable expensive crypto self-tests");
 
@@ -5852,15 +5849,14 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
 		rc |= alg_test_descs[j].test(alg_test_descs + j, driver,
 					     type, mask);
 
 test_done:
 	if (rc) {
-		if (fips_enabled || panic_on_fail) {
+		if (fips_enabled) {
 			fips_fail_notify();
-			panic("alg: self-tests for %s (%s) failed in %s mode!\n",
-			      driver, alg,
-			      fips_enabled ? "fips" : "panic_on_fail");
+			panic("alg: self-tests for %s (%s) failed in fips mode!\n",
+			      driver, alg);
 		}
 		pr_warn("alg: self-tests for %s using %s failed (rc=%d)",
 			alg, driver, rc);
 		WARN(rc != -ENOENT,
 		     "alg: self-tests for %s using %s failed (rc=%d)",
-- 
2.49.0


^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [PATCH v3 3/7] crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS
  2025-05-05 20:33 [PATCH v3 0/7] Clean up the crypto testing options Eric Biggers
  2025-05-05 20:33 ` [PATCH v3 1/7] crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK Eric Biggers
  2025-05-05 20:33 ` [PATCH v3 2/7] crypto: testmgr - remove panic_on_fail Eric Biggers
@ 2025-05-05 20:33 ` Eric Biggers
  2025-06-11 11:41   ` Diederik de Haas
  2025-05-05 20:33 ` [PATCH v3 4/7] crypto: testmgr - make it easier to enable the full set of tests Eric Biggers
                   ` (4 subsequent siblings)
  7 siblings, 1 reply; 13+ messages in thread
From: Eric Biggers @ 2025-05-05 20:33 UTC (permalink / raw)
  To: linux-crypto; +Cc: linux-kernel

From: Eric Biggers <ebiggers@google.com>

The negative-sense of CRYPTO_MANAGER_DISABLE_TESTS is a longstanding
mistake that regularly causes confusion.  Especially bad is that you can
have CRYPTO=n && CRYPTO_MANAGER_DISABLE_TESTS=n, which is ambiguous.

Replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS which has the
expected behavior.

The tests continue to be disabled by default.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 arch/arm/configs/milbeaut_m10v_defconfig   |  2 +-
 arch/loongarch/configs/loongson3_defconfig |  2 +-
 arch/s390/configs/debug_defconfig          |  2 +-
 arch/s390/configs/defconfig                |  2 +-
 crypto/Kconfig                             | 24 ++++++++++++++--------
 crypto/algapi.c                            |  4 ++--
 crypto/algboss.c                           |  2 +-
 crypto/api.c                               |  3 +--
 crypto/hkdf.c                              |  2 +-
 crypto/internal.h                          |  5 ++---
 crypto/kdf_sp800108.c                      |  2 +-
 crypto/testmgr.c                           | 12 +++++------
 lib/crypto/Makefile                        |  9 +++-----
 lib/crypto/aescfb.c                        |  2 +-
 lib/crypto/aesgcm.c                        |  2 +-
 lib/crypto/blake2s.c                       |  2 +-
 lib/crypto/chacha20poly1305.c              |  2 +-
 lib/crypto/curve25519.c                    |  2 +-
 18 files changed, 41 insertions(+), 40 deletions(-)

diff --git a/arch/arm/configs/milbeaut_m10v_defconfig b/arch/arm/configs/milbeaut_m10v_defconfig
index 4ec21f477c63..9dd47e1d90bb 100644
--- a/arch/arm/configs/milbeaut_m10v_defconfig
+++ b/arch/arm/configs/milbeaut_m10v_defconfig
@@ -92,11 +92,11 @@ CONFIG_CONFIGFS_FS=y
 CONFIG_NLS_CODEPAGE_437=y
 CONFIG_NLS_ISO8859_1=y
 CONFIG_NLS_UTF8=y
 CONFIG_KEYS=y
 CONFIG_CRYPTO_MANAGER=y
-# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
+CONFIG_CRYPTO_SELFTESTS=y
 # CONFIG_CRYPTO_ECHAINIV is not set
 CONFIG_CRYPTO_AES=y
 CONFIG_CRYPTO_SEQIV=m
 CONFIG_CRYPTO_GHASH_ARM_CE=m
 CONFIG_CRYPTO_SHA1_ARM_NEON=m
diff --git a/arch/loongarch/configs/loongson3_defconfig b/arch/loongarch/configs/loongson3_defconfig
index 90f21dfe22b1..0d59af6007b7 100644
--- a/arch/loongarch/configs/loongson3_defconfig
+++ b/arch/loongarch/configs/loongson3_defconfig
@@ -1024,11 +1024,11 @@ CONFIG_SECURITY_SELINUX=y
 CONFIG_SECURITY_SELINUX_BOOTPARAM=y
 CONFIG_SECURITY_APPARMOR=y
 CONFIG_SECURITY_YAMA=y
 CONFIG_DEFAULT_SECURITY_DAC=y
 CONFIG_CRYPTO_USER=m
-# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
+CONFIG_CRYPTO_SELFTESTS=y
 CONFIG_CRYPTO_PCRYPT=m
 CONFIG_CRYPTO_CRYPTD=m
 CONFIG_CRYPTO_ANUBIS=m
 CONFIG_CRYPTO_BLOWFISH=m
 CONFIG_CRYPTO_CAST5=m
diff --git a/arch/s390/configs/debug_defconfig b/arch/s390/configs/debug_defconfig
index e6f7c8f4ee8b..bc960b1eabae 100644
--- a/arch/s390/configs/debug_defconfig
+++ b/arch/s390/configs/debug_defconfig
@@ -741,11 +741,11 @@ CONFIG_IMA=y
 CONFIG_IMA_DEFAULT_HASH_SHA256=y
 CONFIG_IMA_WRITE_POLICY=y
 CONFIG_IMA_APPRAISE=y
 CONFIG_BUG_ON_DATA_CORRUPTION=y
 CONFIG_CRYPTO_USER=m
-# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
+CONFIG_CRYPTO_SELFTESTS=y
 CONFIG_CRYPTO_PCRYPT=m
 CONFIG_CRYPTO_CRYPTD=m
 CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
diff --git a/arch/s390/configs/defconfig b/arch/s390/configs/defconfig
index 7495bf8e483c..fda2f264e7d3 100644
--- a/arch/s390/configs/defconfig
+++ b/arch/s390/configs/defconfig
@@ -727,11 +727,11 @@ CONFIG_IMA_DEFAULT_HASH_SHA256=y
 CONFIG_IMA_WRITE_POLICY=y
 CONFIG_IMA_APPRAISE=y
 CONFIG_BUG_ON_DATA_CORRUPTION=y
 CONFIG_CRYPTO_FIPS=y
 CONFIG_CRYPTO_USER=m
-# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
+CONFIG_CRYPTO_SELFTESTS=y
 CONFIG_CRYPTO_PCRYPT=m
 CONFIG_CRYPTO_CRYPTD=m
 CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_DH=m
 CONFIG_CRYPTO_ECDH=m
diff --git a/crypto/Kconfig b/crypto/Kconfig
index da352f1984ea..8f1353bbba18 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -23,11 +23,11 @@ if CRYPTO
 
 menu "Crypto core or helper"
 
 config CRYPTO_FIPS
 	bool "FIPS 200 compliance"
-	depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && !CRYPTO_MANAGER_DISABLE_TESTS
+	depends on (CRYPTO_ANSI_CPRNG || CRYPTO_DRBG) && CRYPTO_SELFTESTS
 	depends on (MODULE_SIG || !MODULES)
 	help
 	  This option enables the fips boot option which is
 	  required if you want the system to operate in a FIPS 200
 	  certification.  You should say no unless you know what
@@ -141,12 +141,12 @@ config CRYPTO_ACOMP
 	select CRYPTO_ALGAPI
 	select CRYPTO_ACOMP2
 
 config CRYPTO_HKDF
 	tristate
-	select CRYPTO_SHA256 if !CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
-	select CRYPTO_SHA512 if !CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
+	select CRYPTO_SHA256 if CRYPTO_SELFTESTS
+	select CRYPTO_SHA512 if CRYPTO_SELFTESTS
 	select CRYPTO_HASH2
 
 config CRYPTO_MANAGER
 	tristate "Cryptographic algorithm manager"
 	select CRYPTO_MANAGER2
@@ -171,20 +171,26 @@ config CRYPTO_USER
 	select CRYPTO_MANAGER
 	help
 	  Userspace configuration for cryptographic instantiations such as
 	  cbc(aes).
 
-config CRYPTO_MANAGER_DISABLE_TESTS
-	bool "Disable run-time self tests"
-	default y
+config CRYPTO_SELFTESTS
+	bool "Enable cryptographic self-tests"
+	depends on DEBUG_KERNEL
 	help
-	  Disable run-time self tests that normally take place at
-	  algorithm registration.
+	  Enable the cryptographic self-tests.
+
+	  The cryptographic self-tests run at boot time, or at algorithm
+	  registration time if algorithms are dynamically loaded later.
+
+	  This is primarily intended for developer use.  It should not be
+	  enabled in production kernels, unless you are trying to use these
+	  tests to fulfill a FIPS testing requirement.
 
 config CRYPTO_MANAGER_EXTRA_TESTS
 	bool "Enable extra run-time crypto self tests"
-	depends on DEBUG_KERNEL && !CRYPTO_MANAGER_DISABLE_TESTS && CRYPTO_MANAGER
+	depends on DEBUG_KERNEL && CRYPTO_SELFTESTS && CRYPTO_MANAGER
 	help
 	  Enable extra run-time self tests of registered crypto algorithms,
 	  including randomized fuzz tests.
 
 	  This is intended for developer use only, as these tests take much
diff --git a/crypto/algapi.c b/crypto/algapi.c
index 532d3efc3c7d..9030a30c89e8 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -273,11 +273,11 @@ static void crypto_alg_finish_registration(struct crypto_alg *alg,
 static struct crypto_larval *crypto_alloc_test_larval(struct crypto_alg *alg)
 {
 	struct crypto_larval *larval;
 
 	if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER) ||
-	    IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS) ||
+	    !IS_ENABLED(CONFIG_CRYPTO_SELFTESTS) ||
 	    (alg->cra_flags & CRYPTO_ALG_INTERNAL))
 		return NULL; /* No self-test needed */
 
 	larval = crypto_larval_alloc(alg->cra_name,
 				     alg->cra_flags | CRYPTO_ALG_TESTED, 0);
@@ -1057,11 +1057,11 @@ EXPORT_SYMBOL_GPL(crypto_type_has_alg);
 static void __init crypto_start_tests(void)
 {
 	if (!IS_BUILTIN(CONFIG_CRYPTO_ALGAPI))
 		return;
 
-	if (IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS))
+	if (!IS_ENABLED(CONFIG_CRYPTO_SELFTESTS))
 		return;
 
 	set_crypto_boot_test_finished();
 
 	for (;;) {
diff --git a/crypto/algboss.c b/crypto/algboss.c
index ef5c73780fc7..846f586889ee 100644
--- a/crypto/algboss.c
+++ b/crypto/algboss.c
@@ -187,11 +187,11 @@ static int cryptomgr_test(void *data)
 static int cryptomgr_schedule_test(struct crypto_alg *alg)
 {
 	struct task_struct *thread;
 	struct crypto_test_param *param;
 
-	if (IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS))
+	if (!IS_ENABLED(CONFIG_CRYPTO_SELFTESTS))
 		return NOTIFY_DONE;
 
 	if (!try_module_get(THIS_MODULE))
 		goto err;
 
diff --git a/crypto/api.c b/crypto/api.c
index 5cd5ec105bb1..133d9b626922 100644
--- a/crypto/api.c
+++ b/crypto/api.c
@@ -29,12 +29,11 @@ DECLARE_RWSEM(crypto_alg_sem);
 EXPORT_SYMBOL_GPL(crypto_alg_sem);
 
 BLOCKING_NOTIFIER_HEAD(crypto_chain);
 EXPORT_SYMBOL_GPL(crypto_chain);
 
-#if IS_BUILTIN(CONFIG_CRYPTO_ALGAPI) && \
-    !IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
+#if IS_BUILTIN(CONFIG_CRYPTO_ALGAPI) && IS_ENABLED(CONFIG_CRYPTO_SELFTESTS)
 DEFINE_STATIC_KEY_FALSE(__crypto_boot_test_finished);
 #endif
 
 static struct crypto_alg *crypto_larval_wait(struct crypto_alg *alg,
 					     u32 type, u32 mask);
diff --git a/crypto/hkdf.c b/crypto/hkdf.c
index 2434c5c42545..f24c2a8d4df9 100644
--- a/crypto/hkdf.c
+++ b/crypto/hkdf.c
@@ -541,11 +541,11 @@ static int hkdf_test(const char *shash, const struct hkdf_testvec *tv)
 
 static int __init crypto_hkdf_module_init(void)
 {
 	int ret = 0, i;
 
-	if (IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS))
+	if (!IS_ENABLED(CONFIG_CRYPTO_SELFTESTS))
 		return 0;
 
 	for (i = 0; i < ARRAY_SIZE(hkdf_sha256_tv); i++) {
 		ret = hkdf_test("hmac(sha256)", &hkdf_sha256_tv[i]);
 		if (ret)
diff --git a/crypto/internal.h b/crypto/internal.h
index 2ed79bf208ca..b9afd68767c1 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h
@@ -65,12 +65,11 @@ extern struct list_head crypto_alg_list;
 extern struct rw_semaphore crypto_alg_sem;
 extern struct blocking_notifier_head crypto_chain;
 
 int alg_test(const char *driver, const char *alg, u32 type, u32 mask);
 
-#if !IS_BUILTIN(CONFIG_CRYPTO_ALGAPI) || \
-    IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
+#if !IS_BUILTIN(CONFIG_CRYPTO_ALGAPI) || !IS_ENABLED(CONFIG_CRYPTO_SELFTESTS)
 static inline bool crypto_boot_test_finished(void)
 {
 	return true;
 }
 static inline void set_crypto_boot_test_finished(void)
@@ -85,11 +84,11 @@ static inline bool crypto_boot_test_finished(void)
 static inline void set_crypto_boot_test_finished(void)
 {
 	static_branch_enable(&__crypto_boot_test_finished);
 }
 #endif /* !IS_BUILTIN(CONFIG_CRYPTO_ALGAPI) ||
-	* IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS)
+	* !IS_ENABLED(CONFIG_CRYPTO_SELFTESTS)
 	*/
 
 #ifdef CONFIG_PROC_FS
 void __init crypto_init_proc(void);
 void __exit crypto_exit_proc(void);
diff --git a/crypto/kdf_sp800108.c b/crypto/kdf_sp800108.c
index c3f9938e1ad2..b7a6bf9da773 100644
--- a/crypto/kdf_sp800108.c
+++ b/crypto/kdf_sp800108.c
@@ -125,11 +125,11 @@ static const struct kdf_testvec kdf_ctr_hmac_sha256_tv_template[] = {
 
 static int __init crypto_kdf108_init(void)
 {
 	int ret;
 
-	if (IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS))
+	if (!IS_ENABLED(CONFIG_CRYPTO_SELFTESTS))
 		return 0;
 
 	ret = kdf_test(&kdf_ctr_hmac_sha256_tv_template[0], "hmac(sha256)",
 		       crypto_kdf108_setkey, crypto_kdf108_ctr_generate);
 	if (ret) {
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 1c71616ae2cf..3a624c9b5525 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -53,11 +53,11 @@ MODULE_PARM_DESC(noextratests, "disable expensive crypto self-tests");
 static unsigned int fuzz_iterations = 100;
 module_param(fuzz_iterations, uint, 0644);
 MODULE_PARM_DESC(fuzz_iterations, "number of fuzz test iterations");
 #endif
 
-#ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
+#ifndef CONFIG_CRYPTO_SELFTESTS
 
 /* a perfect nop */
 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
 {
 	return 0;
@@ -319,14 +319,14 @@ struct testvec_config {
 
 #define TESTVEC_CONFIG_NAMELEN	192
 
 /*
  * The following are the lists of testvec_configs to test for each algorithm
- * type when the basic crypto self-tests are enabled, i.e. when
- * CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is unset.  They aim to provide good test
- * coverage, while keeping the test time much shorter than the full fuzz tests
- * so that the basic tests can be enabled in a wider range of circumstances.
+ * type when the basic crypto self-tests are enabled.  They aim to provide good
+ * test coverage, while keeping the test time much shorter than the full fuzz
+ * tests so that the basic tests can be enabled in a wider range of
+ * circumstances.
  */
 
 /* Configs for skciphers and aeads */
 static const struct testvec_config default_cipher_testvec_configs[] = {
 	{
@@ -5897,8 +5897,8 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
 	return 0;
 non_fips_alg:
 	return alg_fips_disabled(driver, alg);
 }
 
-#endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */
+#endif /* CONFIG_CRYPTO_SELFTESTS */
 
 EXPORT_SYMBOL_GPL(alg_test);
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index 71d3d05d666a..842fcef16e4d 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -23,21 +23,24 @@ obj-$(CONFIG_CRYPTO_LIB_GF128MUL)		+= gf128mul.o
 
 # blake2s is used by the /dev/random driver which is always builtin
 obj-y						+= libblake2s.o
 libblake2s-y					:= blake2s.o
 libblake2s-$(CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC)	+= blake2s-generic.o
+libblake2s-$(CONFIG_CRYPTO_SELFTESTS)		+= blake2s-selftest.o
 
 obj-$(CONFIG_CRYPTO_LIB_CHACHA20POLY1305)	+= libchacha20poly1305.o
 libchacha20poly1305-y				+= chacha20poly1305.o
+libchacha20poly1305-$(CONFIG_CRYPTO_SELFTESTS)	+= chacha20poly1305-selftest.o
 
 obj-$(CONFIG_CRYPTO_LIB_CURVE25519_GENERIC)	+= libcurve25519-generic.o
 libcurve25519-generic-y				:= curve25519-fiat32.o
 libcurve25519-generic-$(CONFIG_ARCH_SUPPORTS_INT128)	:= curve25519-hacl64.o
 libcurve25519-generic-y				+= curve25519-generic.o
 
 obj-$(CONFIG_CRYPTO_LIB_CURVE25519)		+= libcurve25519.o
 libcurve25519-y					+= curve25519.o
+libcurve25519-$(CONFIG_CRYPTO_SELFTESTS)	+= curve25519-selftest.o
 
 obj-$(CONFIG_CRYPTO_LIB_DES)			+= libdes.o
 libdes-y					:= des.o
 
 obj-$(CONFIG_CRYPTO_LIB_POLY1305_GENERIC)	+= libpoly1305.o
@@ -52,16 +55,10 @@ obj-$(CONFIG_CRYPTO_LIB_SHA256)			+= libsha256.o
 libsha256-y					:= sha256.o
 
 obj-$(CONFIG_CRYPTO_LIB_SHA256_GENERIC)		+= libsha256-generic.o
 libsha256-generic-y				:= sha256-generic.o
 
-ifneq ($(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS),y)
-libblake2s-y					+= blake2s-selftest.o
-libchacha20poly1305-y				+= chacha20poly1305-selftest.o
-libcurve25519-y					+= curve25519-selftest.o
-endif
-
 obj-$(CONFIG_MPILIB) += mpi/
 
 obj-$(CONFIG_CRYPTO_MANAGER_EXTRA_TESTS)	+= simd.o
 
 obj-$(CONFIG_CRYPTO_LIB_SM3)			+= libsm3.o
diff --git a/lib/crypto/aescfb.c b/lib/crypto/aescfb.c
index 749dc1258a44..437613265e14 100644
--- a/lib/crypto/aescfb.c
+++ b/lib/crypto/aescfb.c
@@ -97,11 +97,11 @@ EXPORT_SYMBOL(aescfb_decrypt);
 
 MODULE_DESCRIPTION("Generic AES-CFB library");
 MODULE_AUTHOR("Ard Biesheuvel <ardb@kernel.org>");
 MODULE_LICENSE("GPL");
 
-#ifndef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
+#ifdef CONFIG_CRYPTO_SELFTESTS
 
 /*
  * Test code below. Vectors taken from crypto/testmgr.h
  */
 
diff --git a/lib/crypto/aesgcm.c b/lib/crypto/aesgcm.c
index 902e49410aaf..277824d6b4af 100644
--- a/lib/crypto/aesgcm.c
+++ b/lib/crypto/aesgcm.c
@@ -197,11 +197,11 @@ EXPORT_SYMBOL(aesgcm_decrypt);
 
 MODULE_DESCRIPTION("Generic AES-GCM library");
 MODULE_AUTHOR("Ard Biesheuvel <ardb@kernel.org>");
 MODULE_LICENSE("GPL");
 
-#ifndef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
+#ifdef CONFIG_CRYPTO_SELFTESTS
 
 /*
  * Test code below. Vectors taken from crypto/testmgr.h
  */
 
diff --git a/lib/crypto/blake2s.c b/lib/crypto/blake2s.c
index 71a316552cc5..b0f9a678300b 100644
--- a/lib/crypto/blake2s.c
+++ b/lib/crypto/blake2s.c
@@ -58,11 +58,11 @@ void blake2s_final(struct blake2s_state *state, u8 *out)
 }
 EXPORT_SYMBOL(blake2s_final);
 
 static int __init blake2s_mod_init(void)
 {
-	if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS) &&
+	if (IS_ENABLED(CONFIG_CRYPTO_SELFTESTS) &&
 	    WARN_ON(!blake2s_selftest()))
 		return -ENODEV;
 	return 0;
 }
 
diff --git a/lib/crypto/chacha20poly1305.c b/lib/crypto/chacha20poly1305.c
index 9cfa886f1f89..57a84fee179e 100644
--- a/lib/crypto/chacha20poly1305.c
+++ b/lib/crypto/chacha20poly1305.c
@@ -353,11 +353,11 @@ bool chacha20poly1305_decrypt_sg_inplace(struct scatterlist *src, size_t src_len
 }
 EXPORT_SYMBOL(chacha20poly1305_decrypt_sg_inplace);
 
 static int __init chacha20poly1305_init(void)
 {
-	if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS) &&
+	if (IS_ENABLED(CONFIG_CRYPTO_SELFTESTS) &&
 	    WARN_ON(!chacha20poly1305_selftest()))
 		return -ENODEV;
 	return 0;
 }
 
diff --git a/lib/crypto/curve25519.c b/lib/crypto/curve25519.c
index 064b352c6907..6850b76a80c9 100644
--- a/lib/crypto/curve25519.c
+++ b/lib/crypto/curve25519.c
@@ -13,11 +13,11 @@
 #include <linux/module.h>
 #include <linux/init.h>
 
 static int __init curve25519_init(void)
 {
-	if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS) &&
+	if (IS_ENABLED(CONFIG_CRYPTO_SELFTESTS) &&
 	    WARN_ON(!curve25519_selftest()))
 		return -ENODEV;
 	return 0;
 }
 
-- 
2.49.0


^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [PATCH v3 4/7] crypto: testmgr - make it easier to enable the full set of tests
  2025-05-05 20:33 [PATCH v3 0/7] Clean up the crypto testing options Eric Biggers
                   ` (2 preceding siblings ...)
  2025-05-05 20:33 ` [PATCH v3 3/7] crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS Eric Biggers
@ 2025-05-05 20:33 ` Eric Biggers
  2025-05-05 20:33 ` [PATCH v3 5/7] crypto: testmgr - rename noextratests to noslowtests Eric Biggers
                   ` (3 subsequent siblings)
  7 siblings, 0 replies; 13+ messages in thread
From: Eric Biggers @ 2025-05-05 20:33 UTC (permalink / raw)
  To: linux-crypto; +Cc: linux-kernel

From: Eric Biggers <ebiggers@google.com>

Currently the full set of crypto self-tests requires
CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y.  This is problematic in two ways.
First, developers regularly overlook this option.  Second, the
description of the tests as "extra" sometimes gives the impression that
it is not required that all algorithms pass these tests.

Given that the main use case for the crypto self-tests is for
developers, make enabling CONFIG_CRYPTO_SELFTESTS=y just enable the full
set of crypto self-tests by default.

The slow tests can still be disabled by adding the command-line
parameter cryptomgr.noextratests=1, soon to be renamed to
cryptomgr.noslowtests=1.  The only known use case for doing this is for
people trying to use the crypto self-tests to satisfy the FIPS 140-3
pre-operational self-testing requirements when the kernel is being
validated as a FIPS 140-3 cryptographic module.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/Kconfig                 | 10 ------
 crypto/testmgr.c               | 62 +++-------------------------------
 include/crypto/internal/simd.h |  6 ++--
 lib/crypto/Makefile            |  2 +-
 4 files changed, 8 insertions(+), 72 deletions(-)

diff --git a/crypto/Kconfig b/crypto/Kconfig
index 8f1353bbba18..bbe9cc408927 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -184,20 +184,10 @@ config CRYPTO_SELFTESTS
 
 	  This is primarily intended for developer use.  It should not be
 	  enabled in production kernels, unless you are trying to use these
 	  tests to fulfill a FIPS testing requirement.
 
-config CRYPTO_MANAGER_EXTRA_TESTS
-	bool "Enable extra run-time crypto self tests"
-	depends on DEBUG_KERNEL && CRYPTO_SELFTESTS && CRYPTO_MANAGER
-	help
-	  Enable extra run-time self tests of registered crypto algorithms,
-	  including randomized fuzz tests.
-
-	  This is intended for developer use only, as these tests take much
-	  longer to run than the normal self tests.
-
 config CRYPTO_NULL
 	tristate "Null algorithms"
 	select CRYPTO_NULL2
 	help
 	  These are 'Null' algorithms, used by IPsec, which do nothing.
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 3a624c9b5525..a6707cda8328 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -43,19 +43,17 @@ MODULE_IMPORT_NS("CRYPTO_INTERNAL");
 
 static bool notests;
 module_param(notests, bool, 0644);
 MODULE_PARM_DESC(notests, "disable crypto self-tests");
 
-#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
 static bool noextratests;
 module_param(noextratests, bool, 0644);
 MODULE_PARM_DESC(noextratests, "disable expensive crypto self-tests");
 
 static unsigned int fuzz_iterations = 100;
 module_param(fuzz_iterations, uint, 0644);
 MODULE_PARM_DESC(fuzz_iterations, "number of fuzz test iterations");
-#endif
 
 #ifndef CONFIG_CRYPTO_SELFTESTS
 
 /* a perfect nop */
 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
@@ -319,14 +317,13 @@ struct testvec_config {
 
 #define TESTVEC_CONFIG_NAMELEN	192
 
 /*
  * The following are the lists of testvec_configs to test for each algorithm
- * type when the basic crypto self-tests are enabled.  They aim to provide good
- * test coverage, while keeping the test time much shorter than the full fuzz
- * tests so that the basic tests can be enabled in a wider range of
- * circumstances.
+ * type when the fast crypto self-tests are enabled.  They aim to provide good
+ * test coverage, while keeping the test time much shorter than the full tests
+ * so that the fast tests can be used to fulfill FIPS 140 testing requirements.
  */
 
 /* Configs for skciphers and aeads */
 static const struct testvec_config default_cipher_testvec_configs[] = {
 	{
@@ -871,12 +868,10 @@ static int prepare_keybuf(const u8 *key, unsigned int ksize,
 		kfree(keybuf);						\
 	}								\
 	err;								\
 })
 
-#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
-
 /*
  * The fuzz tests use prandom instead of the normal Linux RNG since they don't
  * need cryptographically secure random numbers.  This greatly improves the
  * performance of these tests, especially if they are run before the Linux RNG
  * has been initialized or if they are run on a lockdep-enabled kernel.
@@ -1237,19 +1232,10 @@ static int build_generic_driver_name(const char *algname,
 too_long:
 	pr_err("alg: generic driver name for \"%s\" would be too long\n",
 	       algname);
 	return -ENAMETOOLONG;
 }
-#else /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS */
-static void crypto_disable_simd_for_test(void)
-{
-}
-
-static void crypto_reenable_simd_for_test(void)
-{
-}
-#endif /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS */
 
 static int build_hash_sglist(struct test_sglist *tsgl,
 			     const struct hash_testvec *vec,
 			     const struct testvec_config *cfg,
 			     unsigned int alignmask,
@@ -1686,11 +1672,10 @@ static int test_hash_vec(const struct hash_testvec *vec, unsigned int vec_num,
 					req, desc, tsgl, hashstate);
 		if (err)
 			return err;
 	}
 
-#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
 	if (!noextratests) {
 		struct rnd_state rng;
 		struct testvec_config cfg;
 		char cfgname[TESTVEC_CONFIG_NAMELEN];
 
@@ -1704,15 +1689,13 @@ static int test_hash_vec(const struct hash_testvec *vec, unsigned int vec_num,
 			if (err)
 				return err;
 			cond_resched();
 		}
 	}
-#endif
 	return 0;
 }
 
-#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
 /*
  * Generate a hash test vector from the given implementation.
  * Assumes the buffers in 'vec' were already allocated.
  */
 static void generate_random_hash_testvec(struct rnd_state *rng,
@@ -1874,21 +1857,10 @@ static int test_hash_vs_generic_impl(const char *generic_driver,
 	kfree(vec.digest);
 	crypto_free_shash(generic_tfm);
 	kfree_sensitive(generic_desc);
 	return err;
 }
-#else /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS */
-static int test_hash_vs_generic_impl(const char *generic_driver,
-				     unsigned int maxkeysize,
-				     struct ahash_request *req,
-				     struct shash_desc *desc,
-				     struct test_sglist *tsgl,
-				     u8 *hashstate)
-{
-	return 0;
-}
-#endif /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS */
 
 static int alloc_shash(const char *driver, u32 type, u32 mask,
 		       struct crypto_shash **tfm_ret,
 		       struct shash_desc **desc_ret)
 {
@@ -2258,11 +2230,10 @@ static int test_aead_vec(int enc, const struct aead_testvec *vec,
 					req, tsgls);
 		if (err)
 			return err;
 	}
 
-#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
 	if (!noextratests) {
 		struct rnd_state rng;
 		struct testvec_config cfg;
 		char cfgname[TESTVEC_CONFIG_NAMELEN];
 
@@ -2276,16 +2247,13 @@ static int test_aead_vec(int enc, const struct aead_testvec *vec,
 			if (err)
 				return err;
 			cond_resched();
 		}
 	}
-#endif
 	return 0;
 }
 
-#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
-
 struct aead_extra_tests_ctx {
 	struct rnd_state rng;
 	struct aead_request *req;
 	struct crypto_aead *tfm;
 	const struct alg_test_desc *test_desc;
@@ -2666,18 +2634,10 @@ static int test_aead_extra(const struct alg_test_desc *test_desc,
 	kfree(ctx->vec.ptext);
 	kfree(ctx->vec.ctext);
 	kfree(ctx);
 	return err;
 }
-#else /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS */
-static int test_aead_extra(const struct alg_test_desc *test_desc,
-			   struct aead_request *req,
-			   struct cipher_test_sglists *tsgls)
-{
-	return 0;
-}
-#endif /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS */
 
 static int test_aead(int enc, const struct aead_test_suite *suite,
 		     struct aead_request *req,
 		     struct cipher_test_sglists *tsgls)
 {
@@ -3013,11 +2973,10 @@ static int test_skcipher_vec(int enc, const struct cipher_testvec *vec,
 					    req, tsgls);
 		if (err)
 			return err;
 	}
 
-#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
 	if (!noextratests) {
 		struct rnd_state rng;
 		struct testvec_config cfg;
 		char cfgname[TESTVEC_CONFIG_NAMELEN];
 
@@ -3031,15 +2990,13 @@ static int test_skcipher_vec(int enc, const struct cipher_testvec *vec,
 			if (err)
 				return err;
 			cond_resched();
 		}
 	}
-#endif
 	return 0;
 }
 
-#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
 /*
  * Generate a symmetric cipher test vector from the given implementation.
  * Assumes the buffers in 'vec' were already allocated.
  */
 static void generate_random_cipher_testvec(struct rnd_state *rng,
@@ -3234,18 +3191,10 @@ static int test_skcipher_vs_generic_impl(const char *generic_driver,
 	kfree(vec.ctext);
 	crypto_free_skcipher(generic_tfm);
 	skcipher_request_free(generic_req);
 	return err;
 }
-#else /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS */
-static int test_skcipher_vs_generic_impl(const char *generic_driver,
-					 struct skcipher_request *req,
-					 struct cipher_test_sglists *tsgls)
-{
-	return 0;
-}
-#endif /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS */
 
 static int test_skcipher(int enc, const struct cipher_test_suite *suite,
 			 struct skcipher_request *req,
 			 struct cipher_test_sglists *tsgls)
 {
@@ -5758,13 +5707,12 @@ static void alg_check_testvec_configs(void)
 static void testmgr_onetime_init(void)
 {
 	alg_check_test_descs_order();
 	alg_check_testvec_configs();
 
-#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
-	pr_warn("alg: extra crypto tests enabled.  This is intended for developer use only.\n");
-#endif
+	if (!noextratests)
+		pr_warn("alg: full crypto tests enabled.  This is intended for developer use only.\n");
 }
 
 static int alg_find_test(const char *alg)
 {
 	int start = 0;
diff --git a/include/crypto/internal/simd.h b/include/crypto/internal/simd.h
index f56049bd1660..7e7f1ac3b7fd 100644
--- a/include/crypto/internal/simd.h
+++ b/include/crypto/internal/simd.h
@@ -42,15 +42,13 @@ void simd_unregister_aeads(struct aead_alg *algs, int count,
  * crypto_simd_usable() - is it allowed at this time to use SIMD instructions or
  *			  access the SIMD register file?
  *
  * This delegates to may_use_simd(), except that this also returns false if SIMD
  * in crypto code has been temporarily disabled on this CPU by the crypto
- * self-tests, in order to test the no-SIMD fallback code.  This override is
- * currently limited to configurations where the extra self-tests are enabled,
- * because it might be a bit too invasive to be part of the regular self-tests.
+ * self-tests, in order to test the no-SIMD fallback code.
  */
-#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
+#ifdef CONFIG_CRYPTO_SELFTESTS
 DECLARE_PER_CPU(bool, crypto_simd_disabled_for_test);
 #define crypto_simd_usable() \
 	(may_use_simd() && !this_cpu_read(crypto_simd_disabled_for_test))
 #else
 #define crypto_simd_usable() may_use_simd()
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index 842fcef16e4d..a2aca61fb42e 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -57,9 +57,9 @@ libsha256-y					:= sha256.o
 obj-$(CONFIG_CRYPTO_LIB_SHA256_GENERIC)		+= libsha256-generic.o
 libsha256-generic-y				:= sha256-generic.o
 
 obj-$(CONFIG_MPILIB) += mpi/
 
-obj-$(CONFIG_CRYPTO_MANAGER_EXTRA_TESTS)	+= simd.o
+obj-$(CONFIG_CRYPTO_SELFTESTS)			+= simd.o
 
 obj-$(CONFIG_CRYPTO_LIB_SM3)			+= libsm3.o
 libsm3-y					:= sm3.o
-- 
2.49.0


^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [PATCH v3 5/7] crypto: testmgr - rename noextratests to noslowtests
  2025-05-05 20:33 [PATCH v3 0/7] Clean up the crypto testing options Eric Biggers
                   ` (3 preceding siblings ...)
  2025-05-05 20:33 ` [PATCH v3 4/7] crypto: testmgr - make it easier to enable the full set of tests Eric Biggers
@ 2025-05-05 20:33 ` Eric Biggers
  2025-05-05 20:33 ` [PATCH v3 6/7] crypto: Kconfig - make CRYPTO_MANAGER a hidden symbol Eric Biggers
                   ` (2 subsequent siblings)
  7 siblings, 0 replies; 13+ messages in thread
From: Eric Biggers @ 2025-05-05 20:33 UTC (permalink / raw)
  To: linux-crypto; +Cc: linux-kernel

From: Eric Biggers <ebiggers@google.com>

Rename the noextratests module parameter to noslowtests, and replace
other remaining mentions of "extra" in the code with "slow".  This
addresses confusion regarding the word "extra" like that seen at
https://lore.kernel.org/r/6cecf2de-9aa0-f6ea-0c2d-8e974a1a820b@huawei.com/.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/testmgr.c | 41 ++++++++++++++++++++---------------------
 1 file changed, 20 insertions(+), 21 deletions(-)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index a6707cda8328..fc28000c27f5 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -41,15 +41,15 @@
 
 MODULE_IMPORT_NS("CRYPTO_INTERNAL");
 
 static bool notests;
 module_param(notests, bool, 0644);
-MODULE_PARM_DESC(notests, "disable crypto self-tests");
+MODULE_PARM_DESC(notests, "disable all crypto self-tests");
 
-static bool noextratests;
-module_param(noextratests, bool, 0644);
-MODULE_PARM_DESC(noextratests, "disable expensive crypto self-tests");
+static bool noslowtests;
+module_param(noslowtests, bool, 0644);
+MODULE_PARM_DESC(noslowtests, "disable slow crypto self-tests");
 
 static unsigned int fuzz_iterations = 100;
 module_param(fuzz_iterations, uint, 0644);
 MODULE_PARM_DESC(fuzz_iterations, "number of fuzz test iterations");
 
@@ -1672,11 +1672,11 @@ static int test_hash_vec(const struct hash_testvec *vec, unsigned int vec_num,
 					req, desc, tsgl, hashstate);
 		if (err)
 			return err;
 	}
 
-	if (!noextratests) {
+	if (!noslowtests) {
 		struct rnd_state rng;
 		struct testvec_config cfg;
 		char cfgname[TESTVEC_CONFIG_NAMELEN];
 
 		init_rnd_state(&rng);
@@ -1762,11 +1762,11 @@ static int test_hash_vs_generic_impl(const char *generic_driver,
 	char vec_name[64];
 	struct testvec_config *cfg;
 	char cfgname[TESTVEC_CONFIG_NAMELEN];
 	int err;
 
-	if (noextratests)
+	if (noslowtests)
 		return 0;
 
 	init_rnd_state(&rng);
 
 	if (!generic_driver) { /* Use default naming convention? */
@@ -2230,11 +2230,11 @@ static int test_aead_vec(int enc, const struct aead_testvec *vec,
 					req, tsgls);
 		if (err)
 			return err;
 	}
 
-	if (!noextratests) {
+	if (!noslowtests) {
 		struct rnd_state rng;
 		struct testvec_config cfg;
 		char cfgname[TESTVEC_CONFIG_NAMELEN];
 
 		init_rnd_state(&rng);
@@ -2250,11 +2250,11 @@ static int test_aead_vec(int enc, const struct aead_testvec *vec,
 		}
 	}
 	return 0;
 }
 
-struct aead_extra_tests_ctx {
+struct aead_slow_tests_ctx {
 	struct rnd_state rng;
 	struct aead_request *req;
 	struct crypto_aead *tfm;
 	const struct alg_test_desc *test_desc;
 	struct cipher_test_sglists *tsgls;
@@ -2425,12 +2425,11 @@ static void generate_random_aead_testvec(struct rnd_state *rng,
 	snprintf(name, max_namelen,
 		 "\"random: alen=%u plen=%u authsize=%u klen=%u novrfy=%d\"",
 		 vec->alen, vec->plen, authsize, vec->klen, vec->novrfy);
 }
 
-static void try_to_generate_inauthentic_testvec(
-					struct aead_extra_tests_ctx *ctx)
+static void try_to_generate_inauthentic_testvec(struct aead_slow_tests_ctx *ctx)
 {
 	int i;
 
 	for (i = 0; i < 10; i++) {
 		generate_random_aead_testvec(&ctx->rng, ctx->req, &ctx->vec,
@@ -2445,11 +2444,11 @@ static void try_to_generate_inauthentic_testvec(
 
 /*
  * Generate inauthentic test vectors (i.e. ciphertext, AAD pairs that aren't the
  * result of an encryption with the key) and verify that decryption fails.
  */
-static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx)
+static int test_aead_inauthentic_inputs(struct aead_slow_tests_ctx *ctx)
 {
 	unsigned int i;
 	int err;
 
 	for (i = 0; i < fuzz_iterations * 8; i++) {
@@ -2480,11 +2479,11 @@ static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx)
 
 /*
  * Test the AEAD algorithm against the corresponding generic implementation, if
  * one is available.
  */
-static int test_aead_vs_generic_impl(struct aead_extra_tests_ctx *ctx)
+static int test_aead_vs_generic_impl(struct aead_slow_tests_ctx *ctx)
 {
 	struct crypto_aead *tfm = ctx->tfm;
 	const char *algname = crypto_aead_alg(tfm)->base.cra_name;
 	const char *driver = crypto_aead_driver_name(tfm);
 	const char *generic_driver = ctx->test_desc->generic_driver;
@@ -2584,19 +2583,19 @@ static int test_aead_vs_generic_impl(struct aead_extra_tests_ctx *ctx)
 	crypto_free_aead(generic_tfm);
 	aead_request_free(generic_req);
 	return err;
 }
 
-static int test_aead_extra(const struct alg_test_desc *test_desc,
-			   struct aead_request *req,
-			   struct cipher_test_sglists *tsgls)
+static int test_aead_slow(const struct alg_test_desc *test_desc,
+			  struct aead_request *req,
+			  struct cipher_test_sglists *tsgls)
 {
-	struct aead_extra_tests_ctx *ctx;
+	struct aead_slow_tests_ctx *ctx;
 	unsigned int i;
 	int err;
 
-	if (noextratests)
+	if (noslowtests)
 		return 0;
 
 	ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
 	if (!ctx)
 		return -ENOMEM;
@@ -2699,11 +2698,11 @@ static int alg_test_aead(const struct alg_test_desc *desc, const char *driver,
 
 	err = test_aead(DECRYPT, suite, req, tsgls);
 	if (err)
 		goto out;
 
-	err = test_aead_extra(desc, req, tsgls);
+	err = test_aead_slow(desc, req, tsgls);
 out:
 	free_cipher_test_sglists(tsgls);
 	aead_request_free(req);
 	crypto_free_aead(tfm);
 	return err;
@@ -2973,11 +2972,11 @@ static int test_skcipher_vec(int enc, const struct cipher_testvec *vec,
 					    req, tsgls);
 		if (err)
 			return err;
 	}
 
-	if (!noextratests) {
+	if (!noslowtests) {
 		struct rnd_state rng;
 		struct testvec_config cfg;
 		char cfgname[TESTVEC_CONFIG_NAMELEN];
 
 		init_rnd_state(&rng);
@@ -3075,11 +3074,11 @@ static int test_skcipher_vs_generic_impl(const char *generic_driver,
 	char vec_name[64];
 	struct testvec_config *cfg;
 	char cfgname[TESTVEC_CONFIG_NAMELEN];
 	int err;
 
-	if (noextratests)
+	if (noslowtests)
 		return 0;
 
 	init_rnd_state(&rng);
 
 	if (!generic_driver) { /* Use default naming convention? */
@@ -5707,11 +5706,11 @@ static void alg_check_testvec_configs(void)
 static void testmgr_onetime_init(void)
 {
 	alg_check_test_descs_order();
 	alg_check_testvec_configs();
 
-	if (!noextratests)
+	if (!noslowtests)
 		pr_warn("alg: full crypto tests enabled.  This is intended for developer use only.\n");
 }
 
 static int alg_find_test(const char *alg)
 {
-- 
2.49.0


^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [PATCH v3 6/7] crypto: Kconfig - make CRYPTO_MANAGER a hidden symbol
  2025-05-05 20:33 [PATCH v3 0/7] Clean up the crypto testing options Eric Biggers
                   ` (4 preceding siblings ...)
  2025-05-05 20:33 ` [PATCH v3 5/7] crypto: testmgr - rename noextratests to noslowtests Eric Biggers
@ 2025-05-05 20:33 ` Eric Biggers
  2025-05-05 20:33 ` [PATCH v3 7/7] crypto: testmgr - enable CRYPTO_MANAGER when CRYPTO_SELFTESTS Eric Biggers
  2025-05-12  5:46 ` [PATCH v3 0/7] Clean up the crypto testing options Herbert Xu
  7 siblings, 0 replies; 13+ messages in thread
From: Eric Biggers @ 2025-05-05 20:33 UTC (permalink / raw)
  To: linux-crypto; +Cc: linux-kernel

From: Eric Biggers <ebiggers@google.com>

There is no reason for people configuring the kernel to be asked about
CRYPTO_MANAGER, so make it a hidden symbol.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 arch/arm/configs/milbeaut_m10v_defconfig    | 1 -
 arch/arm/configs/pxa_defconfig              | 1 -
 arch/mips/configs/decstation_64_defconfig   | 1 -
 arch/mips/configs/decstation_defconfig      | 1 -
 arch/mips/configs/decstation_r4k_defconfig  | 1 -
 arch/mips/configs/ip28_defconfig            | 1 -
 arch/parisc/configs/generic-64bit_defconfig | 1 -
 arch/sh/configs/migor_defconfig             | 1 -
 crypto/Kconfig                              | 2 +-
 9 files changed, 1 insertion(+), 9 deletions(-)

diff --git a/arch/arm/configs/milbeaut_m10v_defconfig b/arch/arm/configs/milbeaut_m10v_defconfig
index 9dd47e1d90bb..242e7d5a3f68 100644
--- a/arch/arm/configs/milbeaut_m10v_defconfig
+++ b/arch/arm/configs/milbeaut_m10v_defconfig
@@ -91,11 +91,10 @@ CONFIG_CONFIGFS_FS=y
 # CONFIG_MISC_FILESYSTEMS is not set
 CONFIG_NLS_CODEPAGE_437=y
 CONFIG_NLS_ISO8859_1=y
 CONFIG_NLS_UTF8=y
 CONFIG_KEYS=y
-CONFIG_CRYPTO_MANAGER=y
 CONFIG_CRYPTO_SELFTESTS=y
 # CONFIG_CRYPTO_ECHAINIV is not set
 CONFIG_CRYPTO_AES=y
 CONFIG_CRYPTO_SEQIV=m
 CONFIG_CRYPTO_GHASH_ARM_CE=m
diff --git a/arch/arm/configs/pxa_defconfig b/arch/arm/configs/pxa_defconfig
index edc5b4d17f77..ded4b9a5accf 100644
--- a/arch/arm/configs/pxa_defconfig
+++ b/arch/arm/configs/pxa_defconfig
@@ -634,11 +634,10 @@ CONFIG_NLS_ASCII=m
 CONFIG_NLS_ISO8859_1=m
 CONFIG_NLS_ISO8859_15=m
 CONFIG_NLS_UTF8=m
 CONFIG_TIMER_STATS=y
 CONFIG_SECURITY=y
-CONFIG_CRYPTO_MANAGER=y
 CONFIG_CRYPTO_CRYPTD=m
 CONFIG_CRYPTO_AUTHENC=m
 CONFIG_CRYPTO_BENCHMARK=m
 CONFIG_CRYPTO_BLOWFISH=m
 CONFIG_CRYPTO_CAST5=m
diff --git a/arch/mips/configs/decstation_64_defconfig b/arch/mips/configs/decstation_64_defconfig
index 9655567614aa..85a4472cb058 100644
--- a/arch/mips/configs/decstation_64_defconfig
+++ b/arch/mips/configs/decstation_64_defconfig
@@ -166,11 +166,10 @@ CONFIG_NLS_ISO8859_9=m
 CONFIG_NLS_ISO8859_13=m
 CONFIG_NLS_ISO8859_14=m
 CONFIG_NLS_ISO8859_15=m
 CONFIG_NLS_UTF8=m
 CONFIG_CRYPTO_RSA=m
-CONFIG_CRYPTO_MANAGER=y
 CONFIG_CRYPTO_CCM=m
 CONFIG_CRYPTO_GCM=m
 CONFIG_CRYPTO_CHACHA20POLY1305=m
 CONFIG_CRYPTO_CTS=m
 CONFIG_CRYPTO_LRW=m
diff --git a/arch/mips/configs/decstation_defconfig b/arch/mips/configs/decstation_defconfig
index 1539fe8eb34d..a3b2c8da2dde 100644
--- a/arch/mips/configs/decstation_defconfig
+++ b/arch/mips/configs/decstation_defconfig
@@ -161,11 +161,10 @@ CONFIG_NLS_ISO8859_9=m
 CONFIG_NLS_ISO8859_13=m
 CONFIG_NLS_ISO8859_14=m
 CONFIG_NLS_ISO8859_15=m
 CONFIG_NLS_UTF8=m
 CONFIG_CRYPTO_RSA=m
-CONFIG_CRYPTO_MANAGER=y
 CONFIG_CRYPTO_CCM=m
 CONFIG_CRYPTO_GCM=m
 CONFIG_CRYPTO_CHACHA20POLY1305=m
 CONFIG_CRYPTO_CTS=m
 CONFIG_CRYPTO_LRW=m
diff --git a/arch/mips/configs/decstation_r4k_defconfig b/arch/mips/configs/decstation_r4k_defconfig
index 58c36720c94a..a476717b8a6a 100644
--- a/arch/mips/configs/decstation_r4k_defconfig
+++ b/arch/mips/configs/decstation_r4k_defconfig
@@ -161,11 +161,10 @@ CONFIG_NLS_ISO8859_9=m
 CONFIG_NLS_ISO8859_13=m
 CONFIG_NLS_ISO8859_14=m
 CONFIG_NLS_ISO8859_15=m
 CONFIG_NLS_UTF8=m
 CONFIG_CRYPTO_RSA=m
-CONFIG_CRYPTO_MANAGER=y
 CONFIG_CRYPTO_CCM=m
 CONFIG_CRYPTO_GCM=m
 CONFIG_CRYPTO_CHACHA20POLY1305=m
 CONFIG_CRYPTO_CTS=m
 CONFIG_CRYPTO_LRW=m
diff --git a/arch/mips/configs/ip28_defconfig b/arch/mips/configs/ip28_defconfig
index e0040110a3ee..6db21e498faa 100644
--- a/arch/mips/configs/ip28_defconfig
+++ b/arch/mips/configs/ip28_defconfig
@@ -58,8 +58,7 @@ CONFIG_PROC_KCORE=y
 CONFIG_TMPFS=y
 CONFIG_TMPFS_POSIX_ACL=y
 CONFIG_NFS_FS=y
 CONFIG_NFS_V3_ACL=y
 CONFIG_ROOT_NFS=y
-CONFIG_CRYPTO_MANAGER=y
 # CONFIG_CRYPTO_HW is not set
 CONFIG_MAGIC_SYSRQ=y
diff --git a/arch/parisc/configs/generic-64bit_defconfig b/arch/parisc/configs/generic-64bit_defconfig
index ecc9ffcc11cd..d8cd7f858b2a 100644
--- a/arch/parisc/configs/generic-64bit_defconfig
+++ b/arch/parisc/configs/generic-64bit_defconfig
@@ -281,11 +281,10 @@ CONFIG_NLS_CODEPAGE_1250=m
 CONFIG_NLS_CODEPAGE_1251=m
 CONFIG_NLS_ASCII=m
 CONFIG_NLS_ISO8859_1=m
 CONFIG_NLS_ISO8859_2=m
 CONFIG_NLS_UTF8=m
-CONFIG_CRYPTO_MANAGER=y
 CONFIG_CRYPTO_FCRYPT=m
 CONFIG_CRYPTO_ECB=m
 CONFIG_CRYPTO_PCBC=m
 CONFIG_CRYPTO_MD4=m
 CONFIG_CRYPTO_MD5=y
diff --git a/arch/sh/configs/migor_defconfig b/arch/sh/configs/migor_defconfig
index fc2010c241fb..31dbd8888aaa 100644
--- a/arch/sh/configs/migor_defconfig
+++ b/arch/sh/configs/migor_defconfig
@@ -85,8 +85,7 @@ CONFIG_UIO_PDRV_GENIRQ=y
 CONFIG_PROC_KCORE=y
 CONFIG_TMPFS=y
 CONFIG_NFS_FS=y
 CONFIG_ROOT_NFS=y
 CONFIG_DEBUG_FS=y
-CONFIG_CRYPTO_MANAGER=y
 # CONFIG_CRYPTO_ANSI_CPRNG is not set
 # CONFIG_CRYPTO_HW is not set
diff --git a/crypto/Kconfig b/crypto/Kconfig
index bbe9cc408927..f160537a5550 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -146,11 +146,11 @@ config CRYPTO_HKDF
 	select CRYPTO_SHA256 if CRYPTO_SELFTESTS
 	select CRYPTO_SHA512 if CRYPTO_SELFTESTS
 	select CRYPTO_HASH2
 
 config CRYPTO_MANAGER
-	tristate "Cryptographic algorithm manager"
+	tristate
 	select CRYPTO_MANAGER2
 	help
 	  Create default cryptographic template instantiations such as
 	  cbc(aes).
 
-- 
2.49.0


^ permalink raw reply related	[flat|nested] 13+ messages in thread

* [PATCH v3 7/7] crypto: testmgr - enable CRYPTO_MANAGER when CRYPTO_SELFTESTS
  2025-05-05 20:33 [PATCH v3 0/7] Clean up the crypto testing options Eric Biggers
                   ` (5 preceding siblings ...)
  2025-05-05 20:33 ` [PATCH v3 6/7] crypto: Kconfig - make CRYPTO_MANAGER a hidden symbol Eric Biggers
@ 2025-05-05 20:33 ` Eric Biggers
  2025-05-12  5:46 ` [PATCH v3 0/7] Clean up the crypto testing options Herbert Xu
  7 siblings, 0 replies; 13+ messages in thread
From: Eric Biggers @ 2025-05-05 20:33 UTC (permalink / raw)
  To: linux-crypto; +Cc: linux-kernel

From: Eric Biggers <ebiggers@google.com>

crypto/testmgr.c is compiled only when CRYPTO_MANAGER is enabled.  To
make CRYPTO_SELFTESTS work as expected when CRYPTO_MANAGER doesn't get
enabled for another reason, automatically set CRYPTO_MANAGER to the
value of CRYPTO_ALGAPI when CRYPTO_SELFTESTS is enabled.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/Kconfig  | 5 +++--
 crypto/algapi.c | 3 +--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/crypto/Kconfig b/crypto/Kconfig
index f160537a5550..24955eb56045 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -147,14 +147,15 @@ config CRYPTO_HKDF
 	select CRYPTO_SHA512 if CRYPTO_SELFTESTS
 	select CRYPTO_HASH2
 
 config CRYPTO_MANAGER
 	tristate
+	default CRYPTO_ALGAPI if CRYPTO_SELFTESTS
 	select CRYPTO_MANAGER2
 	help
-	  Create default cryptographic template instantiations such as
-	  cbc(aes).
+	  This provides the support for instantiating templates such as
+	  cbc(aes), and the support for the crypto self-tests.
 
 config CRYPTO_MANAGER2
 	def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y)
 	select CRYPTO_ACOMP2
 	select CRYPTO_AEAD2
diff --git a/crypto/algapi.c b/crypto/algapi.c
index 9030a30c89e8..25b5519e3b71 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -272,12 +272,11 @@ static void crypto_alg_finish_registration(struct crypto_alg *alg,
 
 static struct crypto_larval *crypto_alloc_test_larval(struct crypto_alg *alg)
 {
 	struct crypto_larval *larval;
 
-	if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER) ||
-	    !IS_ENABLED(CONFIG_CRYPTO_SELFTESTS) ||
+	if (!IS_ENABLED(CONFIG_CRYPTO_SELFTESTS) ||
 	    (alg->cra_flags & CRYPTO_ALG_INTERNAL))
 		return NULL; /* No self-test needed */
 
 	larval = crypto_larval_alloc(alg->cra_name,
 				     alg->cra_flags | CRYPTO_ALG_TESTED, 0);
-- 
2.49.0


^ permalink raw reply related	[flat|nested] 13+ messages in thread

* Re: [PATCH v3 1/7] crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK
  2025-05-05 20:33 ` [PATCH v3 1/7] crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK Eric Biggers
@ 2025-05-08 12:59   ` Geert Uytterhoeven
  0 siblings, 0 replies; 13+ messages in thread
From: Geert Uytterhoeven @ 2025-05-08 12:59 UTC (permalink / raw)
  To: Eric Biggers; +Cc: linux-crypto, linux-kernel

On Mon, 5 May 2025 at 22:37, Eric Biggers <ebiggers@kernel.org> wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> tcrypt is actually a benchmarking module and not the actual tests.  This
> regularly causes confusion.  Update the kconfig option name and help
> text accordingly.
>
> Signed-off-by: Eric Biggers <ebiggers@google.com>

>  arch/m68k/configs/amiga_defconfig           |  2 +-
>  arch/m68k/configs/apollo_defconfig          |  2 +-
>  arch/m68k/configs/atari_defconfig           |  2 +-
>  arch/m68k/configs/bvme6000_defconfig        |  2 +-
>  arch/m68k/configs/hp300_defconfig           |  2 +-
>  arch/m68k/configs/mac_defconfig             |  2 +-
>  arch/m68k/configs/multi_defconfig           |  2 +-
>  arch/m68k/configs/mvme147_defconfig         |  2 +-
>  arch/m68k/configs/mvme16x_defconfig         |  2 +-
>  arch/m68k/configs/q40_defconfig             |  2 +-
>  arch/m68k/configs/sun3_defconfig            |  2 +-
>  arch/m68k/configs/sun3x_defconfig           |  2 +-

Acked-by: Geert Uytterhoeven <geert@linux-m68k.org> # m68k

Gr{oetje,eeting}s,

                        Geert

-- 
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

^ permalink raw reply	[flat|nested] 13+ messages in thread

* Re: [PATCH v3 0/7] Clean up the crypto testing options
  2025-05-05 20:33 [PATCH v3 0/7] Clean up the crypto testing options Eric Biggers
                   ` (6 preceding siblings ...)
  2025-05-05 20:33 ` [PATCH v3 7/7] crypto: testmgr - enable CRYPTO_MANAGER when CRYPTO_SELFTESTS Eric Biggers
@ 2025-05-12  5:46 ` Herbert Xu
  7 siblings, 0 replies; 13+ messages in thread
From: Herbert Xu @ 2025-05-12  5:46 UTC (permalink / raw)
  To: Eric Biggers; +Cc: linux-crypto, linux-kernel

Eric Biggers <ebiggers@kernel.org> wrote:
> This series reworks the crypto testing kconfig options to fix some
> longstanding issues:
> 
> - Replace the inverted option CONFIG_CRYPTO_MANAGER_DISABLE_TESTS with a
>  regular option CONFIG_CRYPTO_SELFTESTS.
> 
> - Make CONFIG_CRYPTO_SELFTESTS enable the full set of tests by default,
>  removing CONFIG_CRYPTO_MANAGER_EXTRA_TESTS.
> 
> - Automatically enable CONFIG_CRYPTO_MANAGER when needed for the tests.
> 
> - Rename cryptomgr.noextratests to cryptomgr.noslowtests.
> 
> - Remove cryptomgr.panic_on_fail, as panic_on_warn can be used instead.
> 
> - Rename CONFIG_CRYPTO_TEST to CONFIG_CRYPTO_BENCHMARK.
> 
> Changed in v3:
>  - Keep options in defconfigs.
>  - Make CRYPTO_SELFTESTS depend on DEBUG_KERNEL.
> 
> Changed in v2:
>  - Moved selftest lines in lib/crypto/Makefile to appropriate places.
>  - Fixed a commit message.
> 
> Eric Biggers (7):
>  crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK
>  crypto: testmgr - remove panic_on_fail
>  crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with
>    CRYPTO_SELFTESTS
>  crypto: testmgr - make it easier to enable the full set of tests
>  crypto: testmgr - rename noextratests to noslowtests
>  crypto: Kconfig - make CRYPTO_MANAGER a hidden symbol
>  crypto: testmgr - enable CRYPTO_MANAGER when CRYPTO_SELFTESTS
> 
> arch/arm/configs/exynos_defconfig           |   2 +-
> arch/arm/configs/milbeaut_m10v_defconfig    |   3 +-
> arch/arm/configs/pxa_defconfig              |   3 +-
> arch/arm/configs/spitz_defconfig            |   2 +-
> arch/arm64/configs/defconfig                |   2 +-
> arch/loongarch/configs/loongson3_defconfig  |   2 +-
> arch/m68k/configs/amiga_defconfig           |   2 +-
> arch/m68k/configs/apollo_defconfig          |   2 +-
> arch/m68k/configs/atari_defconfig           |   2 +-
> arch/m68k/configs/bvme6000_defconfig        |   2 +-
> arch/m68k/configs/hp300_defconfig           |   2 +-
> arch/m68k/configs/mac_defconfig             |   2 +-
> arch/m68k/configs/multi_defconfig           |   2 +-
> arch/m68k/configs/mvme147_defconfig         |   2 +-
> arch/m68k/configs/mvme16x_defconfig         |   2 +-
> arch/m68k/configs/q40_defconfig             |   2 +-
> arch/m68k/configs/sun3_defconfig            |   2 +-
> arch/m68k/configs/sun3x_defconfig           |   2 +-
> arch/mips/configs/decstation_64_defconfig   |   1 -
> arch/mips/configs/decstation_defconfig      |   1 -
> arch/mips/configs/decstation_r4k_defconfig  |   1 -
> arch/mips/configs/gpr_defconfig             |   2 +-
> arch/mips/configs/ip28_defconfig            |   1 -
> arch/mips/configs/lemote2f_defconfig        |   2 +-
> arch/mips/configs/mtx1_defconfig            |   2 +-
> arch/mips/configs/rb532_defconfig           |   2 +-
> arch/parisc/configs/generic-32bit_defconfig |   2 +-
> arch/parisc/configs/generic-64bit_defconfig |   1 -
> arch/powerpc/configs/g5_defconfig           |   2 +-
> arch/powerpc/configs/powernv_defconfig      |   2 +-
> arch/powerpc/configs/ppc64_defconfig        |   2 +-
> arch/powerpc/configs/ppc64e_defconfig       |   2 +-
> arch/powerpc/configs/ppc6xx_defconfig       |   2 +-
> arch/s390/configs/debug_defconfig           |   4 +-
> arch/s390/configs/defconfig                 |   4 +-
> arch/sh/configs/migor_defconfig             |   1 -
> arch/sparc/configs/sparc64_defconfig        |   2 +-
> crypto/Kconfig                              |  45 ++++----
> crypto/Makefile                             |   2 +-
> crypto/algapi.c                             |   5 +-
> crypto/algboss.c                            |   2 +-
> crypto/api.c                                |   3 +-
> crypto/hkdf.c                               |   2 +-
> crypto/internal.h                           |   5 +-
> crypto/kdf_sp800108.c                       |   2 +-
> crypto/tcrypt.c                             |   8 +-
> crypto/tcrypt.h                             |   4 +-
> crypto/testmgr.c                            | 115 +++++---------------
> include/crypto/internal/simd.h              |   6 +-
> lib/crypto/Makefile                         |  11 +-
> lib/crypto/aescfb.c                         |   2 +-
> lib/crypto/aesgcm.c                         |   2 +-
> lib/crypto/blake2s.c                        |   2 +-
> lib/crypto/chacha20poly1305.c               |   2 +-
> lib/crypto/curve25519.c                     |   2 +-
> 55 files changed, 111 insertions(+), 183 deletions(-)
> 
> 
> base-commit: 64745a9ca890ed60d78162ec511e1983e1946d73

All applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 13+ messages in thread

* Re: [PATCH v3 3/7] crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS
  2025-05-05 20:33 ` [PATCH v3 3/7] crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS Eric Biggers
@ 2025-06-11 11:41   ` Diederik de Haas
  2025-06-11 16:34     ` Eric Biggers
  0 siblings, 1 reply; 13+ messages in thread
From: Diederik de Haas @ 2025-06-11 11:41 UTC (permalink / raw)
  To: Eric Biggers, linux-crypto, linux-rockchip
  Cc: linux-kernel, Corentin Labbe, linux-arm-kernel

[-- Attachment #1: Type: text/plain, Size: 14321 bytes --]

Hi Eric,

On Mon May 5, 2025 at 10:33 PM CEST, Eric Biggers wrote:
> The negative-sense of CRYPTO_MANAGER_DISABLE_TESTS is a longstanding
> mistake that regularly causes confusion.  Especially bad is that you can
> have CRYPTO=n && CRYPTO_MANAGER_DISABLE_TESTS=n, which is ambiguous.
>
> Replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS which has the
> expected behavior.
>
> The tests continue to be disabled by default.
> ---
>  <snip>
> diff --git a/crypto/Kconfig b/crypto/Kconfig
> index da352f1984ea..8f1353bbba18 100644
> --- a/crypto/Kconfig
> +++ b/crypto/Kconfig
>  <snip>
> @@ -171,20 +171,26 @@ config CRYPTO_USER
>  	select CRYPTO_MANAGER
>  	help
>  	  Userspace configuration for cryptographic instantiations such as
>  	  cbc(aes).
>  
> -config CRYPTO_MANAGER_DISABLE_TESTS
> -	bool "Disable run-time self tests"
> -	default y
> +config CRYPTO_SELFTESTS
> +	bool "Enable cryptographic self-tests"
> +	depends on DEBUG_KERNEL
>  	help
> -	  Disable run-time self tests that normally take place at
> -	  algorithm registration.
> +	  Enable the cryptographic self-tests.
> +
> +	  The cryptographic self-tests run at boot time, or at algorithm
> +	  registration time if algorithms are dynamically loaded later.
> +
> +	  This is primarily intended for developer use.  It should not be
> +	  enabled in production kernels, unless you are trying to use these
> +	  tests to fulfill a FIPS testing requirement.

I built a 6.16-rc1 kernel [1] and its config is based upon Debian's and
that has enabled CRYPTO_SELFTESTS [2] (due to Debian bug 599441 [3]).

I then installed it on 3 Rockchip based devices and booted into that.
1. Radxa Rock 5B (rk3588)
2. PINE64 Quartz64 Model B (rk3568)
3. PINE64 RockPro64 (rk3399)

The full dmesg output for level 0-4 can be found at [4], [5] and [6]

The filtered dmesg output for Rock 5B:
ERROR:
[    0.709822] basic hdkf test(hmac(sha256)): failed to allocate transform: -2
WARNING:
[    0.710686] alg: full crypto tests enabled.  This is intended for developer use only.
[    8.877288] alg: skcipher: skipping comparison tests for xctr-aes-ce because xctr(aes-generic) is unavailable

The filtered dmesg output for Quartz64-B:
ERROR:
[    1.479206] basic hdkf test(hmac(sha256)): failed to allocate transform: -2
WARNING:
[    1.480685] alg: full crypto tests enabled.  This is intended for developer use only.
[   18.176195] alg: skcipher: skipping comparison tests for xctr-aes-ce because xctr(aes-generic) is unavailable

For both of these, 1 warning is to be expected (developer use only).
But I do wonder about the error and the other warning. Is that a
problem? And if so, is that on the crypto or the Rockchip side?

But the filtered dmesg output on RockPro64 seems way more serious:
ERROR:
[    1.232672] basic hdkf test(hmac(sha256)): failed to allocate transform: -2
[   14.172991] alg: ahash: rk-sha1 export() overran state buffer on test vector 0, cfg="import/export"
[   14.202291] alg: ahash: rk-sha256 export() overran state buffer on test vector 0, cfg="import/export"
[   14.230887] alg: ahash: rk-md5 export() overran state buffer on test vector 0, cfg="import/export"
WARNING:
[    1.234017] alg: full crypto tests enabled.  This is intended for developer use only.
[   14.173876] alg: self-tests for sha1 using rk-sha1 failed (rc=-75)
[   14.173883] ------------[ cut here ]------------
[   14.174845] alg: self-tests for sha1 using rk-sha1 failed (rc=-75)
[   14.174886] WARNING: CPU: 4 PID: 669 at crypto/testmgr.c:5807 alg_test+0x6ec/0x708
[   14.176112] Modules linked in: snd_soc_simple_card_utils snd_soc_spdif_tx snd_soc_rockchip_i2s des_generic gpio_ir_recv snd_soc_core v4l2_h264(+) rockchip_rga videobuf2_dma_contig ecdh_generic videobuf2_dma_sg leds_gpio v4l2_mem2mem panfrost rfkill pwm_fan snd_compress dw_hdmi_i2s_audio pwrseq_core gpu_sched rk_crypto(+) snd_pcm_dmaengine videobuf2_memops drm_shmem_helper dw_hdmi_cec videobuf2_v4l2 crypto_engine libdes snd_pcm videodev snd_timer ofpart snd coresight_cpu_debug soundcore videobuf2_common spi_nor rockchip_saradc mc mtd industrialio_triggered_buffer coresight_etm4x rockchip_thermal kfifo_buf industrialio coresight cpufreq_dt evdev binfmt_misc pkcs8_key_parser efi_pstore configfs nfnetlink ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 realtek phy_rockchip_samsung_hdptx phy_rockchip_naneng_combphy panel_boe_th101mb31ig002_28a xhci_plat_hcd xhci_hcd rockchipdrm dw_hdmi_qp dw_hdmi dwc3 cec rc_core dw_mipi_dsi udc_core rk808_regulator dwmac_rk stmmac_platform ulpi analogix_dp stmmac fusb302 tcpm
[   14.176292]  drm_dp_aux_bus pcs_xpcs fan53555 typec drm_display_helper phylink mdio_devres drm_client_lib dwc3_of_simple pwm_regulator gpio_rockchip gpio_keys fixed phy_rockchip_pcie of_mdio ehci_platform sdhci_of_arasan ohci_platform drm_dma_helper fixed_phy phy_rockchip_inno_usb2 ohci_hcd sdhci_pltfm ehci_hcd fwnode_mdio dw_wdt drm_kms_helper phy_rockchip_emmc rockchip_dfi io_domain pwm_rockchip libphy phy_rockchip_typec sdhci nvmem_rockchip_efuse usbcore pl330 dw_mmc_rockchip drm spi_rockchip dw_mmc_pltfm mdio_bus cqhci dw_mmc usb_common i2c_rk3x
[   14.188362] CPU: 4 UID: 0 PID: 669 Comm: cryptomgr_test Not tainted 6.16-rc1+unreleased-arm64-cknow #1 PREEMPTLAZY  Debian 6.16~rc1-1~exp1
[   14.189451] Hardware name: Pine64 RockPro64 v2.1 (DT)
[   14.189897] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   14.190510] pc : alg_test+0x6ec/0x708
[   14.190844] lr : alg_test+0x6ec/0x708
[   14.191170] sp : ffff800081df3d30
[   14.191463] x29: ffff800081df3dd0 x28: 00000000000000bd x27: 00000000ffffffb5
[   14.192094] x26: 00000000000000bf x25: ffffd9bef0455000 x24: 0000000000000178
[   14.192725] x23: 00000000ffffffff x22: ffff000008799880 x21: 000000000800018f
[   14.193355] x20: ffff000008799800 x19: ffffd9beef0558b8 x18: 0000000000000018
[   14.193985] x17: 0000000000006fd8 x16: ffffd9beeef9e128 x15: 0000000000000000
[   14.194616] x14: 0f4bc94cbbc50b90 x13: 0000000000000325 x12: 000000000f4bc94c
[   14.195247] x11: ffffd9beeffffff8 x10: 0000000000000d30 x9 : ffffd9beee116028
[   14.195877] x8 : ffff000007518d90 x7 : 0000000000000004 x6 : 0000000000000000
[   14.196506] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000010
[   14.197137] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000007518000
[   14.197767] Call trace:
[   14.197986]  alg_test+0x6ec/0x708 (P)
[   14.198315]  cryptomgr_test+0x2c/0x58
[   14.198642]  kthread+0x150/0x250
[   14.198932]  ret_from_fork+0x10/0x20
[   14.199251] ---[ end trace 0000000000000000 ]---
[   14.203118] alg: self-tests for sha256 using rk-sha256 failed (rc=-75)
[   14.203122] ------------[ cut here ]------------
[   14.204104] alg: self-tests for sha256 using rk-sha256 failed (rc=-75)
[   14.204133] WARNING: CPU: 4 PID: 672 at crypto/testmgr.c:5807 alg_test+0x6ec/0x708
[   14.205381] Modules linked in: snd_soc_simple_card_utils snd_soc_spdif_tx snd_soc_rockchip_i2s des_generic gpio_ir_recv snd_soc_core v4l2_h264 rockchip_rga videobuf2_dma_contig ecdh_generic videobuf2_dma_sg leds_gpio v4l2_mem2mem panfrost rfkill pwm_fan snd_compress dw_hdmi_i2s_audio pwrseq_core gpu_sched rk_crypto(+) snd_pcm_dmaengine videobuf2_memops drm_shmem_helper dw_hdmi_cec videobuf2_v4l2 crypto_engine libdes snd_pcm videodev snd_timer ofpart snd coresight_cpu_debug soundcore videobuf2_common spi_nor rockchip_saradc mc mtd industrialio_triggered_buffer coresight_etm4x rockchip_thermal kfifo_buf industrialio coresight cpufreq_dt evdev binfmt_misc pkcs8_key_parser efi_pstore configfs nfnetlink ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 realtek phy_rockchip_samsung_hdptx phy_rockchip_naneng_combphy panel_boe_th101mb31ig002_28a xhci_plat_hcd xhci_hcd rockchipdrm dw_hdmi_qp dw_hdmi dwc3 cec rc_core dw_mipi_dsi udc_core rk808_regulator dwmac_rk stmmac_platform ulpi analogix_dp stmmac fusb302 tcpm
[   14.205591]  drm_dp_aux_bus pcs_xpcs fan53555 typec drm_display_helper phylink mdio_devres drm_client_lib dwc3_of_simple pwm_regulator gpio_rockchip gpio_keys fixed phy_rockchip_pcie of_mdio ehci_platform sdhci_of_arasan ohci_platform drm_dma_helper fixed_phy phy_rockchip_inno_usb2 ohci_hcd sdhci_pltfm ehci_hcd fwnode_mdio dw_wdt drm_kms_helper phy_rockchip_emmc rockchip_dfi io_domain pwm_rockchip libphy phy_rockchip_typec sdhci nvmem_rockchip_efuse usbcore pl330 dw_mmc_rockchip drm spi_rockchip dw_mmc_pltfm mdio_bus cqhci dw_mmc usb_common i2c_rk3x
[   14.217640] CPU: 4 UID: 0 PID: 672 Comm: cryptomgr_test Tainted: G        W           6.16-rc1+unreleased-arm64-cknow #1 PREEMPTLAZY  Debian 6.16~rc1-1~exp1
[   14.218866] Tainted: [W]=WARN
[   14.219130] Hardware name: Pine64 RockPro64 v2.1 (DT)
[   14.219576] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   14.220188] pc : alg_test+0x6ec/0x708
[   14.220521] lr : alg_test+0x6ec/0x708
[   14.220847] sp : ffff800081e03d30
[   14.221140] x29: ffff800081e03dd0 x28: 00000000000000bd x27: 00000000ffffffb5
[   14.221771] x26: 00000000000000c1 x25: ffffd9bef0455000 x24: 0000000000000178
[   14.222402] x23: 00000000ffffffff x22: ffff00000b49c880 x21: 000000000800018f
[   14.223033] x20: ffff00000b49c800 x19: ffffd9beef0558b8 x18: 00000000fffffffe
[   14.223663] x17: 7463657620747365 x16: ffffd9beee6829e8 x15: ffffd9bef03eb09f
[   14.224294] x14: 0000000000000000 x13: ffffd9bef03eb0a3 x12: ffffd9bef0085e60
[   14.224923] x11: ffffd9bef002deb8 x10: ffffd9bef0085eb8 x9 : ffffd9beee17c8cc
[   14.225553] x8 : 0000000000000001 x7 : 0000000000017fe8 x6 : c0000000ffffefff
[   14.226183] x5 : ffff0000f7766448 x4 : 0000000000000000 x3 : 0000000000000027
[   14.226812] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff00000751bb40
[   14.227443] Call trace:
[   14.227662]  alg_test+0x6ec/0x708 (P)
[   14.227991]  cryptomgr_test+0x2c/0x58
[   14.228319]  kthread+0x150/0x250
[   14.228611]  ret_from_fork+0x10/0x20
[   14.228929] ---[ end trace 0000000000000000 ]---
[   14.231753] alg: self-tests for md5 using rk-md5 failed (rc=-75)
[   14.231758] ------------[ cut here ]------------
[   14.232696] alg: self-tests for md5 using rk-md5 failed (rc=-75)
[   14.232742] WARNING: CPU: 4 PID: 674 at crypto/testmgr.c:5807 alg_test+0x6ec/0x708
[   14.233943] Modules linked in: v4l2_vp9 snd_soc_audio_graph_card snd_soc_simple_card_utils snd_soc_spdif_tx snd_soc_rockchip_i2s des_generic gpio_ir_recv snd_soc_core v4l2_h264 rockchip_rga videobuf2_dma_contig ecdh_generic videobuf2_dma_sg leds_gpio v4l2_mem2mem panfrost rfkill pwm_fan snd_compress dw_hdmi_i2s_audio pwrseq_core gpu_sched rk_crypto(+) snd_pcm_dmaengine videobuf2_memops drm_shmem_helper dw_hdmi_cec videobuf2_v4l2 crypto_engine libdes snd_pcm videodev snd_timer ofpart snd coresight_cpu_debug soundcore videobuf2_common spi_nor rockchip_saradc mc mtd industrialio_triggered_buffer coresight_etm4x rockchip_thermal kfifo_buf industrialio coresight cpufreq_dt evdev binfmt_misc pkcs8_key_parser efi_pstore configfs nfnetlink ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 realtek phy_rockchip_samsung_hdptx phy_rockchip_naneng_combphy panel_boe_th101mb31ig002_28a xhci_plat_hcd xhci_hcd rockchipdrm dw_hdmi_qp dw_hdmi dwc3 cec rc_core dw_mipi_dsi udc_core rk808_regulator dwmac_rk stmmac_platform ulpi
[   14.234122]  analogix_dp stmmac fusb302 tcpm drm_dp_aux_bus pcs_xpcs fan53555 typec drm_display_helper phylink mdio_devres drm_client_lib dwc3_of_simple pwm_regulator gpio_rockchip gpio_keys fixed phy_rockchip_pcie of_mdio ehci_platform sdhci_of_arasan ohci_platform drm_dma_helper fixed_phy phy_rockchip_inno_usb2 ohci_hcd sdhci_pltfm ehci_hcd fwnode_mdio dw_wdt drm_kms_helper phy_rockchip_emmc rockchip_dfi io_domain pwm_rockchip libphy phy_rockchip_typec sdhci nvmem_rockchip_efuse usbcore pl330 dw_mmc_rockchip drm spi_rockchip dw_mmc_pltfm mdio_bus cqhci dw_mmc usb_common i2c_rk3x
[   14.246439] CPU: 4 UID: 0 PID: 674 Comm: cryptomgr_test Tainted: G        W           6.16-rc1+unreleased-arm64-cknow #1 PREEMPTLAZY  Debian 6.16~rc1-1~exp1
[   14.247667] Tainted: [W]=WARN
[   14.247931] Hardware name: Pine64 RockPro64 v2.1 (DT)
[   14.248377] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   14.248991] pc : alg_test+0x6ec/0x708
[   14.249332] lr : alg_test+0x6ec/0x708
[   14.249664] sp : ffff800081e0bd30
[   14.249957] x29: ffff800081e0bdd0 x28: 00000000000000bd x27: 00000000ffffffb5
[   14.250588] x26: 00000000000000a4 x25: ffffd9bef0455000 x24: 0000000000000178
[   14.251220] x23: 00000000ffffffff x22: ffff00000b49c280 x21: 000000000800018f
[   14.251852] x20: ffff00000b49c200 x19: ffffd9beef0558b8 x18: 0000000000000018
[   14.252484] x17: 0000000000007050 x16: ffffd9beeef9e128 x15: 0000000000000000
[   14.253114] x14: 0a8fc7a77222d736 x13: 00000000000003da x12: 000000000a8fc7a7
[   14.253747] x11: ffffd9beeffffff8 x10: 0000000000000d30 x9 : ffffd9beee116028
[   14.254377] x8 : ffff00000b6d3510 x7 : 0000000000000004 x6 : 0000000000000000
[   14.255008] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000010
[   14.255637] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff00000b6d2780
[   14.256268] Call trace:
[   14.256498]  alg_test+0x6ec/0x708 (P)
[   14.256835]  cryptomgr_test+0x2c/0x58
[   14.257164]  kthread+0x150/0x250
[   14.257455]  ret_from_fork+0x10/0x20
[   14.257774] ---[ end trace 0000000000000000 ]---
[   14.828425] alg: skcipher: skipping comparison tests for xctr-aes-ce because xctr(aes-generic) is unavailable

I'm assuming this is problematic and hopefully you can tell whether this
is on the crypto or Rockchip side as well. In case of the latter, if
you'd have pointers as to where the problem is/may be, that would be
appreciated.

[1] https://salsa.debian.org/diederik/linux/-/tree/cknow/general
[2] https://salsa.debian.org/kernel-team/linux/-/commit/6991dd77f350
6991dd77f350 ("crypto: Explicitly enable algorithm self-tests (Closes: #599441)")
[3] https://bugs.debian.org/599441
[4] https://paste.sr.ht/~diederik/c18ad65427080d4c48e8bd2ac27282682069aff1
[5] https://paste.sr.ht/~diederik/8fde0c2c1d005a15bb8a3b6d7ba8ae3298733250
[6] https://paste.sr.ht/~diederik/cdcb6c4522fa782f9a692b7ea0cf33c2301e2176

Cheers,
  Diederik

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]

^ permalink raw reply	[flat|nested] 13+ messages in thread

* Re: [PATCH v3 3/7] crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS
  2025-06-11 11:41   ` Diederik de Haas
@ 2025-06-11 16:34     ` Eric Biggers
  2025-06-13  7:57       ` Diederik de Haas
  0 siblings, 1 reply; 13+ messages in thread
From: Eric Biggers @ 2025-06-11 16:34 UTC (permalink / raw)
  To: Diederik de Haas
  Cc: linux-crypto, linux-rockchip, linux-kernel, Corentin Labbe,
	linux-arm-kernel

On Wed, Jun 11, 2025 at 01:41:06PM +0200, Diederik de Haas wrote:
> Hi Eric,
> 
> On Mon May 5, 2025 at 10:33 PM CEST, Eric Biggers wrote:
> > The negative-sense of CRYPTO_MANAGER_DISABLE_TESTS is a longstanding
> > mistake that regularly causes confusion.  Especially bad is that you can
> > have CRYPTO=n && CRYPTO_MANAGER_DISABLE_TESTS=n, which is ambiguous.
> >
> > Replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS which has the
> > expected behavior.
> >
> > The tests continue to be disabled by default.
> > ---
> >  <snip>
> > diff --git a/crypto/Kconfig b/crypto/Kconfig
> > index da352f1984ea..8f1353bbba18 100644
> > --- a/crypto/Kconfig
> > +++ b/crypto/Kconfig
> >  <snip>
> > @@ -171,20 +171,26 @@ config CRYPTO_USER
> >  	select CRYPTO_MANAGER
> >  	help
> >  	  Userspace configuration for cryptographic instantiations such as
> >  	  cbc(aes).
> >  
> > -config CRYPTO_MANAGER_DISABLE_TESTS
> > -	bool "Disable run-time self tests"
> > -	default y
> > +config CRYPTO_SELFTESTS
> > +	bool "Enable cryptographic self-tests"
> > +	depends on DEBUG_KERNEL
> >  	help
> > -	  Disable run-time self tests that normally take place at
> > -	  algorithm registration.
> > +	  Enable the cryptographic self-tests.
> > +
> > +	  The cryptographic self-tests run at boot time, or at algorithm
> > +	  registration time if algorithms are dynamically loaded later.
> > +
> > +	  This is primarily intended for developer use.  It should not be
> > +	  enabled in production kernels, unless you are trying to use these
> > +	  tests to fulfill a FIPS testing requirement.
> 
> I built a 6.16-rc1 kernel [1] and its config is based upon Debian's and
> that has enabled CRYPTO_SELFTESTS [2] (due to Debian bug 599441 [3]).
> 
> I then installed it on 3 Rockchip based devices and booted into that.
> 1. Radxa Rock 5B (rk3588)
> 2. PINE64 Quartz64 Model B (rk3568)
> 3. PINE64 RockPro64 (rk3399)
> 
> The full dmesg output for level 0-4 can be found at [4], [5] and [6]
> 
> The filtered dmesg output for Rock 5B:
> ERROR:
> [    0.709822] basic hdkf test(hmac(sha256)): failed to allocate transform: -2
> WARNING:

https://lore.kernel.org/r/20250610191600.54994-1-ebiggers@kernel.org/ fixed the
HKDF failure.  It was caused by a patch that changed initcall levels.

> [    8.877288] alg: skcipher: skipping comparison tests for xctr-aes-ce because xctr(aes-generic) is unavailable

That's expected if you have CONFIG_CRYPTO_AES_ARM64_CE_BLK enabled but
CONFIG_CRYPTO_XCTR disabled.  Some tests are skipped in that case.

> [   14.172991] alg: ahash: rk-sha1 export() overran state buffer on test vector 0, cfg="import/export"
> [   14.202291] alg: ahash: rk-sha256 export() overran state buffer on test vector 0, cfg="import/export"
> [   14.230887] alg: ahash: rk-md5 export() overran state buffer on test vector 0, cfg="import/export"

That means the Rockchip crypto driver is broken.

It may have been broken for a long time.  Hardly anyone ever tests the hardware
crypto drivers, as they only work on very specific platforms and are often
useless anyway.  The software crypto is much better tested and often faster.

I don't think broken drivers like these should even be in the kernel at all.

For now, you should just disable CONFIG_CRYPTO_DEV_ROCKCHIP.

Anyway, the more interesting part of your email is that you pointed out that
Debian has the crypto self-tests enabled, precisely in order to automatically
disable buggy drivers like these.

And actually Fedora does this too.

This seems kind of crazy.  But unfortunately, the crypto/ philosophy seems to be
to enable as many untested and buggy drivers as possible, then rely on them
being (incompletely) self-tested in production.  So, aparently this is a thing.

But of course the distros won't want to enable the full set of tests, which
would slow down boot times significantly, but rather only the "fast" ones (as
they were doing before)...

So I'll send a patch that adds back a kconfig knob to run the fast tests only,
which I had removed in commit 698de822780f.

- Eric

^ permalink raw reply	[flat|nested] 13+ messages in thread

* Re: [PATCH v3 3/7] crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS
  2025-06-11 16:34     ` Eric Biggers
@ 2025-06-13  7:57       ` Diederik de Haas
  0 siblings, 0 replies; 13+ messages in thread
From: Diederik de Haas @ 2025-06-13  7:57 UTC (permalink / raw)
  To: Eric Biggers
  Cc: linux-crypto, linux-rockchip, linux-kernel, Corentin Labbe,
	linux-arm-kernel

[-- Attachment #1: Type: text/plain, Size: 2811 bytes --]

On Wed Jun 11, 2025 at 6:34 PM CEST, Eric Biggers wrote:
> On Wed, Jun 11, 2025 at 01:41:06PM +0200, Diederik de Haas wrote:
>> On Mon May 5, 2025 at 10:33 PM CEST, Eric Biggers wrote:
>> > The negative-sense of CRYPTO_MANAGER_DISABLE_TESTS is a longstanding
>> > mistake that regularly causes confusion.  Especially bad is that you can
>> > have CRYPTO=n && CRYPTO_MANAGER_DISABLE_TESTS=n, which is ambiguous.
>> >
>> > Replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS which has the
>> > expected behavior.
>> >
>> > The tests continue to be disabled by default.
>> > ---
>> >  <snip>
>> 
>> I built a 6.16-rc1 kernel [1] and its config is based upon Debian's and
>> that has enabled CRYPTO_SELFTESTS [2] (due to Debian bug 599441 [3]).
>> 
>> I then installed it on 3 Rockchip based devices and booted into that.
>> 1. Radxa Rock 5B (rk3588)
>> 2. PINE64 Quartz64 Model B (rk3568)
>> 3. PINE64 RockPro64 (rk3399)
>> 
>> The filtered dmesg output for Rock 5B:
>> ERROR:
>> [    0.709822] basic hdkf test(hmac(sha256)): failed to allocate transform: -2
>> WARNING:
>
> https://lore.kernel.org/r/20250610191600.54994-1-ebiggers@kernel.org/ fixed the
> HKDF failure.  It was caused by a patch that changed initcall levels.
>
>> [    8.877288] alg: skcipher: skipping comparison tests for xctr-aes-ce because xctr(aes-generic) is unavailable
>
> That's expected if you have CONFIG_CRYPTO_AES_ARM64_CE_BLK enabled but
> CONFIG_CRYPTO_XCTR disabled.  Some tests are skipped in that case.

Happy to report that with that patch and that config option, the error
and warning are now gone. Thanks :-)

PULL request for the patch is already sent to Linus:
https://lore.kernel.org/linux-crypto/aEupSzhTI4h8kz-5@gondor.apana.org.au/

>> [   14.172991] alg: ahash: rk-sha1 export() overran state buffer on test vector 0, cfg="import/export"
>> [   14.202291] alg: ahash: rk-sha256 export() overran state buffer on test vector 0, cfg="import/export"
>> [   14.230887] alg: ahash: rk-md5 export() overran state buffer on test vector 0, cfg="import/export"
>
> That means the Rockchip crypto driver is broken.

The crypto driver for rk3399 is still broken.

> Anyway, the more interesting part of your email is that you pointed out that
> Debian has the crypto self-tests enabled, precisely in order to automatically
> disable buggy drivers like these.
>
> So I'll send a patch that adds back a kconfig knob to run the fast tests only,
> which I had removed in commit 698de822780f.

I responded about this to a new patch submission here:
https://lore.kernel.org/linux-crypto/DAJXJHLY2ITB.3IBN23DX0RO4Z@cknow.org/
and v2 of that patch can be found here:
https://lore.kernel.org/linux-crypto/20250612174709.26990-1-ebiggers@kernel.org/

Cheers,
  Diederik

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]

^ permalink raw reply	[flat|nested] 13+ messages in thread

end of thread, other threads:[~2025-06-13  7:57 UTC | newest]

Thread overview: 13+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-05-05 20:33 [PATCH v3 0/7] Clean up the crypto testing options Eric Biggers
2025-05-05 20:33 ` [PATCH v3 1/7] crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK Eric Biggers
2025-05-08 12:59   ` Geert Uytterhoeven
2025-05-05 20:33 ` [PATCH v3 2/7] crypto: testmgr - remove panic_on_fail Eric Biggers
2025-05-05 20:33 ` [PATCH v3 3/7] crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS Eric Biggers
2025-06-11 11:41   ` Diederik de Haas
2025-06-11 16:34     ` Eric Biggers
2025-06-13  7:57       ` Diederik de Haas
2025-05-05 20:33 ` [PATCH v3 4/7] crypto: testmgr - make it easier to enable the full set of tests Eric Biggers
2025-05-05 20:33 ` [PATCH v3 5/7] crypto: testmgr - rename noextratests to noslowtests Eric Biggers
2025-05-05 20:33 ` [PATCH v3 6/7] crypto: Kconfig - make CRYPTO_MANAGER a hidden symbol Eric Biggers
2025-05-05 20:33 ` [PATCH v3 7/7] crypto: testmgr - enable CRYPTO_MANAGER when CRYPTO_SELFTESTS Eric Biggers
2025-05-12  5:46 ` [PATCH v3 0/7] Clean up the crypto testing options Herbert Xu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox