[GIT PULL] Crypto Fixes for 6.16

[GIT PULL] Crypto Fixes for 6.16

[Herbert Xu]

Hi Linus:

The following changes since commit 2297554f01df6d3d4e98a3915c183ce3e491740a:

  x86/fpu: Fix irq_fpu_usable() to return false during CPU onlining (2025-05-26 10:58:50 +0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p2

for you to fetch changes up to 0a84874c7e7dde5cdddc80a82093120e924a348b:

  crypto: shash - Fix buffer overrun in import function (2025-05-27 13:43:32 +0800)

----------------------------------------------------------------
This push fixes a buffer overflow regression in shash.
----------------------------------------------------------------

Herbert Xu (1):
      crypto: shash - Fix buffer overrun in import function

 crypto/shash.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [GIT PULL] Crypto Fixes for 6.16

[pr-tracker-bot]

The pull request you sent on Wed, 28 May 2025 11:03:16 +0800:

> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p2

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/408aa67404405c8519ddee70bc0e6c55daa7c959

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

[GIT PULL] Crypto Fixes for 6.16

[Herbert Xu]

Hi Linus:

The following changes since commit 0a84874c7e7dde5cdddc80a82093120e924a348b:

  crypto: shash - Fix buffer overrun in import function (2025-05-27 13:43:32 +0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p3

for you to fetch changes up to b9802b54d41bbe98f673e08bc148b0c563fdc02e:

  asm-generic: Add sched.h inclusion in simd.h (2025-05-30 20:56:48 +0800)

----------------------------------------------------------------
This push fixes a loongarch header regression and a module name
collision on s390.
----------------------------------------------------------------

Eric Biggers (1):
      crypto: s390/sha256 - rename module to sha256-s390

Huacai Chen (1):
      asm-generic: Add sched.h inclusion in simd.h

 arch/s390/lib/crypto/Makefile | 3 ++-
 include/asm-generic/simd.h    | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [GIT PULL] Crypto Fixes for 6.16

[pr-tracker-bot]

The pull request you sent on Tue, 3 Jun 2025 13:03:18 +0800:

> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p3

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/04446eee58fcb2a6c9db5abff7f07cc2f38da9d0

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

[GIT PULL] Crypto Fixes for 6.16

[Herbert Xu]

Hi Linus:

The following changes since commit 19272b37aa4f83ca52bdf9c16d5d81bdd1354494:

  Linux 6.16-rc1 (2025-06-08 13:44:43 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p4

for you to fetch changes up to 40a98e702b528c631094f2e524d309faf33dc774:

  crypto: hkdf - move to late_initcall (2025-06-11 10:59:45 +0800)

----------------------------------------------------------------
This push fixes a broken self-test in hkdf (new regression).
----------------------------------------------------------------

Eric Biggers (1):
      crypto: hkdf - move to late_initcall

 crypto/hkdf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [GIT PULL] Crypto Fixes for 6.16

[pr-tracker-bot]

The pull request you sent on Fri, 13 Jun 2025 12:30:03 +0800:

> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p4

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/ad6159087fbbd754bfe940bd62b6322307925faa

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

[GIT PULL] Crypto Fixes for 6.16

[Herbert Xu]

Hi Linus:

The following changes since commit 40a98e702b528c631094f2e524d309faf33dc774:

  crypto: hkdf - move to late_initcall (2025-06-11 10:59:45 +0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p5

for you to fetch changes up to df29f60369ccec0aa17d7eed7e2ae1fcdc9be6d4:

  crypto: ahash - Fix infinite recursion in ahash_def_finup (2025-06-18 17:02:02 +0800)

----------------------------------------------------------------
This push fixes a regression in ahash (broken fallback finup)
and reinstates a Kconfig option to control the extra self-tests.
----------------------------------------------------------------

Eric Biggers (1):
      crypto: testmgr - reinstate kconfig control over full self-tests

Herbert Xu (1):
      crypto: ahash - Fix infinite recursion in ahash_def_finup

 crypto/Kconfig                 | 25 +++++++++++++++++++++----
 crypto/ahash.c                 |  4 +++-
 crypto/testmgr.c               | 15 ++++++++++++---
 include/crypto/internal/simd.h |  6 ++++--
 lib/crypto/Makefile            |  2 +-
 5 files changed, 41 insertions(+), 11 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [GIT PULL] Crypto Fixes for 6.16

[pr-tracker-bot]

The pull request you sent on Fri, 20 Jun 2025 11:17:42 +0800:

> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p5

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/0fa5248255a1f4cc87f35610f2762d9cdd919246

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

[GIT PULL] Crypto Fixes for 6.16

[Herbert Xu]

Hi Linus:

The following changes since commit df29f60369ccec0aa17d7eed7e2ae1fcdc9be6d4:

  crypto: ahash - Fix infinite recursion in ahash_def_finup (2025-06-18 17:02:02 +0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p6

for you to fetch changes up to 20d71750cc72e80859d52548cf5c2a7513983b0d:

  crypto: wp512 - Use API partial block handling (2025-06-23 16:56:56 +0800)

----------------------------------------------------------------
This push fixes a regression where wp512 can no longer be used
with hmac.
----------------------------------------------------------------

Herbert Xu (1):
      crypto: wp512 - Use API partial block handling

 crypto/wp512.c | 125 ++++++++++++++++++++++-----------------------------------
 1 file changed, 47 insertions(+), 78 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [GIT PULL] Crypto Fixes for 6.16

[Eric Biggers]

On Wed, Jun 25, 2025 at 10:44:04AM +0800, Herbert Xu wrote:
> Hi Linus:
> 
> The following changes since commit df29f60369ccec0aa17d7eed7e2ae1fcdc9be6d4:
> 
>   crypto: ahash - Fix infinite recursion in ahash_def_finup (2025-06-18 17:02:02 +0800)
> 
> are available in the Git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p6
> 
> for you to fetch changes up to 20d71750cc72e80859d52548cf5c2a7513983b0d:
> 
>   crypto: wp512 - Use API partial block handling (2025-06-23 16:56:56 +0800)
> 
> ----------------------------------------------------------------
> This push fixes a regression where wp512 can no longer be used
> with hmac.
> ----------------------------------------------------------------
> 
> Herbert Xu (1):
>       crypto: wp512 - Use API partial block handling
> 

Wouldn't it make more sense to revert the "Crypto API partial block handling"
stuff?  It's been causing a huge number of problems, and it's been getting
superseded by the librarification changes anyway.

This is already the fourth 6.16 fixes pull request for regressions caused by
your partial block handling changes.  And I have another one queued in
libcrypto-fixes.  I expect there will need to be more...

Indeed, I just found that a lot of drivers in drivers/crypto/ haven't been
updated to be aware of the extra byte that comes back from
crypto_shash_export().  So there are a bunch of buffer overflows there too.
(Not like drivers/crypto/ actually matters, but apparently your changes are for
its benefit?  So it's interesting that it was actually broken by them.)

- Eric

Re: [GIT PULL] Crypto Fixes for 6.16

[Herbert Xu]

On Tue, Jun 24, 2025 at 08:04:04PM -0700, Eric Biggers wrote:
>
> Wouldn't it make more sense to revert the "Crypto API partial block handling"
> stuff?  It's been causing a huge number of problems, and it's been getting
> superseded by the librarification changes anyway.

The partial block handling simplifies the implementation of both
software and hardware hash algorithms.  Just look at the diffstat.

In this particular instance, I thought nobody used hmac on wp512
which is why I didn't do the conversion for it initially.  But
apparently someone does use it.

> Indeed, I just found that a lot of drivers in drivers/crypto/ haven't been
> updated to be aware of the extra byte that comes back from
> crypto_shash_export().  So there are a bunch of buffer overflows there too.
> (Not like drivers/crypto/ actually matters, but apparently your changes are for
> its benefit?  So it's interesting that it was actually broken by them.)

If anything this proves that enforcing a consistent hash format
is the right thing to do.  All those buggy code paths were assuming
that the export format is fixed which was not the case prior to the
partial blocks work.

But thanks for pointing me to these buggy drivers and I will send
out fixes for them.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [GIT PULL] Crypto Fixes for 6.16

[Eric Biggers]

On Wed, Jun 25, 2025 at 11:14:23AM +0800, Herbert Xu wrote:
> On Tue, Jun 24, 2025 at 08:04:04PM -0700, Eric Biggers wrote:
> >
> > Wouldn't it make more sense to revert the "Crypto API partial block handling"
> > stuff?  It's been causing a huge number of problems, and it's been getting
> > superseded by the librarification changes anyway.
> 
> The partial block handling simplifies the implementation of both
> software and hardware hash algorithms.  Just look at the diffstat.

Not software, since the library functions have to handle partial blocks anyway.
There will be a negative diffstat for algorithms that haven't been converted to
have a library API yet, but it will go away once they are.

> > Indeed, I just found that a lot of drivers in drivers/crypto/ haven't been
> > updated to be aware of the extra byte that comes back from
> > crypto_shash_export().  So there are a bunch of buffer overflows there too.
> > (Not like drivers/crypto/ actually matters, but apparently your changes are for
> > its benefit?  So it's interesting that it was actually broken by them.)
> 
> If anything this proves that enforcing a consistent hash format
> is the right thing to do.  All those buggy code paths were assuming
> that the export format is fixed which was not the case prior to the
> partial blocks work.
> 
> But thanks for pointing me to these buggy drivers and I will send
> out fixes for them.

Well, they (reasonably enough) assume the format that all the CPU-based code
previously used.  So they weren't really broken until your changes.

Of course, the lack of type safety here is an artificial problem created by the
generic crypto API which uses a 'void *' state.  The library functions simply
use the C type system, so they just work and do not have this sort of silly
issue where different places disagree about what struct a 'void *' points to...

These legacy drivers should just use the library functions.

- Eric

Re: [GIT PULL] Crypto Fixes for 6.16

[Herbert Xu]

On Tue, Jun 24, 2025 at 08:32:38PM -0700, Eric Biggers wrote:
>
> These legacy drivers should just use the library functions.

As it's currently structured yes this would be a perfect place
to use the lib/crypto interface.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [GIT PULL] Crypto Fixes for 6.16

[pr-tracker-bot]

The pull request you sent on Wed, 25 Jun 2025 10:44:04 +0800:

> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p6

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/67a993863163cb88b1b68974c31b0d84ece4293e

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

[GIT PULL] Crypto Fixes for 6.16

[Herbert Xu]

Hi Linus:

The following changes since commit 20d71750cc72e80859d52548cf5c2a7513983b0d:

  crypto: wp512 - Use API partial block handling (2025-06-23 16:56:56 +0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p7

for you to fetch changes up to ccafe2821cfaa880cf4461307111b76df07c48fb:

  crypto: qat - Use crypto_shash_export_core (2025-06-26 12:55:22 +0800)

----------------------------------------------------------------
This push fixes a buffer overflows in qat and chelsio.
----------------------------------------------------------------

Herbert Xu (2):
      crypto: chelsio - Use crypto_shash_export_core
      crypto: qat - Use crypto_shash_export_core

 drivers/crypto/chelsio/chcr_algo.c             | 10 +++++-----
 drivers/crypto/intel/qat/qat_common/qat_algs.c | 14 +++++++-------
 2 files changed, 12 insertions(+), 12 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [GIT PULL] Crypto Fixes for 6.16

[pr-tracker-bot]

The pull request you sent on Sat, 19 Jul 2025 10:36:10 +1000:

> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git tags/v6.16-p7

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/27c2570359d688884887cd45fa92e678523012a6

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html