Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v6.6.25 2024-01-25T23:35:16Z 2024-01-25T23:35:16Z Herbert Xu herbert@gondor.apana.org.au 2023-11-28T08:25:49Z urn:sha1:e136daaa10e4c6c50a5c0fc9c5f89a6f988fe619 [ Upstream commit 67b164a871af1d736f131fd6fe78a610909f06f3 ] Having multiple in-flight AIO requests results in unpredictable output because they all share the same IV. Fix this by only allowing one request at a time. Fixes: 83094e5e9e49 ("crypto: af_alg - add async support to algif_aead") Fixes: a596999b7ddf ("crypto: algif - change algif_skcipher to be asynchronous") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org> 2023-08-29T18:23:29Z Linus Torvalds torvalds@linux-foundation.org 2023-08-29T18:23:29Z urn:sha1:68cf01760bc0891074e813b9bb06d2696cac1c01 Pull crypto updates from Herbert Xu: "API: - Move crypto engine callback from tfm ctx into algorithm object - Fix atomic sleep bug in crypto_destroy_instance - Move lib/mpi into lib/crypto Algorithms: - Add chacha20 and poly1305 implementation for powerpc p10 Drivers: - Add AES skcipher and aead support to starfive - Add Dynamic Boost Control support to ccp - Add support for STM32P13 platform to stm32" * tag 'v6.6-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (149 commits) Revert "dt-bindings: crypto: qcom,prng: Add SM8450" crypto: chelsio - Remove unused declarations X.509: if signature is unsupported skip validation crypto: qat - fix crypto capability detection for 4xxx crypto: drivers - Explicitly include correct DT includes crypto: engine - Remove crypto_engine_ctx crypto: zynqmp - Use new crypto_engine_op interface crypto: virtio - Use new crypto_engine_op interface crypto: stm32 - Use new crypto_engine_op interface crypto: jh7110 - Use new crypto_engine_op interface crypto: rk3288 - Use new crypto_engine_op interface crypto: omap - Use new crypto_engine_op interface crypto: keembay - Use new crypto_engine_op interface crypto: sl3516 - Use new crypto_engine_op interface crypto: caam - Use new crypto_engine_op interface crypto: aspeed - Remove non-standard sha512 algorithms crypto: aspeed - Use new crypto_engine_op interface crypto: amlogic - Use new crypto_engine_op interface crypto: sun8i-ss - Use new crypto_engine_op interface crypto: sun8i-ce - Use new crypto_engine_op interface ... 2023-08-18T09:01:11Z Herbert Xu herbert@gondor.apana.org.au 2023-08-13T06:55:20Z urn:sha1:5ce0bc68e0eeab14fe4dd3be9975c5ced7b20617 Remove the obsolete crypto_engine_ctx structure. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-08-18T09:01:10Z Herbert Xu herbert@gondor.apana.org.au 2023-08-13T06:54:49Z urn:sha1:e5e7eb023f24653b07329162b6359283b3a03a20 Rather than having the callback in the request, move it into the crypto_alg object. This avoids having crypto_engine look into the request context is private to the driver. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-08-18T09:01:10Z Herbert Xu herbert@gondor.apana.org.au 2023-08-13T06:54:47Z urn:sha1:c1091e2baef65b24a39db6a61de316605d3505c5 Most drivers should not access the internal details of struct crypto_engine. Move it into the internal header file. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-08-18T09:01:10Z Herbert Xu herbert@gondor.apana.org.au 2023-08-13T06:54:41Z urn:sha1:45c461c503a7a12f4c5efaff289be17a442aeefe Create crypto/internal/engine.h to house details that should not be used by drivers. It is empty for the time being. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-08-18T09:01:10Z Herbert Xu herbert@gondor.apana.org.au 2023-08-13T06:54:36Z urn:sha1:68021dee251e72d87ebbf052acf69b3217c11383 The engine file does not need the actual crypto type definitions so move those header inclusions to where they are actually used. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-08-18T09:01:10Z Herbert Xu herbert@gondor.apana.org.au 2023-08-13T06:54:32Z urn:sha1:bcd6e41d983621954dfc3f1f64249a55838b3e6a The callbacks for prepare and unprepare request in crypto_engine is superfluous. They can be done directly from do_one_request. Move the code into do_one_request and remove the unused callbacks. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-08-17T20:12:20Z Eric Snowberg eric.snowberg@oracle.com 2023-05-22T23:09:42Z urn:sha1:4cfb908054456ad8b6b8cd5108bbdf80faade8cd Add a new link restriction. Restrict the addition of keys in a keyring based on the key having digitalSignature usage set. Additionally, verify the new certificate against the ones in the system keyrings. Add two additional functions to use the new restriction within either the builtin or secondary keyrings. [jarkko@kernel.org: Fix checkpatch.pl --strict issues] Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com> Reviewed-and-tested-by: Mimi Zohar <zohar@linux.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 2023-08-11T11:19:27Z Herbert Xu herbert@gondor.apana.org.au 2023-08-03T09:59:28Z urn:sha1:9ae4577bc077a7e32c3c7d442c95bc76865c0f17 The function crypto_drop_spawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the instance to be freed in atomic context. Fix this by delaying the freeing to a work queue. Fixes: 6bfd48096ff8 ("[CRYPTO] api: Added spawns") Reported-by: Florent Revest <revest@chromium.org> Reported-by: syzbot+d769eed29cc42d75e2a3@syzkaller.appspotmail.com Reported-by: syzbot+610ec0671f51e838436e@syzkaller.appspotmail.com Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Tested-by: Florent Revest <revest@chromium.org> Acked-by: Florent Revest <revest@chromium.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>