Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v6.8.4 2023-12-15T09:52:53Z 2023-12-15T09:52:53Z Tom Zanussi tom.zanussi@linux.intel.com 2023-12-05T21:25:27Z urn:sha1:2ec6761df889fdf896fde761abd447596dd8f8c2 This patch registers the deflate-iaa deflate compression algorithm and hooks it up to the IAA hardware using the 'fixed' compression mode introduced in the previous patch. Because the IAA hardware has a 4k history-window limitation, only buffers <= 4k, or that have been compressed using a <= 4k history window, are technically compliant with the deflate spec, which allows for a window of up to 32k. Because of this limitation, the IAA fixed mode deflate algorithm is given its own algorithm name, 'deflate-iaa'. With this change, the deflate-iaa crypto algorithm is registered and operational, and compression and decompression operations are fully enabled following the successful binding of the first IAA workqueue to the iaa_crypto sub-driver. when there are no IAA workqueues bound to the driver, the IAA crypto algorithm can be unregistered by removing the module. A new iaa_crypto 'verify_compress' driver attribute is also added, allowing the user to toggle compression verification. If set, each compress will be internally decompressed and the contents verified, returning error codes if unsuccessful. This can be toggled with 0/1: echo 0 > /sys/bus/dsa/drivers/crypto/verify_compress The default setting is '1' - verify all compresses. The verify_compress value setting at the time the algorithm is registered is captured in the algorithm's crypto_ctx and used for all compresses when using the algorithm. [ Based on work originally by George Powley, Jing Lin and Kyung Min Park ] Signed-off-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-12-08T03:59:46Z Herbert Xu herbert@gondor.apana.org.au 2023-11-30T12:23:06Z urn:sha1:d4bd2102472c4071d0df4a948316f73390228faf Remove test vectors for CFB/OFB. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-11-17T11:16:29Z Dimitri John Ledkov dimitri.ledkov@canonical.com 2023-10-30T12:05:16Z urn:sha1:bc197f5760025b61a33565301f4390886e0483db SP800-90C 3rd draft states that SHA-1 will be removed from all specifications, including drbg by end of 2030. Given kernels built today will be operating past that date, start complying with upcoming requirements. No functional change, as SHA-256 / SHA-512 based DRBG have always been the preferred ones. Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> Reviewed-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-11-01T04:58:42Z Eric Biggers ebiggers@google.com 2023-10-27T19:52:06Z urn:sha1:b030c45844cfe0d4c89202cd6c9f4697b3a25a6a alg_test_descs[] needs to be in sorted order, since it is used for binary search. This fixes the following boot-time warning: testmgr: alg_test_descs entries in wrong order: 'pkcs1pad(rsa,sha512)' before 'pkcs1pad(rsa,sha3-256)' Fixes: ee62afb9d02d ("crypto: rsa-pkcs1pad - Add FIPS 202 SHA-3 support") Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-10-27T10:04:30Z Dimitri John Ledkov dimitri.ledkov@canonical.com 2023-10-22T18:22:05Z urn:sha1:ee62afb9d02dd279a7b73245614f13f8fe777a6d Add support in rsa-pkcs1pad for FIPS 202 SHA-3 hashes, sizes 256 and up. As 224 is too weak for any practical purposes. Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-10-27T10:04:29Z Eric Biggers ebiggers@google.com 2023-10-22T08:10:47Z urn:sha1:93f367a9a41ab539e905b1ea91254868e4cf8faa Now that the alignmask for ahash and shash algorithms is always 0, crypto_ahash_alignmask() always returns 0 and will be removed. In preparation for this, stop checking crypto_ahash_alignmask() in testmgr. As a result of this change, test_sg_division::offset_relative_to_alignmask and testvec_config::key_offset_relative_to_alignmask no longer have any effect on ahash (or shash) algorithms. Therefore, also stop setting these flags in default_hash_testvec_configs[]. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-10-27T10:04:25Z Eric Biggers ebiggers@google.com 2023-10-19T05:53:40Z urn:sha1:2125c11efd83a5aeb9bf04bcbc83b49e8d7e2afb Now that the shash algorithm type does not support nonzero alignmasks, crypto_shash_alignmask() always returns 0 and will be removed. In preparation for this, stop checking crypto_shash_alignmask() in testmgr. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-10-13T10:27:26Z Herbert Xu herbert@gondor.apana.org.au 2023-10-03T03:43:18Z urn:sha1:9a91792db10126fa291e22680d6cf5683d845a15 Replace skcipher implementation with lskcipher. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-10-12T13:59:33Z Herbert Xu herbert@gondor.apana.org.au 2023-08-30T09:57:06Z urn:sha1:30febae71c6182e0762dc7744737012b4f8e6a6d Remove zlib-deflate test vectors as it no longer exists in the kernel. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Ard Biesheuvel <ardb@kernel.org> 2023-09-20T05:15:29Z Herbert Xu herbert@gondor.apana.org.au 2023-09-14T08:28:26Z urn:sha1:3dfe8786b11a4a3f9ced2eb89c6c5d73eba84700 Test lskcipher algorithms using the same logic as cipher algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>