Linux cryptographic layer development
 help / color / mirror / Atom feed
* Re: [PATCH net-next v2 0/5] Consolidate FCrypt and PCBC code into net/rxrpc/
From: Marc Dionne @ 2026-05-22 13:06 UTC (permalink / raw)
  To: Eric Biggers
  Cc: netdev, linux-afs, David Howells, linux-crypto, linux-kernel,
	David S . Miller, Eric Dumazet, Jakub Kicinski, Paolo Abeni,
	Simon Horman
In-Reply-To: <20260522050740.84561-1-ebiggers@kernel.org>

On Fri, May 22, 2026 at 2:07 AM Eric Biggers <ebiggers@kernel.org> wrote:
>
> The FCrypt "block cipher" and the PCBC mode of operation are obsolete
> and insecure.  Since their only user is net/rxrpc/, they belong there,
> not in the crypto API.
>
> Therefore, this series removes these algorithms from the crypto API and
> replaces them with local implementations in net/rxrpc/.
>
> The local implementations are simpler too, as they avoid the crypto API
> boilerplate.
>
> I don't know how to test all the code in net/rxrpc/, but everything
> should still work.  I added a KUnit test for the crypto functions.
>
> Changed in v2:
>     - Added missing export of fcrypt_preparekey().
>     - Write "RxRPC crypto KUnit test" instead of "RxRPC KUnit test".
>     - Rebased onto latest net-next where decryption now happens in the
>       linear buffer rxrpc_call::rx_dec_buffer, simplifying the code.

Looks good in testing with our kafs test suite, forcing the use of
rxkad with encryption.

Feel free to add for the series:
Tested-by: Marc Dionne <marc.dionne@auristor.com>

Marc

^ permalink raw reply

* Re: [PATCH 1/6] sock: add sock_kzalloc helper
From: Thorsten Blum @ 2026-05-22 12:50 UTC (permalink / raw)
  To: Herbert Xu, David S. Miller
  Cc: Eric Dumazet, Kuniyuki Iwashima, Paolo Abeni, Willem de Bruijn,
	Jakub Kicinski, Simon Horman, linux-crypto, linux-kernel
In-Reply-To: <20260427104129.309982-7-thorsten.blum@linux.dev>

Hi Herbert,

On Mon, Apr 27, 2026 at 12:41:30PM +0200, Thorsten Blum wrote:
> Add sock_kzalloc() helper - the sock equivalent to kzalloc().
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  include/net/sock.h | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/include/net/sock.h b/include/net/sock.h
> index dccd3738c368..20bf406dff2d 100644
> --- a/include/net/sock.h
> +++ b/include/net/sock.h
> @@ -1904,6 +1904,11 @@ void sock_kfree_s(struct sock *sk, void *mem, int size);
>  void sock_kzfree_s(struct sock *sk, void *mem, int size);
>  void sk_send_sigurg(struct sock *sk);
>  
> +static inline void *sock_kzalloc(struct sock *sk, int size, gfp_t priority)
> +{
> +	return sock_kmalloc(sk, size, priority | __GFP_ZERO);
> +}
> +
>  static inline void sock_replace_proto(struct sock *sk, struct proto *proto)
>  {
>  	if (sk->sk_socket)

Can you take this series or should I resend this to net-next?

Thanks,
Thorsten

^ permalink raw reply

* Re: [PATCH] crypto: atmel-sha204a - fail on hwrng registration error in probe path
From: Herbert Xu @ 2026-05-22 12:36 UTC (permalink / raw)
  To: Thorsten Blum
  Cc: David S. Miller, Nicolas Ferre, Alexandre Belloni, Claudiu Beznea,
	Lothar Rubusch, stable, linux-crypto, linux-arm-kernel,
	linux-kernel
In-Reply-To: <20260517162740.1250-2-thorsten.blum@linux.dev>

On Sun, May 17, 2026 at 06:27:40PM +0200, Thorsten Blum wrote:
> Commit 13909a0c8897 ("crypto: atmel-sha204a - provide the otp content")
> overwrote the hwrng registration return value when creating the sysfs
> group, which allowed atmel_sha204a_probe() to succeed even if
> devm_hwrng_register() failed.
> 
> Return immediately when devm_hwrng_register() fails, and report both
> hwrng and sysfs registration errors with dev_err(). Adjust the sysfs
> error log message for consistency.
> 
> Fixes: 13909a0c8897 ("crypto: atmel-sha204a - provide the otp content")
> Cc: stable@vger.kernel.org
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  drivers/crypto/atmel-sha204a.c | 8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] crypto: atmel-sha204a - remove sysfs group before hwrng
From: Herbert Xu @ 2026-05-22 12:36 UTC (permalink / raw)
  To: Thorsten Blum
  Cc: David S. Miller, Nicolas Ferre, Alexandre Belloni, Claudiu Beznea,
	linux-crypto, linux-arm-kernel, linux-kernel
In-Reply-To: <20260517123706.1182427-2-thorsten.blum@linux.dev>

On Sun, May 17, 2026 at 02:37:07PM +0200, Thorsten Blum wrote:
> atmel_sha204a_probe() registers the hwrng before creating the sysfs
> group. Mirror this order in atmel_sha204a_remove() by removing the sysfs
> group before unregistering the hwrng.
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  drivers/crypto/atmel-sha204a.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH 2/2] crypto: omap-des - drop of_match_ptr from OF match table
From: Herbert Xu @ 2026-05-22 12:35 UTC (permalink / raw)
  To: Thorsten Blum; +Cc: David S. Miller, linux-crypto, linux-kernel
In-Reply-To: <20260517103651.1135679-2-thorsten.blum@linux.dev>

On Sun, May 17, 2026 at 12:36:52PM +0200, Thorsten Blum wrote:
> Drop of_match_ptr() because OF matching is stubbed out when CONFIG_OF=n.
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  drivers/crypto/omap-des.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH 1/2] crypto: omap-des - add COMPILE_TEST and fix CONFIG_OF=n build
From: Herbert Xu @ 2026-05-22 12:35 UTC (permalink / raw)
  To: Thorsten Blum; +Cc: David S. Miller, linux-crypto, linux-kernel
In-Reply-To: <20260517103414.1135537-3-thorsten.blum@linux.dev>

On Sun, May 17, 2026 at 12:34:14PM +0200, Thorsten Blum wrote:
> CRYPTO_DEV_OMAP_DES only depends on ARCH_OMAP2PLUS, which is ARM-only
> and selects OF via ARM's USE_OF, making any non-OF code unreachable.
> 
> Add COMPILE_TEST so the driver can be built with CONFIG_OF=n, making the
> non-OF code reachable.
> 
> Fix the resulting non-OF build failures:
> 
> - omap_des_irq() was defined inside a CONFIG_OF block, but is referenced
>   unconditionally from omap_des_probe(). Move the CONFIG_OF guard so it
>   only covers omap_des_get_of().
> 
> - The non-OF omap_des_get_of() stub took a struct device *, while
>   omap_des_probe() passes a struct platform_device *. Make the stub
>   prototype match the OF implementation and the caller.
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  drivers/crypto/Kconfig    | 4 ++--
>  drivers/crypto/omap-des.c | 4 ++--
>  2 files changed, 4 insertions(+), 4 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] MIPS: Remove unused arch/mips/crypto directory
From: Herbert Xu @ 2026-05-22 12:35 UTC (permalink / raw)
  To: Ethan Nelson-Moore
  Cc: linux-mips, linux-crypto, Thomas Bogendoerfer, David S. Miller
In-Reply-To: <20260517032100.105696-1-enelsonmoore@gmail.com>

On Sat, May 16, 2026 at 08:20:56PM -0700, Ethan Nelson-Moore wrote:
> The last MIPS crypto code was moved to lib/crypto/mips in
> commit c9e5ac0ab9d1 ("lib/crypto: mips/md5: Migrate optimized code into
> library"). However, arch/mips/crypto still contains stub Kconfig,
> Makefile, and .gitignore files. Remove these unnecessary files.
> 
> Signed-off-by: Ethan Nelson-Moore <enelsonmoore@gmail.com>
> ---
>  arch/mips/Makefile          | 2 --
>  arch/mips/crypto/.gitignore | 2 --
>  arch/mips/crypto/Kconfig    | 5 -----
>  arch/mips/crypto/Makefile   | 5 -----
>  crypto/Kconfig              | 3 ---
>  5 files changed, 17 deletions(-)
>  delete mode 100644 arch/mips/crypto/.gitignore
>  delete mode 100644 arch/mips/crypto/Kconfig
>  delete mode 100644 arch/mips/crypto/Makefile

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] crypto: atmel-sha - use memcpy_and_pad to simplify hmac_setup
From: Herbert Xu @ 2026-05-22 12:34 UTC (permalink / raw)
  To: Thorsten Blum
  Cc: David S. Miller, Nicolas Ferre, Alexandre Belloni, Claudiu Beznea,
	linux-crypto, linux-arm-kernel, linux-kernel
In-Reply-To: <20260516234211.1131137-2-thorsten.blum@linux.dev>

On Sun, May 17, 2026 at 01:42:12AM +0200, Thorsten Blum wrote:
> Use memcpy_and_pad() instead of memcpy() followed by memset() to
> simplify atmel_sha_hmac_setup().
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  drivers/crypto/atmel-sha.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] LoongArch: Remove unused arch/loongarch/crypto directory
From: Herbert Xu @ 2026-05-22 12:35 UTC (permalink / raw)
  To: Ethan Nelson-Moore
  Cc: loongarch, linux-crypto, Huacai Chen, WANG Xuerui,
	David S. Miller
In-Reply-To: <20260517031430.102984-1-enelsonmoore@gmail.com>

On Sat, May 16, 2026 at 08:14:26PM -0700, Ethan Nelson-Moore wrote:
> All LoongArch crypto code was moved to arch/loongarch/lib in
> commit 72f51a4f4b07 ("loongarch/crc32: expose CRC32 functions through
> lib"). However, arch/loongarch/crypto still contains stub Kconfig and
> Makefile files. Remove these unnecessary files.
> 
> Signed-off-by: Ethan Nelson-Moore <enelsonmoore@gmail.com>
> ---
>  arch/loongarch/Makefile        | 2 --
>  arch/loongarch/crypto/Kconfig  | 5 -----
>  arch/loongarch/crypto/Makefile | 4 ----
>  crypto/Kconfig                 | 3 ---
>  4 files changed, 14 deletions(-)
>  delete mode 100644 arch/loongarch/crypto/Kconfig
>  delete mode 100644 arch/loongarch/crypto/Makefile

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH v2] crypto: drivers - remove of_match_ptr from OF match tables
From: Herbert Xu @ 2026-05-22 12:34 UTC (permalink / raw)
  To: Thorsten Blum
  Cc: David S. Miller, Kees Cook, linux-crypto, linux-kernel,
	linux-arm-msm
In-Reply-To: <20260516182337.874311-3-thorsten.blum@linux.dev>

On Sat, May 16, 2026 at 08:23:36PM +0200, Thorsten Blum wrote:
> Drop of_match_ptr() because OF matching is stubbed out when CONFIG_OF=n.
> 
> Indent bcm_spu_pdriver.driver and its members while at it.
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
> Changes in v2:
> - Drop omap-des.c because it doesn't compile with CONFIG=n and requires
>   other fixes first
> - v1: https://lore.kernel.org/lkml/20260516114941.741140-2-thorsten.blum@linux.dev/
> ---
>  drivers/crypto/bcm/cipher.c | 6 +++---
>  drivers/crypto/qcom-rng.c   | 2 +-
>  2 files changed, 4 insertions(+), 4 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] crypto: eip93: - fix reset ring register definition
From: Herbert Xu @ 2026-05-22 12:34 UTC (permalink / raw)
  To: Aleksander Jan Bajkowski
  Cc: ansuelsmth, benjamin.larsson, atenart, davem, vschagen,
	linux-crypto, linux-kernel
In-Reply-To: <20260516122657.2585876-1-olek2@wp.pl>

On Sat, May 16, 2026 at 02:26:51PM +0200, Aleksander Jan Bajkowski wrote:
> This patch fixes a descriptor ring reset. This causes a hang in the
> driver's unload/load sequence.
> 
> Fixes: 9739f5f93b78 ("crypto: eip93 - Add Inside Secure SafeXcel EIP-93 crypto engine support")
> Suggested-by: Benjamin Larsson <benjamin.larsson@genexis.eu>
> Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
> ---
>  drivers/crypto/inside-secure/eip93/eip93-regs.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH 2/2] crypto: tegra - Don't touch bo refcount in host1x bo pin/unpin
From: Herbert Xu @ 2026-05-22 12:32 UTC (permalink / raw)
  To: Mikko Perttunen
  Cc: Thierry Reding, David Airlie, Simona Vetter, Jonathan Hunter,
	Akhil R, David S. Miller, Aaron Kling, dri-devel, linux-tegra,
	linux-kernel, linux-crypto
In-Reply-To: <20260515-host1x-bocache-leak-v1-2-a0375f68aeab@nvidia.com>

On Fri, May 15, 2026 at 11:34:52AM +0900, Mikko Perttunen wrote:
> Since commit "gpu: host1x: Allow entries in BO caches to be freed",
> host1x_bo_pin() and host1x_bo_unpin() handle the bo's refcount
> themselves. .pin/.unpin callbacks should not adjust it.
> 
> Signed-off-by: Mikko Perttunen <mperttunen@nvidia.com>
> ---
>  drivers/crypto/tegra/tegra-se-main.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] crypto: riscv - replace min_t with min in riscv64_aes_ctr_crypt
From: Herbert Xu @ 2026-05-22 12:31 UTC (permalink / raw)
  To: Thorsten Blum
  Cc: David S. Miller, Paul Walmsley, Palmer Dabbelt, Albert Ou,
	Alexandre Ghiti, linux-crypto, linux-riscv, linux-kernel
In-Reply-To: <20260514165509.527721-2-thorsten.blum@linux.dev>

On Thu, May 14, 2026 at 06:55:10PM +0200, Thorsten Blum wrote:
> Use the simpler min() macro since the values are unsigned and
> compatible.
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  arch/riscv/crypto/aes-riscv64-glue.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] X.509: Fix validation of ASN.1 certificate header
From: Herbert Xu @ 2026-05-22 12:30 UTC (permalink / raw)
  To: Lukas Wunner
  Cc: David S. Miller, David Howells, Ignat Korchagin, keyrings,
	linux-crypto
In-Reply-To: <782bc59d5939aa69b58cad42f71946f1c0a6dccb.1778741457.git.lukas@wunner.de>

On Thu, May 14, 2026 at 08:55:58AM +0200, Lukas Wunner wrote:
> x509_load_certificate_list() seeks to enforce that a certificate starts
> with 0x30 0x82 (ASN.1 SEQUENCE tag followed by a length of more than 256
> and less than 65535 bytes).
> 
> But it only enforces that *either* of those two byte values are present,
> instead of checking for the *conjunction* of the two values.  Fix it.
> 
> Fixes: 631cc66eb9ea ("MODSIGN: Provide module signing public keys to the kernel")
> Reported-by: Sashiko <sashiko-bot@kernel.org>
> Closes: https://lore.kernel.org/r/20260508033917.B5873C2BCB0@smtp.kernel.org/
> Signed-off-by: Lukas Wunner <lukas@wunner.de>
> Cc: stable@vger.kernel.org # v3.7+
> ---
>  crypto/asymmetric_keys/x509_loader.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] Documentation: qat_rl: make rate limiting wording clearer
From: Herbert Xu @ 2026-05-22 12:30 UTC (permalink / raw)
  To: Giovanni Cabiddu; +Cc: linux-crypto, qat-linux, Fiona Trahe, Ahsan Atta
In-Reply-To: <20260513153317.32355-1-giovanni.cabiddu@intel.com>

On Wed, May 13, 2026 at 04:33:08PM +0100, Giovanni Cabiddu wrote:
> From: Fiona Trahe <fiona.trahe@intel.com>
> 
> The term "capability" typically refers to an ability to perform an
> action, whereas "capacity" denotes a measurable amount of resources.
> 
> Since the sysfs-driver-qat_rl document describes remaining resources
> available to perform work, "capacity" is the more accurate term.
> 
> Replace "capability" with "capacity" in the document.
> 
> Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
> Reviewed-by: Ahsan Atta <ahsan.atta@intel.com>
> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
> ---
>  Documentation/ABI/testing/sysfs-driver-qat_rl | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH 0/6] crypto: qat - add sysfs PCI reset support for QAT devices
From: Herbert Xu @ 2026-05-22 12:30 UTC (permalink / raw)
  To: Ahsan Atta; +Cc: linux-crypto, qat-linux
In-Reply-To: <cover.1778685152.git.ahsan.atta@intel.com>

On Wed, May 13, 2026 at 05:16:53PM +0200, Ahsan Atta wrote:
> A PCI reset triggered through sysfs (/sys/bus/pci/devices/.../reset)
> leaves QAT devices in an unusable state because the driver has never
> implemented the reset_prepare() and reset_done() callbacks. The reset
> proceeds without quiescing the device or restoring it afterward. This
> series adds the missing sysfs reset support and fixes the deadlocks,
> state-management issues, and corner cases that surface when the reset
> path is actually exercised.
> 
> Note on stable backport:
> Since this support was entirely absent rather than broken by a specific
> commit, there is no individual Fixes tag that can be cited. We believe
> this series warrants inclusion in stable to allow users to perform
> standard PCI resets on QAT devices without rendering them
> non-functional. We will need to revisit/retest when doing the backport
> as the PCI core may have changed.
> 
> In summary:
> Patch #1: Skip VF disable and enable during device restart when the VF
> topology is already present. This avoids lock-order issues in PCI
> reset callbacks while keeping VF quiesce notification intact.
> 
> Patch #2: Move fatal error notification earlier in the AER path. This
> ensures subsystems and VFs are informed as soon as fatal error handling
> begins.
> 
> Patch #3: Centralize PCI bus-master enable into a single init path.
> Remove scattered pci_set_master()/pci_clear_master() calls so BME
> state is deterministic across reset flows.
> 
> Patch #4: Skip the shutdown and restart flow for devices that were
> already administratively down before PCI reset. PCI state is still
> restored, but the device remains down as expected.
> 
> Patch #5: Factor the common AER shutdown and recovery sequences into
> reset_prepare() and reset_done() helpers to simplify the reset path
> and prepare it for reuse.
> 
> Patch #6: Hook reset_prepare() and reset_done() into the QAT PCI error
> handler. This makes sysfs-triggered PCI reset follow the same quiesce
> and recovery flow as AER reset.
> 
> Ahsan Atta (6):
>   crypto: qat - keep VFs enabled during reset
>   crypto: qat - notify fatal error before AER reset preparation
>   crypto: qat - centralize bus master enable
>   crypto: qat - skip restart for down devices
>   crypto: qat - factor out AER reset helpers
>   crypto: qat - handle sysfs-triggered reset callbacks
> 
>  drivers/crypto/intel/qat/qat_420xx/adf_drv.c  |   2 -
>  drivers/crypto/intel/qat/qat_4xxx/adf_drv.c   |   2 -
>  drivers/crypto/intel/qat/qat_6xxx/adf_drv.c   |   2 -
>  drivers/crypto/intel/qat/qat_c3xxx/adf_drv.c  |   1 -
>  .../crypto/intel/qat/qat_c3xxxvf/adf_drv.c    |   1 -
>  drivers/crypto/intel/qat/qat_c62x/adf_drv.c   |   1 -
>  drivers/crypto/intel/qat/qat_c62xvf/adf_drv.c |   1 -
>  drivers/crypto/intel/qat/qat_common/adf_aer.c | 102 +++++++++++++-----
>  .../intel/qat/qat_common/adf_common_drv.h     |   1 +
>  .../crypto/intel/qat/qat_common/adf_init.c    |   2 +
>  .../crypto/intel/qat/qat_common/adf_sriov.c   |  12 ++-
>  .../crypto/intel/qat/qat_dh895xcc/adf_drv.c   |   1 -
>  .../crypto/intel/qat/qat_dh895xccvf/adf_drv.c |   1 -
>  13 files changed, 87 insertions(+), 42 deletions(-)
> 
> 
> base-commit: 6a69430dcc874c47fe5a25b70d87861c1cc9c0d8
> -- 
> 2.45.0

All applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH v2] crypto: qat - fix VF2PF work teardown race in adf_disable_sriov()
From: Herbert Xu @ 2026-05-22 12:29 UTC (permalink / raw)
  To: Giovanni Cabiddu; +Cc: linux-crypto, qat-linux, stable, Ahsan Atta
In-Reply-To: <20260513144940.8635-1-giovanni.cabiddu@intel.com>

On Wed, May 13, 2026 at 03:47:32PM +0100, Giovanni Cabiddu wrote:
> The VF2PF interrupt handler queues PF-side response work that stores a
> raw pointer to per-VF state (struct adf_accel_vf_info). Currently,
> adf_disable_sriov() destroys per-VF mutexes and frees vf_info without
> stopping new VF2PF work or waiting for in-flight workers to complete. A
> concurrently scheduled or already queued worker can then dereference
> freed memory.
> 
> This manifests as a use-after-free when KASAN is enabled:
> 
>   BUG: KASAN: null-ptr-deref in mutex_lock+0x76/0xe0
>   Write of size 8 at addr 0000000000000260 by task kworker/24:2/...
>   Workqueue: qat_pf2vf_resp_wq adf_iov_send_resp [intel_qat]
>   Call Trace:
>     kasan_report+0x119/0x140
>     mutex_lock+0x76/0xe0
>     adf_gen4_pfvf_send+0xd4/0x1f0 [intel_qat]
>     adf_recv_and_handle_vf2pf_msg+0x290/0x360 [intel_qat]
>     adf_iov_send_resp+0x8c/0xe0 [intel_qat]
>     process_one_work+0x6ac/0xfd0
>     worker_thread+0x4dd/0xd30
>     kthread+0x326/0x410
>     ret_from_fork+0x33b/0x670
> 
> Add a PF-local flag, vf2pf_disabled, that gates work queueing, worker
> processing, and interrupt re-enabling during teardown. Set this flag
> atomically with the hardware interrupt mask inside
> adf_disable_all_vf2pf_interrupts(). After masking, synchronize the AE
> cluster MSI-X interrupt and flush the PF response workqueue before
> tearing down per-VF locks and state so all in-flight work completes
> before vf_info is destroyed.
> 
> Introduce adf_enable_all_vf2pf_interrupts() to clear the flag and
> unmask all VF2PF interrupts under the same lock when SR-IOV is
> re-enabled. This ensures the software flag and hardware state transition
> atomically on both the enable and disable paths.
> 
> Cc: stable@vger.kernel.org
> Fixes: ed8ccaef52fa ("crypto: qat - Add support for SRIOV")
> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
> Reviewed-by: Ahsan Atta <ahsan.atta@intel.com>
> ---
> Changes since v1:
> - Reworked the bail-out check in adf_enable_all_vf2pf_interrupts() to
>   compute vf_mask first and check it instead of num_vfs.
> - Removed the unreachable kfree() fallback in adf_schedule_vf2pf_handler().
>   Since pf2vf_resp is freshly allocated and initialized via INIT_WORK(),
>   queue_work() is guaranteed to return true for a work_struct that has
>   never been queued.
> - Replaced '>= 0' with '>0' after pci_irq_vector() to allow only for
>   strictly positive IRQ vectors.
> 
>  .../intel/qat/qat_common/adf_accel_devices.h  |  2 +
>  .../intel/qat/qat_common/adf_common_drv.h     |  2 +
>  drivers/crypto/intel/qat/qat_common/adf_isr.c | 39 +++++++++++++++++++
>  .../crypto/intel/qat/qat_common/adf_sriov.c   | 20 +++++++++-
>  4 files changed, 61 insertions(+), 2 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH v2] crypto: ecc - Fix carry overflow in vli multiplication
From: Herbert Xu @ 2026-05-22 12:29 UTC (permalink / raw)
  To: Anastasia Tishchenko
  Cc: Lukas Wunner, Stefan Berger, Ignat Korchagin, David S . Miller,
	linux-crypto, linux-kernel, stable
In-Reply-To: <20260513105741.55534-1-sv3iry@gmail.com>

On Wed, May 13, 2026 at 01:57:40PM +0300, Anastasia Tishchenko wrote:
> The carry flag calculation fails when r01.m_high is saturated
> (0xFFFFFFFFFFFFFFFF) and addition of lower bits overflows.
> 
> The condition (r01.m_high < product.m_high) doesn't handle the case
> where r01.m_high == product.m_high and an additional carry exists
> from lower-bit overflow.
> 
> When commit 3c4b23901a0c ("crypto: ecdh - Add ECDH software support")
> introduced crypto/ecc.c, it split the muladd() function in the
> micro-ecc library into separate mul_64_64() and add_128_128() helpers.
> It seems the check got lost in translation.
> 
> Add proper handling for this boundary by accounting for the carry
> from the lower addition.
> 
> Fixes: 3c4b23901a0c ("crypto: ecdh - Add ECDH software support")
> Signed-off-by: Anastasia Tishchenko <sv3iry@gmail.com>
> Cc: stable@vger.kernel.org # v4.8+
> ---
> Changes v1 -> v2:
> * Rename add_128_128() to check_add_128_128_overflow() and let it return a bool
>   indicating whether an overflow occurred
> * Rewrite an explicit if-else statement using constant-time bitwise arithmetic
>   to avoid a timing side-channel
> 
> Link to v1:
> https://lore.kernel.org/r/20260508114844.29694-1-sv3iry@gmail.com/
> ---
>  crypto/ecc.c | 31 ++++++++++++++++++++-----------
>  1 file changed, 20 insertions(+), 11 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] crypto: qat - remove MODULE_VERSION
From: Herbert Xu @ 2026-05-22 12:28 UTC (permalink / raw)
  To: Giovanni Cabiddu; +Cc: linux-crypto, qat-linux, Ahsan Atta, Andy Shevchenko
In-Reply-To: <20260513085808.626413-1-giovanni.cabiddu@intel.com>

On Wed, May 13, 2026 at 09:57:45AM +0100, Giovanni Cabiddu wrote:
> In-tree drivers do not need MODULE_VERSION as the kernel release
> identifies the version of their code. The static version "0.6.0", which
> the QAT drivers currently report, can be misleading as it might suggest
> the drivers are outdated.
> 
> Remove MODULE_VERSION() from all QAT driver modules and the related
> ADF_DRV_VERSION, ADF_MAJOR_VERSION, ADF_MINOR_VERSION and
> ADF_BUILD_VERSION macros from adf_common_drv.h.
> 
> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
> Reviewed-by: Ahsan Atta <ahsan.atta@intel.com>
> Reviewed-by: Andy Shevchenko <andriy.shevchenko@intel.com>
> ---
>  drivers/crypto/intel/qat/qat_420xx/adf_drv.c         | 1 -
>  drivers/crypto/intel/qat/qat_4xxx/adf_drv.c          | 1 -
>  drivers/crypto/intel/qat/qat_c3xxx/adf_drv.c         | 1 -
>  drivers/crypto/intel/qat/qat_c3xxxvf/adf_drv.c       | 1 -
>  drivers/crypto/intel/qat/qat_c62x/adf_drv.c          | 1 -
>  drivers/crypto/intel/qat/qat_c62xvf/adf_drv.c        | 1 -
>  drivers/crypto/intel/qat/qat_common/adf_common_drv.h | 7 -------
>  drivers/crypto/intel/qat/qat_common/adf_module.c     | 1 -
>  drivers/crypto/intel/qat/qat_dh895xcc/adf_drv.c      | 1 -
>  drivers/crypto/intel/qat/qat_dh895xccvf/adf_drv.c    | 1 -
>  10 files changed, 16 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] crypto: atmel - use min3 to simplify atmel_sha_append_sg
From: Herbert Xu @ 2026-05-22 12:28 UTC (permalink / raw)
  To: Thorsten Blum
  Cc: David S. Miller, Nicolas Ferre, Alexandre Belloni, Claudiu Beznea,
	linux-crypto, linux-arm-kernel, linux-kernel
In-Reply-To: <20260512145123.303311-3-thorsten.blum@linux.dev>

On Tue, May 12, 2026 at 04:51:24PM +0200, Thorsten Blum wrote:
> Replace two consecutive min() calls with min3() to simplify the code.
> 
> And since count is unsigned and cannot be less than zero, adjust the if
> check and update the comment accordingly.
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  drivers/crypto/atmel-sha.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] crypto: cesa - use max to simplify mv_cesa_probe
From: Herbert Xu @ 2026-05-22 12:28 UTC (permalink / raw)
  To: Thorsten Blum
  Cc: Srujana Challa, Bharat Bhushan, David S. Miller, Rosen Penev,
	Krzysztof Kozlowski, linux-crypto, linux-kernel
In-Reply-To: <20260512133415.302370-3-thorsten.blum@linux.dev>

On Tue, May 12, 2026 at 03:34:15PM +0200, Thorsten Blum wrote:
> Use max() to simplify mv_cesa_probe() and improve its readability.
> 
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>  drivers/crypto/marvell/cesa/cesa.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH v3 0/2] crypto: qat - remove unused ioctl interface
From: Herbert Xu @ 2026-05-22 12:27 UTC (permalink / raw)
  To: Giovanni Cabiddu
  Cc: linux-crypto, qat-linux, wangzhi, byu, w15303746062, vdronov
In-Reply-To: <20260511100854.29474-1-giovanni.cabiddu@intel.com>

On Mon, May 11, 2026 at 11:04:07AM +0100, Giovanni Cabiddu wrote:
> The QAT driver exposes a character device (qat_adf_ctl) with IOCTLs for
> device configuration, start, stop, status query and enumeration. These
> IOCTLs are not part of any public uAPI header and have no known in-tree
> or out-of-tree users.
> 
> This ioctl interface increases the attack surface and is the subject of a
> number of bug reports. Remove it entirely.
> 
> Patch 1 removes the character device, the IOCTL definitions, the related
> data structures and headers. It strips adf_ctl_drv.c down to the
> minimal module_init/module_exit hooks. This is marked for stable.
> 
> Patch 2 renames the now-minimal adf_ctl_drv.c to adf_module.c and
> adjusts function names to match the new file name. This is not marked
> for stable as it is a pure rename.
> 
> Changes since v1:
> - Addressed comments from Sashiko: cleaned up leftover dead code
>   https://sashiko.dev/#/patchset/20260508091912.206913-1-giovanni.cabiddu%40intel.com
> 
> Changes since v2:
> - Removed additional dead code: adf_devmgr_get_dev_by_id(),
>   adf_get_vf_real_id() and a few ADF_CFG unused macros
> 
> Giovanni Cabiddu (2):
>   crypto: qat - remove unused character device and IOCTLs
>   crypto: qat - rename adf_ctl_drv.c to adf_module.c
> 
>  .../userspace-api/ioctl/ioctl-number.rst      |   1 -
>  drivers/crypto/intel/qat/qat_common/Makefile  |   2 +-
>  drivers/crypto/intel/qat/qat_common/adf_cfg.c |  10 -
>  drivers/crypto/intel/qat/qat_common/adf_cfg.h |   1 -
>  .../intel/qat/qat_common/adf_cfg_common.h     |  32 --
>  .../intel/qat/qat_common/adf_cfg_user.h       |  38 --
>  .../intel/qat/qat_common/adf_common_drv.h     |   3 -
>  .../crypto/intel/qat/qat_common/adf_ctl_drv.c | 466 ------------------
>  .../crypto/intel/qat/qat_common/adf_dev_mgr.c |  70 ---
>  .../crypto/intel/qat/qat_common/adf_module.c  |  64 +++
>  10 files changed, 65 insertions(+), 622 deletions(-)
>  delete mode 100644 drivers/crypto/intel/qat/qat_common/adf_cfg_user.h
>  delete mode 100644 drivers/crypto/intel/qat/qat_common/adf_ctl_drv.c
>  create mode 100644 drivers/crypto/intel/qat/qat_common/adf_module.c
> 
> 
> base-commit: f7dd32c5179d7755de18e21d5674b08f9e5cb180
> -- 
> 2.54.0

All applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* Re: [PATCH] crypto: hisilicon/sec2 - lower priority for hisilicon crypto implementations
From: Herbert Xu @ 2026-05-22 12:27 UTC (permalink / raw)
  To: Chenghai Huang
  Cc: davem, linux-kernel, linux-crypto, fanghao11, liulongfang,
	qianweili, wangzhou1
In-Reply-To: <20260511004927.3469951-1-huangchenghai2@huawei.com>

On Mon, May 11, 2026 at 08:49:27AM +0800, Chenghai Huang wrote:
> From: lizhi <lizhi206@huawei.com>
> 
> Lower the priority of HiSilicon's crypto implementations to allow more
> suitable alternatives to be selected. For example, certain kernel
> use-cases do not benefit from HiSilicon's symmetric crypto algorithms.
> This change ensures that more appropriate options are chosen first while
> retaining HiSilicon's implementations as alternatives.
> 
> Signed-off-by: lizhi <lizhi206@huawei.com>
> Signed-off-by: Chenghai Huang <huangchenghai2@huawei.com>
> ---
>  drivers/crypto/hisilicon/sec2/sec_crypto.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply

* [PATCH] crypto: asymmetric_keys: validate PE section bounds before hashing
From: Michael Bommarito @ 2026-05-22 12:20 UTC (permalink / raw)
  To: David Howells, Lukas Wunner, Ignat Korchagin, Herbert Xu,
	David S. Miller
  Cc: Kees Cook, Vivek Goyal, Weiming Shi, Xiang Mei, keyrings,
	linux-crypto, linux-kernel

pefile_digest_pe_contents() hashes each PE section using PointerToRawData
and SizeOfRawData from the section table. These fields are parsed from the
input image, but the per-section hashing path does not check that the
resulting range lies inside the supplied PE buffer before passing it to
crypto_shash_update().

A malformed image passed to kexec_file_load() can therefore make signature
verification read past the end of the PE buffer. Return -ELIBBAD for
out-of-range section data and guard hashed_bytes against unsigned wrap
before it is used by the trailing-data calculation.

Link: https://lore.kernel.org/keyrings/20260430173632.277436-3-bestswngs@gmail.com/
Fixes: af316fc442ef ("pefile: Digest the PE binary and compare to the PKCS#7 data")
Assisted-by: Codex:gpt-5-5-xhigh
Signed-off-by: Michael Bommarito <michael.bommarito@gmail.com>
---
 crypto/asymmetric_keys/verify_pefile.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/crypto/asymmetric_keys/verify_pefile.c b/crypto/asymmetric_keys/verify_pefile.c
index 1f3b227ba7f22..1405b76322cbd 100644
--- a/crypto/asymmetric_keys/verify_pefile.c
+++ b/crypto/asymmetric_keys/verify_pefile.c
@@ -292,6 +292,15 @@ static int pefile_digest_pe_contents(const void *pebuf, unsigned int pelen,
 		i = canon[loop];
 		if (ctx->secs[i].raw_data_size == 0)
 			continue;
+		if (ctx->secs[i].data_addr > pelen ||
+		    ctx->secs[i].raw_data_size > pelen - ctx->secs[i].data_addr) {
+			kfree(canon);
+			return -ELIBBAD;
+		}
+		if (ctx->secs[i].raw_data_size > UINT_MAX - hashed_bytes) {
+			kfree(canon);
+			return -ELIBBAD;
+		}
 		ret = crypto_shash_update(desc,
 					  pebuf + ctx->secs[i].data_addr,
 					  ctx->secs[i].raw_data_size);
-- 
2.53.0


^ permalink raw reply related

* Re: [PATCH] hwrng: core - Do not read data during PM sleep transition
From: Herbert Xu @ 2026-05-22 12:02 UTC (permalink / raw)
  To: Thomas Richard (TI)
  Cc: Olivia Mackall, Thomas Petazzoni, linux-crypto, linux-kernel,
	gregory.clement, richard.genoud, u-kumar1, a-kumar2
In-Reply-To: <20260513-hw-random-fix-hwrng-fillfn-crash-suspend-resume-v1-1-b12551c1c7dd@bootlin.com>

On Wed, May 13, 2026 at 11:27:37AM +0200, Thomas Richard (TI) wrote:
>
> @@ -538,8 +539,9 @@ static int hwrng_fillfn(void *unused)
>  		}
>  
>  		mutex_lock(&reading_mutex);
> -		rc = rng_get_data(rng, rng_fillbuf,
> -				  rng_buffer_size(), 1);
> +		if (!pm_sleep_transition_in_progress())
> +			rc = rng_get_data(rng, rng_fillbuf,
> +					  rng_buffer_size(), 1);

Isn't this going to cause rc to be used uninitialised?

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox