LKML Archive on lore.kernel.org
 help / Atom feed
* Crypto Fixes for 4.9
@ 2016-11-19 10:27 Herbert Xu
  2016-11-23  5:36 ` Herbert Xu
                   ` (3 more replies)
  0 siblings, 4 replies; 79+ messages in thread
From: Herbert Xu @ 2016-11-19 10:27 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes the following issues:

- Compiler warning in caam driver that was the last one remaining.
- Do not register aes-xts in caam drivers on unsupported platforms.
- Regression in algif_hash interface that may lead to an oops.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Arnd Bergmann (1):
      crypto: caam - fix type mismatch warning

Herbert Xu (1):
      crypto: algif_hash - Fix NULL hash crash with shash

Sven Ebenfeld (1):
      crypto: caam - do not register AES-XTS mode on LP units

 crypto/algif_hash.c           |   17 ++++++++++-------
 drivers/crypto/caam/caamalg.c |   11 ++++++++++-
 2 files changed, 20 insertions(+), 8 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.9
  2016-11-19 10:27 Crypto Fixes for 4.9 Herbert Xu
@ 2016-11-23  5:36 ` Herbert Xu
  2016-12-05  6:37 ` Herbert Xu
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2016-11-23  5:36 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

The last push broke algif_hash for all shash implementations,
so this is a follow-up to fix that.  It also fixes a problem
in the crypto scatterwalk that triggers a BUG_ON with certain
debugging options due to the new vmalloced-stack code.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (2):
      crypto: algif_hash - Fix result clobbering in recvmsg
      crypto: scatterwalk - Remove unnecessary aliasing check in map_and_copy

 crypto/algif_hash.c  |    2 +-
 crypto/scatterwalk.c |    4 ----
 2 files changed, 1 insertion(+), 5 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.9
  2016-11-19 10:27 Crypto Fixes for 4.9 Herbert Xu
  2016-11-23  5:36 ` Herbert Xu
@ 2016-12-05  6:37 ` Herbert Xu
  2016-12-10  6:01   ` Herbert Xu
  2016-12-13 13:24 ` Crypto Update for 4.10 Herbert Xu
  2016-12-15 16:07 ` Crypto Fixes for 4.10 Herbert Xu
  3 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2016-12-05  6:37 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes the following issues:

- Intermittent build failure in RSA.
- Memory corruption in chelsio crypto driver.
- Regression in DRBG due to vmalloced stack.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


David Michael (1):
      crypto: rsa - Add Makefile dependencies to fix parallel builds

Harsh Jain (1):
      crypto: chcr - Fix memory corruption

Stephan Mueller (1):
      crypto: drbg - prevent invalid SG mappings

 crypto/Makefile                    |    1 +
 crypto/drbg.c                      |   29 ++++++++++++++++++++++++-----
 drivers/crypto/chelsio/chcr_algo.h |    3 ++-
 include/crypto/drbg.h              |    2 ++
 4 files changed, 29 insertions(+), 6 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.9
  2016-12-05  6:37 ` Herbert Xu
@ 2016-12-10  6:01   ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2016-12-10  6:01 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes the following issues:

- Fix pointer size when caam is used with AArch64 boot loader on
  AArch32 kernel.
- Fix ahash state corruption in marvell driver.
- Fix buggy algif_aed tag handling.
- Prevent mcryptd from being used with incompatible algorithms
  which can cause crashes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Horia Geantă (1):
      crypto: caam - fix pointer size for AArch64 boot loader, AArch32 kernel

Romain Perier (2):
      crypto: marvell - Don't copy hash operation twice into the SRAM
      crypto: marvell - Don't corrupt state of an STD req for re-stepped ahash

Stephan Mueller (2):
      crypto: algif_aead - fix AEAD tag memory handling
      crypto: algif_aead - fix uninitialized variable warning

tim (1):
      crypto: mcryptd - Check mcryptd algorithm compatibility

 crypto/algif_aead.c           |   59 ++++++++++++++++++++++++++---------------
 crypto/mcryptd.c              |   19 ++++++++-----
 drivers/crypto/caam/ctrl.c    |    5 ++--
 drivers/crypto/marvell/hash.c |   11 ++++----
 4 files changed, 57 insertions(+), 37 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.10
  2016-11-19 10:27 Crypto Fixes for 4.9 Herbert Xu
  2016-11-23  5:36 ` Herbert Xu
  2016-12-05  6:37 ` Herbert Xu
@ 2016-12-13 13:24 ` Herbert Xu
  2017-02-23 12:51   ` Crypto Update for 4.11 Herbert Xu
  2016-12-15 16:07 ` Crypto Fixes for 4.10 Herbert Xu
  3 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2016-12-13 13:24 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.10:

API:

- Add skcipher walk interface.
- Add asynchronous compression (acomp) interface.
- Fix algif_aed AIO handling of zero buffer.

Algorithms:

- Fix unaligned access in poly1305.
- Fix DRBG output to large buffers.

Drivers:

- Add support for iMX6UL to caam.
- Fix givenc descriptors (used by IPsec) in caam.
- Accelerated SHA256/SHA512 for ARM64 from OpenSSL.
- Add SSE CRCT10DIF and CRC32 to ARM/ARM64.
- Add AEAD support to Chelsio chcr.
- Add Armada 8K support to omap-rng.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Alec Ari (1):
      crypto: api - Fix Kconfig dependencies for FIPS

Alex Cope (2):
      crypto: gf128mul - remove dead gf128mul_64k_lle code
      crypto: gf128mul - Zero memory when freeing multiplication table

Alex Porosanu (1):
      crypto: caam - fix AEAD givenc descriptors

Ard Biesheuvel (21):
      crypto: arm64/aes-ce - fix for big endian
      crypto: arm64/ghash-ce - fix for big endian
      crypto: arm64/sha1-ce - fix for big endian
      crypto: arm64/sha2-ce - fix for big endian
      crypto: arm64/aes-ccm-ce: fix for big endian
      crypto: arm64/aes-neon - fix for big endian
      crypto: arm64/aes-xts-ce: fix for big endian
      crypto: arm/aes-ce - fix for big endian
      crypto: arm64/sha2 - integrate OpenSSL implementations of SHA256/SHA512
      crypto: arm64/sha2 - add generated .S files to .gitignore
      crypto: arm/aes-ce - fix broken monolithic build
      crypto: skcipher - fix crash in skcipher_walk_aead()
      crypto: arm64/aes-ce-ctr - fix skcipher conversion
      crypto: arm/aesbs - fix brokenness after skcipher conversion
      crypto: testmgr - avoid overlap in chunked tests
      crypto: testmgr - add/enhance test cases for CRC-T10DIF
      crypto: arm64/crct10dif - port x86 SSE implementation to arm64
      crypto: arm/crct10dif - port x86 SSE implementation to ARM
      crypto: arm64/crc32 - accelerated support based on x86 SSE implementation
      crypto: arm/crc32 - accelerated support based on x86 SSE implementation
      crypto: testmgr - fix overlap in chunked tests again

Arnd Bergmann (3):
      crypto: caam - fix type mismatch warning
      crypto: caam - pass key buffers with typesafe pointers
      crypto: caam - make aamalg_desc a proper module

Baruch Siach (4):
      crypto: api - fix comment typo
      crypto: doc - fix header file name
      crypt: doc - remove misleading mention of async API
      MAINTAINERS: add crypto headers to crypto entry

Christophe Jaillet (1):
      crypto: crypto4xx - Fix size used in dma_free_coherent()

Colin Ian King (2):
      crypto: sahara - fix typo "Decidated" -> "Dedicated"
      crypto: talitos - fix spelling mistake

Cyrille Pitchen (2):
      crypto: atmel-aes - fix compiler error when VERBOSE_DEBUG is defined
      crypto: atmel-aes - add support to the XTS mode

Dan Carpenter (1):
      crypto: chcr - checking for IS_ERR() instead of NULL

Eric Biggers (7):
      crypto: skcipher - Remove unused crypto_lookup_skcipher() declaration
      crypto: api - Remove no-op exit_ops code
      crypto: cmac - return -EINVAL if block size is unsupported
      crypto: cmac - fix alignment of 'consts'
      crypto: skcipher - Get rid of crypto_grab_skcipher2()
      crypto: skcipher - Get rid of crypto_spawn_skcipher2()
      crypto: testmgr - don't use stack buffer in test_acomp()

Gary R Hook (5):
      crypto: ccp - change type of struct member lsb to signed
      crypto: ccp - change bitfield type to unsigned ints
      crypto: ccp - remove unneeded code
      crypto: ccp - Clean up the LSB slot allocation code
      crypto: ccp - Fix handling of RSA exponent on a v5 device

Geliang Tang (2):
      crypto: jitterentropy - drop duplicate header module.h
      crypto: nx - drop duplicate header types.h

Giovanni Cabiddu (9):
      crypto: acomp - add asynchronous compression api
      crypto: acomp - add driver-side scomp interface
      crypto: acomp - add support for lzo via scomp
      crypto: acomp - add support for lz4 via scomp
      crypto: acomp - add support for lz4hc via scomp
      crypto: acomp - add support for 842 via scomp
      crypto: acomp - add support for deflate via scomp
      crypto: acomp - update testmgr with support for acomp
      crypto: acomp - fix dependency in Makefile

Greg Tucker (1):
      crypto: sha-mb - Fix total_len for correct hash when larger than 512MB

Harsh Jain (9):
      crypto: chcr - Cosmetic change
      crypto: chcr - Added new structure chcr_wr
      crypto: chcr - Fixes Unchecked dereference inside function
      crypto: chcr - Remove dynamic allocation
      crypto: chcr - Calculate Reverse round key in setkey callback.
      crypto: chcr - Adjust Dest. buffer size
      crypto: chcr - Use SHASH_DESC_ON_STACK
      crypto: chcr - Move tfm ctx variable to request context
      crypto: chcr - Add AEAD algos.

Herbert Xu (22):
      crypto: skcipher - Add skcipher walk interface
      crypto: aes-ce-ccm - Use skcipher walk interface
      crypto: lrw - Convert to skcipher
      crypto: xts - Convert to skcipher
      crypto: api - Do not clear type bits in crypto_larval_lookup
      crypto: cryptd - Add support for skcipher
      crypto: simd - Add simd skcipher helper
      crypto: pcbc - Convert to skcipher
      crypto: glue_helper - Add skcipher xts helpers
      crypto: testmgr - Do not test internal algorithms
      crypto: aesni - Convert to skcipher
      crypto: arm64/aes - Convert to skcipher
      crypto: aes-ce - Convert to skcipher
      crypto: cbc - Convert to skcipher
      crypto: cbc - Export CBC implementation
      crypto: aesbs - Convert to skcipher
      crypto: arm/aes - Select SIMD in Kconfig
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
      crypto: arm/aes - Add missing SIMD select for aesbs
      crypto: skcipher - Add separate walker for AEAD decryption
      crypto: arm64/aes-ce-ccm - Fix AEAD decryption length
      crypto: aes-ce - Make aes_simd_algs static

Horia Geantă (23):
      crypto: caam - completely remove error propagation handling
      crypto: caam - desc.h fixes
      crypto: caam - fix sparse warnings
      crypto: caam - fix smatch warnings
      crypto: caam - remove unused may_sleep in dbg_dump_sg()
      crypto: caam - remove unused command from aead givencrypt
      crypto: caam - trivial code clean-up
      crypto: caam - remove unreachable code in report_ccb_status()
      crypto: caam - fix DMA API mapping leak in ablkcipher code
      Revert "crypto: caam - get rid of tasklet"
      crypto: caam - move sec4_sg_entry to sg_sw_sec4.h
      crypto: caam - constify pointer to descriptor buffer
      crypto: caam - merge identical ahash_final/finup shared desc
      crypto: caam - move append_key_aead() into init_sh_desc_key_aead()
      crypto: caam - group algorithm related params
      crypto: caam - remove superfluous alg_op algorithm param
      crypto: caam - improve key inlining
      crypto: caam - rewrite some generic inline append cmds
      crypto: caam - remove unneded dependencies on CRYPTO_DEV_FSL_CAAM
      crypto: caam - refactor encryption descriptors generation
      crypto: caam - consolidate split key length computation
      crypto: caam - refactor ahash shared descriptor generation
      MAINTAINERS: add maintainers for caam crypto driver

Jason A. Donenfeld (1):
      crypto: poly1305 - Use unaligned access where required

Javier Martinez Canillas (2):
      hwrng: meson - Fix module autoload for OF registration
      hwrng: meson - Remove unneeded platform MODULE_ALIAS

Jean Delvare (1):
      crypto: crc32c-vpmsum - Rename CRYPT_CRC32C_VPMSUM option

Marcus Folkesson (2):
      crypto: caam - add support for iMX6UL
      crypto: caam - check caam_emi_slow instead of re-lookup platform

Mat Martineau (1):
      crypto: dh - Consistenly return negative error codes

Nadim almas (1):
      Crypto: mv_cesa - Switch to using managed resources

Naveen N. Rao (1):
      crypto: vmx - various build fixes

Pan Bian (1):
      crypto: algif_skcipher - set error code when kcalloc fails

Paul Bolle (1):
      crypto: ccp - fix typo "CPP"

Petr Mladek (1):
      crypto: engine - Handle the kthread worker using the new API

PrasannaKumar Muralidharan (1):
      hwrng: Make explicit that max >= 32 always

Romain Perier (10):
      dt-bindings: Add vendor prefix for INSIDE Secure
      dt-bindings: omap-rng: Document SafeXcel IP-76 device variant
      hwrng: omap - Switch to non-obsolete read API implementation
      hwrng: omap - Remove global definition of hwrng
      hwrng: omap - Add support for 128-bit output of data
      hwrng: omap - Don't prefix the probe message with OMAP
      hwrng: omap - Add device variant for SafeXcel IP-76 found in Armada 8K
      arm64: dts: marvell: add TRNG description for Armada 8K CP
      crypto: marvell - Use an unique pool to copy results of requests
      crypto: marvell - Don't break chain for computable last ahash requests

Stephan Mueller (3):
      hwrng: core - zeroize buffers with random data
      crypto: drbg - advance output buffer pointer
      crypto: algif_aead - fix AIO handling of zero buffer

Tobias Klauser (2):
      padata: Remove unused but set variables
      crypto: cryptd - Remove unused but set variable 'tfm'

Wei Yongjun (4):
      crypto: ccp - Fix non static symbol warning
      crypto: gcm - Fix error return code in crypto_gcm_create_common()
      crypto: atmel - drop pointless static qualifier in atmel_aes_probe()
      hwrng: atmel - use clk_disable_unprepare instead of clk_disable

Wenyou Yang (1):
      hwrng: atmel - disable TRNG during suspend

 Documentation/crypto/api-intro.txt                 |    5 +-
 .../devicetree/bindings/crypto/fsl-sec4.txt        |   20 +
 Documentation/devicetree/bindings/rng/omap_rng.txt |   14 +-
 .../devicetree/bindings/vendor-prefixes.txt        |    1 +
 MAINTAINERS                                        |    9 +
 arch/arm/crypto/Kconfig                            |   18 +-
 arch/arm/crypto/Makefile                           |    4 +
 arch/arm/crypto/aes-ce-glue.c                      |  395 ++--
 arch/arm/crypto/aesbs-glue.c                       |  380 ++--
 arch/arm/crypto/crc32-ce-core.S                    |  306 +++
 arch/arm/crypto/crc32-ce-glue.c                    |  242 +++
 arch/arm/crypto/crct10dif-ce-core.S                |  427 ++++
 arch/arm/crypto/crct10dif-ce-glue.c                |  101 +
 .../boot/dts/marvell/armada-cp110-master.dtsi      |    8 +
 .../arm64/boot/dts/marvell/armada-cp110-slave.dtsi |    8 +
 arch/arm64/crypto/.gitignore                       |    2 +
 arch/arm64/crypto/Kconfig                          |   23 +-
 arch/arm64/crypto/Makefile                         |   23 +
 arch/arm64/crypto/aes-ce-ccm-core.S                |   53 +-
 arch/arm64/crypto/aes-ce-ccm-glue.c                |   50 +-
 arch/arm64/crypto/aes-ce-cipher.c                  |   25 +-
 arch/arm64/crypto/aes-ce.S                         |    1 +
 arch/arm64/crypto/aes-glue.c                       |  381 ++--
 arch/arm64/crypto/aes-modes.S                      |    3 +-
 arch/arm64/crypto/aes-neon.S                       |   25 +-
 arch/arm64/crypto/crc32-ce-core.S                  |  266 +++
 arch/arm64/crypto/crc32-ce-glue.c                  |  212 ++
 arch/arm64/crypto/crct10dif-ce-core.S              |  392 ++++
 arch/arm64/crypto/crct10dif-ce-glue.c              |   95 +
 arch/arm64/crypto/ghash-ce-core.S                  |    6 +-
 arch/arm64/crypto/sha1-ce-core.S                   |    4 +-
 arch/arm64/crypto/sha2-ce-core.S                   |    4 +-
 arch/arm64/crypto/sha256-core.S_shipped            | 2061 ++++++++++++++++++++
 arch/arm64/crypto/sha256-glue.c                    |  185 ++
 arch/arm64/crypto/sha512-armv8.pl                  |  778 ++++++++
 arch/arm64/crypto/sha512-core.S_shipped            | 1085 +++++++++++
 arch/arm64/crypto/sha512-glue.c                    |   94 +
 arch/powerpc/crypto/Makefile                       |    2 +-
 arch/x86/crypto/aesni-intel_glue.c                 |  705 +++----
 arch/x86/crypto/fpu.c                              |  207 +-
 arch/x86/crypto/glue_helper.c                      |   74 +-
 arch/x86/crypto/sha1-mb/sha1_mb.c                  |    2 +-
 arch/x86/crypto/sha1-mb/sha1_mb_ctx.h              |    2 +-
 arch/x86/crypto/sha256-mb/sha256_mb.c              |    2 +-
 arch/x86/crypto/sha256-mb/sha256_mb_ctx.h          |    2 +-
 arch/x86/crypto/sha512-mb/sha512_mb.c              |    2 +-
 arch/x86/crypto/sha512-mb/sha512_mb_ctx.h          |    2 +-
 arch/x86/include/asm/crypto/glue_helper.h          |   39 +-
 crypto/842.c                                       |   81 +-
 crypto/Kconfig                                     |   32 +-
 crypto/Makefile                                    |    6 +
 crypto/acompress.c                                 |  169 ++
 crypto/algboss.c                                   |    8 +-
 crypto/algif_aead.c                                |    5 +-
 crypto/algif_skcipher.c                            |    4 +-
 crypto/api.c                                       |   22 +-
 crypto/authenc.c                                   |    8 +-
 crypto/authencesn.c                                |    8 +-
 crypto/cbc.c                                       |  269 +--
 crypto/ccm.c                                       |    8 +-
 crypto/chacha20poly1305.c                          |    8 +-
 crypto/cipher.c                                    |    4 -
 crypto/cmac.c                                      |   14 +-
 crypto/compress.c                                  |    4 -
 crypto/cryptd.c                                    |  286 ++-
 crypto/crypto_engine.c                             |   26 +-
 crypto/crypto_user.c                               |   19 +
 crypto/ctr.c                                       |    8 +-
 crypto/cts.c                                       |    8 +-
 crypto/deflate.c                                   |  111 +-
 crypto/dh.c                                        |    2 +-
 crypto/drbg.c                                      |    1 +
 crypto/gcm.c                                       |   10 +-
 crypto/gf128mul.c                                  |   59 +-
 crypto/internal.h                                  |    3 -
 crypto/jitterentropy-kcapi.c                       |    1 -
 crypto/lrw.c                                       |  507 +++--
 crypto/lz4.c                                       |   91 +-
 crypto/lz4hc.c                                     |   92 +-
 crypto/lzo.c                                       |   97 +-
 crypto/pcbc.c                                      |  201 +-
 crypto/poly1305_generic.c                          |   34 +-
 crypto/scompress.c                                 |  356 ++++
 crypto/simd.c                                      |  226 +++
 crypto/skcipher.c                                  |  540 +++++
 crypto/testmgr.c                                   |  318 +--
 crypto/testmgr.h                                   |   70 +-
 crypto/xts.c                                       |  547 ++++--
 drivers/char/hw_random/Kconfig                     |    2 +-
 drivers/char/hw_random/atmel-rng.c                 |   26 +-
 drivers/char/hw_random/core.c                      |    3 +
 drivers/char/hw_random/meson-rng.c                 |    2 +-
 drivers/char/hw_random/msm-rng.c                   |    4 -
 drivers/char/hw_random/omap-rng.c                  |  162 +-
 drivers/char/hw_random/pic32-rng.c                 |    3 -
 drivers/char/hw_random/pseries-rng.c               |    5 +-
 drivers/crypto/amcc/crypto4xx_core.c               |    3 +-
 drivers/crypto/atmel-aes-regs.h                    |    4 +
 drivers/crypto/atmel-aes.c                         |  189 +-
 drivers/crypto/caam/Kconfig                        |   11 +-
 drivers/crypto/caam/Makefile                       |    1 +
 drivers/crypto/caam/caamalg.c                      | 1505 +++-----------
 drivers/crypto/caam/caamalg_desc.c                 | 1306 +++++++++++++
 drivers/crypto/caam/caamalg_desc.h                 |   97 +
 drivers/crypto/caam/caamhash.c                     |  227 +--
 drivers/crypto/caam/caampkc.c                      |    4 +-
 drivers/crypto/caam/caamrng.c                      |   10 +-
 drivers/crypto/caam/ctrl.c                         |   75 +-
 drivers/crypto/caam/desc.h                         |   22 +-
 drivers/crypto/caam/desc_constr.h                  |  133 +-
 drivers/crypto/caam/error.c                        |    5 +-
 drivers/crypto/caam/intern.h                       |    1 +
 drivers/crypto/caam/jr.c                           |   27 +-
 drivers/crypto/caam/key_gen.c                      |   62 +-
 drivers/crypto/caam/key_gen.h                      |    6 +-
 drivers/crypto/caam/sg_sw_sec4.h                   |    6 +-
 drivers/crypto/ccp/ccp-dev-v3.c                    |    4 -
 drivers/crypto/ccp/ccp-dev-v5.c                    |   30 +-
 drivers/crypto/ccp/ccp-dev.c                       |    6 +-
 drivers/crypto/ccp/ccp-dev.h                       |   45 +-
 drivers/crypto/chelsio/Kconfig                     |    1 +
 drivers/crypto/chelsio/chcr_algo.c                 | 2001 ++++++++++++++++---
 drivers/crypto/chelsio/chcr_algo.h                 |  103 +-
 drivers/crypto/chelsio/chcr_core.c                 |    8 +-
 drivers/crypto/chelsio/chcr_core.h                 |   18 +-
 drivers/crypto/chelsio/chcr_crypto.h               |  115 +-
 drivers/crypto/marvell/cesa.c                      |    4 -
 drivers/crypto/marvell/cesa.h                      |    5 +-
 drivers/crypto/marvell/cipher.c                    |    8 +-
 drivers/crypto/marvell/hash.c                      |   65 +-
 drivers/crypto/marvell/tdma.c                      |   33 +-
 drivers/crypto/mv_cesa.c                           |    4 +-
 drivers/crypto/nx/nx.c                             |    1 -
 drivers/crypto/sahara.c                            |    2 +-
 drivers/crypto/talitos.c                           |    2 +-
 drivers/crypto/vmx/Makefile                        |   12 +-
 include/crypto/acompress.h                         |  269 +++
 include/crypto/cbc.h                               |  146 ++
 include/crypto/cryptd.h                            |   13 +-
 include/crypto/engine.h                            |    6 +-
 include/crypto/gf128mul.h                          |   15 +-
 include/crypto/internal/acompress.h                |   81 +
 include/crypto/internal/scompress.h                |  136 ++
 include/crypto/internal/simd.h                     |   17 +
 include/crypto/internal/skcipher.h                 |   65 +-
 include/crypto/xts.h                               |   26 +-
 include/linux/ccp.h                                |    6 +-
 include/linux/crypto.h                             |    5 +-
 include/linux/hw_random.h                          |    3 +-
 include/uapi/linux/cryptouser.h                    |    5 +
 kernel/padata.c                                    |    4 -
 151 files changed, 15711 insertions(+), 4462 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.10
  2016-11-19 10:27 Crypto Fixes for 4.9 Herbert Xu
                   ` (2 preceding siblings ...)
  2016-12-13 13:24 ` Crypto Update for 4.10 Herbert Xu
@ 2016-12-15 16:07 ` Herbert Xu
  2016-12-27  9:45   ` Herbert Xu
  2017-01-11 11:56   ` Herbert Xu
  3 siblings, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2016-12-15 16:07 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes the following issues:

- A crash regression in the new skcipher walker.
- Incorrect return value in public_key_verify_signature.
- Fix for in-place signing in the sign-file utility.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Alex Yashchenko (1):
      sign-file: Fix inplace signing when src and dst names are both specified

Ard Biesheuvel (1):
      crypto: skcipher - fix crash in virtual walk

Pan Bian (1):
      crypto: asymmetric_keys - set error code on failure

 crypto/asymmetric_keys/public_key.c |    1 +
 crypto/skcipher.c                   |    4 +++-
 scripts/sign-file.c                 |    2 +-
 3 files changed, 5 insertions(+), 2 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.10
  2016-12-15 16:07 ` Crypto Fixes for 4.10 Herbert Xu
@ 2016-12-27  9:45   ` Herbert Xu
  2016-12-30 10:19     ` Herbert Xu
  2017-01-11 11:56   ` Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2016-12-27  9:45 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes a hash corruption bug in the marvell driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Romain Perier (1):
      crypto: marvell - Copy IVDIG before launching partial DMA ahash requests

 drivers/crypto/marvell/cesa.h |    3 ++-
 drivers/crypto/marvell/hash.c |   34 +++++++++++++++++++++++++++++++++-
 drivers/crypto/marvell/tdma.c |    9 ++++++++-
 3 files changed, 43 insertions(+), 3 deletions(-)
 
Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.10
  2016-12-27  9:45   ` Herbert Xu
@ 2016-12-30 10:19     ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2016-12-30 10:19 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes a boot failure on some platforms when crypto self
test is enabled along with the new acomp interface.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Laura Abbott (1):
      crypto: testmgr - Use heap buffer for acomp test input

 crypto/testmgr.c |   30 ++++++++++++++++++++++++++++--
 1 file changed, 28 insertions(+), 2 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.10
  2016-12-15 16:07 ` Crypto Fixes for 4.10 Herbert Xu
  2016-12-27  9:45   ` Herbert Xu
@ 2017-01-11 11:56   ` Herbert Xu
  2017-02-01  9:04     ` Herbert Xu
  2017-03-04  7:41     ` Crypto Fixes for 4.11 Herbert Xu
  1 sibling, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2017-01-11 11:56 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes a regression in aesni that renders it useless
if it's built-in with a modular pcbc configuration.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
      crypto: aesni - Fix failure when built-in with modular pcbc

 arch/x86/crypto/aesni-intel_glue.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
 
Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.10
  2017-01-11 11:56   ` Herbert Xu
@ 2017-02-01  9:04     ` Herbert Xu
  2017-02-06  9:25       ` Herbert Xu
  2017-03-04  7:41     ` Crypto Fixes for 4.11 Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-02-01  9:04 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes a bug in CBC/CTR on ARM64 that breaks chaining
as well as a bug in the core API that causes registration failures
when a driver unloads and then reloads an algorithm.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (1):
      crypto: arm64/aes-blk - honour iv_out requirement in CBC and CTR modes

Salvatore Benedetto (1):
      crypto: api - Clear CRYPTO_ALG_DEAD bit before registering an alg

 arch/arm64/crypto/aes-modes.S |   88 ++++++++++++++++++++---------------------
 crypto/algapi.c               |    1 +
 2 files changed, 43 insertions(+), 46 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.10
  2017-02-01  9:04     ` Herbert Xu
@ 2017-02-06  9:25       ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2017-02-06  9:25 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes the following issues:

- Use after free in algif_aead.
- Modular aesni regression when pcbc is modular but absent.
- Bug causing IO page faults in ccp.
- Double list add in ccp.
- Null pointer dereference in qat (two patches).
- Panic in chcr.
- Null pointer dereference in chcr.
- Out-of-bound access in chcr.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Gary R Hook (2):
      crypto: ccp - Fix DMA operations when IOMMU is enabled
      crypto: ccp - Fix double add when creating new DMA command

Giovanni Cabiddu (2):
      crypto: qat - fix bar discovery for c62x
      crypto: qat - zero esram only for DH85x devices

Harsh Jain (4):
      crypto: chcr - Fix panic on dma_unmap_sg
      crypto: chcr - Check device is allocated before use
      crypto: algif_aead - Fix kernel panic on list_del
      crypto: chcr - Fix key length for RFC4106

Herbert Xu (1):
      crypto: aesni - Fix failure when pcbc module is absent

 arch/x86/crypto/aesni-intel_glue.c                |    8 ++--
 crypto/algif_aead.c                               |    2 +-
 drivers/crypto/ccp/ccp-dev-v5.c                   |    2 +-
 drivers/crypto/ccp/ccp-dev.h                      |    1 +
 drivers/crypto/ccp/ccp-dmaengine.c                |    6 ++-
 drivers/crypto/chelsio/chcr_algo.c                |   53 +++++++++++----------
 drivers/crypto/chelsio/chcr_core.c                |   18 ++++---
 drivers/crypto/chelsio/chcr_crypto.h              |    3 ++
 drivers/crypto/qat/qat_c62x/adf_drv.c             |    2 +-
 drivers/crypto/qat/qat_common/adf_accel_devices.h |    1 +
 drivers/crypto/qat/qat_common/qat_hal.c           |    4 +-
 11 files changed, 55 insertions(+), 45 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.11
  2016-12-13 13:24 ` Crypto Update for 4.10 Herbert Xu
@ 2017-02-23 12:51   ` Herbert Xu
  2017-05-01 14:26     ` Crypto Update for 4.12 Herbert Xu
                       ` (3 more replies)
  0 siblings, 4 replies; 79+ messages in thread
From: Herbert Xu @ 2017-02-23 12:51 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.11:

API:

- Try to catch hash output overrun in testmgr.
- Introduce walksize attribute for batched walking.
- Make crypto_xor() and crypto_inc() alignment agnostic.

Algorithms:

- Add time-invariant AES algorithm.
- Add standalone CBCMAC algorithm.

Drivers:

- Add NEON acclerated chacha20 on ARM/ARM64.
- Expose AES-CTR as synchronous skcipher on ARM64.
- Add scalar AES implementation on ARM64.
- Improve scalar AES implementation on ARM.
- Improve NEON AES implementation on ARM/ARM64.
- Merge CRC32 and PMULL instruction based drivers on ARM64.
- Add NEON acclerated CBCMAC/CMAC/XCBC AES on ARM64.
- Add IPsec AUTHENC implementation in atmel.
- Add Support for Octeon-tx CPT Engine.
- Add Broadcom SPU driver.
- Add MediaTek driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ahsan Atta (2):
      crypto: qat - fix indentation
      crypto: qat - fix comments describing adf_disable_sriov()

Andrew Lutomirski (1):
      crypto: testmgr - Allocate only the required output size for hash tests

Ard Biesheuvel (33):
      crypto: arm64/chacha20 - implement NEON version based on SSE3 code
      crypto: arm/chacha20 - implement NEON version based on SSE3 code
      crypto: chacha20 - convert generic and x86 versions to skcipher
      crypto: skcipher - introduce walksize attribute for SIMD algos
      crypto: arm64/aes-blk - expose AES-CTR as synchronous cipher as well
      crypto: arm64/aes - add scalar implementation
      crypto: arm/aes - replace scalar AES cipher
      crypto: arm64/aes - reimplement bit-sliced ARM/NEON implementation for arm64
      crypto: arm/aes - replace bit-sliced OpenSSL NEON code
      crypto: testmgr - use calculated count for number of test vectors
      crypto: arm/aes - avoid reserved 'tt' mnemonic in asm code
      crypto: arm64/aes-blk - honour iv_out requirement in CBC and CTR modes
      crypto: arm/aes-neonbs - fix issue with v2.22 and older assembler
      crypto: arm/aes-ce - remove cra_alignmask
      crypto: arm/chacha20 - remove cra_alignmask
      crypto: arm64/aes-ce-ccm - remove cra_alignmask
      crypto: arm64/aes-blk - remove cra_alignmask
      crypto: arm64/chacha20 - remove cra_alignmask
      crypto: arm64/aes - avoid literals for cross-module symbol references
      crypto: arm64/aes - performance tweak
      crypto: arm64/aes-neon-blk - tweak performance for low end cores
      crypto: arm64/aes - replace scalar fallback with plain NEON fallback
      crypto: arm64/aes - don't use IV buffer to return final keystream block
      crypto: arm/aes - don't use IV buffer to return final keystream block
      crypto: arm64/crc32 - merge CRC32 and PMULL instruction based drivers
      crypto: aes-generic - drop alignment requirement
      crypto: aes - add generic time invariant AES cipher
      crypto: testmgr - add test cases for cbcmac(aes)
      crypto: ccm - switch to separate cbcmac driver
      crypto: arm64/aes - add NEON/Crypto Extensions CBCMAC/CMAC/XCBC driver
      crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic
      crypto: ccm - honour alignmask of subordinate MAC cipher
      crypto: ccm - drop unnecessary minimum 32-bit alignment

Arnd Bergmann (6):
      crypto: mediatek - remove ARM dependencies
      crypto: mediatek - fix format string for 64-bit builds
      crypto: improve gcc optimization flags for serpent and wp512
      crypto: atmel - refine Kconfig dependencies
      crypto: atmel - fix 64-bit build warnings
      crypto: cavium - fix Kconfig dependencies

Christoph Hellwig (3):
      crypto: cavium - remove dead MSI-X related define
      crypto: cavium - switch to pci_alloc_irq_vectors
      crypto: cavium - switch to pci_alloc_irq_vectors

Colin Ian King (1):
      crypto: mediatek - don't return garbage err on successful return

Corentin LABBE (9):
      crypto: drivers - bring back alphabetical order of Makefile
      hwrng: core - do not use multiple blank lines
      hwrng: core - rewrite better comparison to NULL
      hwrng: core - Rewrite the header
      hwrng: core - Replace asm/uaccess.h by linux/uaccess.h
      hwrng: core - Move hwrng miscdev minor number to include/linux/miscdevice.h
      hwrng: core - remove unused PFX macro
      crypto: bfin_crc - Fix format printing warning
      crypto: bfin_crc - Remove unneeded linux/miscdevice.h include

Cyrille Pitchen (14):
      crypto: atmel-sha - create function to get an Atmel SHA device
      crypto: atmel-sha - update request queue management to make it more generic
      crypto: atmel-sha - make atmel_sha_done_task more generic
      crypto: atmel-sha - redefine SHA_FLAGS_SHA* flags to match SHA_MR_ALGO_SHA*
      crypto: atmel-sha - add atmel_sha_wait_for_data_ready()
      crypto: atmel-sha - add SHA_MR_MODE_IDATAR0
      crypto: atmel-sha - add atmel_sha_cpu_start()
      crypto: atmel-sha - add simple DMA transfers
      crypto: atmel-sha - add support to hmac(shaX)
      crypto: atmel-aes - fix atmel_aes_handle_queue()
      crypto: atmel-authenc - add support to authenc(hmac(shaX), Y(aes)) modes
      crypto: atmel-sha - add verbose debug facilities to print hw register names
      crypto: atmel-sha - fix missing "return" instructions
      crypto: atmel-sha - fix error management in atmel_sha_start()

David Daney (1):
      hwrng: cavium - Use per device name to allow for multiple devices.

Denys Vlasenko (2):
      crypto: x86/crc32c - fix %progbits -> @progbits
      crypto: x86 - make constants readonly, allow linker to merge them

Eric Biggers (1):
      crypto: testmgr - use kmemdup instead of kmalloc+memcpy

Gary R Hook (6):
      crypto: ccp - Fix DMA operations when IOMMU is enabled
      crypto: ccp - Fix double add when creating new DMA command
      crypto: ccp - Set the AES size field for all modes
      crypto: ccp - Change mode for detailed CCP init messages
      crypto: ccp - Update the command queue on errors
      crypto: ccp - Simplify some buffer management routines

George Cherian (4):
      crypto: cavium - Add Support for Octeon-tx CPT Engine
      crypto: cavium - Add the Virtual Function driver for CPT
      crypto: cavium - Enable CPT options crypto for build
      crypto: cavium - cpt_bind_vq_to_grp could return an error code

Gideon Israel Dsouza (1):
      crypto: Replaced gcc specific attributes with macros from compiler.h

Gilad Ben-Yossef (1):
      crypto: doc - fix typo

Giovanni Cabiddu (3):
      crypto: qat - replace hardcoded BIT(0) in vf_isr
      crypto: qat - fix bar discovery for c62x
      crypto: qat - zero esram only for DH85x devices

Gonglei \(Arei\) (2):
      crypto: virtio - support crypto engine framework
      crypto: virtio - adjust priority of algorithm

Harsh Jain (11):
      crypto: chcr - Fix panic on dma_unmap_sg
      crypto: chcr - Check device is allocated before use
      crypto: algif_aead - Fix kernel panic on list_del
      crypto: chcr - Fix key length for RFC4106
      crypto: chcr - Change flow IDs
      crypto: chcr - fix itnull.cocci warnings
      crypto: chcr - Use cipher instead of Block Cipher in gcm setkey
      crypto: chcr - Change cra_flags for cipher algos
      crypto: chcr - Change algo priority
      crypto: chcr - Fix wrong typecasting
      crypto: chcr - Fix Smatch Complaint

Herbert Xu (7):
      Revert "crypto: arm64/ARM: NEON accelerated ChaCha20"
      crypto: aesni - Fix failure when built-in with modular pcbc
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux
      crypto: x86/chacha20 - Manually align stack buffer
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Horia Geantă (11):
      crypto: caam - don't include unneeded headers
      crypto: caam - check return code of dma_set_mask_and_coherent()
      crypto: caam - fix HW S/G in ablkcipher_giv_edesc_alloc()
      crypto: caam - check sg_count() return value
      crypto: caam - replace sg_count() with sg_nents_for_len()
      crypto: caam - use dma_map_sg() return code
      crypto: caam - don't dma_map key for hash algorithms
      crypto: caam - fix DMA API leaks for multiple setkey() calls
      crypto: caam - fix error path for ctx_dma mapping failure
      crypto: caam - abstract ahash request double buffering
      crypto: caam - fix state buffer DMA (un)mapping

Ilya Lesokhin (1):
      crypto: aesni-intel - RFC4106 can zero copy when !PageHighMem

Javier Martinez Canillas (3):
      crypto: picoxcell - Allow driver to build COMPILE_TEST is enabled
      crypto: picoxcell - Remove platform device ID table
      crypto: picoxcell - Remove spacc_is_compatible() wrapper function

Jiri Slaby (1):
      crypto: algif_hash - avoid zero-sized array

Laura Abbott (1):
      crypto: testmgr - Use heap buffer for acomp test input

Li Zhong (1):
      crypto: vmx - disable preemption to enable vsx in aes_ctr.c

Milan Broz (1):
      crypto: xts - Add ECB dependency

Nicolas Iooss (1):
      crypto: img-hash - use dma_data_direction when calling dma_map_sg

Pablo Marcos Oltra (1):
      crypto: qat - modify format of dev top level debugfs entries

Rabin Vincent (2):
      crypto: tcrypt - Add debug prints
      crypto: doc - Fix hash export state information

Rob Rice (3):
      crypto: brcm - DT documentation for Broadcom SPU hardware
      crypto: brcm - Add Broadcom SPU driver
      crypto: brcm - Avoid double free in ahash_finup()

Russell King (1):
      hwrng: omap - update Kconfig help description

Ryder Lee (10):
      crypto: mediatek - Add crypto driver support for some MediaTek chips
      crypto: mediatek - add DT bindings documentation
      crypto: mediatek - move HW control data to transformation context
      crypto: mediatek - fix incorrect data transfer result
      crypto: mediatek - make crypto request queue management more generic
      crypto: mediatek - rework crypto request completion
      crypto: mediatek - regroup functions by usage
      crypto: mediatek - fix typo and indentation
      crypto: mediatek - add support to CTR mode
      crypto: mediatek - add support to GCM mode

Salvatore Benedetto (1):
      crypto: api - Clear CRYPTO_ALG_DEAD bit before registering an alg

Shannon Nelson (4):
      hwrng: n2 - limit error spewage when self-test fails
      hwrng: n2 - add device data descriptions
      hwrng: n2 - support new hardware register layout
      hwrng: n2 - update version info

Tim Chen (1):
      crypto: sha512-mb - Protect sha512 mb ctx mgr access

Tudor Ambarus (1):
      crypto: caam - fix JR IO mapping if one fails

Wei Yongjun (1):
      crypto: mediatek - make symbol of_crypto_id static

Xin Zeng (2):
      crypto: qat - increase number of supported devices

 Documentation/crypto/api-digest.rst                |    2 +-
 Documentation/crypto/api-skcipher.rst              |    2 +-
 .../devicetree/bindings/crypto/brcm,spu-crypto.txt |   22 +
 .../devicetree/bindings/crypto/mediatek-crypto.txt |   27 +
 MAINTAINERS                                        |    7 +
 arch/arm/crypto/Kconfig                            |   27 +-
 arch/arm/crypto/Makefile                           |   11 +-
 arch/arm/crypto/aes-armv4.S                        | 1089 -----
 arch/arm/crypto/aes-ce-core.S                      |   84 +-
 arch/arm/crypto/aes-ce-glue.c                      |   15 +-
 arch/arm/crypto/aes-cipher-core.S                  |  179 +
 arch/arm/crypto/aes-cipher-glue.c                  |   74 +
 arch/arm/crypto/aes-neonbs-core.S                  | 1023 ++++
 arch/arm/crypto/aes-neonbs-glue.c                  |  406 ++
 arch/arm/crypto/aes_glue.c                         |   98 -
 arch/arm/crypto/aes_glue.h                         |   19 -
 arch/arm/crypto/aesbs-core.S_shipped               | 2548 ----------
 arch/arm/crypto/aesbs-glue.c                       |  367 --
 arch/arm/crypto/bsaes-armv7.pl                     | 2471 ----------
 arch/arm/crypto/chacha20-neon-core.S               |  523 +++
 arch/arm/crypto/chacha20-neon-glue.c               |  127 +
 arch/arm64/configs/defconfig                       |    1 -
 arch/arm64/crypto/Kconfig                          |   24 +-
 arch/arm64/crypto/Makefile                         |   13 +-
 arch/arm64/crypto/aes-ce-ccm-glue.c                |    1 -
 arch/arm64/crypto/aes-cipher-core.S                |  110 +
 arch/arm64/crypto/aes-cipher-glue.c                |   69 +
 arch/arm64/crypto/aes-glue.c                       |  281 +-
 arch/arm64/crypto/aes-modes.S                      |   37 +-
 arch/arm64/crypto/aes-neon.S                       |  235 +-
 arch/arm64/crypto/aes-neonbs-core.S                |  972 ++++
 arch/arm64/crypto/aes-neonbs-glue.c                |  439 ++
 arch/arm64/crypto/chacha20-neon-core.S             |  450 ++
 arch/arm64/crypto/chacha20-neon-glue.c             |  126 +
 arch/arm64/crypto/crc32-arm64.c                    |  290 --
 arch/arm64/crypto/crc32-ce-glue.c                  |   49 +-
 arch/x86/crypto/aesni-intel_asm.S                  |   37 +-
 arch/x86/crypto/aesni-intel_avx-x86_64.S           |   32 +-
 arch/x86/crypto/aesni-intel_glue.c                 |   12 +-
 arch/x86/crypto/camellia-aesni-avx-asm_64.S        |    5 +-
 arch/x86/crypto/camellia-aesni-avx2-asm_64.S       |   12 +-
 arch/x86/crypto/cast5-avx-x86_64-asm_64.S          |   14 +-
 arch/x86/crypto/cast6-avx-x86_64-asm_64.S          |   12 +-
 arch/x86/crypto/chacha20-avx2-x86_64.S             |    9 +-
 arch/x86/crypto/chacha20-ssse3-x86_64.S            |    7 +-
 arch/x86/crypto/chacha20_glue.c                    |   70 +-
 arch/x86/crypto/crc32c-pcl-intel-asm_64.S          |    2 +-
 arch/x86/crypto/crct10dif-pcl-asm_64.S             |   14 +-
 arch/x86/crypto/des3_ede-asm_64.S                  |    2 +-
 arch/x86/crypto/ghash-clmulni-intel_asm.S          |    3 +-
 arch/x86/crypto/poly1305-avx2-x86_64.S             |    6 +-
 arch/x86/crypto/poly1305-sse2-x86_64.S             |    6 +-
 arch/x86/crypto/serpent-avx-x86_64-asm_64.S        |    5 +-
 arch/x86/crypto/serpent-avx2-asm_64.S              |    9 +-
 arch/x86/crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S   |    6 +-
 arch/x86/crypto/sha1-mb/sha1_mb_mgr_submit_avx2.S  |    3 +-
 arch/x86/crypto/sha1-mb/sha1_x8_avx2.S             |   15 +-
 arch/x86/crypto/sha1_ni_asm.S                      |    8 +-
 arch/x86/crypto/sha256-avx-asm.S                   |    9 +-
 arch/x86/crypto/sha256-avx2-asm.S                  |    9 +-
 .../crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S    |    6 +-
 .../crypto/sha256-mb/sha256_mb_mgr_submit_avx2.S   |    3 +-
 arch/x86/crypto/sha256-mb/sha256_x8_avx2.S         |    7 +-
 arch/x86/crypto/sha256-ssse3-asm.S                 |    8 +-
 arch/x86/crypto/sha256_ni_asm.S                    |    4 +-
 arch/x86/crypto/sha512-avx-asm.S                   |    9 +-
 arch/x86/crypto/sha512-avx2-asm.S                  |   10 +-
 arch/x86/crypto/sha512-mb/sha512_mb.c              |   64 +-
 .../crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S    |   10 +-
 .../crypto/sha512-mb/sha512_mb_mgr_submit_avx2.S   |    4 +-
 arch/x86/crypto/sha512-mb/sha512_x4_avx2.S         |    4 +-
 arch/x86/crypto/sha512-ssse3-asm.S                 |    9 +-
 arch/x86/crypto/twofish-avx-x86_64-asm_64.S        |    6 +-
 crypto/Kconfig                                     |   19 +
 crypto/Makefile                                    |    3 +
 crypto/ablkcipher.c                                |    5 +-
 crypto/acompress.c                                 |    3 +-
 crypto/aead.c                                      |    3 +-
 crypto/aes_generic.c                               |   64 +-
 crypto/aes_ti.c                                    |  375 ++
 crypto/ahash.c                                     |    3 +-
 crypto/akcipher.c                                  |    3 +-
 crypto/algapi.c                                    |   68 +-
 crypto/algif_hash.c                                |    2 +-
 crypto/blkcipher.c                                 |    7 +-
 crypto/cbc.c                                       |    3 -
 crypto/ccm.c                                       |  386 +-
 crypto/chacha20_generic.c                          |   73 +-
 crypto/cmac.c                                      |    3 +-
 crypto/ctr.c                                       |    2 +-
 crypto/cts.c                                       |    8 +-
 crypto/kpp.c                                       |    3 +-
 crypto/pcbc.c                                      |    6 +-
 crypto/rng.c                                       |    3 +-
 crypto/scompress.c                                 |    3 +-
 crypto/seqiv.c                                     |    2 -
 crypto/shash.c                                     |    9 +-
 crypto/skcipher.c                                  |   23 +-
 crypto/tcrypt.c                                    |    6 +
 crypto/testmgr.c                                   | 1055 +----
 crypto/testmgr.h                                   |  330 +-
 drivers/char/hw_random/Kconfig                     |    4 +-
 drivers/char/hw_random/cavium-rng-vf.c             |    6 +-
 drivers/char/hw_random/core.c                      |   64 +-
 drivers/char/hw_random/n2-drv.c                    |  204 +-
 drivers/char/hw_random/n2rng.h                     |   51 +-
 drivers/crypto/Kconfig                             |   53 +-
 drivers/crypto/Makefile                            |   17 +-
 drivers/crypto/atmel-aes-regs.h                    |   16 +
 drivers/crypto/atmel-aes.c                         |  455 +-
 drivers/crypto/atmel-authenc.h                     |   64 +
 drivers/crypto/atmel-sha-regs.h                    |   20 +
 drivers/crypto/atmel-sha.c                         | 1481 +++++-
 drivers/crypto/atmel-tdes.c                        |   14 +-
 drivers/crypto/bcm/Makefile                        |   15 +
 drivers/crypto/bcm/cipher.c                        | 4963 ++++++++++++++++++++
 drivers/crypto/bcm/cipher.h                        |  483 ++
 drivers/crypto/bcm/spu.c                           | 1251 +++++
 drivers/crypto/bcm/spu.h                           |  287 ++
 drivers/crypto/bcm/spu2.c                          | 1401 ++++++
 drivers/crypto/bcm/spu2.h                          |  228 +
 drivers/crypto/bcm/spum.h                          |  174 +
 drivers/crypto/bcm/util.c                          |  581 +++
 drivers/crypto/bcm/util.h                          |  116 +
 drivers/crypto/bfin_crc.c                          |    6 +-
 drivers/crypto/bfin_crc.h                          |    1 -
 drivers/crypto/caam/caamalg.c                      |  589 +--
 drivers/crypto/caam/caamhash.c                     |  268 +-
 drivers/crypto/caam/ctrl.c                         |   33 +-
 drivers/crypto/caam/error.c                        |    2 -
 drivers/crypto/caam/jr.c                           |   19 +-
 drivers/crypto/caam/sg_sw_sec4.h                   |   11 -
 drivers/crypto/cavium/cpt/Kconfig                  |   17 +
 drivers/crypto/cavium/cpt/Makefile                 |    3 +
 drivers/crypto/cavium/cpt/cpt_common.h             |  156 +
 drivers/crypto/cavium/cpt/cpt_hw_types.h           |  658 +++
 drivers/crypto/cavium/cpt/cptpf.h                  |   64 +
 drivers/crypto/cavium/cpt/cptpf_main.c             |  670 +++
 drivers/crypto/cavium/cpt/cptpf_mbox.c             |  163 +
 drivers/crypto/cavium/cpt/cptvf.h                  |  132 +
 drivers/crypto/cavium/cpt/cptvf_algs.c             |  444 ++
 drivers/crypto/cavium/cpt/cptvf_algs.h             |  113 +
 drivers/crypto/cavium/cpt/cptvf_main.c             |  863 ++++
 drivers/crypto/cavium/cpt/cptvf_mbox.c             |  211 +
 drivers/crypto/cavium/cpt/cptvf_reqmanager.c       |  593 +++
 drivers/crypto/cavium/cpt/request_manager.h        |  147 +
 drivers/crypto/ccp/ccp-dev-v5.c                    |   15 +-
 drivers/crypto/ccp/ccp-dev.h                       |    1 +
 drivers/crypto/ccp/ccp-ops.c                       |  150 +-
 drivers/crypto/chelsio/chcr_algo.c                 |   49 +-
 drivers/crypto/chelsio/chcr_algo.h                 |    9 +-
 drivers/crypto/chelsio/chcr_core.c                 |   11 +-
 drivers/crypto/chelsio/chcr_core.h                 |    1 +
 drivers/crypto/chelsio/chcr_crypto.h               |    2 +-
 drivers/crypto/img-hash.c                          |    4 +-
 drivers/crypto/mediatek/Makefile                   |    2 +
 drivers/crypto/mediatek/mtk-aes.c                  | 1299 +++++
 drivers/crypto/mediatek/mtk-platform.c             |  604 +++
 drivers/crypto/mediatek/mtk-platform.h             |  231 +
 drivers/crypto/mediatek/mtk-regs.h                 |  194 +
 drivers/crypto/mediatek/mtk-sha.c                  | 1435 ++++++
 drivers/crypto/picoxcell_crypto.c                  |   28 +-
 drivers/crypto/qat/qat_c3xxx/adf_drv.c             |    2 +-
 drivers/crypto/qat/qat_c3xxxvf/adf_drv.c           |    2 +-
 drivers/crypto/qat/qat_c62x/adf_drv.c              |    2 +-
 drivers/crypto/qat/qat_c62xvf/adf_drv.c            |    2 +-
 drivers/crypto/qat/qat_common/adf_cfg_common.h     |    1 +
 drivers/crypto/qat/qat_common/adf_common_drv.h     |    4 +-
 drivers/crypto/qat/qat_common/adf_dev_mgr.c        |    2 +-
 drivers/crypto/qat/qat_common/adf_init.c           |   28 +-
 drivers/crypto/qat/qat_common/adf_sriov.c          |    4 +-
 drivers/crypto/qat/qat_common/adf_vf_isr.c         |    4 +-
 drivers/crypto/qat/qat_dh895xcc/adf_drv.c          |    2 +-
 drivers/crypto/qat/qat_dh895xccvf/adf_drv.c        |    2 +-
 drivers/crypto/virtio/Kconfig                      |    1 +
 drivers/crypto/virtio/virtio_crypto_algs.c         |   54 +-
 drivers/crypto/virtio/virtio_crypto_common.h       |   16 +
 drivers/crypto/virtio/virtio_crypto_core.c         |   74 +-
 drivers/crypto/vmx/aes_ctr.c                       |    6 +
 drivers/net/ethernet/chelsio/cxgb4/t4fw_api.h      |    8 +
 include/crypto/algapi.h                            |   20 +-
 include/crypto/chacha20.h                          |    6 +-
 include/crypto/hash.h                              |   18 +-
 include/crypto/internal/skcipher.h                 |    2 +-
 include/crypto/skcipher.h                          |   34 +
 include/linux/compiler-gcc.h                       |    1 +
 include/linux/miscdevice.h                         |    1 +
 187 files changed, 26983 insertions(+), 9598 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.11
  2017-01-11 11:56   ` Herbert Xu
  2017-02-01  9:04     ` Herbert Xu
@ 2017-03-04  7:41     ` Herbert Xu
  2017-03-15  6:31       ` Herbert Xu
  2017-05-23  3:42       ` Crypto Fixes for 4.12 Herbert Xu
  1 sibling, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2017-03-04  7:41 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes the following issues:

- vmalloc stack regression in CCM.
- Build problem in CRC32 on ARM.
- Memory leak in cavium.
- Missing Kconfig dependencies in atmel and mediatek.
- XTS Regression on some platforms (s390 and ppc).
- Memory overrun in CCM test vector.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (3):
      crypto: ccm - move cbcmac input off the stack
      crypto: arm/crc32 - fix build error with outdated binutils
      crypto: arm/crc32 - add build time test for CRC instruction support

Colin Ian King (1):
      crypto: cavium - fix leak on curr if curr->head fails to be allocated

Geert Uytterhoeven (2):
      crypto: atmel - CRYPTO_DEV_ATMEL_TDES and CRYPTO_DEV_ATMEL_SHA should depend on HAS_DMA
      crypto: atmel - CRYPTO_DEV_MEDIATEK should depend on HAS_DMA

George Cherian (1):
      crypto: cavium - Fix couple of static checker errors

Herbert Xu (2):
      crypto: api - Add crypto_requires_off helper
      crypto: xts - Propagate NEED_FALLBACK bit

Laura Abbott (1):
      crypto: testmgr - Pad aes_ccm_enc_tv_template vector

Paulo Flabiano Smorigo (2):
      crypto: vmx - Use skcipher for cbc fallback
      crypto: vmx - Use skcipher for xts fallback

 arch/arm/crypto/Makefile                     |   12 ++++++-
 arch/arm/crypto/crc32-ce-core.S              |    2 +-
 crypto/ccm.c                                 |    5 +--
 crypto/testmgr.h                             |    2 +-
 crypto/xts.c                                 |   14 ++++----
 drivers/crypto/Kconfig                       |    3 ++
 drivers/crypto/cavium/cpt/cptvf_main.c       |    5 ++-
 drivers/crypto/cavium/cpt/cptvf_reqmanager.c |    4 +--
 drivers/crypto/vmx/aes_cbc.c                 |   47 +++++++++++++-------------
 drivers/crypto/vmx/aes_xts.c                 |   32 +++++++++---------
 include/crypto/algapi.h                      |    7 +++-
 11 files changed, 79 insertions(+), 54 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.11
  2017-03-04  7:41     ` Crypto Fixes for 4.11 Herbert Xu
@ 2017-03-15  6:31       ` Herbert Xu
  2017-03-24 13:46         ` Herbert Xu
  2017-05-23  3:42       ` Crypto Fixes for 4.12 Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-03-15  6:31 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes the following issues:

- Self-test failure of crc32c on powerpc.
- Regressions of ecb(aes) when used with xts/lrw in s5p-sss.
- A number of bugs in the omap RNG driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Daniel Axtens (1):
      crypto: powerpc - Fix initialisation of crc32c context

Krzysztof Kozlowski (2):
      crypto: s5p-sss - Fix completing crypto request in IRQ handler
      crypto: s5p-sss - Fix spinlock recursion on LRW(AES)

Thomas Petazzoni (3):
      hwrng: omap - write registers after enabling the clock
      hwrng: omap - use devm_clk_get() instead of of_clk_get()
      hwrng: omap - Do not access INTMASK_REG on EIP76

 arch/powerpc/crypto/crc32c-vpmsum_glue.c |    2 +-
 drivers/char/hw_random/omap-rng.c        |   16 +++-
 drivers/crypto/s5p-sss.c                 |  132 +++++++++++++++++++-----------
 3 files changed, 100 insertions(+), 50 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.11
  2017-03-15  6:31       ` Herbert Xu
@ 2017-03-24 13:46         ` Herbert Xu
  2017-03-31 10:29           ` Herbert Xu
  0 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-03-24 13:46 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes regressions in the crypto ccp driver and the
hwrng drivers amd and geode.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Gary R Hook (1):
      crypto: ccp - Assign DMA commands to the channel's CCP

Prarit Bhargava (2):
      hwrng: amd - Revert managed API changes
      hwrng: geode - Revert managed API changes

 drivers/char/hw_random/amd-rng.c   |   42 ++++++++++++++++++++++++------
 drivers/char/hw_random/geode-rng.c |   50 +++++++++++++++++++++++++-----------
 drivers/crypto/ccp/ccp-dev.c       |    5 +++-
 drivers/crypto/ccp/ccp-dmaengine.c |    1 +
 include/linux/ccp.h                |    2 +-
 5 files changed, 75 insertions(+), 25 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.11
  2017-03-24 13:46         ` Herbert Xu
@ 2017-03-31 10:29           ` Herbert Xu
  2017-04-10 11:04             ` Herbert Xu
  0 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-03-31 10:29 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes the following issues:

- Memory corruption when kmalloc fails in xts/lrw.
- Mark some CCP DMA channels as private.
- Fix reordering race in padata.
- Regression in omap-rng DT description.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Eric Biggers (1):
      crypto: xts,lrw - fix out-of-bounds write after kmalloc failure

Gary R Hook (1):
      crypto: ccp - Make some CCP DMA channels private

Jason A. Donenfeld (1):
      padata: avoid race in reordering

Thomas Petazzoni (1):
      dt-bindings: rng: clocks property on omap_rng not always mandatory

 Documentation/devicetree/bindings/rng/omap_rng.txt |    3 +-
 crypto/lrw.c                                       |    7 +++-
 crypto/xts.c                                       |    7 +++-
 drivers/crypto/ccp/ccp-dev-v5.c                    |    1 +
 drivers/crypto/ccp/ccp-dev.h                       |    5 +++
 drivers/crypto/ccp/ccp-dmaengine.c                 |   41 ++++++++++++++++++++
 kernel/padata.c                                    |    5 ++-
 7 files changed, 62 insertions(+), 7 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.11
  2017-03-31 10:29           ` Herbert Xu
@ 2017-04-10 11:04             ` Herbert Xu
  2017-04-18 10:27               ` Herbert Xu
  0 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-04-10 11:04 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes a number of bugs in the caam driver:

- Device creation fails after release.
- Error-path NULL-pointer dereference.
- Spurious hardware error in RNG deinstantiation.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Horia Geantă (3):
      crypto: caam - fix JR platform device subsequent (re)creations
      crypto: caam - fix invalid dereference in caam_rsa_init_tfm()
      crypto: caam - fix RNG deinstantiation error checking

 drivers/crypto/caam/caampkc.c |    2 +-
 drivers/crypto/caam/ctrl.c    |   66 +++++++++++++----------------------------
 drivers/crypto/caam/intern.h  |    1 -
 3 files changed, 22 insertions(+), 47 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.11
  2017-04-10 11:04             ` Herbert Xu
@ 2017-04-18 10:27               ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2017-04-18 10:27 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes the following problems:

- Regression in new XTS/LRW code when used with async crypto.
- Long-standing bug in ahash API when used with certain algos.
- Bogus memory dereference in async algif_aead with certain algos.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (4):
      crypto: xts - Fix use-after-free on EINPROGRESS
      crypto: lrw - Fix use-after-free on EINPROGRESS
      crypto: ahash - Fix EINPROGRESS notification callback
      crypto: algif_aead - Fix bogus request dereference in completion function

 crypto/ahash.c                 |   79 +++++++++++++++++++++++++---------------
 crypto/algif_aead.c            |   12 +++---
 crypto/lrw.c                   |   16 ++++++++
 crypto/xts.c                   |   16 ++++++++
 include/crypto/internal/hash.h |   10 +++++
 5 files changed, 98 insertions(+), 35 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.12
  2017-02-23 12:51   ` Crypto Update for 4.11 Herbert Xu
@ 2017-05-01 14:26     ` Herbert Xu
  2017-07-05 13:01     ` Crypto Update for 4.13 Herbert Xu
                       ` (2 subsequent siblings)
  3 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2017-05-01 14:26 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.12:

API:

- Add batch registration for acomp/scomp.
- Change acomp testing to non-unique compressed result.
- Extend algorithm name limit to 128 bytes.
- Require setkey before accept(2) in algif_aead.

Algorithms:

- Add support for deflate rfc1950 (zlib).

Drivers:

- Add accelerated crct10dif for powerpc.
- Add crc32 in stm32.
- Add sha384/sha512 in ccp.
- Add 3des/gcm(aes) for v5 devices in ccp.
- Add Queue Interface (QI) backend support in caam.
- Add new Exynos RNG driver.
- Add ThunderX ZIP driver.
- Add driver for hardware random generator on MT7623 SoC.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (2):
      crypto: arm/aes-neonbs - resolve fallback cipher at runtime
      crypto: algapi - annotate expected branch behavior in crypto_inc()

Arnd Bergmann (1):
      crypto: zip - add a cast for printing atomic64_t values

Christophe Jaillet (1):
      crypto: chcr - Fix error handling related to 'chcr_alloc_shash'

Colin Ian King (2):
      crypto: bcm - fix spelling mistake: "genereate" -> "generate"
      crypto: crypto4xx - rename ce_ring_contol to ce_ring_control

Dan Carpenter (1):
      crypto: zip - Memory corruption in zip_clear_stats()

Daniel Axtens (4):
      crypto: powerpc - Factor out the core CRC vpmsum algorithm
      crypto: powerpc - Re-enable non-REFLECTed CRCs
      crypto: powerpc - Add CRC-T10DIF acceleration
      crypto: powerpc - Stress test for vpmsum implementations

Eric Biggers (7):
      crypto: gf128mul - fix some comments
      crypto: gf128mul - remove xx() macro
      crypto: gf128mul - rename the byte overflow tables
      crypto: gf128mul - constify 4k and 64k multiplication tables
      crypto: kpp - constify buffer passed to crypto_kpp_set_secret()
      crypto: testmgr - constify all test vectors
      crypto: xts,lrw - fix out-of-bounds write after kmalloc failure

Fabien DESSENNE (6):
      crypto: doc - fix typo (struct sdesc)
      dt-bindings: Document STM32 CRC bindings
      crypto: stm32 - Support for STM32 CRC32 crypto module
      ARM: dts: stm32: Add CRC support to stm32f746
      ARM: dts: stm32: enable CRC on stm32746g-eval board
      ARM: configs: stm32: Add crypto support

Gary R Hook (11):
      crypto: ccp - Assign DMA commands to the channel's CCP
      crypto: ccp - Make some CCP DMA channels private
      crypto: ccp - Add SHA-2 384- and 512-bit support
      crypto: ccp - Enable 3DES function on v5 CCPs
      crypto: ccp - Enable support for AES GCM on v5 CCPs
      crypto: ccp - Remove redundant cpu-to-le32 macros
      crypto: ccp - Rearrange structure members to minimize size
      crypto: ccp - Use only the relevant interrupt bits
      crypto: ccp - Disable interrupts early on unload
      crypto: ccp - Change ISR handler method for a v3 CCP
      crypto: ccp - Change ISR handler method for a v5 CCP

Geliang Tang (1):
      crypto: ixp4xx - Use sg_virt()

Giovanni Cabiddu (4):
      crypto: acomp - allow registration of multiple acomps
      crypto: testmgr - replace compression known answer test
      crypto: scomp - allow registration of multiple scomps
      crypto: scomp - add support for deflate rfc1950 (zlib)

Haren Myneni (1):
      crypto: nx - Update MAINTAINERS entry for 842 compression

Harsh Jain (4):
      crypto: chcr - Increase priority of AEAD algos.
      crypto: chcr - Set hmac_ctrl bit to use HW register HMAC_CFG[456]
      crypto: chcr - Fix txq ids.
      crypto: chcr - Add fallback for AEAD algos

Heiner Kallweit (4):
      clk: meson-gxbb: expose clock CLKID_RNG0
      dt-bindings: rng: add clock to DT binding documentation for hwrng
      ARM64: dts: meson-gx: add clock CLKID_RNG0 to hwrng node
      hwrng: meson - add clock handling to driver

Herbert Xu (7):
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
      crypto: user - Prepare for CRYPTO_MAX_ALG_NAME expansion
      crypto: af_alg - Allow arbitrarily long algorithm names
      xfrm: Prepare for CRYPTO_MAX_ALG_NAME expansion
      crypto: api - Extend algorithm name limit to 128 bytes
      Revert "crypto: arm64/sha - Add constant operand modifier to ASM_EXPORT"

Horia Geantă (10):
      soc/qman: export volatile dequeue related structs
      soc/qman: add dedicated channel ID for CAAM
      soc/qman: export non-programmable FQD fields query
      soc/qman: add macros needed by caam/qi driver
      crypto: caam - avoid double inclusion in desc_constr.h
      crypto: caam - add Queue Interface (QI) backend support
      crypto: caam/qi - add ablkcipher and authenc algorithms
      crypto: caam - fix JR platform device subsequent (re)creations
      crypto: caam - fix invalid dereference in caam_rsa_init_tfm()
      crypto: caam - fix RNG deinstantiation error checking

Jason A. Donenfeld (4):
      padata: avoid race in reordering
      md5: remove from lib and only live in crypto
      padata: free correct variable
      padata: get_next is never NULL

Krzysztof Kozlowski (6):
      MAINTAINERS: Add maintianer entry for crypto/s5p-sss
      crypto: s5p-sss - Close possible race for completed requests
      crypto: s5p-sss - Remove unused variant field from state container
      crypto: s5p-sss - Document the struct s5p_aes_dev
      linux/kernel.h: Add ALIGN_DOWN macro
      crypto: exynos - Add new Exynos RNG driver

Mahipal Challa (3):
      crypto: zip - Add ThunderX ZIP driver core
      crypto: zip - Wire-up Compression / decompression HW offload
      crypto: zip - Add Compression/Decompression statistics

Marcelo Cerri (3):
      crypto: cbc - Propagate NEED_FALLBACK bit
      crypto: ctr - Propagate NEED_FALLBACK bit
      crypto: testmgr - mark ctr(des3_ede) as fips_allowed

Markus Elfring (1):
      hwrng: n2 - Use devm_kcalloc() in n2rng_probe()

Matthias Kaehlcke (1):
      crypto: arm64/sha - Add constant operand modifier to ASM_EXPORT

Michael Davidson (1):
      crypto, x86: aesni - fix token pasting for clang

Michael Ellerman (1):
      crypto: crct10dif-vpmsum - Fix missing preempt_disable()

Milan Broz (1):
      crypto: testmgr - Allow ecb(cipher_null) in FIPS mode

Myungho Jung (1):
      crypto: lz4 - fixed decompress function to return error code

Ondrej Mosnáček (4):
      crypto: gf128mul - define gf128mul_x_* in gf128mul.h
      crypto: gf128mul - switch gf128mul_x_ble to le128
      crypto: glue_helper - remove the le128_gf128mul_x_ble function
      crypto: xts - drop gf128mul dependency

Prarit Bhargava (2):
      hwrng: amd - Revert managed API changes
      hwrng: geode - Revert managed API changes

Rick Altherr (3):
      hwrng: timeriomem - Migrate to new API
      hwrng: timeriomem - Shorten verbose type and variable names
      hwrng: timeriomem - Improve performance for sub-jiffie update periods

Ryder Lee (8):
      crypto: mediatek - rework interrupt handler
      crypto: mediatek - add MTK_* prefix and correct annotations.
      crypto: mediatek - make mtk_sha_xmit() more generic
      crypto: mediatek - simplify descriptor ring management
      crypto: mediatek - add queue_task tasklet
      crypto: mediatek - fix error handling in mtk_aes_complete()
      crypto: mediatek - add mtk_aes_gcm_tag_verify()
      crypto: mediatek - make hardware operation flow more efficient

Sean Wang (2):
      dt-bindings: hwrng: Add Mediatek hardware random generator bindings
      hwrng: mtk - Add driver for hardware random generator on MT7623 SoC

Stephan Mueller (2):
      crypto: DRBG - initialize SGL only once
      crypto: algif_aead - Require setkey before accept(2)

Thomas Petazzoni (2):
      hwrng: omap - move clock related code to omap_rng_probe()
      dt-bindings: rng: clocks property on omap_rng not always mandatory

Wei Yongjun (2):
      crypto: caam - fix error return code in caam_qi_init()
      crypto: stm32 - Fix OF module alias information

 Documentation/crypto/api-samples.rst               |    6 +-
 .../devicetree/bindings/crypto/st,stm32-crc.txt    |   16 +
 .../devicetree/bindings/rng/amlogic,meson-rng.txt  |   11 +-
 Documentation/devicetree/bindings/rng/mtk-rng.txt  |   18 +
 Documentation/devicetree/bindings/rng/omap_rng.txt |    3 +-
 MAINTAINERS                                        |   18 +-
 arch/arm/boot/dts/stm32746g-eval.dts               |    4 +
 arch/arm/boot/dts/stm32f746.dtsi                   |    7 +
 arch/arm/configs/stm32_defconfig                   |    2 +
 arch/arm/crypto/Kconfig                            |    2 +-
 arch/arm/crypto/aes-neonbs-glue.c                  |   60 +-
 arch/arm64/boot/dts/amlogic/meson-gx.dtsi          |    2 +-
 arch/arm64/boot/dts/amlogic/meson-gxbb.dtsi        |    5 +
 arch/metag/kernel/stacktrace.c                     |    2 -
 arch/powerpc/crypto/Makefile                       |    3 +
 arch/powerpc/crypto/crc-vpmsum_test.c              |  137 ++
 arch/powerpc/crypto/crc32-vpmsum_core.S            |  755 +++++++
 arch/powerpc/crypto/crc32c-vpmsum_asm.S            |  715 +-----
 arch/powerpc/crypto/crct10dif-vpmsum_asm.S         |  850 +++++++
 arch/powerpc/crypto/crct10dif-vpmsum_glue.c        |  128 ++
 arch/x86/crypto/aes_ctrby8_avx-x86_64.S            |    7 +-
 arch/x86/crypto/camellia_glue.c                    |    4 +-
 arch/x86/crypto/glue_helper.c                      |    3 +-
 arch/x86/crypto/serpent_sse2_glue.c                |    4 +-
 arch/x86/crypto/twofish_glue_3way.c                |    4 +-
 arch/x86/include/asm/crypto/glue_helper.h          |   10 -
 crypto/Kconfig                                     |   18 +-
 crypto/acompress.c                                 |   29 +
 crypto/af_alg.c                                    |    4 +-
 crypto/algapi.c                                    |    4 +-
 crypto/algif_aead.c                                |  157 +-
 crypto/cbc.c                                       |   15 +-
 crypto/crypto_user.c                               |   18 +-
 crypto/ctr.c                                       |   23 +-
 crypto/deflate.c                                   |   61 +-
 crypto/dh.c                                        |    3 +-
 crypto/drbg.c                                      |    5 +-
 crypto/ecdh.c                                      |    3 +-
 crypto/gf128mul.c                                  |  111 +-
 crypto/lrw.c                                       |    7 +-
 crypto/lz4.c                                       |    2 +-
 crypto/lz4hc.c                                     |    2 +-
 crypto/md5.c                                       |   95 +-
 crypto/scompress.c                                 |   29 +
 crypto/testmgr.c                                   |  112 +-
 crypto/testmgr.h                                   |  587 ++---
 crypto/xts.c                                       |   45 +-
 drivers/char/hw_random/Kconfig                     |   28 +-
 drivers/char/hw_random/Makefile                    |    2 +-
 drivers/char/hw_random/amd-rng.c                   |   42 +-
 drivers/char/hw_random/exynos-rng.c                |  231 --
 drivers/char/hw_random/geode-rng.c                 |   50 +-
 drivers/char/hw_random/meson-rng.c                 |   22 +
 drivers/char/hw_random/mtk-rng.c                   |  168 ++
 drivers/char/hw_random/n2-drv.c                    |    4 +-
 drivers/char/hw_random/omap-rng.c                  |   22 +-
 drivers/char/hw_random/timeriomem-rng.c            |  157 +-
 drivers/clk/meson/gxbb.h                           |    2 +-
 drivers/crypto/Kconfig                             |   24 +
 drivers/crypto/Makefile                            |    3 +
 drivers/crypto/amcc/crypto4xx_core.c               |    2 +-
 drivers/crypto/amcc/crypto4xx_reg_def.h            |    2 +-
 drivers/crypto/bcm/util.c                          |    2 +-
 drivers/crypto/caam/Kconfig                        |   20 +-
 drivers/crypto/caam/Makefile                       |    5 +
 drivers/crypto/caam/caamalg.c                      |    9 +-
 drivers/crypto/caam/caamalg_desc.c                 |   77 +-
 drivers/crypto/caam/caamalg_desc.h                 |   15 +-
 drivers/crypto/caam/caamalg_qi.c                   | 2387 ++++++++++++++++++++
 drivers/crypto/caam/caampkc.c                      |    2 +-
 drivers/crypto/caam/ctrl.c                         |  121 +-
 drivers/crypto/caam/desc_constr.h                  |    5 +
 drivers/crypto/caam/intern.h                       |   25 +-
 drivers/crypto/caam/qi.c                           |  805 +++++++
 drivers/crypto/caam/qi.h                           |  201 ++
 drivers/crypto/caam/sg_sw_qm.h                     |  108 +
 drivers/crypto/cavium/Makefile                     |    4 +
 drivers/crypto/cavium/zip/Makefile                 |   11 +
 drivers/crypto/cavium/zip/common.h                 |  202 ++
 drivers/crypto/cavium/zip/zip_crypto.c             |  313 +++
 drivers/crypto/cavium/zip/zip_crypto.h             |   79 +
 drivers/crypto/cavium/zip/zip_deflate.c            |  200 ++
 drivers/crypto/cavium/zip/zip_deflate.h            |   62 +
 drivers/crypto/cavium/zip/zip_device.c             |  202 ++
 drivers/crypto/cavium/zip/zip_device.h             |  108 +
 drivers/crypto/cavium/zip/zip_inflate.c            |  223 ++
 drivers/crypto/cavium/zip/zip_inflate.h            |   62 +
 drivers/crypto/cavium/zip/zip_main.c               |  729 ++++++
 drivers/crypto/cavium/zip/zip_main.h               |  121 +
 drivers/crypto/cavium/zip/zip_mem.c                |  114 +
 drivers/crypto/cavium/zip/zip_mem.h                |   78 +
 drivers/crypto/cavium/zip/zip_regs.h               | 1347 +++++++++++
 drivers/crypto/ccp/Makefile                        |    2 +
 drivers/crypto/ccp/ccp-crypto-aes-galois.c         |  252 +++
 drivers/crypto/ccp/ccp-crypto-des3.c               |  254 +++
 drivers/crypto/ccp/ccp-crypto-main.c               |   22 +
 drivers/crypto/ccp/ccp-crypto-sha.c                |   22 +
 drivers/crypto/ccp/ccp-crypto.h                    |   44 +-
 drivers/crypto/ccp/ccp-dev-v3.c                    |  121 +-
 drivers/crypto/ccp/ccp-dev-v5.c                    |  169 +-
 drivers/crypto/ccp/ccp-dev.c                       |    5 +-
 drivers/crypto/ccp/ccp-dev.h                       |   35 +-
 drivers/crypto/ccp/ccp-dmaengine.c                 |   42 +
 drivers/crypto/ccp/ccp-ops.c                       |  522 +++++
 drivers/crypto/ccp/ccp-pci.c                       |    2 +
 drivers/crypto/chelsio/chcr_algo.c                 |  304 ++-
 drivers/crypto/chelsio/chcr_algo.h                 |    4 +
 drivers/crypto/chelsio/chcr_core.h                 |    2 +
 drivers/crypto/chelsio/chcr_crypto.h               |   10 +-
 drivers/crypto/exynos-rng.c                        |  389 ++++
 drivers/crypto/ixp4xx_crypto.c                     |    2 +-
 drivers/crypto/mediatek/mtk-aes.c                  |  421 ++--
 drivers/crypto/mediatek/mtk-platform.c             |   15 +-
 drivers/crypto/mediatek/mtk-platform.h             |   56 +-
 drivers/crypto/mediatek/mtk-sha.c                  |  309 +--
 drivers/crypto/qat/qat_common/qat_asym_algs.c      |    2 +-
 drivers/crypto/s5p-sss.c                           |   35 +-
 drivers/crypto/stm32/Kconfig                       |    7 +
 drivers/crypto/stm32/Makefile                      |    2 +
 drivers/crypto/stm32/stm32_crc32.c                 |  324 +++
 drivers/gpu/drm/udl/udl_fb.c                       |    2 +-
 drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c    |    9 +
 drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.h     |    1 +
 drivers/net/ethernet/chelsio/cxgb4/t4fw_api.h      |    3 +-
 drivers/soc/fsl/qbman/qman.c                       |    4 +-
 drivers/soc/fsl/qbman/qman_ccsr.c                  |    6 +-
 drivers/soc/fsl/qbman/qman_priv.h                  |   97 -
 include/crypto/gf128mul.h                          |   87 +-
 include/crypto/internal/acompress.h                |    3 +
 include/crypto/internal/scompress.h                |    3 +
 include/crypto/kpp.h                               |    6 +-
 include/crypto/xts.h                               |    2 +-
 include/dt-bindings/clock/gxbb-clkc.h              |    3 +-
 include/linux/ccp.h                                |   70 +-
 include/linux/crypto.h                             |    2 +-
 include/linux/cryptohash.h                         |    5 -
 include/linux/kernel.h                             |    1 +
 include/soc/fsl/qman.h                             |  109 +
 include/uapi/linux/cryptouser.h                    |   10 +-
 include/video/udlfb.h                              |    2 +-
 kernel/padata.c                                    |   20 +-
 lib/Makefile                                       |    2 +-
 lib/md5.c                                          |   95 -
 net/xfrm/xfrm_user.c                               |    6 +-
 144 files changed, 13867 insertions(+), 2557 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.12
  2017-03-04  7:41     ` Crypto Fixes for 4.11 Herbert Xu
  2017-03-15  6:31       ` Herbert Xu
@ 2017-05-23  3:42       ` Herbert Xu
  2017-06-08  9:23         ` Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-05-23  3:42 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes a regression in the skcipher interface that allows
bogus key parameters to hit underlying implementations which can
cause crashes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
      crypto: skcipher - Add missing API setkey checks

 crypto/skcipher.c |   40 +++++++++++++++++++++++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.12
  2017-05-23  3:42       ` Crypto Fixes for 4.12 Herbert Xu
@ 2017-06-08  9:23         ` Herbert Xu
  2017-06-08 14:05           ` David Miller
  2017-06-15  0:54           ` Herbert Xu
  0 siblings, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2017-06-08  9:23 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes a couple of places in the crypto code that were
doing interruptible sleeps dangerously.  They have been converted
to use non-interruptible sleeps.  This push also fixes a bug in
asymmetric_keys where it would trigger a use-after-free if a
request returned EBUSY due to a full device queue.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Gilad Ben-Yossef (3):
      crypto: asymmetric_keys - handle EBUSY due to backlog correctly
      crypto: drbg - wait for crypto op not signal safe
      crypto: gcm - wait for crypto op not signal safe

 crypto/asymmetric_keys/public_key.c |    2 +-
 crypto/drbg.c                       |    5 ++---
 crypto/gcm.c                        |    6 ++----
 3 files changed, 5 insertions(+), 8 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.12
  2017-06-08  9:23         ` Herbert Xu
@ 2017-06-08 14:05           ` David Miller
  2017-06-09  2:52             ` Herbert Xu
  2017-06-15  0:54           ` Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: David Miller @ 2017-06-08 14:05 UTC (permalink / raw)
  To: herbert; +Cc: torvalds, linux-kernel, linux-crypto

From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Thu, 8 Jun 2017 17:23:21 +0800

> This push fixes a couple of places in the crypto code that were
> doing interruptible sleeps dangerously.  They have been converted
> to use non-interruptible sleeps.  This push also fixes a bug in
> asymmetric_keys where it would trigger a use-after-free if a
> request returned EBUSY due to a full device queue.

Where is the gcc shash miscompile workaround?

Thanks.

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.12
  2017-06-08 14:05           ` David Miller
@ 2017-06-09  2:52             ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2017-06-09  2:52 UTC (permalink / raw)
  To: David Miller; +Cc: torvalds, linux-kernel, linux-crypto

On Thu, Jun 08, 2017 at 10:05:02AM -0400, David Miller wrote:
> From: Herbert Xu <herbert@gondor.apana.org.au>
> Date: Thu, 8 Jun 2017 17:23:21 +0800
> 
> > This push fixes a couple of places in the crypto code that were
> > doing interruptible sleeps dangerously.  They have been converted
> > to use non-interruptible sleeps.  This push also fixes a bug in
> > asymmetric_keys where it would trigger a use-after-free if a
> > request returned EBUSY due to a full device queue.
> 
> Where is the gcc shash miscompile workaround?

I'll push it to Linus in a couple of days.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.12
  2017-06-08  9:23         ` Herbert Xu
  2017-06-08 14:05           ` David Miller
@ 2017-06-15  0:54           ` Herbert Xu
  2017-06-15  9:04             ` Linus Torvalds
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-06-15  0:54 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus:

This push fixes a bug on sparc where we may dereference freed stack
memory.

 
Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


David Miller (1):
      crypto: Work around deallocated stack frame reference gcc bug on sparc.

 drivers/infiniband/sw/rxe/rxe.h |    5 ++++-
 fs/btrfs/hash.c                 |    5 ++++-
 fs/f2fs/f2fs.h                  |    5 ++++-
 lib/libcrc32c.c                 |    6 ++++--
 4 files changed, 16 insertions(+), 5 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.12
  2017-06-15  0:54           ` Herbert Xu
@ 2017-06-15  9:04             ` Linus Torvalds
  2017-06-15  9:05               ` Linus Torvalds
                                 ` (2 more replies)
  0 siblings, 3 replies; 79+ messages in thread
From: Linus Torvalds @ 2017-06-15  9:04 UTC (permalink / raw)
  To: Herbert Xu
  Cc: David S. Miller, Linux Kernel Mailing List, Linux Crypto Mailing List

On Thu, Jun 15, 2017 at 9:54 AM, Herbert Xu <herbert@gondor.apana.org.au> wrote:
>
> This push fixes a bug on sparc where we may dereference freed stack
> memory.

Ugh, that's a particularly ugly fix for a random gcc bug on a random
architecture that almost nobody tests.

In other words, it's nasty. It's nasty because nobody sane will ever
realize this pattern, and the code will either bit-rot or just happen
again somewhere else.

I'd have been *much* happier if this had been some nicer abstraction
that is built up around the use of SHASH_DESC_ON_STACK(), and just
have some rule that "SHASH_DESC_ON_STACK()" needs to be paired with
retrieving the final value and then a SHASH_DESC_DEALLOC() or
whatever.

Then you *could* implement SHASH_DESC_ON_STACK() as a kmalloc, and
SHASH_DESC_DEALLOC() would be a kfree - but with an alloca()-like
allocation the SHASH_DESC_DEALLOC() would be that "barrier_data()".

At that point the interface would make _sense_ at some conceptual
level, rather than being a random hack for a small collection of
random users of this thing.

There's a fair number of SHASH_DESC_ON_STACK users, are all the others
safe for some random reason that just happens to be about code
generation? Did people actually verify that?

                Linus

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.12
  2017-06-15  9:04             ` Linus Torvalds
@ 2017-06-15  9:05               ` Linus Torvalds
  2017-06-15  9:42               ` Herbert Xu
  2017-06-15 15:01               ` David Miller
  2 siblings, 0 replies; 79+ messages in thread
From: Linus Torvalds @ 2017-06-15  9:05 UTC (permalink / raw)
  To: Herbert Xu
  Cc: David S. Miller, Linux Kernel Mailing List, Linux Crypto Mailing List

On Thu, Jun 15, 2017 at 6:04 PM, Linus Torvalds
<torvalds@linux-foundation.org> wrote:
>
> Ugh, that's a particularly ugly fix for a random gcc bug on a random
> architecture that almost nobody tests.

.. anway, I pulled it, but I don't have to like it.

          Linus

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.12
  2017-06-15  9:04             ` Linus Torvalds
  2017-06-15  9:05               ` Linus Torvalds
@ 2017-06-15  9:42               ` Herbert Xu
  2017-06-15 15:02                 ` David Miller
  2017-06-15 15:01               ` David Miller
  2 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-06-15  9:42 UTC (permalink / raw)
  To: Linus Torvalds
  Cc: David S. Miller, Linux Kernel Mailing List, Linux Crypto Mailing List

On Thu, Jun 15, 2017 at 06:04:44PM +0900, Linus Torvalds wrote:
>
> Then you *could* implement SHASH_DESC_ON_STACK() as a kmalloc, and
> SHASH_DESC_DEALLOC() would be a kfree - but with an alloca()-like
> allocation the SHASH_DESC_DEALLOC() would be that "barrier_data()".
> 
> At that point the interface would make _sense_ at some conceptual
> level, rather than being a random hack for a small collection of
> random users of this thing.

Yes we could probably do that.

> There's a fair number of SHASH_DESC_ON_STACK users, are all the others
> safe for some random reason that just happens to be about code
> generation? Did people actually verify that?

If I understand this correctly this is only an issue if you directly
return a value from the shash_desc struct allocated on the stack.
This is usually rare as normally you'd return an error code and the
hash result would be written directly to some memory passed in from
the caller.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.12
  2017-06-15  9:04             ` Linus Torvalds
  2017-06-15  9:05               ` Linus Torvalds
  2017-06-15  9:42               ` Herbert Xu
@ 2017-06-15 15:01               ` David Miller
  2017-06-16 12:50                 ` Theodore Ts'o
  2 siblings, 1 reply; 79+ messages in thread
From: David Miller @ 2017-06-15 15:01 UTC (permalink / raw)
  To: torvalds; +Cc: herbert, linux-kernel, linux-crypto

From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Thu, 15 Jun 2017 18:04:44 +0900

> There's a fair number of SHASH_DESC_ON_STACK users, are all the others
> safe for some random reason that just happens to be about code
> generation? Did people actually verify that?

I looked at the code generated in every case.

As a side note, ext4 does something similar with a private
implementation, but it doesn't use something the evaluates to an
alloca.  Instead it uses a fixed 4-byte size for the shash context
value in the on-stack declaration.

We can tidy it up with abstraction macros as a follow-up, thanks
for the suggestion.  I'll look into it.

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.12
  2017-06-15  9:42               ` Herbert Xu
@ 2017-06-15 15:02                 ` David Miller
  0 siblings, 0 replies; 79+ messages in thread
From: David Miller @ 2017-06-15 15:02 UTC (permalink / raw)
  To: herbert; +Cc: torvalds, linux-kernel, linux-crypto

From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Thu, 15 Jun 2017 17:42:10 +0800

> On Thu, Jun 15, 2017 at 06:04:44PM +0900, Linus Torvalds wrote:
>> There's a fair number of SHASH_DESC_ON_STACK users, are all the others
>> safe for some random reason that just happens to be about code
>> generation? Did people actually verify that?
> 
> If I understand this correctly this is only an issue if you directly
> return a value from the shash_desc struct allocated on the stack.
> This is usually rare as normally you'd return an error code and the
> hash result would be written directly to some memory passed in from
> the caller.

Correct.

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.12
  2017-06-15 15:01               ` David Miller
@ 2017-06-16 12:50                 ` Theodore Ts'o
  2017-06-16 16:49                   ` David Miller
  0 siblings, 1 reply; 79+ messages in thread
From: Theodore Ts'o @ 2017-06-16 12:50 UTC (permalink / raw)
  To: David Miller; +Cc: torvalds, herbert, linux-kernel, linux-crypto

On Thu, Jun 15, 2017 at 11:01:18AM -0400, David Miller wrote:
> As a side note, ext4 does something similar with a private
> implementation, but it doesn't use something the evaluates to an
> alloca.  Instead it uses a fixed 4-byte size for the shash context
> value in the on-stack declaration.

In ext4's case, we're doing it inside an inline function, and then
using the "return" value from inside the calling function.  Assuming
that gcc actually inlines the function, are we in danger of tripping
over the bug?

						- Ted

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.12
  2017-06-16 12:50                 ` Theodore Ts'o
@ 2017-06-16 16:49                   ` David Miller
  0 siblings, 0 replies; 79+ messages in thread
From: David Miller @ 2017-06-16 16:49 UTC (permalink / raw)
  To: tytso; +Cc: torvalds, herbert, linux-kernel, linux-crypto

From: Theodore Ts'o <tytso@mit.edu>
Date: Fri, 16 Jun 2017 08:50:07 -0400

> On Thu, Jun 15, 2017 at 11:01:18AM -0400, David Miller wrote:
>> As a side note, ext4 does something similar with a private
>> implementation, but it doesn't use something the evaluates to an
>> alloca.  Instead it uses a fixed 4-byte size for the shash context
>> value in the on-stack declaration.
> 
> In ext4's case, we're doing it inside an inline function, and then
> using the "return" value from inside the calling function.  Assuming
> that gcc actually inlines the function, are we in danger of tripping
> over the bug?

Again, the bug can only be triggered if you do a dynamically sized
object on the stack.

Which ext4 is not doing, since it uses fixed size elements in the
on-stack shash context.

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.13
  2017-02-23 12:51   ` Crypto Update for 4.11 Herbert Xu
  2017-05-01 14:26     ` Crypto Update for 4.12 Herbert Xu
@ 2017-07-05 13:01     ` Herbert Xu
  2017-07-05 20:02       ` Linus Torvalds
  2017-07-14 14:18     ` Crypto Fixes " Herbert Xu
  2017-09-04 10:12     ` Crypto Update for 4.14 Herbert Xu
  3 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-07-05 13:01 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.13:

Algorithms:

- Add private key generation to ecdh.

Drivers:

- Add generic gcm(aes) to aesni-intel.
- Add SafeXcel EIP197 crypto engine driver.
- Add ecb(aes), cfb(aes) and ecb(des3_ede) to cavium.
- Add support for CNN55XX adapters in cavium.
- Add ctr mode to chcr.
- Add support for gcm(aes) to omap.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Antoine Ténart (24):
      crypto: inside-secure - add SafeXcel EIP197 crypto engine driver
      MAINTAINERS: add a maintainer for the Inside Secure crypto driver
      crypto: sun4i-ss - group variable definitions in sun4i_hash()
      crypto: sun4i-ss - remove conditional checks against 0
      crypto: sun4i-ss - use lower/upper_32_bits helpers
      crypto: sun4i-ss - cannot use DMA is the request is 0 length
      crypto: sun4i-ss - do not dynamically set parts of the last buffer to 0
      crypto: sun4i-ss - simplify the pad length calculation
      crypto: sun4i-ss - simplify the appended bit assignment
      crypto: sun4i-ss - use GENMASK to generate masks
      crypto: sun4i-ss - move from ablkcipher to skcipher API
      crypto: sun4i-ss - add the CRYPTO_ALG_KERN_DRIVER_ONLY flag
      crypto: sun4i-ss - fix large block size support
      crypto: inside-secure - use hmac ipad/opad constants
      crypto: inside-secure - fix the ring wr_cache offset
      crypto: inside-secure - fix incorrect DSE data cache setting
      crypto: inside-secure - update the context and request later
      crypto: inside-secure - use one queue per hw ring
      crypto: inside-secure - stop requeueing failed requests
      crypto: inside-secure - get the backlog before dequeueing the request
      crypto: inside-secure - only dequeue when needed
      crypto: inside-secure - increase the batch size
      crypto: inside-secure - use the base_end pointer in ring rollback
      Documentation/bindings: Document the SafeXel cryptographic engine driver

Ard Biesheuvel (6):
      crypto: arm64/sha - avoid non-standard inline asm tricks
      crypto: arm/aes-ce - enable module autoloading based on CPU feature bits
      crypto: arm/ghash-ce - enable module autoloading based on CPU feature bits
      crypto: arm/sha1-ce - enable module autoloading based on CPU feature bits
      crypto: arm/sha2-ce - enable module autoloading based on CPU feature bits
      crypto: arm/crc32 - enable module autoloading based on CPU feature bits

Arvind Yadav (4):
      hwrng: omap3-rom - Handle return value of clk_prepare_enable
      crypto: img-hash - Handle return value of clk_prepare_enable
      crypto: n2 - make of_device_ids const
      crypto: caam - make of_device_ids const.

Benjamin Peterson (1):
      crypto: doc - fix typo in docs

Christoph Hellwig (1):
      crypto: qat - use pcie_flr instead of duplicating it

Christophe Jaillet (1):
      crypto: crypto4xx - fix an error code

Colin Ian King (3):
      crypto: brcm - fix spelling mistake: "fallbck" -> "fallback"
      crypto: omap-aes - fix spelling mistake "Encryptio" -> "Encryption"
      crypto: cavium - fix spelling mistake "Revsion" -> "Revision"

Corentin LABBE (10):
      crypto: hmac - add hmac IPAD/OPAD constant
      crypto: brcm - Use IPAD/OPAD constant
      crypto: ixp4xx - Use IPAD/OPAD constant
      crypto: marvell - Use IPAD/OPAD constant
      crypto: mv_cesa - Use IPAD/OPAD constant
      crypto: omap-sham - Use IPAD/OPAD constant
      crypto: qat - Use IPAD/OPAD constant
      crypto: mediatek - Use IPAD/OPAD constant
      crypto: ccp - Use IPAD/OPAD constant
      crypto: engine - replace pr_xxx by dev_xxx

Dan Carpenter (4):
      crypto: sha512-mb - add some missing unlock on error
      X.509: Fix error code in x509_cert_parse()
      crypto: glue_helper - Delete some dead code
      crypto: cavium/nitrox - dma_mapping_error() returns bool

Eric Biggers (2):
      crypto: x86/aes - Don't use %rbp as temporary register
      crypto: aes_ti - fix comment for MixColumns step

Gary R Hook (3):
      crypto: ccp - Add a module author
      crypto: ccp - Add debugfs entries for CCP information
      crypto: ccp - Release locks before returning

Geliang Tang (1):
      crypto: mediatek - drop .owner field in mtk_crypto_driver

George Cherian (3):
      crypto: cavium - Downgrade the annoying misc interrupt print from dev_err to dev_dbg
      crypto: cavium - Remove the individual encrypt/decrypt function for each algorithm
      crypto: cavium - Add more algorithms

Gilad Ben-Yossef (2):
      crypto: tcrypt - don't disable irqs and wait
      crypto: testmgr - use consistent format for errors

Harsh Jain (9):
      crypto: chcr - Pass lcb bit setting to firmware
      crypto: chcr - Fix fallback key setting
      crypto: chcr - Return correct error code
      crypto: chcr - Avoid changing request structure
      crypto: chcr - Add ctr mode and process large sg entries for cipher
      chcr - Add debug counters
      MAINTAINERS: Add maintainer for chelsio crypto driver
      crypto: chcr - Ensure Destination sg entry size less than 2k
      crypto: chcr - Select device in Round Robin fashion

Herbert Xu (2):
      crypto: testmgr - Reenable sha1/aes in FIPS mode
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Horia Geantă (2):
      crypto: caam - fix gfp allocation flags (part I)
      crypto: caam - fix gfp allocation flags (part II)

Igal Liberman (2):
      crypto: inside-secure - enable single WR in DSE configuration
      crypto: inside-secure - optimize DSE bufferability control

Jason A. Donenfeld (1):
      crypto: rsa-pkcs1pad - use constant time memory comparison for MACs

Kamil Konieczny (1):
      crypto: doc - Fixed bugs, added example usage of calc_hash().

Karim Eshapa (1):
      crypto: algapi - Use pr_err common logging style.

Martin Hicks (1):
      crypto: talitos - Extend max key length for SHA384/512-HMAC and AEAD

Matthias Kaehlcke (1):
      crypto: rng - Remove unused function __crypto_rng_cast()

Ofer Heifetz (1):
      crypto: inside-secure - align the cipher and hash send functions

Radu Alexe (3):
      crypto: caam - incapsulate dropping leading zeros into function
      crypto: caam - add support for RSA key form 2
      crypto: caam - add support for RSA key form 3

Rick Altherr (2):
      dt-bindings: timeriomem_rng: Add entropy quality property
      hw_random: timeriomem_rng: Allow setting RNG quality from platform data

Ryder Lee (2):
      crypto: mediatek - remove redundant clock setting
      dt-bindings: crypto: remove mediatek ethif clock

Sabrina Dubroca (7):
      crypto: aesni - make non-AVX AES-GCM work with any aadlen
      crypto: aesni - make non-AVX AES-GCM work with all valid auth_tag_len
      crypto: aesni - make AVX AES-GCM work with any aadlen
      crypto: aesni - make AVX AES-GCM work with all valid auth_tag_len
      crypto: aesni - make AVX2 AES-GCM work with any aadlen
      crypto: aesni - make AVX2 AES-GCM work with all valid auth_tag_len
      crypto: aesni - add generic gcm(aes)

Sean Wang (3):
      dt-bindings: rng: add MediaTek MT7622 Hardware Random Generator bindings
      hwrng: mtk - add runtime PM support
      MAINTAINERS: add entry for MediaTek Random Number Generator

Srikanth Jampala (3):
      crypto: cavium - Add support for CNN55XX adapters.
      crypto: cavium - Add debugfs support in CNN55XX driver.
      crypto: cavium - Register the CNN55XX supported crypto algorithms.

Stephan Mueller (3):
      crypto: drbg - Fixes panic in wait_for_completion call
      crypto: testmgr - add testvector for pkcs1pad(rsa)
      crypto: drbg - Fixes panic in wait_for_completion call

Tero Kristo (13):
      crypto: omap-aes - drop unused flags attribute from omap_aes_ctx
      crypto: omap-aes - fix context handling for multiple cores
      crypto: omap-des - add check for weak keys
      crypto: omap-des - use runtime_pm autosuspend for clock handling
      crypto: omap - add base support library for common routines
      crypto: omap-des - use base omap crypto support library
      crypto: omap-aes - use base omap crypto support library
      crypto: omap-aes - move definitions over to a separate header file
      crypto: omap-aes - export some AES driver functionality locally
      crypto: omap-aes - Add support for GCM mode
      crypto: omap-sham - buffer handling fixes for hashing later
      crypto: omap-sham - fix closing of hash with separate finalize call
      crypto: omap-sham - force word alignment on the xmit-buf also

Tudor Ambarus (1):
      crypto: caam - avoid kzalloc(0) in caam_read_raw_data

Tudor-Dan Ambarus (17):
      crypto: kpp, (ec)dh - fix typos
      crypto: ecc - remove unused function arguments
      crypto: ecc - remove unnecessary casts
      crypto: ecc - rename ecdh_make_pub_key()
      crypto: dh - fix memleak in setkey
      crypto: kpp - assume key is already set in maxsize
      crypto: dh - comply with crypto_kpp_maxsize()
      crypto: ecdh - comply with crypto_kpp_maxsize()
      crypto: qat - comply with crypto_kpp_maxsize()
      crypto: akcipher - assume key is already set in maxsize
      crypto: rsa - comply with crypto_akcipher_maxsize()
      crypto: caampkc - comply with crypto_akcipher_maxsize()
      crypto: qat - comply with crypto_akcipher_maxsize()
      crypto: pkcs1pad - comply with crypto_akcipher_maxsize()
      crypto: ecdh - add privkey generation support
      crypto: testmgr - add genkey kpp test
      crypto: vmx - remove unnecessary check

pjambhlekar (1):
      crypto: ccp - return NULL instead of 0

 Documentation/crypto/api-samples.rst               |   38 +-
 Documentation/crypto/userspace-if.rst              |    2 +-
 .../bindings/crypto/inside-secure-safexcel.txt     |   29 +
 .../devicetree/bindings/crypto/mediatek-crypto.txt |    8 +-
 Documentation/devicetree/bindings/rng/mtk-rng.txt  |    4 +-
 .../devicetree/bindings/rng/timeriomem_rng.txt     |    7 +
 MAINTAINERS                                        |   18 +
 arch/arm/crypto/aes-ce-glue.c                      |    6 +-
 arch/arm/crypto/crc32-ce-glue.c                    |    6 +
 arch/arm/crypto/ghash-ce-glue.c                    |    6 +-
 arch/arm/crypto/sha1-ce-glue.c                     |    5 +-
 arch/arm/crypto/sha2-ce-glue.c                     |    5 +-
 arch/arm64/crypto/sha1-ce-core.S                   |    6 +-
 arch/arm64/crypto/sha1-ce-glue.c                   |   11 +-
 arch/arm64/crypto/sha2-ce-core.S                   |    6 +-
 arch/arm64/crypto/sha2-ce-glue.c                   |   13 +-
 arch/x86/crypto/aes-x86_64-asm_64.S                |   47 +-
 arch/x86/crypto/aesni-intel_asm.S                  |  231 ++++-
 arch/x86/crypto/aesni-intel_avx-x86_64.S           |  283 +++--
 arch/x86/crypto/aesni-intel_glue.c                 |  208 +++-
 arch/x86/crypto/glue_helper.c                      |    3 -
 arch/x86/crypto/sha512-mb/sha512_mb.c              |    7 +-
 crypto/Kconfig                                     |    1 +
 crypto/Makefile                                    |    9 +-
 crypto/aes_ti.c                                    |    2 +-
 crypto/algapi.c                                    |    2 +-
 crypto/asymmetric_keys/x509_cert_parser.c          |    1 +
 crypto/crypto_engine.c                             |   23 +-
 crypto/dh.c                                        |    9 +-
 crypto/dh_helper.c                                 |    4 +-
 crypto/drbg.c                                      |    1 +
 crypto/ecc.c                                       |   88 +-
 crypto/ecc.h                                       |   41 +-
 crypto/ecdh.c                                      |   29 +-
 crypto/ecdh_helper.c                               |    4 +-
 crypto/hmac.c                                      |    5 +-
 crypto/rng.c                                       |    5 -
 crypto/rsa-pkcs1pad.c                              |   12 +-
 crypto/rsa.c                                       |    4 +-
 crypto/tcrypt.c                                    |    4 -
 crypto/testmgr.c                                   |  128 ++-
 crypto/testmgr.h                                   |  143 +++
 drivers/char/hw_random/mtk-rng.c                   |   42 +
 drivers/char/hw_random/omap3-rom-rng.c             |   11 +-
 drivers/char/hw_random/timeriomem-rng.c            |    7 +
 drivers/crypto/Kconfig                             |   30 +
 drivers/crypto/Makefile                            |    6 +-
 drivers/crypto/amcc/crypto4xx_core.c               |    1 +
 drivers/crypto/bcm/cipher.c                        |    7 +-
 drivers/crypto/caam/caamalg.c                      |   10 +-
 drivers/crypto/caam/caamalg_qi.c                   |   10 +-
 drivers/crypto/caam/caamhash.c                     |   32 +-
 drivers/crypto/caam/caampkc.c                      |  472 ++++++++-
 drivers/crypto/caam/caampkc.h                      |   58 ++
 drivers/crypto/caam/jr.c                           |    2 +-
 drivers/crypto/caam/pdb.h                          |   62 ++
 drivers/crypto/caam/pkc_desc.c                     |   36 +
 drivers/crypto/cavium/cpt/cptvf_algs.c             |  234 +++--
 drivers/crypto/cavium/cpt/cptvf_algs.h             |    7 +
 drivers/crypto/cavium/cpt/cptvf_main.c             |    2 +-
 drivers/crypto/cavium/nitrox/Kconfig               |   21 +
 drivers/crypto/cavium/nitrox/Makefile              |    8 +
 drivers/crypto/cavium/nitrox/nitrox_algs.c         |  457 ++++++++
 drivers/crypto/cavium/nitrox/nitrox_common.h       |   42 +
 drivers/crypto/cavium/nitrox/nitrox_csr.h          | 1084 +++++++++++++++++++
 drivers/crypto/cavium/nitrox/nitrox_dev.h          |  179 ++++
 drivers/crypto/cavium/nitrox/nitrox_hal.c          |  401 +++++++
 drivers/crypto/cavium/nitrox/nitrox_isr.c          |  467 +++++++++
 drivers/crypto/cavium/nitrox/nitrox_lib.c          |  210 ++++
 drivers/crypto/cavium/nitrox/nitrox_main.c         |  640 ++++++++++++
 drivers/crypto/cavium/nitrox/nitrox_req.h          |  445 ++++++++
 drivers/crypto/cavium/nitrox/nitrox_reqmgr.c       |  735 +++++++++++++
 drivers/crypto/ccp/Makefile                        |    3 +-
 drivers/crypto/ccp/ccp-crypto-sha.c                |    5 +-
 drivers/crypto/ccp/ccp-debugfs.c                   |  344 ++++++
 drivers/crypto/ccp/ccp-dev-v5.c                    |   28 +-
 drivers/crypto/ccp/ccp-dev.c                       |    3 +-
 drivers/crypto/ccp/ccp-dev.h                       |   20 +
 drivers/crypto/ccp/ccp-platform.c                  |    4 +-
 drivers/crypto/chelsio/chcr_algo.c                 | 1096 ++++++++++++++++----
 drivers/crypto/chelsio/chcr_algo.h                 |   30 +-
 drivers/crypto/chelsio/chcr_core.c                 |   56 +-
 drivers/crypto/chelsio/chcr_core.h                 |    5 +-
 drivers/crypto/chelsio/chcr_crypto.h               |   25 +-
 drivers/crypto/img-hash.c                          |   12 +-
 drivers/crypto/inside-secure/Makefile              |    2 +
 drivers/crypto/inside-secure/safexcel.c            |  926 +++++++++++++++++
 drivers/crypto/inside-secure/safexcel.h            |  574 ++++++++++
 drivers/crypto/inside-secure/safexcel_cipher.c     |  561 ++++++++++
 drivers/crypto/inside-secure/safexcel_hash.c       | 1052 +++++++++++++++++++
 drivers/crypto/inside-secure/safexcel_ring.c       |  157 +++
 drivers/crypto/ixp4xx_crypto.c                     |    3 +-
 drivers/crypto/marvell/hash.c                      |    5 +-
 drivers/crypto/mediatek/mtk-platform.c             |   11 +-
 drivers/crypto/mediatek/mtk-platform.h             |    2 -
 drivers/crypto/mediatek/mtk-sha.c                  |    5 +-
 drivers/crypto/mv_cesa.c                           |    5 +-
 drivers/crypto/n2_core.c                           |    4 +-
 drivers/crypto/omap-aes-gcm.c                      |  408 ++++++++
 drivers/crypto/omap-aes.c                          |  461 ++++----
 drivers/crypto/omap-aes.h                          |  214 ++++
 drivers/crypto/omap-crypto.c                       |  184 ++++
 drivers/crypto/omap-crypto.h                       |   37 +
 drivers/crypto/omap-des.c                          |  138 +--
 drivers/crypto/omap-sham.c                         |   38 +-
 drivers/crypto/qat/qat_common/adf_aer.c            |   15 +-
 drivers/crypto/qat/qat_common/qat_algs.c           |    5 +-
 drivers/crypto/qat/qat_common/qat_asym_algs.c      |    8 +-
 drivers/crypto/sunxi-ss/sun4i-ss-cipher.c          |  213 ++--
 drivers/crypto/sunxi-ss/sun4i-ss-core.c            |  237 +++--
 drivers/crypto/sunxi-ss/sun4i-ss-hash.c            |  138 +--
 drivers/crypto/sunxi-ss/sun4i-ss.h                 |   34 +-
 drivers/crypto/talitos.c                           |    7 +-
 drivers/crypto/vmx/aes.c                           |    7 +-
 drivers/crypto/vmx/aes_cbc.c                       |    7 +-
 drivers/crypto/vmx/aes_ctr.c                       |    7 +-
 drivers/crypto/vmx/aes_xts.c                       |    7 +-
 drivers/net/ethernet/chelsio/cxgb4/cxgb4.h         |    1 +
 drivers/net/ethernet/chelsio/cxgb4/cxgb4_debugfs.c |   35 +
 drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.c     |    1 +
 drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.h     |   10 +
 include/crypto/akcipher.h                          |   11 +-
 include/crypto/dh.h                                |    4 +-
 include/crypto/ecdh.h                              |    4 +-
 include/crypto/engine.h                            |    1 +
 include/crypto/hmac.h                              |    7 +
 include/crypto/kpp.h                               |   15 +-
 include/linux/timeriomem-rng.h                     |    3 +
 128 files changed, 12842 insertions(+), 1535 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Update for 4.13
  2017-07-05 13:01     ` Crypto Update for 4.13 Herbert Xu
@ 2017-07-05 20:02       ` Linus Torvalds
  2017-07-06  2:19         ` Herbert Xu
  0 siblings, 1 reply; 79+ messages in thread
From: Linus Torvalds @ 2017-07-05 20:02 UTC (permalink / raw)
  To: Herbert Xu
  Cc: David S. Miller, Linux Kernel Mailing List, Linux Crypto Mailing List

On Wed, Jul 5, 2017 at 6:01 AM, Herbert Xu <herbert@gondor.apana.org.au> wrote:
>
> Drivers:
>
> - Add support for CNN55XX adapters in cavium.

Grr. I noticed this too late to fix it in the merge.

That stupid CNN55XX driver was added with a default of "m"?

WTF? Hell no. We don't add random new drivers and default them on -
and we do so even less when they are for very unusual hardware.

                  Linus

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Update for 4.13
  2017-07-05 20:02       ` Linus Torvalds
@ 2017-07-06  2:19         ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2017-07-06  2:19 UTC (permalink / raw)
  To: Linus Torvalds
  Cc: David S. Miller, Linux Kernel Mailing List, Linux Crypto Mailing List

On Wed, Jul 05, 2017 at 01:02:59PM -0700, Linus Torvalds wrote:
>
> That stupid CNN55XX driver was added with a default of "m"?
> 
> WTF? Hell no. We don't add random new drivers and default them on -
> and we do so even less when they are for very unusual hardware.

Sorry, I'll make sure the default gets removed.
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.13
  2017-02-23 12:51   ` Crypto Update for 4.11 Herbert Xu
  2017-05-01 14:26     ` Crypto Update for 4.12 Herbert Xu
  2017-07-05 13:01     ` Crypto Update for 4.13 Herbert Xu
@ 2017-07-14 14:18     ` " Herbert Xu
  2017-07-28  8:49       ` Herbert Xu
  2017-09-22  8:44       ` Crypto Fixes for 4.14 Herbert Xu
  2017-09-04 10:12     ` Crypto Update for 4.14 Herbert Xu
  3 siblings, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2017-07-14 14:18 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- New compiler warnings in cavium.
- Set post-op IV properly in caam (this fixes chaining).
- Fix potential use-after-free in atmel in case of EBUSY.
- Fix sleeping in softirq path in chcr.
- Disable buggy sha1-avx2 driver (may overread and page fault).
- Fix use-after-free on signals in caam.
 

Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Colin Ian King (1):
      crypto: cavium - make several functions static

David Gstir (1):
      crypto: caam - properly set IV after {en,de}crypt

Gilad Ben-Yossef (1):
      crypto: atmel - only treat EBUSY as transient if backlog

Harsh Jain (1):
      crypto: chcr - Avoid algo allocation in softirq.

Herbert Xu (2):
      crypto: sha1-ssse3 - Disable avx2

Horia Geantă (1):
      crypto: caam - fix signals handling

 arch/x86/crypto/sha1_ssse3_glue.c      |    2 +-
 crypto/af_alg.c                        |    2 +-
 drivers/crypto/atmel-sha.c             |    4 +++-
 drivers/crypto/caam/caamalg.c          |   20 ++++++++++++++++++--
 drivers/crypto/caam/caamhash.c         |    2 +-
 drivers/crypto/caam/key_gen.c          |    2 +-
 drivers/crypto/cavium/cpt/cptvf_algs.c |    8 ++++----
 drivers/crypto/chelsio/chcr_algo.c     |   23 +++++++++++++++--------
 drivers/crypto/chelsio/chcr_crypto.h   |    1 +
 9 files changed, 45 insertions(+), 19 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.13
  2017-07-14 14:18     ` Crypto Fixes " Herbert Xu
@ 2017-07-28  8:49       ` Herbert Xu
  2017-08-09 12:04         ` Herbert Xu
  2017-09-22  8:44       ` Crypto Fixes for 4.14 Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-07-28  8:49 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Remove broken dt bindings in inside-secure.
- Fix authencesn crash when used with digest_null.
- Fix cavium/nitrox firmware path.
- Fix SHA3 failure in brcm.
- Fix Kconfig dependency for brcm.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Antoine Tenart (2):
      crypto: inside-secure - do not parse the dma mask from dt
      Documentation/bindings: crypto: remove the dma-mask property

Herbert Xu (1):
      crypto: authencesn - Fix digest_null crash

Srikanth Jampala (1):
      crypto: cavium/nitrox - Change in firmware path.

raveendra padasalagi (2):
      crypto: brcm - Fix SHA3-512 algorithm failure
      crypto: brcm - remove BCM_PDC_MBOX dependency in Kconfig

 .../devicetree/bindings/crypto/inside-secure-safexcel.txt         |    2 --
 crypto/authencesn.c                                               |    5 +++++
 drivers/crypto/Kconfig                                            |    2 +-
 drivers/crypto/bcm/spu2.c                                         |    1 +
 drivers/crypto/cavium/nitrox/nitrox_main.c                        |    3 ++-
 drivers/crypto/inside-secure/safexcel.c                           |    5 +----
 6 files changed, 10 insertions(+), 8 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.13
  2017-07-28  8:49       ` Herbert Xu
@ 2017-08-09 12:04         ` Herbert Xu
  2017-08-14  9:43           ` Herbert Xu
  0 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-08-09 12:04 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes two regressions in the inside-secure driver with
respect to hmac(sha1).


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Antoine Tenart (2):
      crypto: inside-secure - fix invalidation check in hmac_sha1_setkey
      crypto: inside-secure - fix the sha state length in hmac_sha1_setkey

 drivers/crypto/inside-secure/safexcel_hash.c |    8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
 
Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.13
  2017-08-09 12:04         ` Herbert Xu
@ 2017-08-14  9:43           ` Herbert Xu
  2017-09-01  7:53             ` Herbert Xu
  0 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-08-14  9:43 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes an error path bug in ixp4xx as well as a read
overrun in sha1-avx2.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
      crypto: ixp4xx - Fix error handling path in 'aead_perform()'

megha.dey@linux.intel.com (1):
      crypto: x86/sha1 - Fix reads beyond the number of blocks passed

 arch/x86/crypto/sha1_avx2_x86_64_asm.S |   67 +++++++++++++++++---------------
 arch/x86/crypto/sha1_ssse3_glue.c      |    2 +-
 drivers/crypto/ixp4xx_crypto.c         |    6 +--
 3 files changed, 40 insertions(+), 35 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.13
  2017-08-14  9:43           ` Herbert Xu
@ 2017-09-01  7:53             ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2017-09-01  7:53 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Regression in chacha20 handling of chunked input.
- Crash in algif_skcipher when used with async io.
- Potential bogus pointer dereference in lib/mpi.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (2):
      crypto: chacha20 - fix handling of chunked input
      crypto: testmgr - add chunked test cases for chacha20

Stephan Mueller (2):
      lib/mpi: kunmap after finishing accessing buffer
      crypto: algif_skcipher - only call put_page on referenced and used pages

 crypto/algif_skcipher.c   |    9 +++++++--
 crypto/chacha20_generic.c |    9 +++++++--
 crypto/testmgr.h          |    7 +++++++
 lib/mpi/mpicoder.c        |    4 +++-
 4 files changed, 24 insertions(+), 5 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.14
  2017-02-23 12:51   ` Crypto Update for 4.11 Herbert Xu
                       ` (2 preceding siblings ...)
  2017-07-14 14:18     ` Crypto Fixes " Herbert Xu
@ 2017-09-04 10:12     ` Herbert Xu
  2017-11-13  7:43       ` Crypto Update for 4.15 Herbert Xu
  3 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-09-04 10:12 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.14:

API:

- Defer scompress scratch buffer allocation to first use.
- Add __crypto_xor that takes separte src and dst operands.
- Add ahash multiple registration interface.
- Revamped aead/skcipher algif code to fix async IO properly.

Drivers:

- Add non-SIMD fallback code path on ARM for SVE.
- Add AMD Security Processor framework for ccp.
- Add support for RSA in ccp.
- Add XTS-AES-256 support for CCP version 5.
- Add support for PRNG in sun4i-ss.
- Add support for DPAA2 in caam.
- Add ARTPEC crypto support.
- Add Freescale RNGC hwrng support.
- Add Microchip / Atmel ECC driver.
- Add support for STM32 HASH module.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (21):
      crypto: scompress - don't sleep with preemption disabled
      crypto: scompress - free partially allocated scratch buffers on failure
      crypto: scompress - defer allocation of scratch buffer to first use
      crypto: algapi - use separate dst and src operands for __crypto_xor()
      crypto: algapi - make crypto_xor() take separate dst and src arguments
      crypto: arm64/ghash-ce - add non-SIMD scalar fallback
      crypto: arm64/crct10dif - add non-SIMD generic fallback
      crypto: arm64/crc32 - add non-SIMD scalar fallback
      crypto: arm64/sha1-ce - add non-SIMD generic fallback
      crypto: arm64/sha2-ce - add non-SIMD scalar fallback
      crypto: arm64/aes-ce-cipher - match round key endianness with generic code
      crypto: arm64/aes-ce-cipher: add non-SIMD generic fallback
      crypto: arm64/aes-ce-ccm: add non-SIMD generic fallback
      crypto: arm64/aes-blk - add a non-SIMD fallback for synchronous CTR
      crypto: arm64/chacha20 - take may_use_simd() into account
      crypto: arm64/aes-bs - implement non-SIMD fallback for AES-CTR
      crypto: arm64/gcm - implement native driver using v8 Crypto Extensions
      crypto: arm/ghash - add NEON accelerated fallback for vmull.p64
      crypto: arm64/ghash - add NEON accelerated fallback for 64-bit PMULL
      crypto: arm/aes - avoid expanded lookup tables in the final round
      crypto: arm64/aes - avoid expanded lookup tables in the final round

Arnd Bergmann (3):
      crypto: serpent - improve __serpent_setkey with UBSAN
      crypto: ccp - avoid uninitialized variable warning
      crypto: ccp - select CONFIG_CRYPTO_RSA

Arvind Yadav (2):
      crypto: sahara - make of_device_ids const
      crypto: sahara - constify platform_device_id

Brijesh Singh (6):
      crypto: ccp - Use devres interface to allocate PCI/iomap and cleanup
      crypto: ccp - Introduce the AMD Secure Processor device
      crypto: ccp - Abstract interrupt registeration
      crypto: ccp - rename ccp driver initialize files as sp device
      crypto: ccp - remove ccp_present() check from device initialize
      crypto: ccp - remove duplicate module version and author entry

Chris Gorman (1):
      crypto: geode-aes - fixed coding style warnings and error

Christophe Jaillet (2):
      crypto: inside-secure - fix an error handling path in safexcel_probe()
      crypto: cavium/nitrox - Fix an error handling path in 'nitrox_probe()'

Colin Ian King (2):
      crypto: qat - fix spelling mistake: "runing" -> "running"
      Crypto: atmel-ecc: Make a couple of local functions static

Corentin LABBE (2):
      crypto: sun4i-ss - support the Security System PRNG
      crypto: cavium - add release_firmware to all return case

Fabio Estevam (1):
      crypto: caam - Remove unused dentry members

Gary R Hook (12):
      crypto: ccp - Fix some line spacing
      crypto: ccp - Change all references to use the JOB ID macro
      crypto: ccp - Provide an error path for debugfs setup failure
      crypto: ccp - Update copyright dates for 2017.
      crypto: ccp - Fix base RSA function for version 5 CCPs
      crypto: Add akcipher_set_reqsize() function
      crypto: ccp - Add support for RSA on the CCP
      csrypto: ccp - Expand RSA support for a v5 ccp
      crypto: ccp - Fix XTS-AES-128 support on v5 CCPs
      crypto: ccp - Add a call to xts_check_key()
      crypto: ccp - Rework the unit-size check for XTS-AES
      crypto: ccp - Add XTS-AES-256 support for CCP version 5

Gustavo A. R. Silva (11):
      crypto: ccp - print error message on platform_get_irq failure
      crypto: mediatek - fix error return code in mtk_crypto_probe()
      crypto: mxc-scc - fix error code in mxc_scc_probe()
      crypto: mxs-dcp - print error message on platform_get_irq failure
      crypto: omap-aes - fix error return code in omap_aes_probe()
      crypto: omap-des - fix error return code in omap_des_probe()
      crypto: brcm - add NULL check on of_match_device() return value
      crypto: omap-sham - remove unnecessary static in omap_sham_remove()
      crypto: atmel-sha - remove unnecessary static in atmel_sha_remove()
      crypto: atmel-tdes - remove unnecessary static in atmel_tdes_remove()
      crypto: img-hash - remove unnecessary static in img_hash_remove()

Harald Freudenberger (2):
      hwrng: use rng source with best quality
      hwrng: remember rng chosen by user

Herbert Xu (1):
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Horia Geantă (13):
      crypto: caam/qi - fix typo in authenc alg driver name
      crypto: caam/qi - fix compilation with DEBUG enabled
      crypto: caam/qi - fix compilation with CONFIG_DEBUG_FORCE_WEAK_PER_CPU=y
      crypto: caam/qi - properly set IV after {en,de}crypt
      crypto: caam/qi - handle large number of S/Gs case
      crypto: caam/qi - fix AD length endianness in S/G entry
      crypto: caam/qi - explicitly set dma_ops
      crypto: caam/qi - remove unused header sg_sw_sec4.h
      crypto: caam/qi - lower driver verbosity
      crypto: caam - remove unused sg_to_sec4_sg_len()
      crypto: caam - clean-up in caam_init_rng()
      crypto: caam/jr - add support for DPAA2 parts
      crypto: tcrypt - remove AES-XTS-192 speed tests

Jason A. Donenfeld (1):
      crypto: rng - ensure that the RNG is ready before using

Lars Persson (3):
      dt-bindings: crypto: add ARTPEC crypto
      crypto: axis - add ARTPEC-6/7 crypto accelerator driver
      MAINTAINERS: Add ARTPEC crypto maintainer

Martin Kaiser (1):
      hwrng: mx-rngc - add a driver for Freescale RNGC

Mogens Lauridsen (2):
      crypto: sahara - Fix dma unmap direction
      crypto: sahara - Remove leftover from previous used spinlock

Pan Bian (1):
      crypto: ccp - use dma_mapping_error to check map error

PrasannaKumar Muralidharan (1):
      hwrng: Kconfig - Correct help text about feeding entropy pool

Rabin Vincent (1):
      crypto: hash - add crypto_(un)register_ahashes()

Rob Herring (1):
      crypto: n2 - Convert to using %pOF instead of full_name

Stefan Agner (1):
      lib/mpi: fix build with clang

Steffen Trumtrar (1):
      Documentation: devicetree: add Freescale RNGC binding

Stephan Mueller (7):
      crypto: algif_skcipher - overhaul memory management
      crypto: algif_aead - overhaul memory management
      crypto: algif - return error code when no data was processed
      crypto: algif_aead - copy AAD from src to dst
      crypto: af_alg - consolidation of duplicate code
      crypto: algif_aead - fix comment regarding memory layout
      crypto: af_alg - get_page upon reassignment to TX SGL

Tudor Ambarus (2):
      crypto: caam - remove unused variables in caam_drv_private
      crypto: caam - fix condition for the jump over key(s) command

Tudor-Dan Ambarus (5):
      crypto: kpp - add get/set_flags helpers
      crypto: atmel-ecc - introduce Microchip / Atmel ECC driver
      MAINTAINERS: add a maintainer for Microchip / Atmel ECC driver
      crypto: ecdh - fix concurrency on shared secret and pubkey
      crypto: atmel-ecc - fix signed integer to u8 assignment

Xulin Sun (1):
      crypto: caam - free qman_fq after kill_fq

Zain Wang (3):
      crypto: rockchip - move the crypto completion from interrupt context
      crypto: rockchip - return the err code when unable dequeue the crypto request
      crypto: rockchip - Don't dequeue the request when device is busy

Zeng, Xin (1):
      crypto: virtio - Refacotor virtio_crypto driver for new virito crypto services

lionel.debieve@st.com (5):
      crypto: stm32 - CRC use relaxed function
      crypto: stm32 - solve crc issue during unbind
      crypto: stm32 - Rename module to use generic crypto
      dt-bindings: Document STM32 HASH bindings
      crypto: stm32 - Support for STM32 HASH module

raveendra padasalagi (1):
      crypto: brcm - Support more FlexRM rings than SPU engines.

 .../devicetree/bindings/crypto/artpec6-crypto.txt  |   16 +
 .../devicetree/bindings/crypto/atmel-crypto.txt    |   13 +
 .../devicetree/bindings/crypto/st,stm32-hash.txt   |   30 +
 Documentation/devicetree/bindings/rng/imx-rngc.txt |   21 +
 MAINTAINERS                                        |    7 +
 arch/arm/crypto/Kconfig                            |    5 +-
 arch/arm/crypto/aes-ce-glue.c                      |    4 +-
 arch/arm/crypto/aes-cipher-core.S                  |   88 +-
 arch/arm/crypto/aes-neonbs-glue.c                  |    5 +-
 arch/arm/crypto/ghash-ce-core.S                    |  234 +-
 arch/arm/crypto/ghash-ce-glue.c                    |   24 +-
 arch/arm64/crypto/Kconfig                          |   22 +-
 arch/arm64/crypto/aes-ce-ccm-core.S                |   30 +-
 arch/arm64/crypto/aes-ce-ccm-glue.c                |  174 +-
 arch/arm64/crypto/aes-ce-cipher.c                  |   55 +-
 arch/arm64/crypto/aes-ce.S                         |   12 +-
 arch/arm64/crypto/aes-cipher-core.S                |  152 +-
 arch/arm64/crypto/aes-ctr-fallback.h               |   53 +
 arch/arm64/crypto/aes-glue.c                       |   63 +-
 arch/arm64/crypto/aes-neonbs-glue.c                |   53 +-
 arch/arm64/crypto/chacha20-neon-glue.c             |    5 +-
 arch/arm64/crypto/crc32-ce-glue.c                  |   11 +-
 arch/arm64/crypto/crct10dif-ce-glue.c              |   13 +-
 arch/arm64/crypto/ghash-ce-core.S                  |  401 ++-
 arch/arm64/crypto/ghash-ce-glue.c                  |  517 +++-
 arch/arm64/crypto/sha1-ce-glue.c                   |   18 +-
 arch/arm64/crypto/sha2-ce-glue.c                   |   30 +-
 arch/arm64/crypto/sha256-glue.c                    |    1 +
 arch/sparc/crypto/aes_glue.c                       |    3 +-
 arch/x86/crypto/aesni-intel_glue.c                 |    4 +-
 arch/x86/crypto/blowfish_glue.c                    |    3 +-
 arch/x86/crypto/cast5_avx_glue.c                   |    3 +-
 arch/x86/crypto/des3_ede_glue.c                    |    3 +-
 crypto/Kconfig                                     |    2 +
 crypto/af_alg.c                                    |  691 +++++
 crypto/ahash.c                                     |   29 +
 crypto/algapi.c                                    |   25 +-
 crypto/algif_aead.c                                |  864 ++----
 crypto/algif_skcipher.c                            |  834 +----
 crypto/ctr.c                                       |    3 +-
 crypto/ecdh.c                                      |   51 +-
 crypto/pcbc.c                                      |   12 +-
 crypto/rng.c                                       |    6 +-
 crypto/scompress.c                                 |   55 +-
 crypto/serpent_generic.c                           |   77 +-
 crypto/tcrypt.c                                    |    8 +-
 drivers/char/hw_random/Kconfig                     |   20 +-
 drivers/char/hw_random/Makefile                    |    1 +
 drivers/char/hw_random/core.c                      |   42 +-
 drivers/char/hw_random/imx-rngc.c                  |  331 ++
 drivers/crypto/Kconfig                             |   49 +-
 drivers/crypto/Makefile                            |    4 +-
 drivers/crypto/atmel-ecc.c                         |  781 +++++
 drivers/crypto/atmel-ecc.h                         |  128 +
 drivers/crypto/atmel-sha.c                         |    2 +-
 drivers/crypto/atmel-tdes.c                        |    2 +-
 drivers/crypto/axis/Makefile                       |    1 +
 drivers/crypto/axis/artpec6_crypto.c               | 3192 ++++++++++++++++++++
 drivers/crypto/bcm/cipher.c                        |  114 +-
 drivers/crypto/bcm/cipher.h                        |   13 +-
 drivers/crypto/caam/caamalg.c                      |   66 +-
 drivers/crypto/caam/caamalg_desc.c                 |    5 +-
 drivers/crypto/caam/caamalg_qi.c                   |   55 +-
 drivers/crypto/caam/caamhash.c                     |    7 +-
 drivers/crypto/caam/caamrng.c                      |    6 +-
 drivers/crypto/caam/ctrl.c                         |  127 +-
 drivers/crypto/caam/ctrl.h                         |    2 +
 drivers/crypto/caam/error.c                        |   40 +
 drivers/crypto/caam/error.h                        |    4 +
 drivers/crypto/caam/intern.h                       |   11 -
 drivers/crypto/caam/jr.c                           |    7 +-
 drivers/crypto/caam/qi.c                           |   30 +-
 drivers/crypto/caam/qi.h                           |    3 +
 drivers/crypto/caam/regs.h                         |    1 +
 drivers/crypto/caam/sg_sw_qm2.h                    |   81 +
 drivers/crypto/caam/sg_sw_sec4.h                   |   43 +-
 drivers/crypto/cavium/cpt/cptpf_main.c             |   13 +-
 drivers/crypto/cavium/nitrox/nitrox_main.c         |    4 +-
 drivers/crypto/ccp/Kconfig                         |   22 +-
 drivers/crypto/ccp/Makefile                        |    7 +-
 drivers/crypto/ccp/ccp-crypto-aes-galois.c         |    2 +-
 drivers/crypto/ccp/ccp-crypto-aes-xts.c            |   96 +-
 drivers/crypto/ccp/ccp-crypto-des3.c               |    2 +-
 drivers/crypto/ccp/ccp-crypto-main.c               |   21 +-
 drivers/crypto/ccp/ccp-crypto-rsa.c                |  299 ++
 drivers/crypto/ccp/ccp-crypto-sha.c                |    2 +-
 drivers/crypto/ccp/ccp-crypto.h                    |   36 +-
 drivers/crypto/ccp/ccp-debugfs.c                   |   15 +-
 drivers/crypto/ccp/ccp-dev-v3.c                    |   20 +-
 drivers/crypto/ccp/ccp-dev-v5.c                    |   28 +-
 drivers/crypto/ccp/ccp-dev.c                       |  134 +-
 drivers/crypto/ccp/ccp-dev.h                       |   30 +-
 drivers/crypto/ccp/ccp-dmaengine.c                 |    2 +-
 drivers/crypto/ccp/ccp-ops.c                       |  133 +-
 drivers/crypto/ccp/ccp-pci.c                       |  356 ---
 drivers/crypto/ccp/ccp-platform.c                  |  293 --
 drivers/crypto/ccp/sp-dev.c                        |  277 ++
 drivers/crypto/ccp/sp-dev.h                        |  133 +
 drivers/crypto/ccp/sp-pci.c                        |  276 ++
 drivers/crypto/ccp/sp-platform.c                   |  256 ++
 drivers/crypto/geode-aes.c                         |   17 +-
 drivers/crypto/img-hash.c                          |    2 +-
 drivers/crypto/inside-secure/safexcel.c            |    5 +-
 drivers/crypto/mediatek/mtk-platform.c             |    2 +-
 drivers/crypto/mxc-scc.c                           |    4 +-
 drivers/crypto/mxs-dcp.c                           |    8 +-
 drivers/crypto/n2_core.c                           |   60 +-
 drivers/crypto/omap-aes.c                          |    1 +
 drivers/crypto/omap-des.c                          |    3 +-
 drivers/crypto/omap-sham.c                         |    2 +-
 drivers/crypto/qat/qat_common/adf_aer.c            |    2 +-
 drivers/crypto/rockchip/rk3288_crypto.c            |   74 +-
 drivers/crypto/rockchip/rk3288_crypto.h            |   15 +-
 drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c |  103 +-
 drivers/crypto/rockchip/rk3288_crypto_ahash.c      |  119 +-
 drivers/crypto/sahara.c                            |   14 +-
 drivers/crypto/stm32/Kconfig                       |   19 +-
 drivers/crypto/stm32/Makefile                      |    4 +-
 drivers/crypto/stm32/stm32-hash.c                  | 1575 ++++++++++
 drivers/crypto/stm32/stm32_crc32.c                 |   17 +-
 drivers/crypto/sunxi-ss/Makefile                   |    1 +
 drivers/crypto/sunxi-ss/sun4i-ss-core.c            |   30 +
 drivers/crypto/sunxi-ss/sun4i-ss-prng.c            |   56 +
 drivers/crypto/sunxi-ss/sun4i-ss.h                 |   11 +
 drivers/crypto/virtio/virtio_crypto_algs.c         |  109 +-
 drivers/crypto/virtio/virtio_crypto_common.h       |   22 +-
 drivers/crypto/virtio/virtio_crypto_core.c         |   37 +-
 drivers/crypto/vmx/aes_ctr.c                       |    3 +-
 drivers/md/dm-crypt.c                              |   11 +-
 include/crypto/algapi.h                            |   23 +-
 include/crypto/if_alg.h                            |  170 ++
 include/crypto/internal/akcipher.h                 |    6 +
 include/crypto/internal/hash.h                     |    2 +
 include/crypto/kpp.h                               |   10 +
 include/linux/ccp.h                                |   11 +-
 lib/mpi/longlong.h                                 |   24 +-
 136 files changed, 11758 insertions(+), 3169 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.14
  2017-07-14 14:18     ` Crypto Fixes " Herbert Xu
  2017-07-28  8:49       ` Herbert Xu
@ 2017-09-22  8:44       ` Herbert Xu
  2017-10-12 10:51         ` Herbert Xu
  2017-11-28 23:09         ` Crypto Fixes for 4.15 Herbert Xu
  1 sibling, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2017-09-22  8:44 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Fix compiler warnings in inside-secure.
- Fix LS1021A support in caam.
- Avoid using RBP in x86 crypto code.
- Fix bug in talitos that prevents hashing with algif.
- Fix bugs talitos hashing code that cause incorrect hash result.
- Fix memory freeing path bug in drbg.
- Fix af_alg crash when two SG lists are chained.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Arnd Bergmann (1):
      crypto: inside-secure - fix gcc-4.9 warnings

Horia Geantă (1):
      crypto: caam - fix LS1021A support on ARMv7 multiplatform kernel

Josh Poimboeuf (12):
      crypto: x86/blowfish - Fix RBP usage
      crypto: x86/camellia - Fix RBP usage
      crypto: x86/cast5 - Fix RBP usage
      crypto: x86/cast6 - Fix RBP usage
      crypto: x86/des3_ede - Fix RBP usage
      crypto: x86/sha1-avx2 - Fix RBP usage
      crypto: x86/sha1-ssse3 - Fix RBP usage
      crypto: x86/sha256-avx - Fix RBP usage
      crypto: x86/sha256-avx2 - Fix RBP usage
      crypto: x86/sha256-ssse3 - Fix RBP usage
      crypto: sha512-avx2 - Fix RBP usage
      crypto: x86/twofish - Fix RBP usage

LEROY Christophe (3):
      crypto: talitos - fix sha224
      crypto: talitos - fix hashing
      crypto: talitos - Don't provide setkey for non hmac hashing algs.

Stephan Mueller (2):
      crypto: drbg - fix freeing of resources
      crypto: af_alg - update correct dst SGL entry

 arch/x86/crypto/blowfish-x86_64-asm_64.S       |   48 ++++++++-------
 arch/x86/crypto/camellia-x86_64-asm_64.S       |   26 ++++----
 arch/x86/crypto/cast5-avx-x86_64-asm_64.S      |   47 +++++++++------
 arch/x86/crypto/cast6-avx-x86_64-asm_64.S      |   50 +++++++++++-----
 arch/x86/crypto/des3_ede-asm_64.S              |   15 +++--
 arch/x86/crypto/sha1_avx2_x86_64_asm.S         |    4 +-
 arch/x86/crypto/sha1_ssse3_asm.S               |   11 ++--
 arch/x86/crypto/sha256-avx-asm.S               |   15 +++--
 arch/x86/crypto/sha256-avx2-asm.S              |   22 +++----
 arch/x86/crypto/sha256-ssse3-asm.S             |   15 +++--
 arch/x86/crypto/sha512-avx2-asm.S              |   75 ++++++++++++------------
 arch/x86/crypto/twofish-avx-x86_64-asm_64.S    |   12 ++--
 crypto/af_alg.c                                |    4 +-
 crypto/drbg.c                                  |    8 +--
 drivers/crypto/caam/Kconfig                    |    5 +-
 drivers/crypto/caam/ctrl.c                     |   19 +++---
 drivers/crypto/caam/regs.h                     |   59 +++++++++----------
 drivers/crypto/inside-secure/safexcel_cipher.c |    2 +-
 drivers/crypto/inside-secure/safexcel_hash.c   |    2 +-
 drivers/crypto/talitos.c                       |    9 +--
 20 files changed, 236 insertions(+), 212 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.14
  2017-09-22  8:44       ` Crypto Fixes for 4.14 Herbert Xu
@ 2017-10-12 10:51         ` Herbert Xu
  2017-10-30  7:20           ` Herbert Xu
  2017-11-28 23:09         ` Crypto Fixes for 4.15 Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-10-12 10:51 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Crashes in skcipher/shash from zero-length input.
- Fix softirq GFP_KERNEL allocation in shash_setkey_unaligned.
- Error path bug in xts create function.
- Compiler warning regressions in axis and stm32.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Arnd Bergmann (2):
      crypto: axis - hide an unused variable
      crypto: stm32 - Try to fix hash padding

Christophe Jaillet (1):
      crypto: xts - Fix an error handling path in 'create()'

Herbert Xu (2):
      crypto: skcipher - Fix crash on zero-length input
      crypto: shash - Fix zero-length shash ahash digest crash

Jia-Ju Bai (1):
      crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned

 crypto/shash.c                       |   10 ++++++----
 crypto/skcipher.c                    |   17 +++++++++++------
 crypto/xts.c                         |    6 ++++--
 drivers/crypto/axis/artpec6_crypto.c |    4 ++--
 drivers/crypto/stm32/stm32-hash.c    |   15 +++++++++------
 5 files changed, 32 insertions(+), 20 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.14
  2017-10-12 10:51         ` Herbert Xu
@ 2017-10-30  7:20           ` Herbert Xu
  2017-11-06  6:37             ` Herbert Xu
  0 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-10-30  7:20 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes an objtool regression.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Jason A. Donenfeld (1):
      crypto: x86/chacha20 - satisfy stack validation 2.0

 arch/x86/crypto/chacha20-avx2-x86_64.S  |    4 ++--
 arch/x86/crypto/chacha20-ssse3-x86_64.S |    4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.14
  2017-10-30  7:20           ` Herbert Xu
@ 2017-11-06  6:37             ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2017-11-06  6:37 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes an unaligned panic in x86/sha-mb and a bug in ccm
that triggers with certain underlying implementations.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Andrey Ryabinin (2):
      crypto: x86/sha256-mb - fix panic due to unaligned access
      crypto: x86/sha1-mb - fix panic due to unaligned access

Romain Izard (1):
      crypto: ccm - preserve the IV buffer

 arch/x86/crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S     |   12 ++++++------
 arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S |   12 ++++++------
 crypto/ccm.c                                         |    4 +++-
 3 files changed, 15 insertions(+), 13 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.15
  2017-09-04 10:12     ` Crypto Update for 4.14 Herbert Xu
@ 2017-11-13  7:43       ` Herbert Xu
  2018-01-29 14:50         ` Crypto Update for 4.16 Herbert Xu
  2018-10-23 10:09         ` Crypto Update for 4.20 Herbert Xu
  0 siblings, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2017-11-13  7:43 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.15:

API:

- Disambiguate EBUSY when queueing crypto request by adding ENOSPC.
  This change touches code outside the crypto API.
- Reset settings when empty string is written to rng_current.

Algorithms:

- Add OSCCA SM3 secure hash.

Drivers:

- Remove old mv_cesa driver (replaced by marvell/cesa).
- Enable rfc3686/ecb/cfb/ofb AES in crypto4xx.
- Add ccm/gcm AES in crypto4xx.
- Add support for BCM7278 in iproc-rng200.
- Add hash support on Exynos in s5p-sss.
- Fix fallback-induced error in vmx.
- Fix output IV in atmel-aes.
- Fix empty GCM hash in mediatek.

Others:

- Fix DoS potential in lib/mpi.
- Fix potential out-of-order issues with padata.

Please note that there may be a conflict with the tips tree due
to the timer_setup patch being applied in both cryptodev and
the tips tree.  The version in the tips tree also touchs the
mv_cesa driver which just happens to have been removed in this
cycle in cryptodev.  Any changes to mv_cesa may be safely discarded.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Allen (1):
      crypto: omap - return -ENOMEM on allocation failure.

Arnd Bergmann (1):
      crypto: axis - hide an unused variable

Arvind Yadav (11):
      crypto: nx - constify vio_device_id
      crypto: nx-842 - constify vio_device_id
      hwrng: pseries - constify vio_device_id
      crypto: padlock-aes - constify x86_cpu_id
      crypto: padlock-sha - constify x86_cpu_id
      hwrng: core - pr_err() strings should end with newlines
      crypto: omap-aes - pr_err() strings should end with newlines
      crypto: virtio - pr_err() strings should end with newlines
      crypto: chelsio - pr_err() strings should end with newlines
      crypto: qat - pr_err() strings should end with newlines
      crypto: bcm - pr_err() strings should end with newlines

Boris BREZILLON (5):
      crypto: marvell - Add a platform_device_id table
      ARM: configs: Stop selecting the old CESA driver
      crypto: marvell - Remove the old mv_cesa driver
      crypto: marvell - Switch cipher algs to the skcipher interface
      crypto: marvell - Add a NULL entry at the end of mv_cesa_plat_id_table[]

Christian Lamparter (25):
      crypto: crypto4xx - remove bad list_del
      crypto: crypto4xx - remove unused definitions and write-only variables
      crypto: crypto4xx - set CRYPTO_ALG_KERN_DRIVER_ONLY flag
      crypto: crypto4xx - remove extern statement before function declaration
      crypto: crypto4xx - remove double assignment of pd_uinfo->state
      crypto: crypto4xx - fix dynamic_sa_ctl's sa_contents declaration
      crypto: crypto4xx - move and refactor dynamic_contents helpers
      crypto: crypto4xx - enable AES RFC3686, ECB, CFB and OFB offloads
      crypto: crypto4xx - refactor crypto4xx_copy_pkt_to_dst()
      crypto: crypto4xx - replace crypto4xx_dev's scatter_buffer_size with constant
      crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak
      crypto: crypto4xx - pointer arithmetic overhaul
      crypto: crypto4xx - wire up hmac_mc to hmac_muting
      crypto: crypto4xx - fix off-by-one AES-OFB
      crypto: crypto4xx - fix type mismatch compiler error
      crypto: crypto4xx - increase context and scatter ring buffer elements
      crypto: crypto4xx - add backlog queue support
      crypto: crypto4xx - use the correct LE32 format for IV and key defs
      crypto: crypto4xx - overhaul crypto4xx_build_pd()
      crypto: crypto4xx - fix various warnings
      crypto: crypto4xx - fix stalls under heavy load
      crypto: crypto4xx - simplify sa and state context acquisition
      crypto: crypto4xx - prepare for AEAD support
      crypto: crypto4xx - add aes-ccm support
      crypto: crypto4xx - add aes-gcm support

Christophe Jaillet (2):
      crypto: lrw - Fix an error handling path in 'create()'
      crypto: lrw - Check for incorrect cipher name

Colin Ian King (5):
      crypto: aesni - make arrays aesni_simd_skciphers and aesni_simd_skciphers2 static
      crypto: algboss - remove redundant setting of len to zero
      crypto: cavium - clean up clang warning on unread variable offset
      crypto: ccp - remove unused variable qim
      crypto: qat - remove unused and redundant pointer vf_info

Corentin LABBE (14):
      crypto: gcm - add GCM IV size constant
      crypto: caam - Use GCM IV size constant
      crypto: ccp - Use GCM IV size constant
      crypto: nx - Use GCM IV size constant
      crypto: atmel - Use GCM IV size constant
      crypto: bcm - Use GCM IV size constant
      crypto: mediatek - Use GCM IV size constant
      crypto: chelsio - Use GCM IV size constant
      crypto: omap - Use GCM IV size constant
      crypto: gcm - Use GCM IV size constant
      crypto: aesni - Use GCM IV size constant
      crypto: stm32 - use of_device_get_match_data
      crypto: omap - use of_device_get_match_data
      crypto: bcm - use of_device_get_match_data

Eric Biggers (6):
      crypto: dh - Fix double free of ctx->p
      crypto: dh - Don't permit 'p' to be 0
      crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
      crypto: qat - Clean up error handling in qat_dh_set_secret()
      crypto: dh - Remove pointless checks for NULL 'p' and 'g'
      lib/mpi: call cond_resched() from mpi_powm() loop

Florian Fainelli (2):
      dt-bindings: rng: Document BCM7278 RNG200 compatible
      hwrng: iproc-rng200 - Add support for BCM7278

Geliang Tang (1):
      crypto: drop unnecessary return statements

Gilad Ben-Yossef (22):
      crypto: sm3 - add OSCCA SM3 secure hash
      crypto: sm3 - add SM3 test vectors
      crypto: change transient busy return code to -ENOSPC
      crypto: ccp - use -ENOSPC for transient busy indication
      net: use -ENOSPC for transient busy indication
      crypto: remove redundant backlog checks on EBUSY
      crypto: marvell/cesa - remove redundant backlog checks on EBUSY
      crypto: introduce crypto wait for async op
      crypto: algif - move to generic async completion
      crypto: move pub key to generic async completion
      crypto: drbg - move to generic async completion
      crypto: gcm - move to generic async completion
      crypto: testmgr - move to generic async completion
      fscrypt: move to generic async completion
      dm: move dm-verity to generic async completion
      cifs: move to generic async completion
      ima: move to generic async completion
      crypto: tcrypt - move to generic async completion
      crypto: talitos - move to generic async completion
      crypto: qce - move to generic async completion
      crypto: mediatek - move to generic async completion
      crypto: doc - adapt api sample to use async. op wait

Gustavo A. R. Silva (3):
      crypto: tcrypt - mark expected switch fall-throughs in do_test()
      crypto: qat - mark expected switch fall-throughs in qat_uclo
      crypto: chcr - Replace _manual_ swap with swap macro

Harsh Jain (5):
      crypto: gf128mul - The x8_ble multiplication functions
      crypto: chelsio - Use x8_ble gf multiplication to calculate IV.
      crypto: chelsio - Remove allocation of sg list to implement 2K limit of dsgl header
      crypto: chelsio - Move DMA un/mapping to chcr from lld cxgb4 driver
      crypto: chelsio - Fix memory leak

Herbert Xu (1):
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux

Himanshu Jha (3):
      crypto: n2 - remove null check before kfree
      crypto: inside-secure - remove null check before kfree
      crypto: Use PTR_ERR_ZERO

Horia Geantă (4):
      MAINTAINERS: update caam crypto driver maintainers list
      crypto: caam/qi - abort algorithm setup on DPAA2 parts
      crypto: caam - remove unneeded edesc zeroization
      crypto: caam - remove unused param of ctx_map_to_sec4_sg()

Jim Quigley (1):
      hwrng: virtio - Virtio RNG devices need to be re-registered after suspend/resume

Kamil Konieczny (3):
      crypto: doc - clarify return values for async hash methods
      crypto: s5p-sss - Change spaces to tabs
      crypto: s5p-sss - Add HASH support for Exynos

Kees Cook (2):
      hwrng: xgene - Convert timers to use timer_setup()
      crypto: drivers - Convert timers to use timer_setup()

LEROY Christophe (18):
      crypto: talitos - fix AEAD test failures
      crypto: talitos - fix memory corruption on SEC2
      crypto: talitos - fix setkey to check key weakness
      crypto: talitos - fix AEAD for sha224 on non sha224 capable chips
      crypto: talitos - fix use of sg_link_tbl_len
      crypto: talitos - fix ctr-aes-talitos
      crypto: talitos - zeroize the descriptor with memset()
      crypto: talitos - declare local functions static
      crypto: talitos - use devm_kmalloc()
      crypto: talitos - use of_property_read_u32()
      crypto: talitos - use devm_ioremap()
      crypto: talitos - don't check the number of channels at each interrupt
      crypto: talitos - remove to_talitos_ptr_len()
      crypto: talitos - simplify tests in ipsec_esp()
      crypto: talitos - DMA map key in setkey()
      crypto: talitos - do hw_context DMA mapping outside the requests
      crypto: talitos - chain in buffered data for ahash on SEC1
      crypto: talitos - avoid useless copy

Lionel Debieve (1):
      crypto: stm32/hash - Fix return issue on update

Mathias Krause (3):
      padata: set cpu_index of unused CPUs to -1
      padata: ensure the reorder timer callback runs on the correct CPU
      padata: ensure padata_do_serial() runs on the correct CPU

Mikulas Patocka (1):
      crypto: crc32-pclmul - remove useless relative addressing

Paulo Flabiano Smorigo (1):
      crypto: vmx - Use skcipher for ctr fallback

PrasannaKumar Muralidharan (3):
      hwrng: timeriomem - Remove 'max < 4' condition check
      dt/bindings: exynos-rng: Move dt binding documentation to bindings/crypto
      hwrng: core - Reset user selected rng by writing "" to rng_current

Radu Alexe (1):
      crypto: caam - fix incorrect define

Robert Baronescu (1):
      crypto: tcrypt - fix buffer lengths in test_aead_speed()

Romain Izard (2):
      crypto: atmel-aes - properly set IV after {en,de}crypt
      crypto: atmel-aes - Reset the controller before each use

Ryder Lee (1):
      crypto: mediatek - Add empty messages check in GCM mode

Salvatore Benedetto (1):
      MAINTAINERS: update maintainer for qat

Stephan Mueller (1):
      crypto: keywrap - simplify code

Tudor-Dan Ambarus (7):
      crypto: ecdh - return unsigned value for crypto_ecdh_key_len()
      crypto: dh - return unsigned int for dh_data_size()
      crypto: dh - return unsigned value for crypto_dh_key_len()
      crypto: atmel - return appropriate error code
      crypto: atmel - remove useless irq init
      crypto: ecdh - remove empty exit()
      crypto: atmel - remove empty functions

Yeshaswi M R Gowda (2):
      crypto: chelsio - Remove unused parameter
      crypto: chelsio - Check error code with IS_ERR macro

amd (2):
      crypto: ccp - unmap pages and remove unmap objects in callback
      crypto:ccp - invoke the DMA callback in a standard way

lionel.debieve@st.com (1):
      crypto: stm32/hash - Remove uninitialized symbol

raveendra padasalagi (1):
      crypto: brcm - Explicity ACK mailbox message

 Documentation/crypto/api-samples.rst               |   52 +-
 .../{rng => crypto}/samsung,exynos-rng4.txt        |    0
 .../devicetree/bindings/rng/brcm,iproc-rng200.txt  |    4 +-
 MAINTAINERS                                        |    5 +-
 arch/arm/configs/dove_defconfig                    |    2 +-
 arch/arm/configs/multi_v5_defconfig                |    2 +-
 arch/arm/configs/orion5x_defconfig                 |    2 +-
 arch/x86/crypto/aesni-intel_glue.c                 |   10 +-
 arch/x86/crypto/crc32-pclmul_asm.S                 |   17 +-
 crypto/Kconfig                                     |   11 +
 crypto/Makefile                                    |    1 +
 crypto/af_alg.c                                    |   27 -
 crypto/ahash.c                                     |   12 +-
 crypto/algapi.c                                    |    6 +-
 crypto/algboss.c                                   |    1 -
 crypto/algif_aead.c                                |    8 +-
 crypto/algif_hash.c                                |   30 +-
 crypto/algif_skcipher.c                            |    9 +-
 crypto/api.c                                       |   13 +
 crypto/asymmetric_keys/public_key.c                |   28 +-
 crypto/cryptd.c                                    |    4 +-
 crypto/cts.c                                       |    6 +-
 crypto/dh.c                                        |   36 +-
 crypto/dh_helper.c                                 |   20 +-
 crypto/drbg.c                                      |   36 +-
 crypto/ecdh.c                                      |    6 -
 crypto/ecdh_helper.c                               |    2 +-
 crypto/gcm.c                                       |   55 +-
 crypto/gf128mul.c                                  |   13 +
 crypto/keywrap.c                                   |   84 +-
 crypto/lrw.c                                       |   17 +-
 crypto/rmd128.c                                    |    2 -
 crypto/rmd160.c                                    |    2 -
 crypto/rmd256.c                                    |    2 -
 crypto/rmd320.c                                    |    2 -
 crypto/rsa-pkcs1pad.c                              |   16 +-
 crypto/sm3_generic.c                               |  210 +++
 crypto/tcrypt.c                                    |  209 +--
 crypto/testmgr.c                                   |  210 +--
 crypto/testmgr.h                                   |   67 +
 crypto/xts.c                                       |    8 +-
 drivers/char/hw_random/Kconfig                     |    6 +-
 drivers/char/hw_random/core.c                      |   53 +-
 drivers/char/hw_random/iproc-rng200.c              |    1 +
 drivers/char/hw_random/pseries-rng.c               |    2 +-
 drivers/char/hw_random/timeriomem-rng.c            |    7 -
 drivers/char/hw_random/virtio-rng.c                |   21 +-
 drivers/char/hw_random/xgene-rng.c                 |    8 +-
 drivers/crypto/Kconfig                             |   40 +-
 drivers/crypto/Makefile                            |    1 -
 drivers/crypto/amcc/Makefile                       |    2 +-
 drivers/crypto/amcc/crypto4xx_alg.c                |  512 +++++-
 drivers/crypto/amcc/crypto4xx_core.c               |  831 +++++----
 drivers/crypto/amcc/crypto4xx_core.h               |  199 ++-
 drivers/crypto/amcc/crypto4xx_reg_def.h            |    3 +
 drivers/crypto/amcc/crypto4xx_sa.c                 |   85 -
 drivers/crypto/amcc/crypto4xx_sa.h                 |   99 +-
 drivers/crypto/atmel-aes.c                         |   80 +-
 drivers/crypto/atmel-sha.c                         |    5 +-
 drivers/crypto/atmel-tdes.c                        |   23 +-
 drivers/crypto/axis/artpec6_crypto.c               |   10 +-
 drivers/crypto/bcm/cipher.c                        |  116 +-
 drivers/crypto/bcm/cipher.h                        |    3 +-
 drivers/crypto/bcm/util.c                          |   14 +-
 drivers/crypto/caam/caamalg.c                      |   10 +-
 drivers/crypto/caam/caamalg_qi.c                   |    7 +-
 drivers/crypto/caam/caamhash.c                     |   12 +-
 drivers/crypto/caam/compat.h                       |    1 +
 drivers/crypto/caam/desc.h                         |    2 +-
 drivers/crypto/cavium/nitrox/nitrox_hal.c          |    2 +-
 drivers/crypto/ccp/ccp-crypto-aes-galois.c         |    9 +-
 drivers/crypto/ccp/ccp-crypto-main.c               |    8 +-
 drivers/crypto/ccp/ccp-dev-v5.c                    |    3 +-
 drivers/crypto/ccp/ccp-dev.c                       |    7 +-
 drivers/crypto/ccp/ccp-dmaengine.c                 |    5 +-
 drivers/crypto/chelsio/chcr_algo.c                 | 1798 ++++++++++++--------
 drivers/crypto/chelsio/chcr_algo.h                 |   57 +-
 drivers/crypto/chelsio/chcr_core.c                 |   10 +-
 drivers/crypto/chelsio/chcr_core.h                 |    2 +-
 drivers/crypto/chelsio/chcr_crypto.h               |  121 +-
 drivers/crypto/inside-secure/safexcel_hash.c       |    6 +-
 drivers/crypto/ixp4xx_crypto.c                     |    1 -
 drivers/crypto/marvell/cesa.c                      |   29 +-
 drivers/crypto/marvell/cesa.h                      |   27 +-
 drivers/crypto/marvell/cipher.c                    |  476 +++---
 drivers/crypto/marvell/tdma.c                      |    5 +-
 drivers/crypto/mediatek/mtk-aes.c                  |   39 +-
 drivers/crypto/mv_cesa.c                           | 1216 -------------
 drivers/crypto/mv_cesa.h                           |  150 --
 drivers/crypto/n2_core.c                           |   12 +-
 drivers/crypto/nx/nx-842-pseries.c                 |    2 +-
 drivers/crypto/nx/nx-aes-gcm.c                     |    9 +-
 drivers/crypto/nx/nx.c                             |    2 +-
 drivers/crypto/omap-aes-gcm.c                      |   11 +-
 drivers/crypto/omap-aes.c                          |   12 +-
 drivers/crypto/omap-des.c                          |    7 +-
 drivers/crypto/omap-sham.c                         |    7 +-
 drivers/crypto/padlock-aes.c                       |    2 +-
 drivers/crypto/padlock-sha.c                       |    2 +-
 drivers/crypto/picoxcell_crypto.c                  |    7 +-
 drivers/crypto/qat/qat_common/adf_dev_mgr.c        |    3 -
 drivers/crypto/qat/qat_common/qat_asym_algs.c      |   18 +-
 drivers/crypto/qat/qat_common/qat_uclo.c           |   15 +-
 drivers/crypto/qce/ablkcipher.c                    |    5 +-
 drivers/crypto/qce/sha.c                           |   30 +-
 drivers/crypto/s5p-sss.c                           | 1596 +++++++++++++++--
 drivers/crypto/stm32/stm32-hash.c                  |   20 +-
 drivers/crypto/talitos.c                           |  582 ++++---
 drivers/crypto/talitos.h                           |    7 +-
 drivers/crypto/ux500/cryp/cryp_core.c              |    1 -
 drivers/crypto/virtio/virtio_crypto_algs.c         |    2 +-
 drivers/crypto/vmx/aes_ctr.c                       |   33 +-
 drivers/md/dm-verity-target.c                      |   81 +-
 drivers/md/dm-verity.h                             |    5 -
 drivers/net/ethernet/chelsio/cxgb4/sge.c           |    8 +-
 fs/cifs/smb2ops.c                                  |   30 +-
 fs/crypto/crypto.c                                 |   28 +-
 fs/crypto/fname.c                                  |   36 +-
 fs/crypto/fscrypt_private.h                        |   10 -
 fs/crypto/keyinfo.c                                |   21 +-
 include/crypto/dh.h                                |    2 +-
 include/crypto/drbg.h                              |    3 +-
 include/crypto/ecdh.h                              |    2 +-
 include/crypto/gcm.h                               |    8 +
 include/crypto/gf128mul.h                          |    2 +-
 include/crypto/hash.h                              |   28 +-
 include/crypto/if_alg.h                            |   15 +-
 include/crypto/sm3.h                               |   40 +
 include/crypto/sm3_base.h                          |  117 ++
 include/linux/crypto.h                             |   40 +
 include/linux/padata.h                             |    4 +
 kernel/padata.c                                    |   71 +-
 lib/mpi/mpi-pow.c                                  |    2 +
 net/ipv4/ah4.c                                     |    2 +-
 net/ipv4/esp4.c                                    |    2 +-
 net/ipv6/ah6.c                                     |    2 +-
 net/ipv6/esp6.c                                    |    2 +-
 security/integrity/ima/ima_crypto.c                |   56 +-
 138 files changed, 5712 insertions(+), 4661 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.15
  2017-09-22  8:44       ` Crypto Fixes for 4.14 Herbert Xu
  2017-10-12 10:51         ` Herbert Xu
@ 2017-11-28 23:09         ` Herbert Xu
  2017-12-11  7:22           ` Herbert Xu
  2017-12-22  6:49           ` Herbert Xu
  1 sibling, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2017-11-28 23:09 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Potential bogus alignment for some AEAD operations.
- Crash in algif_aead.
- Sleeping in softirq context with async af_alg.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ondrej Mosnáček (1):
      crypto: skcipher - Fix skcipher_walk_aead_common

Stephan Mueller (2):
      crypto: algif_aead - skip SGL entries with NULL page
      crypto: af_alg - remove locking in async callback

 crypto/af_alg.c         |   21 ++++++++++++------
 crypto/algif_aead.c     |   56 ++++++++++++++++++++++++++++++-----------------
 crypto/algif_skcipher.c |   23 +++++++++----------
 crypto/skcipher.c       |    3 +++
 include/crypto/if_alg.h |    1 +
 5 files changed, 66 insertions(+), 38 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.15
  2017-11-28 23:09         ` Crypto Fixes for 4.15 Herbert Xu
@ 2017-12-11  7:22           ` Herbert Xu
  2017-12-22  6:49           ` Herbert Xu
  1 sibling, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2017-12-11  7:22 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Buffer overread in RSA.
- Potential use after free in algif_aead.
- Error path null pointer dereference in af_alg.
- Forbid combinations such as hmac(hmac(sha3)) which may crash.
- Crash in salsa20 due to incorrect API usage.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Eric Biggers (5):
      crypto: rsa - fix buffer overread when stripping leading zeroes
      crypto: algif_aead - fix reference counting of null skcipher
      crypto: af_alg - fix NULL pointer dereference in
      crypto: hmac - require that the underlying hash algorithm is unkeyed
      crypto: salsa20 - fix blkcipher_walk API usage

 arch/x86/crypto/salsa20_glue.c |    7 -------
 crypto/af_alg.c                |   13 +++++++------
 crypto/algif_aead.c            |    2 +-
 crypto/hmac.c                  |    6 +++++-
 crypto/rsa_helper.c            |    2 +-
 crypto/salsa20_generic.c       |    7 -------
 crypto/shash.c                 |    5 +++--
 include/crypto/internal/hash.h |    8 ++++++++
 8 files changed, 25 insertions(+), 25 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.15
  2017-11-28 23:09         ` Crypto Fixes for 4.15 Herbert Xu
  2017-12-11  7:22           ` Herbert Xu
@ 2017-12-22  6:49           ` Herbert Xu
  2018-01-05  7:38             ` Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2017-12-22  6:49 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Fix chacha20 crash on zero-length input due to unset IV.
- Fix potential race conditions in mcryptd with spinlock.
- Only wait once at top of algif recvmsg to avoid inconsistencies.
- Fix potential use-after-free in algif_aead/algif_skcipher.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Eric Biggers (1):
      crypto: skcipher - set walk.iv for zero-length inputs

Sebastian Andrzej Siewior (1):
      crypto: mcryptd - protect the per-CPU queue with a lock

Stephan Mueller (2):
      crypto: af_alg - wait for data at beginning of recvmsg
      crypto: af_alg - fix race accessing cipher request

 crypto/af_alg.c          |    6 ------
 crypto/algif_aead.c      |   16 +++++++++++-----
 crypto/algif_skcipher.c  |   16 +++++++++++-----
 crypto/mcryptd.c         |   23 ++++++++++-------------
 crypto/skcipher.c        |   10 ++++------
 include/crypto/mcryptd.h |    1 +
 6 files changed, 37 insertions(+), 35 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.15
  2017-12-22  6:49           ` Herbert Xu
@ 2018-01-05  7:38             ` Herbert Xu
  2018-01-12  6:44               ` Herbert Xu
  2018-02-12  3:17               ` Crypto Fixes for 4.16 Herbert Xu
  0 siblings, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2018-01-05  7:38 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Racy use of ctx->rcvused in af_alg.
- algif_aead crash in chacha20poly1305.
- Freeing bogus pointer in pcrypt.
- Build error on MIPS in mpi.
- Memory leak in inside-secure.
- Memory overwrite in inside-secure.
- NULL pointer dereference in inside-secure.
- State corruption in inside-secure.
- Build error without CRYPTO_GF128MUL in chelsio.
- Use after free in n2.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Antoine Ténart (3):
      crypto: inside-secure - free requests even if their handling failed
      crypto: inside-secure - fix request allocations in invalidation path
      crypto: inside-secure - do not use areq->result for partial results

Arnd Bergmann (1):
      crypto: chelsio - select CRYPTO_GF128MUL

Eric Biggers (2):
      crypto: chacha20poly1305 - validate the digest size
      crypto: pcrypt - fix freeing pcrypt instances

James Hogan (1):
      lib/mpi: Fix umul_ppmm() for MIPS64r6

Jan Engelhardt (1):
      crypto: n2 - cure use after free

Jonathan Cameron (1):
      crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t

Ofer Heifetz (1):
      crypto: inside-secure - per request invalidation

 crypto/af_alg.c                                |    4 +-
 crypto/algif_aead.c                            |    2 +-
 crypto/algif_skcipher.c                        |    2 +-
 crypto/chacha20poly1305.c                      |    6 +-
 crypto/pcrypt.c                                |   19 ++---
 drivers/crypto/chelsio/Kconfig                 |    1 +
 drivers/crypto/inside-secure/safexcel.c        |    1 +
 drivers/crypto/inside-secure/safexcel_cipher.c |   85 ++++++++++++++++------
 drivers/crypto/inside-secure/safexcel_hash.c   |   89 +++++++++++++++++-------
 drivers/crypto/n2_core.c                       |    3 +
 include/crypto/if_alg.h                        |    5 +-
 lib/mpi/longlong.h                             |   18 ++++-
 12 files changed, 173 insertions(+), 62 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.15
  2018-01-05  7:38             ` Herbert Xu
@ 2018-01-12  6:44               ` Herbert Xu
  2018-02-12  3:17               ` Crypto Fixes for 4.16 Herbert Xu
  1 sibling, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2018-01-12  6:44 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes a NULL pointer dereference in crypto_remove_spawns
that can be triggered through af_alg.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Eric Biggers (1):
      crypto: algapi - fix NULL dereference in crypto_remove_spawns()

 crypto/algapi.c |   12 ++++++++++++
 1 file changed, 12 insertions(+)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.16
  2017-11-13  7:43       ` Crypto Update for 4.15 Herbert Xu
@ 2018-01-29 14:50         ` Herbert Xu
  2018-04-04 15:27           ` Crypto Update for 4.17 Herbert Xu
  2018-10-23 10:09         ` Crypto Update for 4.20 Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2018-01-29 14:50 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.16:

API:

- Enforce the setting of keys for keyed aead/hash/skcipher
algorithms.
- Add multibuf speed tests in tcrypt.

Algorithms:

- Improve performance of sha3-generic.
- Add native sha512 support on arm64.
- Add v8.2 Crypto Extentions version of sha3/sm3 on arm64.
- Avoid hmac nesting by requiring underlying algorithm to be unkeyed.
- Add cryptd_max_cpu_qlen module parameter to cryptd.

Drivers:

- Add support for EIP97 engine in inside-secure.
- Add inline IPsec support to chelsio.
- Add RevB core support to crypto4xx.
- Fix AEAD ICV check in crypto4xx.
- Add stm32 crypto driver.
- Add support for BCM63xx platforms in bcm2835 and remove bcm63xx.
- Add Derived Key Protocol (DKP) support in caam.
- Add Samsung Exynos True RNG driver.
- Add support for Exynos5250+ SoCs in exynos PRNG driver.

Please note that there will be a conflict with the net tree due
updates to the same header file in the chelsio driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Alexey Khoroshilov (1):
      crypto: picoxcell - Fix error handling in spacc_probe()

Antoine Tenart (1):
      Documentation/bindings: crypto: document the SafeXcel EIP97 compatible

Antoine Ténart (14):
      crypto: inside-secure - remove extra empty line
      crypto: inside-secure - fix typo in a comment
      crypto: inside-secure - remove useless memset
      crypto: inside-secure - comment the caching function
      crypto: inside-secure - move request dequeueing into a workqueue
      crypto: inside-secure - use threaded IRQs for result handling
      crypto: inside-secure - dequeue all requests at once
      crypto: inside-secure - increase the ring size
      crypto: inside-secure - acknowledge the result requests all at once
      crypto: inside-secure - handle more result requests when counter is full
      crypto: inside-secure - retry to proceed the request later on fail
      crypto: inside-secure - EIP97 support
      crypto: inside-secure - avoid unmapping DMA memory that was not mapped
      crypto: inside-secure - fix hash when length is a multiple of a block

Ard Biesheuvel (16):
      crypto: arm64/aes-ce-cipher - move assembler code to .S file
      crypto: arm64 - implement SHA-512 using special instructions
      crypto: arm64/aes-cipher - move S-box to .rodata section
      crypto: arm64/aes-neon - move literal data to .rodata section
      crypto: arm64/crc32 - move literal data to .rodata section
      crypto: arm64/crct10dif - move literal data to .rodata section
      crypto: arm64/sha2-ce - move the round constant table to .rodata section
      crypto: arm64/sha1-ce - get rid of literal pool
      crypto: sha3-generic - fixes for alignment and big endian operation
      crypto: sha3-generic - rewrite KECCAK transform to help the compiler optimize
      crypto: sha3-generic - simplify code
      crypto: sha3-generic - export init/update/final routines
      crypto: testmgr - add new testcases for sha3
      crypto: arm64/sha3 - new v8.2 Crypto Extensions implementation
      crypto: arm64/sm3 - new v8.2 Crypto Extensions implementation
      crypto: arm64/sha512 - fix/improve new v8.2 Crypto Extensions code

Arnd Bergmann (3):
      crypto: qat - reduce stack size with KASAN
      crypto: aes-generic - build with -Os on gcc-7+
      crypto: aes-generic - fix aes-generic regression on powerpc

Atul Gupta (3):
      cxgb4: Add support for Inline IPSec Tx
      chcr: Add support for Inline IPSec
      crypto: chelsio - fix a type cast error

Cheah Kok Cheong (1):
      padata: add SPDX identifier

Christian Lamparter (5):
      crypto: crypto4xx - shuffle iomap in front of request_irq
      crypto: crypto4xx - support Revision B parts
      crypto: crypto4xx - fix missing irq devname
      crypto: crypto4xx - kill MODULE_NAME
      crypto: crypto4xx - perform aead icv check in the driver

Christophe Jaillet (1):
      crypto: hifn_795x - Fix a memory leak in the error handling path of 'hifn_probe()'

Colin Ian King (10):
      crypto: chelsio - remove redundant assignments to reqctx and dst_size
      crypto: nx - fix spelling mistake: "availavle" -> "available"
      crypto: cavium - fix memory leak on info
      crypto: cryptd - make cryptd_max_cpu_qlen module parameter static
      crypto: chelsio - make arrays sgl_ent_len and dsgl_ent_len static
      chcr: remove unused variables net_device, pi, adap and cntrl
      chcr: ensure cntrl is initialized to fix bit-wise or'ing of garabage data
      crypto: tcrypt - fix spelling mistake: "bufufer"-> "buffer"
      crypto: tcrypt - free xoutbuf instead of axbuf
      crypto: inside-secure - make function safexcel_try_push_requests static

Corentin LABBE (2):
      crypto: stm32 - fix module device table name
      crypto: artpec6 - remove select on non-existing CRYPTO_SHA384

Corentin Labbe (4):
      crypto: arm64/aes - do not call crypto_unregister_skcipher twice on error
      crypto: echainiv - Remove unused alg/spawn variable
      crypto: seqiv - Remove unused alg/spawn variable
      crypto: stm32 - Use standard CONFIG name

Dan Carpenter (3):
      crypto: chelsio - Fix an error code in chcr_hash_dma_map()
      crypto: s5p-sss - Remove a stray tab
      hwrng: exynos - Signedness bug in exynos_trng_do_read()

Eric Biggers (32):
      crypto: rsa - fix buffer overread when stripping leading zeroes
      crypto: algif_aead - fix reference counting of null skcipher
      crypto: af_alg - fix NULL pointer dereference in
      crypto: hmac - require that the underlying hash algorithm is unkeyed
      crypto: salsa20 - fix blkcipher_walk API usage
      crypto: chacha20 - Fix unaligned access when loading constants
      crypto: chacha20 - Use unaligned access macros when loading key and IV
      crypto: chacha20 - Remove cra_alignmask
      crypto: x86/chacha20 - Remove cra_alignmask
      crypto: chacha20 - Fix keystream alignment for chacha20_block()
      crypto: api - Unexport crypto_larval_lookup()
      crypto: null - Get rid of crypto_{get,put}_default_null_skcipher2()
      crypto: gf128mul - remove incorrect comment
      crypto: x86/twofish-3way - Fix %rbp usage
      crypto: algapi - convert cra_refcnt to refcount_t
      crypto: algapi - remove unused notifications
      crypto: poly1305 - use unaligned access macros to output digest
      crypto: poly1305 - remove cra_alignmask
      crypto: x86/poly1305 - remove cra_alignmask
      crypto: chacha20 - use rol32() macro from bitops.h
      crypto: hash - introduce crypto_hash_alg_has_setkey()
      crypto: cryptd - pass through absence of ->setkey()
      crypto: mcryptd - pass through absence of ->setkey()
      crypto: poly1305 - remove ->setkey() method
      crypto: hash - annotate algorithms taking optional key
      crypto: hash - prevent using keyed hashes without setting key
      crypto: ghash - remove checks for key being set
      crypto: skcipher - prevent using skciphers without setting key
      crypto: aead - prevent using AEADs without setting key
      crypto: salsa20-generic - cleanup and convert to skcipher API
      crypto: salsa20 - export generic helpers
      crypto: x86/salsa20 - cleanup and convert to skcipher API

Fabien DESSENNE (2):
      dt-bindings: Document STM32 CRYP bindings
      crypto: stm32 - Support for STM32 CRYP crypto module

Florian Fainelli (12):
      hwrng: bcm2835 - Obtain base register via resource
      hwrng: bcm2835 - Define a driver private context
      hwrng: bcm2835 - Move enabling to hwrng::init
      hwrng: bcm2835 - Implementation cleanup callback
      hwrng: bcm2835 - Use device managed helpers
      hwrng: bcm2835 - Rework interrupt masking
      hwrng: bcm2835 - Manage an optional clock
      hwrng: bcm2835 - Abstract I/O accessors
      hwrng: bcm2835 - Add Broadcom MIPS I/O accessors
      dt-bindings: rng: Incorporate brcm,bcm6368.txt binding
      hwrng: bcm2835 - Enable BCM2835 RNG to work on BCM63xx platforms
      hwrng: bcm63xx - Remove since bcm2835-rng takes over

Gary R Hook (1):
      hwrng: core - Clean up RNG list when last hwrng is unregistered

Geert Uytterhoeven (1):
      crypto: keywrap - Add missing ULL suffixes for 64-bit constants

Gilad Ben-Yossef (7):
      dt-bindings: add device tree binding for Arm TrustZone CryptoCell crypto engine
      crypto: tcrypt - use multi buf for ahash mb test
      crypto: tcrypt - fix AEAD decryption speed test
      crypto: tcrypt - allow setting num of bufs
      crypto: tcrypt - add multi buf ahash jiffies test
      crypto: tcrypt - add multibuf skcipher speed test
      crypto: tcrypt - add multibuf aead speed test

Gomonovych, Vasyl (1):
      crypto: arm/aes-neonbs - Use PTR_ERR_OR_ZERO()

Harsh Jain (6):
      crypto: chelsio - Fix Indentation
      crypto: chelsio - check for sg null
      crypto: chelsio - Fix IV updated in XTS operation
      crypto: chelsio - Add authenc versions of ctr and sha
      crypto: chelsio - Remove dst sg size zero check
      crypto: chelsio - Fix indentation warning

Hauke Mehrtens (1):
      crypto: ecdh - fix typo in KPP dependency of CRYPTO_ECDH

Herbert Xu (1):
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Himanshu Jha (1):
      crypto: Use zeroing memory allocator instead of allocator/memset

Horia Geantă (5):
      crypto: caam/qi - use correct print specifier for size_t
      crypto: caam - constify key data
      crypto: caam - remove needless ablkcipher key copy
      crypto: caam - save Era in driver's private data
      crypto: caam - add Derived Key Protocol (DKP) support

Joey Pabalinas (1):
      crypto: testmgr - change `guard` to unsigned char

Jon Maxwell (1):
      crypto: cryptd - Add cryptd_max_cpu_qlen module parameter

Junaid Shahid (2):
      crypto: aesni - Fix out-of-bounds access of the data buffer in generic-gcm-aesni
      crypto: aesni - Fix out-of-bounds access of the AAD buffer in generic-gcm-aesni

Kamil Konieczny (2):
      MAINTAINERS: Add myself as co-maintainer for s5p-sss.c
      crypto: testmgr - test misuse of result in ahash

Krzysztof Kozlowski (2):
      crypto: exynos-rng - Add SPDX license identifier and correct module license
      crypto: s5p-sss - Add SPDX license identifier

Lars Persson (1):
      crypto: artpec6 - set correct iv size for gcm(aes)

Martin Kaiser (1):
      hwrng: imx-rngc - simplify the power management definitions

Martin Kepplinger (1):
      crypto: replace FSF address with web source in license notices

Ofer Heifetz (4):
      crypto: inside-secure - refrain from unneeded invalidations
      crypto: inside-secure - EBUSY is not an error on async request
      crypto: inside-secure - move cipher crypto mode to request context
      crypto: inside-secure - remove unused parameter in invalidate_cache

Pierre (1):
      crypto: ecc - Fix NULL pointer deref. on no default_rng

Pravin Shedge (1):
      crypto: drivers - remove duplicate includes

Robert Baronescu (1):
      crypto: tcrypt - fix S/G table for test_aead_speed()

Robin Murphy (1):
      crypto: marvell/cesa - Fix DMA API misuse

Sabrina Dubroca (2):
      crypto: aesni - fix typo in generic_gcmaes_decrypt
      crypto: aesni - add wrapper for generic gcm(aes)

Sean Wang (1):
      hwrng: mediatek - Setup default RNG quality

Stephan Mueller (2):
      crypto: af_alg - whitelist mask and type
      crypto: aesni - handle zero length dst buffer

Tudor-Dan Ambarus (1):
      crypto: tcrypt - set assoc in sg_init_aead()

Yang Shi (1):
      crypto: remove unused hardirq.h

Zhou Wang (1):
      crypto: scomp - delete unused comments

tcharding (1):
      crypto: doc - clear htmldocs build warnings for crypto/hash

weiyongjun \(A\) (4):
      hwrng: exynos - remove redundant dev_err call in exynos_trng_probe()
      crypto: axis - remove unnecessary platform_get_resource() error check
      crypto: stm32 - remove redundant dev_err call in stm32_cryp_probe()
      hwrng: bcm2835 - Remove redundant dev_err call in bcm2835_rng_probe()

Łukasz Stelmach (6):
      crypto: exynos - Icrease the priority of the driver
      crypto: exynos - Support Exynos5250+ SoCs
      crypto: exynos - Improve performance of PRNG
      crypto: exynos - Reseed PRNG after generating 2^16 random bytes
      crypto: exynos - Introduce mutex to prevent concurrent access to hardware
      hwrng: exynos - add Samsung Exynos True RNG driver

 .../devicetree/bindings/crypto/arm-cryptocell.txt  |   22 +
 .../bindings/crypto/inside-secure-safexcel.txt     |    3 +-
 .../bindings/crypto/samsung,exynos-rng4.txt        |    4 +-
 .../devicetree/bindings/crypto/st,stm32-cryp.txt   |   19 +
 .../devicetree/bindings/rng/brcm,bcm2835.txt       |   22 +-
 .../devicetree/bindings/rng/brcm,bcm6368.txt       |   17 -
 MAINTAINERS                                        |    8 +
 arch/arm/crypto/aes-neonbs-glue.c                  |   10 +-
 arch/arm/crypto/crc32-ce-glue.c                    |    2 +
 arch/arm64/crypto/Kconfig                          |   18 +
 arch/arm64/crypto/Makefile                         |   11 +-
 arch/arm64/crypto/aes-ce-core.S                    |   87 ++
 .../crypto/{aes-ce-cipher.c => aes-ce-glue.c}      |  115 +-
 arch/arm64/crypto/aes-cipher-core.S                |   19 +-
 arch/arm64/crypto/aes-glue.c                       |    1 +
 arch/arm64/crypto/aes-neon.S                       |    8 +-
 arch/arm64/crypto/crc32-ce-core.S                  |    7 +-
 arch/arm64/crypto/crc32-ce-glue.c                  |    2 +
 arch/arm64/crypto/crct10dif-ce-core.S              |   17 +-
 arch/arm64/crypto/sha1-ce-core.S                   |   20 +-
 arch/arm64/crypto/sha2-ce-core.S                   |    4 +-
 arch/arm64/crypto/sha3-ce-core.S                   |  210 ++++
 arch/arm64/crypto/sha3-ce-glue.c                   |  161 +++
 arch/arm64/crypto/sha512-ce-core.S                 |  204 ++++
 arch/arm64/crypto/sha512-ce-glue.c                 |  119 ++
 arch/arm64/crypto/sha512-glue.c                    |    1 +
 arch/arm64/crypto/sm3-ce-core.S                    |  141 +++
 arch/arm64/crypto/sm3-ce-glue.c                    |   92 ++
 arch/powerpc/crypto/crc32c-vpmsum_glue.c           |    1 +
 arch/s390/crypto/crc32-vx.c                        |    3 +
 arch/sparc/crypto/crc32c_glue.c                    |    1 +
 arch/x86/crypto/aesni-intel_asm.S                  |  199 +---
 arch/x86/crypto/aesni-intel_glue.c                 |   70 +-
 arch/x86/crypto/chacha20_glue.c                    |    1 -
 arch/x86/crypto/crc32-pclmul_glue.c                |    1 +
 arch/x86/crypto/crc32c-intel_glue.c                |    1 +
 arch/x86/crypto/poly1305_glue.c                    |    2 -
 arch/x86/crypto/salsa20-i586-asm_32.S              |  184 +--
 arch/x86/crypto/salsa20-x86_64-asm_64.S            |  114 --
 arch/x86/crypto/salsa20_glue.c                     |  110 +-
 arch/x86/crypto/twofish-x86_64-asm_64-3way.S       |  112 +-
 crypto/Kconfig                                     |    4 +-
 crypto/Makefile                                    |    1 +
 crypto/ablk_helper.c                               |    5 +-
 crypto/aead.c                                      |   19 +-
 crypto/af_alg.c                                    |   23 +-
 crypto/ahash.c                                     |   33 +-
 crypto/algapi.c                                    |   13 +-
 crypto/algif_aead.c                                |   15 +-
 crypto/algif_hash.c                                |   52 +-
 crypto/algif_skcipher.c                            |   59 +-
 crypto/api.c                                       |    6 +-
 crypto/authenc.c                                   |    4 +-
 crypto/authencesn.c                                |    4 +-
 crypto/blkcipher.c                                 |    1 -
 crypto/camellia_generic.c                          |    3 +-
 crypto/cast5_generic.c                             |    3 +-
 crypto/cast6_generic.c                             |    3 +-
 crypto/chacha20_generic.c                          |   33 +-
 crypto/crc32_generic.c                             |    1 +
 crypto/crc32c_generic.c                            |    1 +
 crypto/cryptd.c                                    |   17 +-
 crypto/crypto_user.c                               |    4 +-
 crypto/ecc.c                                       |    2 +-
 crypto/echainiv.c                                  |    5 -
 crypto/gcm.c                                       |    4 +-
 crypto/gf128mul.c                                  |    2 -
 crypto/ghash-generic.c                             |    6 -
 crypto/hmac.c                                      |    6 +-
 crypto/internal.h                                  |    8 +-
 crypto/keywrap.c                                   |    4 +-
 crypto/mcryptd.c                                   |   11 +-
 crypto/poly1305_generic.c                          |   27 +-
 crypto/proc.c                                      |    2 +-
 crypto/rsa_helper.c                                |    2 +-
 crypto/salsa20_generic.c                           |  245 ++--
 crypto/seqiv.c                                     |    5 -
 crypto/sha3_generic.c                              |  332 +++---
 crypto/shash.c                                     |   30 +-
 crypto/simd.c                                      |    4 +-
 crypto/skcipher.c                                  |   30 +-
 crypto/tcrypt.c                                    | 1085 ++++++++++++++++--
 crypto/testmgr.c                                   |   41 +-
 crypto/testmgr.h                                   |  550 +++++++++
 crypto/twofish_common.c                            |    5 +-
 crypto/twofish_generic.c                           |    5 +-
 crypto/xcbc.c                                      |    3 +-
 drivers/char/hw_random/Kconfig                     |   32 +-
 drivers/char/hw_random/Makefile                    |    2 +-
 drivers/char/hw_random/bcm2835-rng.c               |  169 ++-
 drivers/char/hw_random/bcm63xx-rng.c               |  154 ---
 drivers/char/hw_random/core.c                      |    4 +
 drivers/char/hw_random/exynos-trng.c               |  235 ++++
 drivers/char/hw_random/imx-rngc.c                  |   13 +-
 drivers/char/hw_random/mtk-rng.c                   |    1 +
 drivers/char/random.c                              |   24 +-
 drivers/crypto/Kconfig                             |    1 -
 drivers/crypto/amcc/crypto4xx_alg.c                |    6 +-
 drivers/crypto/amcc/crypto4xx_core.c               |  131 ++-
 drivers/crypto/amcc/crypto4xx_core.h               |    4 +-
 drivers/crypto/amcc/crypto4xx_reg_def.h            |    4 +-
 drivers/crypto/amcc/crypto4xx_trng.c               |    2 +-
 drivers/crypto/axis/artpec6_crypto.c               |    8 +-
 drivers/crypto/bcm/cipher.c                        |    1 -
 drivers/crypto/bfin_crc.c                          |    3 +-
 drivers/crypto/caam/caamalg.c                      |  120 +-
 drivers/crypto/caam/caamalg_desc.c                 |  182 +--
 drivers/crypto/caam/caamalg_desc.h                 |   10 +-
 drivers/crypto/caam/caamalg_qi.c                   |   68 +-
 drivers/crypto/caam/caamhash.c                     |   73 +-
 drivers/crypto/caam/ctrl.c                         |    4 +-
 drivers/crypto/caam/desc.h                         |   29 +
 drivers/crypto/caam/desc_constr.h                  |   51 +-
 drivers/crypto/caam/intern.h                       |    1 +
 drivers/crypto/caam/key_gen.c                      |   30 -
 drivers/crypto/caam/key_gen.h                      |   30 +
 drivers/crypto/cavium/cpt/cptvf_reqmanager.c       |    3 +-
 drivers/crypto/cavium/nitrox/nitrox_reqmgr.c       |    1 -
 drivers/crypto/ccp/ccp-crypto-aes-galois.c         |    1 -
 drivers/crypto/chelsio/Kconfig                     |   10 +
 drivers/crypto/chelsio/Makefile                    |    1 +
 drivers/crypto/chelsio/chcr_algo.c                 |  540 +++++----
 drivers/crypto/chelsio/chcr_algo.h                 |   15 -
 drivers/crypto/chelsio/chcr_core.c                 |   14 +
 drivers/crypto/chelsio/chcr_core.h                 |   38 +
 drivers/crypto/chelsio/chcr_crypto.h               |   76 +-
 drivers/crypto/chelsio/chcr_ipsec.c                |  654 +++++++++++
 drivers/crypto/exynos-rng.c                        |  108 +-
 drivers/crypto/hifn_795x.c                         |    1 +
 drivers/crypto/inside-secure/safexcel.c            |  370 ++++---
 drivers/crypto/inside-secure/safexcel.h            |  173 ++-
 drivers/crypto/inside-secure/safexcel_cipher.c     |   53 +-
 drivers/crypto/inside-secure/safexcel_hash.c       |  125 ++-
 drivers/crypto/ixp4xx_crypto.c                     |    7 +-
 drivers/crypto/marvell/cesa.c                      |   19 +-
 drivers/crypto/nx/nx-842-powernv.c                 |    4 +-
 drivers/crypto/picoxcell_crypto.c                  |   27 +-
 drivers/crypto/qat/qat_common/qat_hal.c            |  133 +--
 drivers/crypto/s5p-sss.c                           |   26 +-
 drivers/crypto/stm32/Kconfig                       |   13 +-
 drivers/crypto/stm32/Makefile                      |    5 +-
 drivers/crypto/stm32/stm32-cryp.c                  | 1170 ++++++++++++++++++++
 drivers/crypto/stm32/stm32_crc32.c                 |    2 +
 drivers/net/ethernet/chelsio/cxgb4/cxgb4.h         |   23 +
 drivers/net/ethernet/chelsio/cxgb4/cxgb4_debugfs.c |    2 +
 drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c    |    2 +-
 drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.c     |    1 +
 drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.h     |    3 +
 drivers/net/ethernet/chelsio/cxgb4/sge.c           |  102 +-
 drivers/net/ethernet/chelsio/cxgb4/t4fw_api.h      |    7 +
 .../lustre/lnet/libcfs/linux/linux-crypto-adler.c  |    1 +
 include/crypto/aead.h                              |   10 +-
 include/crypto/chacha20.h                          |    3 +-
 include/crypto/hash.h                              |   46 +-
 include/crypto/internal/hash.h                     |   10 +
 include/crypto/internal/scompress.h                |   11 -
 include/crypto/null.h                              |   10 -
 include/crypto/poly1305.h                          |    2 -
 include/crypto/salsa20.h                           |   27 +
 include/crypto/sha3.h                              |    6 +-
 include/crypto/skcipher.h                          |   11 +-
 include/linux/crypto.h                             |   10 +-
 kernel/padata.c                                    |    1 +
 lib/chacha20.c                                     |   71 +-
 164 files changed, 7495 insertions(+), 2706 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.16
  2018-01-05  7:38             ` Herbert Xu
  2018-01-12  6:44               ` Herbert Xu
@ 2018-02-12  3:17               ` Herbert Xu
  2018-02-22 14:15                 ` Herbert Xu
  2018-04-28  8:05                 ` Crypto Fixes for 4.17 Herbert Xu
  1 sibling, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2018-02-12  3:17 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Fix oversize stack frames on mn10300 in sha3-generic.
- Fix warning on old compilers in sha3-generic.
- Fix API error in sun4i_ss_prng.
- Fix potential dead-lock in sun4i_ss_prng.
- Fix null-pointer dereference in sha512-mb.
- Fix endless loop when DECO acquire fails in caam.
- Fix kernel oops when hashing empty message in talitos.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (1):
      crypto: sha3-generic - deal with oversize stack frames

Artem Savkov (2):
      crypto: sun4i_ss_prng - fix return value of sun4i_ss_prng_generate
      crypto: sun4i_ss_prng - convert lock to _bh in sun4i_ss_prng_generate

Eric Biggers (1):
      crypto: sha512-mb - initialize pending lengths correctly

Geert Uytterhoeven (3):
      compiler-gcc.h: Introduce __optimize function attribute
      compiler-gcc.h: __nostackprotector needs gcc-4.4 and up
      crypto: sha3-generic - Use __optimize to support old compilers

Horia Geantă (1):
      crypto: caam - fix endless loop when DECO acquire fails

LEROY Christophe (1):
      crypto: talitos - fix Kernel Oops on hashing an empty file

 .../x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.c |   10 +-
 crypto/sha3_generic.c                              |  218 +++++++++++---------
 drivers/crypto/caam/ctrl.c                         |    8 +-
 drivers/crypto/sunxi-ss/sun4i-ss-prng.c            |    6 +-
 drivers/crypto/talitos.c                           |    4 +
 include/linux/compiler-gcc.h                       |    7 +-
 include/linux/compiler.h                           |    4 +
 7 files changed, 146 insertions(+), 111 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.16
  2018-02-12  3:17               ` Crypto Fixes for 4.16 Herbert Xu
@ 2018-02-22 14:15                 ` Herbert Xu
  2018-04-28  8:05                 ` Crypto Fixes for 4.17 Herbert Xu
  1 sibling, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2018-02-22 14:15 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes an oops in the s5p-sss driver when used with
ecb(aes).


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Kamil Konieczny (1):
      crypto: s5p-sss - Fix kernel Oops in AES-ECB mode

 drivers/crypto/s5p-sss.c |   12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.17
  2018-01-29 14:50         ` Crypto Update for 4.16 Herbert Xu
@ 2018-04-04 15:27           ` Herbert Xu
  2018-06-04 17:15             ` Crypto Update for 4.18 Herbert Xu
  0 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2018-04-04 15:27 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.17:

API:

- Add AEAD support to crypto engine.
- Allow batch registration in simd.

Algorithms:

- Add CFB mode.
- Add speck block cipher.
- Add sm4 block cipher.
- Add new test case for crct10dif.
- Improve scheduling latency on ARM.
- Add scatter/gather support to gcm in aesni.
- Convert x86 crypto algorithms to skcihper.

Drivers:

- Add hmac(sha224/sha256) support in inside-secure.
- Add aes gcm/ccm support in stm32.
- Add stm32mp1 support in stm32.
- Add ccree driver from staging tree.
- Add gcm support over QI in caam.
- Add ks-sa hwrng driver.

Please note that there will be a conflict with the net tree due
updates to the same header file in the chelsio driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Andy Shevchenko (1):
      crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array()

Antoine Tenart (20):
      MAINTAINERS: update the Inside Secure maintainer email
      crypto: inside-secure - do not overwrite the threshold value
      crypto: inside-secure - fix the extra cache computation
      crypto: inside-secure - fix the cache_len computation
      crypto: inside-secure - do not process request if no command was issued
      crypto: inside-secure - fix the invalidation step during cra_exit
      crypto: inside-secure - keep the requests push/pop synced
      crypto: inside-secure - unmap the result in the hash send error path
      crypto: atmel-aes - fix the keys zeroing on errors
      crypto: inside-secure - move cache result dma mapping to request
      crypto: inside-secure - wait for the request to complete if in the backlog
      crypto: inside-secure - move the digest to the request context
      crypto: inside-secure - fix typo s/allways/always/ in a define
      crypto: inside-secure - fix a typo in a register name
      crypto: inside-secure - improve the send error path
      crypto: inside-secure - do not access buffers mapped to the device
      crypto: inside-secure - improve the skcipher token
      crypto: inside-secure - the context ipad/opad should use the state sz
      crypto: inside-secure - hmac(sha256) support
      crypto: inside-secure - hmac(sha224) support

Ard Biesheuvel (9):
      crypto: testmgr - add a new test case for CRC-T10DIF
      crypto: arm64/aes-ce-ccm - move kernel mode neon en/disable into loop
      crypto: arm64/aes-blk - move kernel mode neon en/disable into loop
      crypto: arm64/aes-bs - move kernel mode neon en/disable into loop
      crypto: arm64/chacha20 - move kernel mode neon en/disable into loop
      crypto: arm64/aes-blk - remove configurable interleave
      crypto: arm64/aes-blk - add 4 way interleave to CBC encrypt path
      crypto: arm64/aes-blk - add 4 way interleave to CBC-MAC encrypt path
      crypto: arm64/sha256-neon - play nice with CONFIG_PREEMPT kernels

Arnd Bergmann (1):
      crypto: bfin_crc - remove blackfin CRC driver

Atul Gupta (1):
      crypto: chelsio - no csum offload for ipsec path

Brijesh Singh (3):
      crypto: ccp - add check to get PSP master only when PSP is detected
      crypto: ccp - Fix sparse, use plain integer as NULL pointer
      include: psp-sev: Capitalize invalid length enum

Colin Ian King (4):
      crypto: chelsio - Make function aead_ccm_validate_input static
      crypto: ccp - Make function ccp_get_dma_chan_attr static
      crypto: qat - Make several functions static
      hwrng: cavium - make two functions static

Conor McLoughlin (1):
      crypto: testmgr - Fix incorrect values in PKCS#1 test vector

Corentin LABBE (6):
      crypto: doc - document crypto engine API
      crypto: engine - Permit to enqueue all async requests
      crypto: omap - convert to new crypto engine API
      crypto: virtio - convert to new crypto engine API
      crypto: stm32-hash - convert to the new crypto engine API
      crypto: stm32-cryp - convert to the new crypto engine API

Dave Watson (14):
      crypto: aesni - Merge INITIAL_BLOCKS_ENC/DEC
      crypto: aesni - Macro-ify func save/restore
      crypto: aesni - Add GCM_INIT macro
      crypto: aesni - Add GCM_COMPLETE macro
      crypto: aesni - Merge encode and decode to GCM_ENC_DEC macro
      crypto: aesni - Introduce gcm_context_data
      crypto: aesni - Split AAD hash calculation to separate macro
      crypto: aesni - Fill in new context data structures
      crypto: aesni - Move ghash_mul to GCM_COMPLETE
      crypto: aesni - Move HashKey computation from stack to gcm_context
      crypto: aesni - Introduce partial block macro
      crypto: aesni - Add fast path for > 16 byte update
      crypto: aesni - Introduce scatter/gather asm function stubs
      crypto: aesni - Update aesni-intel_glue to use scatter/gather

Eric Biggers (40):
      crypto: mcryptd - remove pointless wrapper functions
      crypto: sha1-mb - remove HASH_FIRST flag
      crypto: sha256-mb - remove HASH_FIRST flag
      crypto: sha512-mb - remove HASH_FIRST flag
      crypto: speck - add support for the Speck block cipher
      crypto: speck - export common helpers
      crypto: arm/speck - add NEON-accelerated implementation of Speck-XTS
      crypto: speck - add test vectors for Speck128-XTS
      crypto: speck - add test vectors for Speck64-XTS
      crypto: simd - allow registering multiple algorithms at once
      crypto: x86/glue_helper - add skcipher_walk functions
      crypto: x86/serpent-sse2 - remove LRW algorithm
      crypto: x86/serpent-sse2 - remove XTS algorithm
      crypto: x86/serpent-sse2 - convert to skcipher interface
      crypto: x86/serpent-avx2 - remove LRW algorithm
      crypto: x86/serpent-avx - remove LRW algorithm
      crypto: x86/serpent-avx,avx2 - convert to skcipher interface
      crypto: x86/twofish-3way - remove LRW algorithm
      crypto: x86/twofish-3way - remove XTS algorithm
      crypto: x86/twofish-3way - convert to skcipher interface
      crypto: x86/twofish-avx - remove LRW algorithm
      crypto: x86/twofish-avx - convert to skcipher interface
      crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one
      crypto: x86/cast5-avx - convert to skcipher interface
      crypto: x86/cast6-avx - remove LRW algorithm
      crypto: x86/cast6-avx - convert to skcipher interface
      crypto: x86/blowfish: convert to skcipher interface
      crypto: x86/des3_ede - convert to skcipher interface
      crypto: x86/camellia-aesni-avx - remove LRW algorithm
      crypto: x86/camellia-aesni-avx2 - remove LRW algorithm
      crypto: x86/camellia - remove LRW algorithm
      crypto: x86/camellia - remove XTS algorithm
      crypto: x86/camellia - convert to skcipher interface
      crypto: x86/camellia-aesni-avx, avx2 - convert to skcipher interface
      crypto: xts - remove xts_crypt()
      crypto: lrw - remove lrw_crypt()
      crypto: x86/glue_helper - remove blkcipher_walk functions
      crypto: x86/glue_helper - rename glue_skwalk_fpu_begin()
      crypto: ablk_helper - remove ablk_helper
      crypto: arm64/speck - add NEON-accelerated implementation of Speck-XTS

Fabien DESSENNE (2):
      crypto: stm32/cryp - add aes gcm / ccm support
      crypto: stm32/cryp - add stm32mp1 support

Fengguang Wu (1):
      crypto: ccree - fix memdup.cocci warnings

Gary R Hook (3):
      crypto: ccp - Fill the result buffer only on digest, finup, and final ops
      crypto: ccp - Validate buffer lengths for copy operations
      crypto: doc - Document remaining members in struct crypto_alg

Gilad Ben-Yossef (14):
      staging: ccree: rename staging ver and mark as broken
      crypto: ccree - introduce CryptoCell driver
      crypto: ccree - add skcipher support
      crypto: ccree - add ahash support
      crypto: ccree - add AEAD support
      crypto: ccree - add FIPS support
      MAINTAINERS: update ccree entry
      crypto: ccree - remove unused definitions
      dt-bindings: Add DT bindings for ccree 710 and 630p
      crypto: ccree - add support for older HW revs
      crypto: ccree - replace memset+kfree with kzfree
      crypto: sm4 - introduce SM4 symmetric cipher algorithm
      crypto: testmgr - introduce SM4 tests
      crypto: ccree - remove unused enums

Gregory CLEMENT (5):
      hwrng: omap - Remove useless test before clk_disable_unprepare
      hwrng: omap - Fix clock resource by adding a register clock
      crypto: inside-secure - fix clock management
      crypto: inside-secure - improve clock initialization
      crypto: inside-secure - fix clock resource by adding a register clock

Harsh Jain (6):
      crypto: chelsio - Use kernel round function to align lengths
      crypto: chelsio - Fix src buffer dma length
      crypto: chelsio - Update IV before sending request to HW
      crypto: chelsio - Fix iv passed in fallback path for rfc3686
      crypto: chelsio -Split Hash requests for large scatter gather list
      crypto: chelsio - Remove declaration of static function from header

Herbert Xu (5):
      crypto: api - Remove unused crypto_type lookup function
      crypto: api - Make crypto_alg_lookup static
      crypto: api - Keep failed instances alive
      crypto: lrw - Free rctx->ext with kzfree
      crypto: ahash - Fix early termination in hash walk

Horia Geantă (4):
      crypto: caam/qi - return -EBADMSG for ICV check failure
      crypto: caam - prepare for gcm(aes) support over QI interface
      crypto: caam/qi - add GCM support
      crypto: doc - clarify hash callbacks state machine

James Bottomley (2):
      crypto: cfb - add support for Cipher FeedBack mode
      crypto: ecdh - fix to allow multi segment scatterlists

Jia-Ju Bai (3):
      crypto: rsa-pkcs1pad - Replace GFP_ATOMIC with GFP_KERNEL in pkcs1pad_encrypt_sign_complete
      crypto: user - Replace GFP_ATOMIC with GFP_KERNEL in crypto_report
      crypto: cavium - Replace mdelay with msleep in cpt_device_init

Jinbum Park (1):
      crypto: arm/aes-cipher - move S-box to .rodata section

Kamil Konieczny (6):
      crypto: mxs-dcp - Add empty hash export and import
      crypto: n2 - Add empty hash export and import
      crypto: ux500/hash - Add empty export and import
      crypto: bfin_crc - Add empty hash export and import
      crypto: hash - Require export/import in ahash
      crypto: hash - Prevent use of req->result in ahash update

Kees Cook (1):
      crypto: ecc - Remove stack VLA usage

Krzysztof Kozlowski (4):
      crypto: omap-sham - Remove useless check for non-null request
      crypto: omap-sham - Fix misleading indentation
      crypto: s5p-sss - Remove useless check for non-null request
      crypto: s5p-sss - Constify pointed data (arguments and local variables)

LEROY Christophe (3):
      crypto: talitos - don't persistently map req_ctx->hw_context and req_ctx->buf
      crypto: talitos - do not perform unnecessary dma synchronisation
      crypto: talitos - fix IPsec cipher in length

Leonard Crestez (1):
      crypto: arm,arm64 - Fix random regeneration of S_shipped

Lionel Debieve (3):
      crypto: stm32/hash - avoid error if maxburst not defined
      crypto: stm32/hash - fix performance issues
      crypto: stm32/hash - rework padding length

Maciej S. Szmigiero (1):
      crypto: ccp - return an actual key size from RSA max_size callback

Markus Elfring (12):
      crypto: ux500 - Delete an error message for a failed memory allocation in ux500_cryp_probe()
      crypto: ux500 - Adjust two condition checks in ux500_cryp_probe()
      crypto: ux500 - Adjust an error message in ux500_cryp_probe()
      crypto: ux500 - Delete two unnecessary variable initialisations in ux500_cryp_probe()
      crypto: sahara - Delete an error message for a failed memory allocation in sahara_probe()
      crypto: sahara - Improve a size determination in sahara_probe()
      crypto: nx-842 - Delete an error message for a failed memory allocation in nx842_pseries_init()
      crypto: bfin_crc - Delete an error message for a failed memory allocation in bfin_crypto_crc_probe()
      crypto: bcm - Delete an error message for a failed memory allocation in do_shash()
      crypto: atmel - Delete error messages for a failed memory allocation in six functions
      crypto: ccp - Use memdup_user() rather than duplicating its implementation
      crypto: talitos - Delete an error message for a failed memory allocation in talitos_edesc_alloc()

Ofer Heifetz (1):
      crypto: inside-secure - move hash result dma mapping to request

Peter Robinson (1):
      crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss

Peter Wu (1):
      crypto: virtio - remove dependency on CRYPTO_AUTHENC

Robin Murphy (1):
      crypto: marvell/cesa - Clean up redundant #include

Rui Miguel Silva (2):
      crypto: caam - Fix null dereference at error path
      crypto: caam - do not use mem and emi_slow clock for imx7x

Sebastian Andrzej Siewior (1):
      crypto: ccp - don't disable interrupts while setting up debugfs

Stefan Agner (1):
      crypto: brcm - explicitly cast cipher to hash type

Stefan Wahren (1):
      hwrng: bcm2835 - Handle deferred clock properly

Tero Kristo (6):
      crypto: omap-sham - Verify page zone of scatterlists before starting DMA
      crypto: omap-crypto - Verify page zone scatterlists before starting DMA
      crypto: omap-sham - make fallback size configurable
      crypto: omap-sham - make queue length configurable
      crypto: omap-aes - make fallback size configurable
      crypto: omap-aes - make queue length configurable

Tim Chen (1):
      x86/crypto: Designate maintainer for SHA-1/256/512

Tudor-Dan Ambarus (7):
      crypto: caam - don't leak pointers to authenc keys
      crypto: caam/qi - don't leak pointers to authenc keys
      crypto: chelsio - don't leak pointers to authenc keys
      crypto: ixp4xx - don't leak pointers to authenc keys
      crypto: picoxcell - don't leak pointers to authenc keys
      crypto: qat - don't leak pointers to authenc keys
      crypto: talitos - don't leak pointers to authenc keys

Vitaly Andrianov (2):
      dt-bindings: rng: add bindings doc for Keystone SA HWRNG driver
      hwrng: ks-sa - add hw_random driver

Vladimir Zapolskiy (2):
      dt-bindings: rng: Document Freescale i.MX21 and i.MX31 RNGA compatibles
      hwrng: mxc-rnga - add driver support on boards with device tree

Wu Fengguang (1):
      crypto: x86/des3_ede - des3_ede_skciphers[] can be static

lionel.debieve@st.com (5):
      hwrng: stm32 - add reset during probe
      dt-bindings: rng: add reset node for stm32
      hwrng: stm32 - allow disable clock error detection
      dt-bindings: rng: add clock detection error for stm32
      hwrng: stm32 - rework read timeout calculation

weiyongjun \(A\) (2):
      hwrng: imx-rngc - make symbol imx_rngc_pm_ops static
      crypto: inside-secure - fix missing unlock on error in safexcel_ahash_send_req()

 Documentation/crypto/crypto_engine.rst             |   48 +
 Documentation/crypto/devel-algos.rst               |    8 +
 .../devicetree/bindings/crypto/arm-cryptocell.txt  |    3 +-
 .../bindings/crypto/inside-secure-safexcel.txt     |    6 +-
 .../bindings/rng/{imx-rngc.txt => imx-rng.txt}     |   11 +-
 .../devicetree/bindings/rng/ks-sa-rng.txt          |   21 +
 Documentation/devicetree/bindings/rng/omap_rng.txt |    7 +-
 .../devicetree/bindings/rng/st,stm32-rng.txt       |    4 +
 MAINTAINERS                                        |   15 +-
 arch/arm/crypto/Kconfig                            |    6 +
 arch/arm/crypto/Makefile                           |    4 +
 arch/arm/crypto/aes-cipher-core.S                  |   19 +-
 arch/arm/crypto/speck-neon-core.S                  |  432 ++
 arch/arm/crypto/speck-neon-glue.c                  |  288 ++
 arch/arm64/crypto/Kconfig                          |    6 +
 arch/arm64/crypto/Makefile                         |    8 +-
 arch/arm64/crypto/aes-ce-ccm-glue.c                |   47 +-
 arch/arm64/crypto/aes-glue.c                       |   95 +-
 arch/arm64/crypto/aes-modes.S                      |  355 +-
 arch/arm64/crypto/aes-neonbs-glue.c                |   48 +-
 arch/arm64/crypto/chacha20-neon-glue.c             |   12 +-
 arch/arm64/crypto/sha256-glue.c                    |   36 +-
 arch/arm64/crypto/speck-neon-core.S                |  352 ++
 arch/arm64/crypto/speck-neon-glue.c                |  282 ++
 arch/x86/crypto/aesni-intel_asm.S                  | 1414 +++---
 arch/x86/crypto/aesni-intel_glue.c                 |  230 +-
 arch/x86/crypto/blowfish_glue.c                    |  230 +-
 arch/x86/crypto/camellia_aesni_avx2_glue.c         |  491 +-
 arch/x86/crypto/camellia_aesni_avx_glue.c          |  495 +-
 arch/x86/crypto/camellia_glue.c                    |  356 +-
 arch/x86/crypto/cast5_avx_glue.c                   |  352 +-
 arch/x86/crypto/cast6_avx_glue.c                   |  489 +-
 arch/x86/crypto/des3_ede_glue.c                    |  238 +-
 arch/x86/crypto/glue_helper.c                      |  391 +-
 arch/x86/crypto/serpent_avx2_glue.c                |  478 +-
 arch/x86/crypto/serpent_avx_glue.c                 |  518 +--
 arch/x86/crypto/serpent_sse2_glue.c                |  519 +--
 arch/x86/crypto/sha1-mb/sha1_mb.c                  |   28 +-
 arch/x86/crypto/sha1-mb/sha1_mb_ctx.h              |    8 +-
 arch/x86/crypto/sha256-mb/sha256_mb.c              |   27 +-
 arch/x86/crypto/sha256-mb/sha256_mb_ctx.h          |    8 +-
 arch/x86/crypto/sha512-mb/sha512_mb.c              |   30 +-
 arch/x86/crypto/sha512-mb/sha512_mb_ctx.h          |    8 +-
 arch/x86/crypto/twofish_avx_glue.c                 |  493 +-
 arch/x86/crypto/twofish_glue_3way.c                |  339 +-
 arch/x86/include/asm/crypto/camellia.h             |   16 +-
 arch/x86/include/asm/crypto/glue_helper.h          |   75 +-
 arch/x86/include/asm/crypto/serpent-avx.h          |   17 +-
 arch/x86/include/asm/crypto/twofish.h              |   19 -
 crypto/Kconfig                                     |  129 +-
 crypto/Makefile                                    |    4 +-
 crypto/ablk_helper.c                               |  150 -
 crypto/ahash.c                                     |   25 +-
 crypto/algapi.c                                    |    8 -
 crypto/api.c                                       |   34 +-
 crypto/cfb.c                                       |  353 ++
 crypto/crypto_engine.c                             |  301 +-
 crypto/crypto_user.c                               |    2 +-
 crypto/ecc.c                                       |   23 +-
 crypto/ecdh.c                                      |   23 +-
 crypto/internal.h                                  |    1 -
 crypto/lrw.c                                       |  154 +-
 crypto/mcryptd.c                                   |   34 +-
 crypto/md4.c                                       |   17 -
 crypto/md5.c                                       |   17 -
 crypto/rsa-pkcs1pad.c                              |    2 +-
 crypto/simd.c                                      |   50 +
 crypto/sm4_generic.c                               |  244 +
 crypto/speck.c                                     |  307 ++
 crypto/tcrypt.c                                    |    3 +
 crypto/testmgr.c                                   |   45 +
 crypto/testmgr.h                                   | 4766 ++++++++++++++------
 crypto/xts.c                                       |   72 -
 drivers/char/hw_random/Kconfig                     |    7 +
 drivers/char/hw_random/Makefile                    |    1 +
 drivers/char/hw_random/bcm2835-rng.c               |    2 +
 drivers/char/hw_random/cavium-rng-vf.c             |    2 +-
 drivers/char/hw_random/cavium-rng.c                |    2 +-
 drivers/char/hw_random/imx-rngc.c                  |    2 +-
 drivers/char/hw_random/ks-sa-rng.c                 |  257 ++
 drivers/char/hw_random/mxc-rnga.c                  |   23 +-
 drivers/char/hw_random/omap-rng.c                  |   22 +-
 drivers/char/hw_random/stm32-rng.c                 |   44 +-
 drivers/crypto/Kconfig                             |   34 +-
 drivers/crypto/Makefile                            |    2 +-
 drivers/crypto/atmel-aes.c                         |    8 +-
 drivers/crypto/atmel-sha.c                         |    9 +-
 drivers/crypto/atmel-tdes.c                        |    9 +-
 drivers/crypto/bcm/cipher.c                        |    4 +-
 drivers/crypto/bcm/util.c                          |    1 -
 drivers/crypto/bfin_crc.c                          |  743 ---
 drivers/crypto/bfin_crc.h                          |  124 -
 drivers/crypto/caam/caamalg.c                      |   21 +-
 drivers/crypto/caam/caamalg_desc.c                 |  165 +-
 drivers/crypto/caam/caamalg_desc.h                 |   24 +-
 drivers/crypto/caam/caamalg_qi.c                   |  388 +-
 drivers/crypto/caam/ctrl.c                         |   42 +-
 drivers/crypto/caam/qi.c                           |   11 +-
 drivers/crypto/cavium/cpt/cptpf_main.c             |    2 +-
 drivers/crypto/ccp/ccp-crypto-aes-cmac.c           |    2 +-
 drivers/crypto/ccp/ccp-crypto-rsa.c                |    7 +-
 drivers/crypto/ccp/ccp-crypto-sha.c                |    2 +-
 drivers/crypto/ccp/ccp-debugfs.c                   |    7 +-
 drivers/crypto/ccp/ccp-dmaengine.c                 |    2 +-
 drivers/crypto/ccp/ccp-ops.c                       |  108 +-
 drivers/crypto/ccp/psp-dev.c                       |   23 +-
 drivers/crypto/ccp/sp-dev.c                        |    6 +-
 drivers/crypto/ccree/Makefile                      |    7 +
 drivers/crypto/ccree/cc_aead.c                     | 2718 +++++++++++
 drivers/crypto/ccree/cc_aead.h                     |  109 +
 drivers/crypto/ccree/cc_buffer_mgr.c               | 1651 +++++++
 drivers/crypto/ccree/cc_buffer_mgr.h               |   71 +
 drivers/crypto/ccree/cc_cipher.c                   | 1150 +++++
 drivers/crypto/ccree/cc_cipher.h                   |   59 +
 drivers/crypto/ccree/cc_crypto_ctx.h               |  133 +
 drivers/crypto/ccree/cc_debugfs.c                  |  101 +
 drivers/crypto/ccree/cc_debugfs.h                  |   32 +
 drivers/crypto/ccree/cc_driver.c                   |  518 +++
 drivers/crypto/ccree/cc_driver.h                   |  208 +
 drivers/crypto/ccree/cc_fips.c                     |  120 +
 drivers/crypto/ccree/cc_fips.h                     |   36 +
 drivers/crypto/ccree/cc_hash.c                     | 2296 ++++++++++
 drivers/crypto/ccree/cc_hash.h                     |  109 +
 drivers/crypto/ccree/cc_host_regs.h                |  145 +
 drivers/crypto/ccree/cc_hw_queue_defs.h            |  576 +++
 drivers/crypto/ccree/cc_ivgen.c                    |  279 ++
 drivers/crypto/ccree/cc_ivgen.h                    |   55 +
 drivers/crypto/ccree/cc_kernel_regs.h              |  168 +
 drivers/crypto/ccree/cc_lli_defs.h                 |   59 +
 drivers/crypto/ccree/cc_pm.c                       |  122 +
 drivers/crypto/ccree/cc_pm.h                       |   56 +
 drivers/crypto/ccree/cc_request_mgr.c              |  711 +++
 drivers/crypto/ccree/cc_request_mgr.h              |   51 +
 drivers/crypto/ccree/cc_sram_mgr.c                 |  120 +
 drivers/crypto/ccree/cc_sram_mgr.h                 |   65 +
 drivers/crypto/chelsio/chcr_algo.c                 |  577 ++-
 drivers/crypto/chelsio/chcr_algo.h                 |   11 +-
 drivers/crypto/chelsio/chcr_core.h                 |    6 +-
 drivers/crypto/chelsio/chcr_crypto.h               |   31 +-
 drivers/crypto/chelsio/chcr_ipsec.c                |    5 +-
 drivers/crypto/inside-secure/safexcel.c            |  114 +-
 drivers/crypto/inside-secure/safexcel.h            |   22 +-
 drivers/crypto/inside-secure/safexcel_cipher.c     |    5 +-
 drivers/crypto/inside-secure/safexcel_hash.c       |  258 +-
 drivers/crypto/ixp4xx_crypto.c                     |    2 +
 drivers/crypto/marvell/cesa.c                      |    1 -
 drivers/crypto/mxs-dcp.c                           |   14 +
 drivers/crypto/n2_core.c                           |   12 +
 drivers/crypto/nx/nx-842-pseries.c                 |    5 +-
 drivers/crypto/omap-aes.c                          |  112 +-
 drivers/crypto/omap-aes.h                          |    3 +
 drivers/crypto/omap-crypto.c                       |    4 +
 drivers/crypto/omap-des.c                          |   24 +-
 drivers/crypto/omap-sham.c                         |  106 +-
 drivers/crypto/picoxcell_crypto.c                  |    2 +
 drivers/crypto/qat/qat_common/qat_algs.c           |    3 +
 drivers/crypto/qat/qat_common/qat_asym_algs.c      |    9 +-
 drivers/crypto/s5p-sss.c                           |   34 +-
 drivers/crypto/sahara.c                            |    6 +-
 drivers/crypto/stm32/stm32-cryp.c                  |  964 +++-
 drivers/crypto/stm32/stm32-hash.c                  |   41 +-
 drivers/crypto/sunxi-ss/sun4i-ss-core.c            |    1 +
 drivers/crypto/talitos.c                           |  218 +-
 drivers/crypto/ux500/cryp/cryp_core.c              |   14 +-
 drivers/crypto/ux500/hash/hash_core.c              |   18 +
 drivers/crypto/virtio/Kconfig                      |    1 -
 drivers/crypto/virtio/virtio_crypto_algs.c         |   16 +-
 drivers/crypto/virtio/virtio_crypto_common.h       |    4 +-
 drivers/crypto/virtio/virtio_crypto_core.c         |    3 -
 drivers/staging/ccree/Kconfig                      |    4 +-
 drivers/staging/ccree/Makefile                     |    2 +-
 include/crypto/ablk_helper.h                       |   32 -
 include/crypto/algapi.h                            |    1 -
 include/crypto/engine.h                            |   68 +-
 include/crypto/hash.h                              |   11 +-
 include/crypto/internal/hash.h                     |    5 -
 include/crypto/internal/simd.h                     |    7 +
 include/crypto/lrw.h                               |   44 -
 include/crypto/sm4.h                               |   28 +
 include/crypto/speck.h                             |   62 +
 include/crypto/xts.h                               |   17 -
 include/linux/byteorder/generic.h                  |   17 +
 include/linux/crypto.h                             |    8 +
 include/uapi/linux/psp-sev.h                       |    2 +-
 184 files changed, 23716 insertions(+), 9215 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.17
  2018-02-12  3:17               ` Crypto Fixes for 4.16 Herbert Xu
  2018-02-22 14:15                 ` Herbert Xu
@ 2018-04-28  8:05                 ` Herbert Xu
  2018-05-30 16:17                   ` Herbert Xu
  2018-06-22 14:54                   ` Crypto Fixes for 4.18 Herbert Xu
  1 sibling, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2018-04-28  8:05 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Crypto API regression that may cause sporadic alloc failures.
- Double-free bug in drbg.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Eric Biggers (1):
      crypto: api - fix finding algorithm currently being tested

Stephan Mueller (1):
      crypto: drbg - set freed buffers to NULL

 crypto/api.c  |   11 ++++++++---
 crypto/drbg.c |    2 ++
 2 files changed, 10 insertions(+), 3 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.17
  2018-04-28  8:05                 ` Crypto Fixes for 4.17 Herbert Xu
@ 2018-05-30 16:17                   ` Herbert Xu
  2018-06-22 14:54                   ` Crypto Fixes for 4.18 Herbert Xu
  1 sibling, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2018-05-30 16:17 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes a potential kernel panic in the inside-secure driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Antoine Tenart (1):
      crypto: inside-secure - do not use memset on MMIO

 drivers/crypto/inside-secure/safexcel.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.18
  2018-04-04 15:27           ` Crypto Update for 4.17 Herbert Xu
@ 2018-06-04 17:15             ` Herbert Xu
  2018-08-15 12:05               ` Crypto Update for 4.19 Herbert Xu
  0 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2018-06-04 17:15 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.18:

API:

- Decryption test vectors are now automatically generated from
  encryption test vectors.

Algorithms:

- Fix unaligned access issues in crc32/crc32c.
- Add zstd compression algorithm.
- Add AEGIS.
- Add MORUS.

Drivers:

- Add accelerated AEGIS/MORUS on x86.
- Add accelerated SM4 on arm64.
- Removed x86 assembly salsa implementation as it is slower than C.
- Add authenc(hmac(sha*), cbc(aes)) support in inside-secure.
- Add ctr(aes) support in crypto4xx.
- Add hardware key support in ccree.
- Add support for new Centaur CPU in via-rng.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Adam Langley (1):
      crypto: clarify licensing of OpenSSL asm code

Antoine Tenart (10):
      crypto: inside-secure - remove VLAs
      crypto: inside-secure - rework cipher functions for future AEAD support
      crypto: inside-secure - rework the alg type settings in the context
      crypto: inside-secure - make the context control size dynamic
      crypto: inside-secure - make the key and context size computation dynamic
      crypto: inside-secure - fix the hash then encrypt/decrypt types
      crypto: inside-secure - improve error reporting
      crypto: inside-secure - authenc(hmac(sha256), cbc(aes)) support
      crypto: inside-secure - authenc(hmac(sha224), cbc(aes)) support
      crypto: inside-secure - authenc(hmac(sha1), cbc(aes)) support

Ard Biesheuvel (12):
      crypto: sm4 - export encrypt/decrypt routines to other drivers
      crypto: arm64 - add support for SM4 encryption using special instructions
      crypto: arm64/sha1-ce - yield NEON after every block of input
      crypto: arm64/sha2-ce - yield NEON after every block of input
      crypto: arm64/aes-ccm - yield NEON after every block of input
      crypto: arm64/aes-blk - yield NEON after every block of input
      crypto: arm64/aes-bs - yield NEON after every block of input
      crypto: arm64/aes-ghash - yield NEON after every block of input
      crypto: arm64/crc32-ce - yield NEON after every block of input
      crypto: arm64/crct10dif-ce - yield NEON after every block of input
      crypto: arm64/sha3-ce - yield NEON after every block of input
      crypto: arm64/sha512-ce - yield NEON after every block of input

Atul Gupta (7):
      crypto: chelsio - request to HW should wrap
      crypto: chtls - generic handling of data and hdr
      crypto: chtls - key len correction
      crypto: chtls - wait for memory sendmsg, sendpage
      crypto: chtls - dereference null variable
      crypto: chtls - kbuild warnings
      crypto: chtls - free beyond end rspq_skb_cache

Bin Liu (1):
      crypto: omap-sham - fix memleak

Christian Lamparter (7):
      crypto: crypto4xx - performance optimizations
      crypto: crypto4xx - convert to skcipher
      crypto: crypto4xx - avoid VLA use
      crypto: crypto4xx - add aes-ctr support
      crypto: crypto4xx - properly set IV after de- and encrypt
      crypto: crypto4xx - extend aead fallback checks
      crypto: crypto4xx - put temporary dst sg into request ctx

Colin Ian King (5):
      crypto: chelsio - don't leak information from the stack to userspace
      crypto: chelsio - remove redundant assignment to cdev->ports
      crypto: ghash-clmulni - fix spelling mistake: "acclerated" -> "accelerated"
      hwrng: n2 - fix spelling mistake: "restesting" -> "retesting"
      crypto: nx - fix spelling mistake: "seqeunce" -> "sequence"

Conor McLoughlin (1):
      crypto: qat - Add MODULE_FIRMWARE for all qat drivers

Eric Biggers (13):
      crypto: crc32-generic - use unaligned access macros when needed
      crypto: crc32c-generic - remove cra_alignmask
      crypto: crc32-generic - remove __crc32_le()
      crypto: testmgr - remove bfin_crc "hmac(crc32)" test vectors
      crypto: testmgr - fix testing OPTIONAL_KEY hash algorithms
      crypto: testmgr - add more unkeyed crc32 and crc32c test vectors
      crypto: testmgr - add extra ecb(des) encryption test vectors
      crypto: testmgr - make an cbc(des) encryption test vector chunked
      crypto: testmgr - add extra ecb(tnepres) encryption test vectors
      crypto: testmgr - add extra kw(aes) encryption test vector
      crypto: testmgr - eliminate redundant decryption test vectors
      crypto: x86/salsa20 - remove x86 salsa20 implementations
      crypto: salsa20 - Revert "crypto: salsa20 - export generic helpers"

Fabio Estevam (4):
      crypto: caam - staticize caam_get_era()
      crypto: caam - allow retrieving 'era' from register
      crypto: rsa - Remove unneeded error assignment
      crypto: caam: - Use kmemdup() function

Geert Uytterhoeven (1):
      crypto: drivers - Remove depends on HAS_DMA in case of platform dependency

Gilad Ben-Yossef (6):
      crypto: ccree - enable support for hardware keys
      crypto: ccree - use proper printk format
      crypto: testmgr - reorder paes test lexicographically
      crypto: ccree - correct host regs offset
      crypto: ccree - better clock handling
      crypto: ccree - silence debug prints

Gustavo A. R. Silva (1):
      crypto: chelsio - Fix potential NULL pointer dereferences

Harsh Jain (3):
      crypto: chelsio - Return -ENOSPC for transient busy indication.
      crypt: chelsio - Send IV as Immediate for cipher algo
      crypto: chelsio - Remove separate buffer used for DMA map B0 block in CCM

Horia Geantă (8):
      crypto: caam - fix DMA mapping dir for generated IV
      crypto: caam - fix IV DMA mapping and updating
      crypto: caam/qi - fix IV DMA mapping and updating
      crypto: caam - strip input zeros from RSA input buffer
      crypto: caam - fix size of RSA prime factor q
      crypto: caam - fix MC firmware detection
      crypto: caam - fix rfc4543 descriptors
      crypto: caam/qi - fix warning in init_cgr()

Jan Glauber (5):
      crypto: cavium - Fix fallout from CONFIG_VMAP_STACK
      crypto: cavium - Limit result reading attempts
      crypto: cavium - Prevent division by zero
      crypto: cavium - Fix statistics pending request value
      crypto: cavium - Fix smp_processor_id() warnings

Janakarajan Natarajan (2):
      crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command
      crypto: ccp - Add GET_ID SEV command

Kees Cook (2):
      crypto: ecc - Actually remove stack VLA usage
      crypto: tcrypt - Remove VLA usage

Mahipal Challa (1):
      crypto: testmgr - Allow different compression results

Michael Ellerman (2):
      crypto: vmx - Remove overly verbose printk from AES init routines
      crypto: vmx - Remove overly verbose printk from AES XTS init

Nick Terrell (1):
      crypto: zstd - Add zstd support

Ondrej Mosnacek (9):
      crypto: aegis - Add generic AEGIS AEAD implementations
      crypto: testmgr - Add test vectors for AEGIS
      crypto: x86 - Add optimized AEGIS implementations
      crypto: morus - Add generic MORUS AEAD implementations
      crypto: testmgr - Add test vectors for MORUS
      crypto: morus - Add common SIMD glue code for MORUS
      crypto: x86 - Add optimized MORUS implementations
      crypto: x86/aegis256 - Fix wrong key buffer size
      crypto: morus - Mark MORUS SIMD glue as x86-specific

Salvatore Mesoraca (2):
      crypto: api - laying defines and checks for statically allocated buffers
      crypto: remove several VLAs

Tudor-Dan Ambarus (2):
      crypto: authenc - don't leak pointers to authenc keys
      crypto: authencesn - don't leak pointers to authenc keys

Varsha Rao (1):
      crypto: cavium - Remove unnecessary parentheses

Wenwen Wang (1):
      crypto: chtls - fix a missing-check bug

Wolfram Sang (1):
      crypto: drivers - simplify getting .drvdata

davidwang (1):
      hwrng: via - support new Centaur CPU

lionel.debieve@st.com (2):
      hwrng: stm32 - define default state for rng driver
      hwrng: stm32 - fix pm_suspend issue

 arch/arm/crypto/sha1-armv4-large.S             |   10 +
 arch/arm/crypto/sha256-armv4.pl                |   11 +-
 arch/arm/crypto/sha256-core.S_shipped          |   11 +-
 arch/arm/crypto/sha512-armv4.pl                |   11 +-
 arch/arm/crypto/sha512-core.S_shipped          |   11 +-
 arch/arm64/crypto/Kconfig                      |    6 +
 arch/arm64/crypto/Makefile                     |    3 +
 arch/arm64/crypto/aes-ce-ccm-core.S            |  150 +-
 arch/arm64/crypto/aes-ce.S                     |   15 +-
 arch/arm64/crypto/aes-modes.S                  |  331 +-
 arch/arm64/crypto/aes-neonbs-core.S            |  305 +-
 arch/arm64/crypto/crc32-ce-core.S              |   40 +-
 arch/arm64/crypto/crct10dif-ce-core.S          |   32 +-
 arch/arm64/crypto/ghash-ce-core.S              |  113 +-
 arch/arm64/crypto/ghash-ce-glue.c              |   28 +-
 arch/arm64/crypto/sha1-ce-core.S               |   42 +-
 arch/arm64/crypto/sha2-ce-core.S               |   37 +-
 arch/arm64/crypto/sha256-core.S_shipped        |   12 +-
 arch/arm64/crypto/sha3-ce-core.S               |   77 +-
 arch/arm64/crypto/sha512-armv8.pl              |   12 +-
 arch/arm64/crypto/sha512-ce-core.S             |   27 +-
 arch/arm64/crypto/sha512-core.S_shipped        |   12 +-
 arch/arm64/crypto/sm4-ce-core.S                |   36 +
 arch/arm64/crypto/sm4-ce-glue.c                |   73 +
 arch/x86/crypto/Makefile                       |   25 +-
 arch/x86/crypto/aegis128-aesni-asm.S           |  749 +
 arch/x86/crypto/aegis128-aesni-glue.c          |  407 +
 arch/x86/crypto/aegis128l-aesni-asm.S          |  825 +
 arch/x86/crypto/aegis128l-aesni-glue.c         |  407 +
 arch/x86/crypto/aegis256-aesni-asm.S           |  702 +
 arch/x86/crypto/aegis256-aesni-glue.c          |  407 +
 arch/x86/crypto/ghash-clmulni-intel_glue.c     |    2 +-
 arch/x86/crypto/morus1280-avx2-asm.S           |  621 +
 arch/x86/crypto/morus1280-avx2-glue.c          |   68 +
 arch/x86/crypto/morus1280-sse2-asm.S           |  895 +
 arch/x86/crypto/morus1280-sse2-glue.c          |   68 +
 arch/x86/crypto/morus1280_glue.c               |  302 +
 arch/x86/crypto/morus640-sse2-asm.S            |  614 +
 arch/x86/crypto/morus640-sse2-glue.c           |   68 +
 arch/x86/crypto/morus640_glue.c                |  298 +
 arch/x86/crypto/salsa20-i586-asm_32.S          |  938 -
 arch/x86/crypto/salsa20-x86_64-asm_64.S        |  805 -
 arch/x86/crypto/salsa20_glue.c                 |   91 -
 crypto/Kconfig                                 |  138 +-
 crypto/Makefile                                |    6 +
 crypto/aegis.h                                 |   80 +
 crypto/aegis128.c                              |  463 +
 crypto/aegis128l.c                             |  527 +
 crypto/aegis256.c                              |  478 +
 crypto/algapi.c                                |   10 +
 crypto/authenc.c                               |    1 +
 crypto/authencesn.c                            |    1 +
 crypto/cfb.c                                   |    7 +-
 crypto/cipher.c                                |    3 +-
 crypto/crc32_generic.c                         |   15 +-
 crypto/crc32c_generic.c                        |    8 +-
 crypto/ctr.c                                   |    4 +-
 crypto/cts.c                                   |    5 +-
 crypto/ecc.c                                   |   66 +-
 crypto/ecc.h                                   |    4 +-
 crypto/ecdh.c                                  |    4 +-
 crypto/morus1280.c                             |  549 +
 crypto/morus640.c                              |  544 +
 crypto/pcbc.c                                  |    5 +-
 crypto/rsa.c                                   |    1 -
 crypto/salsa20_generic.c                       |   20 +-
 crypto/sm4_generic.c                           |   10 +-
 crypto/tcrypt.c                                |  122 +-
 crypto/testmgr.c                               |  613 +-
 crypto/testmgr.h                               |47127 +++++++++++-------------
 crypto/zstd.c                                  |  265 +
 drivers/char/hw_random/Kconfig                 |    1 +
 drivers/char/hw_random/n2-drv.c                |    2 +-
 drivers/char/hw_random/stm32-rng.c             |    9 +-
 drivers/char/hw_random/via-rng.c               |    2 +-
 drivers/crypto/Kconfig                         |   16 +-
 drivers/crypto/amcc/crypto4xx_alg.c            |  231 +-
 drivers/crypto/amcc/crypto4xx_core.c           |  317 +-
 drivers/crypto/amcc/crypto4xx_core.h           |   35 +-
 drivers/crypto/caam/caamalg.c                  |  231 +-
 drivers/crypto/caam/caamalg_desc.c             |    4 +-
 drivers/crypto/caam/caamalg_qi.c               |  227 +-
 drivers/crypto/caam/caampkc.c                  |   71 +-
 drivers/crypto/caam/caampkc.h                  |    8 +
 drivers/crypto/caam/ctrl.c                     |   78 +-
 drivers/crypto/caam/ctrl.h                     |    2 -
 drivers/crypto/caam/intern.h                   |    1 +
 drivers/crypto/caam/qi.c                       |    5 +-
 drivers/crypto/caam/regs.h                     |    6 +
 drivers/crypto/cavium/zip/common.h             |   21 +
 drivers/crypto/cavium/zip/zip_crypto.c         |   22 +-
 drivers/crypto/cavium/zip/zip_deflate.c        |    4 +-
 drivers/crypto/cavium/zip/zip_device.c         |    4 +-
 drivers/crypto/cavium/zip/zip_inflate.c        |    4 +-
 drivers/crypto/cavium/zip/zip_main.c           |   24 +-
 drivers/crypto/cavium/zip/zip_main.h           |    1 -
 drivers/crypto/cavium/zip/zip_regs.h           |   42 +-
 drivers/crypto/ccp/psp-dev.c                   |  143 +-
 drivers/crypto/ccp/psp-dev.h                   |    4 +
 drivers/crypto/ccree/cc_cipher.c               |  350 +-
 drivers/crypto/ccree/cc_cipher.h               |   30 +-
 drivers/crypto/ccree/cc_debugfs.c              |    7 +-
 drivers/crypto/ccree/cc_driver.c               |   36 +-
 drivers/crypto/ccree/cc_driver.h               |    2 +
 drivers/crypto/ccree/cc_host_regs.h            |    6 +-
 drivers/crypto/chelsio/chcr_algo.c             |  303 +-
 drivers/crypto/chelsio/chcr_algo.h             |    3 +-
 drivers/crypto/chelsio/chcr_core.h             |    2 +-
 drivers/crypto/chelsio/chcr_crypto.h           |   15 +-
 drivers/crypto/chelsio/chcr_ipsec.c            |   35 +-
 drivers/crypto/chelsio/chtls/chtls.h           |   11 +-
 drivers/crypto/chelsio/chtls/chtls_cm.c        |   28 +-
 drivers/crypto/chelsio/chtls/chtls_hw.c        |    6 +-
 drivers/crypto/chelsio/chtls/chtls_io.c        |  158 +-
 drivers/crypto/chelsio/chtls/chtls_main.c      |   16 +-
 drivers/crypto/exynos-rng.c                    |    6 +-
 drivers/crypto/inside-secure/safexcel.c        |   32 +
 drivers/crypto/inside-secure/safexcel.h        |   44 +-
 drivers/crypto/inside-secure/safexcel_cipher.c |  642 +-
 drivers/crypto/inside-secure/safexcel_hash.c   |   23 +-
 drivers/crypto/nx/nx-842-powernv.c             |    2 +-
 drivers/crypto/omap-sham.c                     |    2 +-
 drivers/crypto/picoxcell_crypto.c              |    6 +-
 drivers/crypto/qat/qat_c3xxx/adf_drv.c         |    2 +
 drivers/crypto/qat/qat_c62x/adf_drv.c          |    2 +
 drivers/crypto/qat/qat_dh895xcc/adf_drv.c      |    1 +
 drivers/crypto/vmx/aes.c                       |    2 -
 drivers/crypto/vmx/aes_cbc.c                   |    3 -
 drivers/crypto/vmx/aes_ctr.c                   |    2 -
 drivers/crypto/vmx/aes_xts.c                   |    2 -
 drivers/crypto/vmx/aesp8-ppc.pl                |   49 +-
 drivers/crypto/vmx/ghash.c                     |    2 -
 drivers/crypto/vmx/ghashp8-ppc.pl              |    9 +
 include/crypto/algapi.h                        |    8 +
 include/crypto/morus1280_glue.h                |  137 +
 include/crypto/morus640_glue.h                 |  137 +
 include/crypto/morus_common.h                  |   23 +
 include/crypto/salsa20.h                       |   27 -
 include/crypto/sm4.h                           |    3 +
 include/linux/psp-sev.h                        |   23 +
 include/uapi/linux/psp-sev.h                   |   12 +
 141 files changed, 34902 insertions(+), 29595 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.18
  2018-04-28  8:05                 ` Crypto Fixes for 4.17 Herbert Xu
  2018-05-30 16:17                   ` Herbert Xu
@ 2018-06-22 14:54                   ` Herbert Xu
  2018-07-08 16:20                     ` Herbert Xu
                                       ` (2 more replies)
  1 sibling, 3 replies; 79+ messages in thread
From: Herbert Xu @ 2018-06-22 14:54 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Fix use after free in chtls.
- Fix RBP breakage in sha3.
- Fix use after free in hwrng_unregister.
- Fix overread in morus640.
- Move sleep out of kernel_neon in arm64/aes-blk.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Dan Carpenter (1):
      crypto: chtls - use after free in chtls_pt_recvmsg()

Dmitry Vyukov (1):
      crypto: don't optimize keccakf()

Jia He (1):
      crypto: arm64/aes-blk - fix and move skcipher_walk_done out of kernel_neon_begin, _end

Michael Büsch (1):
      hwrng: core - Always drop the RNG in hwrng_unregister()

Ondrej Mosnáček (1):
      crypto: morus640 - Fix out-of-bounds access

 arch/arm64/crypto/aes-glue.c            |    2 +-
 crypto/morus640.c                       |    3 ++-
 crypto/sha3_generic.c                   |    2 +-
 drivers/char/hw_random/core.c           |   11 +++++++++--
 drivers/crypto/chelsio/chtls/chtls_io.c |    5 ++---
 5 files changed, 15 insertions(+), 8 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.18
  2018-06-22 14:54                   ` Crypto Fixes for 4.18 Herbert Xu
@ 2018-07-08 16:20                     ` Herbert Xu
  2018-07-08 18:31                       ` Linus Torvalds
  2018-07-19  7:39                     ` Herbert Xu
  2018-08-29  3:33                     ` Crypto Fixes for 4.19 Herbert Xu
  2 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2018-07-08 16:20 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Add missing RETs in x86 aegis/morus.
- Fix build error in arm speck.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Borislav Petkov (1):
      crypto: x86 - Add missing RETs

Eric Biggers (1):
      crypto: arm/speck - fix building in Thumb2 mode

 arch/arm/crypto/speck-neon-core.S     |    6 ++++--
 arch/x86/crypto/aegis128-aesni-asm.S  |    1 +
 arch/x86/crypto/aegis128l-aesni-asm.S |    1 +
 arch/x86/crypto/aegis256-aesni-asm.S  |    1 +
 arch/x86/crypto/morus1280-avx2-asm.S  |    1 +
 arch/x86/crypto/morus1280-sse2-asm.S  |    1 +
 arch/x86/crypto/morus640-sse2-asm.S   |    1 +
 7 files changed, 10 insertions(+), 2 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.18
  2018-07-08 16:20                     ` Herbert Xu
@ 2018-07-08 18:31                       ` Linus Torvalds
  2018-07-09  9:47                         ` Ondrej Mosnáček
  0 siblings, 1 reply; 79+ messages in thread
From: Linus Torvalds @ 2018-07-08 18:31 UTC (permalink / raw)
  To: Herbert Xu
  Cc: David Miller, Linux Kernel Mailing List, Linux Crypto Mailing List

On Sun, Jul 8, 2018 at 9:20 AM Herbert Xu <herbert@gondor.apana.org.au> wrote:
>
> - Add missing RETs in x86 aegis/morus.

Side note - I queried earlier during the discussion about this: how
was this code taken despite having clearly never tested on _anything_?

That's a serious question. Code that simply has never had any testing
AT ALL should not have gotten in.

The use of 'int3' in padding showed the issue, but I don't believe the
code could possibly have worked with the nops and fallthroughs.

               Linus

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.18
  2018-07-08 18:31                       ` Linus Torvalds
@ 2018-07-09  9:47                         ` Ondrej Mosnáček
  2018-07-09 15:52                           ` Linus Torvalds
  0 siblings, 1 reply; 79+ messages in thread
From: Ondrej Mosnáček @ 2018-07-09  9:47 UTC (permalink / raw)
  To: torvalds
  Cc: Herbert Xu, David S. Miller, Linux Kernel Mailing List,
	linux-crypto, Milan Brož

Hi Linus,

ne 8. 7. 2018 o 20:32 Linus Torvalds <torvalds@linux-foundation.org> napísal(a):
>
> On Sun, Jul 8, 2018 at 9:20 AM Herbert Xu <herbert@gondor.apana.org.au> wrote:
> >
> > - Add missing RETs in x86 aegis/morus.
>
> Side note - I queried earlier during the discussion about this: how
> was this code taken despite having clearly never tested on _anything_?
>
> That's a serious question. Code that simply has never had any testing
> AT ALL should not have gotten in.

I did test the code using the included test vectors (and I found and
resolved lots of issues before submitting the patches thanks to that).
A good deal of the test vectors actually do trigger the code path that
calls the buggy function, so somehow it must have been working despite
the bug (see below).

> The use of 'int3' in padding showed the issue, but I don't believe the
> code could possibly have worked with the nops and fallthroughs.

I just looked at the disassembly of the function and its surroundings
(as compiled by my testing environment) and it seems that by a curious
but logical coincidence, the code actually *did* work and without any
side effects (other than executing a few useless instructions before
returning).

This is what the C signatures of the relevant functions look like (for
aegis128, the other cases are analogical):

asmlinkage void crypto_aegis128_aesni_enc_tail(
        void *state, unsigned int length, const void *src, void *dst);

asmlinkage void crypto_aegis128_aesni_dec(
        void *state, unsigned int length, const void *src, void *dst);

Notice that these two functions have identical signatures, this will
be important later. Now, the disassembly for
crypto_aegis128_aesni_enc_tail looks roughly like this:

0000000000000950 <crypto_aegis128_aesni_enc_tail>:
 [some code...]
 9c3:   0f 1f 00                nopl   (%rax)
 9c6:   66 2e 0f 1f 84 00 00    nopw   %cs:0x0(%rax,%rax,1)
 9cd:   00 00 00

00000000000009d0 <crypto_aegis128_aesni_dec>:
 9d0:   48 83 fe 10             cmp    $0x10,%rsi
 9d4:   0f 82 c3 03 00 00       jb     d9d <crypto_aegis128_aesni_dec+0x3cd>
 [some code...]
 d9d:   c3                      retq    # <---
<crypto_aegis128_aesni_dec+0x3cd> is here
 d9e:   66 90                   xchg   %ax,%ax

So... thanks to the NOP padding, the control after the end of the
_enc_tail function walks right into the _dec function. This looks
scary at first glance, but here we are "saved" by the combination of
the following:
1. The second argument of the _enc_tail function (length; passed via
%rsi) is implictly always less than the block size (16 or 32 bytes).
2. The second argument of the _dec function (length; also passed via
%rsi) is checked to be greater than or equal to the block size (16 or
32 bytes); if it is less, then the function does nothing and just
returns.
3. _enc_tail does not modify the value in %rsi.

In conclusion, the bug remained undiscovered not because of lack of
testing, but because by sheer luck it was "working" anyway...

Sorry for introducing this (and other) bugs that had to be fixed
post-merging (I am the one who wrote the code). It is a lot of new
code that is hard to review, as it contains a lot of repetitive
boilerplate and assembly code.

Cheers,
Ondrej

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.18
  2018-07-09  9:47                         ` Ondrej Mosnáček
@ 2018-07-09 15:52                           ` Linus Torvalds
  0 siblings, 0 replies; 79+ messages in thread
From: Linus Torvalds @ 2018-07-09 15:52 UTC (permalink / raw)
  To: omosnacek+linux-crypto
  Cc: Herbert Xu, David Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List, Milan Broz

On Mon, Jul 9, 2018 at 2:47 AM Ondrej Mosnáček
<omosnacek+linux-crypto@gmail.com> wrote:
>
> In conclusion, the bug remained undiscovered not because of lack of
> testing, but because by sheer luck it was "working" anyway...

Thanks for checking this out. That makes me a lot happier about this
whole thing.

                  Linus

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.18
  2018-06-22 14:54                   ` Crypto Fixes for 4.18 Herbert Xu
  2018-07-08 16:20                     ` Herbert Xu
@ 2018-07-19  7:39                     ` Herbert Xu
  2018-08-03  5:44                       ` Herbert Xu
  2018-08-29  3:33                     ` Crypto Fixes for 4.19 Herbert Xu
  2 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2018-07-19  7:39 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes an allocation error-path bug in af_alg discovered by
syzkaller.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Stephan Mueller (1):
      crypto: af_alg - Initialize sg_num_bytes in error code path

 crypto/af_alg.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.18
  2018-07-19  7:39                     ` Herbert Xu
@ 2018-08-03  5:44                       ` Herbert Xu
  2018-08-09  5:47                         ` Herbert Xu
  0 siblings, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2018-08-03  5:44 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes memory corruption in the padlock-aes driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
      crypto: padlock-aes - Fix Nano workaround data corruption

 drivers/crypto/padlock-aes.c |    8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.18
  2018-08-03  5:44                       ` Herbert Xu
@ 2018-08-09  5:47                         ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2018-08-09  5:47 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes a performance regression in arm64 NEON crypto as
well as a crash in x86 aegis/morus on unsupported CPUs.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (1):
      crypto: arm64 - revert NEON yield for fast AEAD implementations

Ondrej Mosnacek (1):
      crypto: x86/aegis,morus - Fix and simplify CPUID checks

 arch/arm64/crypto/aes-ce-ccm-core.S    |  150 ++++++++++++--------------------
 arch/arm64/crypto/ghash-ce-core.S      |   76 ++++++----------
 arch/x86/crypto/aegis128-aesni-glue.c  |   12 +--
 arch/x86/crypto/aegis128l-aesni-glue.c |   12 +--
 arch/x86/crypto/aegis256-aesni-glue.c  |   12 +--
 arch/x86/crypto/morus1280-avx2-glue.c  |   10 +--
 arch/x86/crypto/morus1280-sse2-glue.c  |   10 +--
 arch/x86/crypto/morus640-sse2-glue.c   |   10 +--
 8 files changed, 101 insertions(+), 191 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.19
  2018-06-04 17:15             ` Crypto Update for 4.18 Herbert Xu
@ 2018-08-15 12:05               ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2018-08-15 12:05 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.19:

API:

- Fix dcache flushing crash in skcipher.
- Add hash finup self-tests.
- Reschedule during speed tests.

Algorithms:

- Remove insecure vmac and replace it with vmac64.
- Add public key verification for DH/ECDH.

Drivers:

- Decrease priority of sha-mb on x86.
- Improve NEON latency/throughput on ARM64.
- Add md5/sha384/sha512/des/3des to inside-secure.
- Support eip197d in inside-secure.
- Only register algorithms supported by the host in virtio.
- Add cts and remove incompatible cts1 from ccree.
- Add hisilicon SEC security accelerator driver.
- Replace msm hwrng driver with qcom pseudo rng driver.

Misc:

- Centralise CRC polynomials.

Please note that there are conflicts between the crypto tree and
the staging tree due to the removal of skein, to resolve that
conflict simply remove skein as is done in the staging tree.

There is also a conflict with the net tree because of changes in
CRC code that was touched in both trees.  To resolve this conflict,
simply use the net tree version of the driver but remove the CRC
polynomial macros as is done in the crypto tree.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Antoine Tenart (19):
      crypto: inside-secure - use the error handler for invalidation requests
      crypto: inside-secure - improve the counter computation
      crypto: sha512_generic - add a sha512 0-length pre-computed hash
      crypto: inside-secure - sha512 support
      crypto: inside-secure - hmac(sha512) support
      crypto: inside-secure - authenc(hmac(sha512), cbc(aes)) support
      crypto: sha512_generic - add a sha384 0-length pre-computed hash
      crypto: inside-secure - sha384 support
      crypto: inside-secure - hmac(sha384) support
      crypto: inside-secure - authenc(hmac(sha384), cbc(aes)) support
      crypto: inside-secure - move the firmware to a better location
      crypto: inside-secure - use precise compatibles
      Documentation/bindings: crypto: inside-secure: update the compatibles
      crypto: inside-secure - filter out the algorithms by engine
      crypto: inside-secure - add an invalidation flag
      crypto: inside-secure - eip197d support
      Documentation/bindings: crypto: inside-secure: eip197d support
      crypto: inside-secure - switch to SPDX identifiers
      crypto: inside-secure - initialize first_rdesc to make GCC happy

Ard Biesheuvel (5):
      crypto: arm64/aes-ce-gcm - operate on two input blocks at a time
      crypto: arm64/aes-ce-gcm - implement 2-way aggregation
      crypto: arm64/aes-ce-gcm - don't reload key schedule if avoidable
      crypto: arm64/ghash-ce - replace NEON yield check with block limit
      crypto: arm64/ghash-ce - implement 4-way aggregation

Colin Ian King (3):
      lib/mpi: remove redundant variable esign
      crypto: aegis - fix indentation of a statement
      crypto: cavium - make structure algs static

Denis Efremov (1):
      crypto: skcipher - remove the exporting of skcipher_walk_next

Eric Biggers (27):
      crypto: vmac - require a block cipher with 128-bit block size
      crypto: vmac - separate tfm and request context
      crypto: vmac - add nonced version with big endian digest
      crypto: vmac - remove insecure version with hardcoded nonce
      crypto: x86/sha256-mb - fix digest copy in sha256_mb_mgr_get_comp_job_avx2()
      crypto: MAINTAINERS - fix file path for SHA multibuffer code
      crypto: sha1_generic - add cra_priority
      crypto: sha256_generic - add cra_priority
      crypto: sha512_generic - add cra_priority
      crypto: x86/sha-mb - decrease priority of multibuffer algorithms
      crypto: shash - remove useless setting of type flags
      crypto: ahash - remove useless setting of type flags
      crypto: ahash - remove useless setting of cra_type
      crypto: aead - remove useless setting of type flags
      crypto: skcipher - remove useless setting of type flags
      crypto: remove redundant type flags from tfm allocation
      crypto: arm64/sha256 - increase cra_priority of scalar implementations
      crypto: skcipher - fix aligning block size in skcipher_copy_iv()
      crypto: scatterwalk - remove 'chain' argument from scatterwalk_crypto_chain()
      crypto: scatterwalk - remove scatterwalk_samebuf()
      crypto: skcipher - remove unnecessary setting of walk->nbytes
      crypto: skcipher - fix crash flushing dcache in error path
      crypto: blkcipher - fix crash flushing dcache in error path
      crypto: ablkcipher - fix crash flushing dcache in error path
      crypto: arm/chacha20 - always use vrev for 16-bit rotates
      crypto: dh - fix calculating encoded key size
      crypto: dh - make crypto_dh_encode_key() make robust

Farhan Ali (2):
      crypto: virtio - Read crypto services and algorithm masks
      crypto: virtio - Register an algo only if it's supported

Gilad Ben-Yossef (9):
      crypto: testmgr - add hash finup tests
      crypto: ccree - fix iv handling
      crypto: ccree - remove dead legacy code
      crypto: ccree - use CBC-CS3 CTS mode
      crypto: ccree - rate limit debug print
      crypto: ccree - drop useless type flag during reg
      crypto: ccree - remove cipher ivgen left overs
      crypto: ccree - zero all of request ctx before use
      crypto: ccree - allow bigger than sector XTS op

Gustavo A. R. Silva (4):
      crypto: chtls - use 64-bit arithmetic instead of 32-bit
      crypto: dh - fix memory leak
      crypto: rmd256 - use swap macro in rmd256_transform
      crypto: rmd320 - use swap macro in rmd320_transform

Hadar Gat (1):
      crypto: ccree - fix finup

Herbert Xu (2):
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Horia Geantă (1):
      crypto: tcrypt - reschedule during speed tests

Jia-Ju Bai (3):
      crypto: cavium/nitrox - Replace GFP_ATOMIC with GFP_KERNEL in crypto_alloc_context()
      crypto: qat/adf_aer - Replace GFP_ATOMIC with GFP_KERNEL in adf_dev_aer_schedule_reset()
      crypto: virtio - Replace GFP_ATOMIC with GFP_KERNEL in __virtio_crypto_ablkcipher_do_req()

Jonathan Cameron (3):
      dt-bindings: Add bindings for Hisilicon SEC crypto accelerators.
      crypto: hisilicon - SEC security accelerator driver
      arm64: dts: hisi: add SEC crypto accelerator nodes for hip07 SoC

Krzysztof Kozlowski (6):
      lib/crc: Move polynomial definition to separate header
      lib/crc: Use consistent naming for CRC-32 polynomials
      crypto: stm32_crc32 - Use existing define with polynomial
      net: ethernet: Use existing define with polynomial
      staging: rtl: Use existing define with polynomial
      lib: Use existing define with polynomial

Michael Müller (1):
      crypto: sharah - Unregister correct algorithms for SAHARA 3

Ofer Heifetz (11):
      crypto: inside-secure - increase minimum transfer size
      crypto: inside-secure - dynamic ring configuration allocation
      crypto: inside-secure - add multiple processing engine support
      crypto: inside-secure - adjust the TRC configuration for EIP197D
      crypto: inside-secure - reset CDR and RDR rings on module removal
      crypto: inside-secure - set tx_max_cmd_queue to 32
      crypto: inside-secure - md5 support
      crypto: inside-secure - hmac(md5) support
      crypto: inside-secure - ecb(des) and cbc(des) support
      crypto: inside-secure - ecb(des3_ede) and cbc(des3_ede) support
      crypto: inside-secure - remove request list to improve performance

Stafford Horne (1):
      crypto: skcipher - Fix -Wstringop-truncation warnings

Stephan Mueller (5):
      crypto: ecdh - add public key verification test
      crypto: dh - add public key verification test
      crypto: drbg - eliminate constant reinitialization of SGL
      crypto: dh - update test for public key verification
      crypto: ecdh - fix typo of P-192 b value

Stephan Müller (1):
      crypto: drbg - in-place cipher operation for CTR

Timur Tabi (1):
      crypto: qcom-rng - Add ACPI support

Tom Lendacky (6):
      crypto: ccp - Fix command completion detection race
      crypto: ccp - Add psp enabled message when initialization succeeds
      crypto: ccp - Remove unused #defines
      crypto: ccp - Support register differences between PSP devices
      crypto: ccp - Add support for new CCP/PSP device ID
      crypto: ccp - Check for NULL PSP pointer at module unload

Tudor-Dan Ambarus (2):
      crypto: atmel-ecc - fix to allow multi segment scatterlists
      crypto: atmel-ecc - remove overly verbose dev_info

Vinod Koul (5):
      hwrng: msm - remove msm hw_random driver
      dt-bindings: crypto: Move prng binding to crypto
      crypto: qcom-rng - Add Qcom prng driver
      dt-bindings: crypto: Add new compatible qcom, prng-ee
      crypto: qcom-rng - Add support for prng-ee

kbuild test robot (1):
      crypto: hisilicon - sec_send_request() can be static

lionel.debieve@st.com (3):
      crypto: stm32/cryp - Add power management support
      crypto: stm32/hash - Add power management support
      crypto: stm32/crc - Add power management support

 Documentation/crypto/api-samples.rst               |    2 +-
 .../bindings/crypto/hisilicon,hip07-sec.txt        |   67 +
 .../bindings/crypto/inside-secure-safexcel.txt     |   15 +-
 .../bindings/{rng => crypto}/qcom,prng.txt         |    4 +-
 MAINTAINERS                                        |    2 +-
 arch/arm/crypto/chacha20-neon-core.S               |   10 +-
 arch/arm/crypto/ghash-ce-glue.c                    |    5 +-
 arch/arm/crypto/sha1-ce-glue.c                     |    1 -
 arch/arm/crypto/sha1_glue.c                        |    1 -
 arch/arm/crypto/sha1_neon_glue.c                   |    1 -
 arch/arm/crypto/sha2-ce-glue.c                     |    2 -
 arch/arm/crypto/sha256_glue.c                      |    2 -
 arch/arm/crypto/sha256_neon_glue.c                 |    2 -
 arch/arm/crypto/sha512-glue.c                      |    2 -
 arch/arm/crypto/sha512-neon-glue.c                 |    2 -
 arch/arm64/boot/dts/hisilicon/hip07.dtsi           |  284 +++++
 arch/arm64/crypto/aes-glue.c                       |    3 -
 arch/arm64/crypto/ghash-ce-core.S                  |  271 ++--
 arch/arm64/crypto/ghash-ce-glue.c                  |  204 +--
 arch/arm64/crypto/sha1-ce-glue.c                   |    1 -
 arch/arm64/crypto/sha2-ce-glue.c                   |    2 -
 arch/arm64/crypto/sha256-glue.c                    |    8 +-
 arch/arm64/crypto/sha3-ce-glue.c                   |    4 -
 arch/arm64/crypto/sha512-ce-glue.c                 |    2 -
 arch/arm64/crypto/sha512-glue.c                    |    2 -
 arch/arm64/crypto/sm3-ce-glue.c                    |    1 -
 arch/mips/cavium-octeon/crypto/octeon-md5.c        |    1 -
 arch/mips/cavium-octeon/crypto/octeon-sha1.c       |    1 -
 arch/mips/cavium-octeon/crypto/octeon-sha256.c     |    2 -
 arch/mips/cavium-octeon/crypto/octeon-sha512.c     |    2 -
 arch/powerpc/crypto/md5-glue.c                     |    1 -
 arch/powerpc/crypto/sha1-spe-glue.c                |    1 -
 arch/powerpc/crypto/sha1.c                         |    1 -
 arch/powerpc/crypto/sha256-spe-glue.c              |    2 -
 arch/s390/crypto/aes_s390.c                        |    1 -
 arch/s390/crypto/ghash_s390.c                      |    1 -
 arch/s390/crypto/sha1_s390.c                       |    1 -
 arch/s390/crypto/sha256_s390.c                     |    2 -
 arch/s390/crypto/sha512_s390.c                     |    2 -
 arch/sparc/crypto/md5_glue.c                       |    1 -
 arch/sparc/crypto/sha1_glue.c                      |    1 -
 arch/sparc/crypto/sha256_glue.c                    |    2 -
 arch/sparc/crypto/sha512_glue.c                    |    2 -
 arch/x86/crypto/ghash-clmulni-intel_glue.c         |    6 +-
 arch/x86/crypto/poly1305_glue.c                    |    1 -
 arch/x86/crypto/sha1-mb/sha1_mb.c                  |   17 +-
 arch/x86/crypto/sha1_ssse3_glue.c                  |    4 -
 arch/x86/crypto/sha256-mb/sha256_mb.c              |   18 +-
 .../crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S    |    2 +-
 arch/x86/crypto/sha256_ssse3_glue.c                |    8 -
 arch/x86/crypto/sha512-mb/sha512_mb.c              |   18 +-
 arch/x86/crypto/sha512_ssse3_glue.c                |    6 -
 crypto/ablkcipher.c                                |   59 +-
 crypto/aegis128.c                                  |    1 -
 crypto/aegis128l.c                                 |    3 +-
 crypto/aegis256.c                                  |    1 -
 crypto/blkcipher.c                                 |   55 +-
 crypto/crypto_null.c                               |    1 -
 crypto/dh.c                                        |   66 +-
 crypto/dh_helper.c                                 |   43 +-
 crypto/drbg.c                                      |   39 +-
 crypto/ecc.c                                       |   42 +-
 crypto/ecc_curve_defs.h                            |   22 +-
 crypto/ghash-generic.c                             |    1 -
 crypto/lrw.c                                       |    4 +-
 crypto/md4.c                                       |    1 -
 crypto/md5.c                                       |    1 -
 crypto/morus1280.c                                 |    1 -
 crypto/morus640.c                                  |    1 -
 crypto/poly1305_generic.c                          |    1 -
 crypto/rmd128.c                                    |    1 -
 crypto/rmd160.c                                    |    1 -
 crypto/rmd256.c                                    |   11 +-
 crypto/rmd320.c                                    |   13 +-
 crypto/scatterwalk.c                               |    2 +-
 crypto/sha1_generic.c                              |    2 +-
 crypto/sha256_generic.c                            |    4 +-
 crypto/sha3_generic.c                              |    4 -
 crypto/sha512_generic.c                            |   26 +-
 crypto/skcipher.c                                  |   57 +-
 crypto/sm3_generic.c                               |    1 -
 crypto/tcrypt.c                                    |   38 +-
 crypto/testmgr.c                                   |   59 +-
 crypto/testmgr.h                                   |  233 ++--
 crypto/tgr192.c                                    |    3 -
 crypto/vmac.c                                      |  444 ++++---
 crypto/wp512.c                                     |    3 -
 crypto/xts.c                                       |    4 +-
 drivers/char/hw_random/Kconfig                     |   13 -
 drivers/char/hw_random/Makefile                    |    1 -
 drivers/char/hw_random/msm-rng.c                   |  183 ---
 drivers/crypto/Kconfig                             |   15 +
 drivers/crypto/Makefile                            |    2 +
 drivers/crypto/amcc/crypto4xx_core.c               |   18 +-
 drivers/crypto/atmel-ecc.c                         |   35 +-
 drivers/crypto/atmel-sha.c                         |    4 +-
 drivers/crypto/axis/artpec6_crypto.c               |   28 +-
 drivers/crypto/bcm/cipher.c                        |    8 +-
 drivers/crypto/caam/caamhash.c                     |    3 +-
 drivers/crypto/cavium/cpt/cptvf_algs.c             |    2 +-
 drivers/crypto/cavium/nitrox/nitrox_lib.c          |    2 +-
 drivers/crypto/ccp/ccp-crypto-aes-cmac.c           |    3 +-
 drivers/crypto/ccp/ccp-crypto-sha.c                |    3 +-
 drivers/crypto/ccp/psp-dev.c                       |   35 +-
 drivers/crypto/ccp/psp-dev.h                       |   19 +-
 drivers/crypto/ccp/sp-dev.h                        |    7 +-
 drivers/crypto/ccp/sp-pci.c                        |   36 +-
 drivers/crypto/ccree/cc_aead.c                     |   16 +-
 drivers/crypto/ccree/cc_buffer_mgr.c               |    8 +-
 drivers/crypto/ccree/cc_cipher.c                   |  170 +--
 drivers/crypto/ccree/cc_cipher.h                   |    1 -
 drivers/crypto/ccree/cc_driver.c                   |    4 +-
 drivers/crypto/ccree/cc_driver.h                   |    1 -
 drivers/crypto/ccree/cc_hash.c                     |   85 +-
 drivers/crypto/chelsio/chcr_algo.c                 |    7 +-
 drivers/crypto/chelsio/chtls/chtls_hw.c            |    2 +-
 drivers/crypto/hisilicon/Kconfig                   |   14 +
 drivers/crypto/hisilicon/Makefile                  |    2 +
 drivers/crypto/hisilicon/sec/Makefile              |    3 +
 drivers/crypto/hisilicon/sec/sec_algs.c            | 1122 +++++++++++++++++
 drivers/crypto/hisilicon/sec/sec_drv.c             | 1323 ++++++++++++++++++++
 drivers/crypto/hisilicon/sec/sec_drv.h             |  428 +++++++
 drivers/crypto/inside-secure/safexcel.c            |  474 ++++---
 drivers/crypto/inside-secure/safexcel.h            |  201 +--
 drivers/crypto/inside-secure/safexcel_cipher.c     |  492 ++++++--
 drivers/crypto/inside-secure/safexcel_hash.c       |  560 +++++++--
 drivers/crypto/inside-secure/safexcel_ring.c       |   63 +-
 drivers/crypto/marvell/hash.c                      |    3 +-
 drivers/crypto/n2_core.c                           |    3 +-
 drivers/crypto/nx/nx-aes-xcbc.c                    |    1 -
 drivers/crypto/nx/nx-sha256.c                      |    1 -
 drivers/crypto/nx/nx-sha512.c                      |    1 -
 drivers/crypto/omap-sham.c                         |   36 +-
 drivers/crypto/padlock-sha.c                       |    8 +-
 drivers/crypto/qat/qat_common/adf_aer.c            |    2 +-
 drivers/crypto/qce/sha.c                           |    3 +-
 drivers/crypto/qcom-rng.c                          |  229 ++++
 drivers/crypto/s5p-sss.c                           |    9 +-
 drivers/crypto/sahara.c                            |   10 +-
 drivers/crypto/stm32/stm32-cryp.c                  |   62 +
 drivers/crypto/stm32/stm32-hash.c                  |   95 +-
 drivers/crypto/stm32/stm32_crc32.c                 |   71 +-
 drivers/crypto/sunxi-ss/sun4i-ss-core.c            |   20 +-
 drivers/crypto/talitos.c                           |   37 +-
 drivers/crypto/ux500/hash/hash_core.c              |   15 +-
 drivers/crypto/virtio/virtio_crypto_algs.c         |  116 +-
 drivers/crypto/virtio/virtio_crypto_common.h       |   25 +-
 drivers/crypto/virtio/virtio_crypto_core.c         |   29 +
 drivers/crypto/virtio/virtio_crypto_mgr.c          |   81 +-
 drivers/crypto/vmx/ghash.c                         |    2 +-
 drivers/net/ethernet/amd/xgbe/xgbe-dev.c           |    4 +-
 drivers/net/ethernet/apple/bmac.c                  |    8 +-
 drivers/net/ethernet/broadcom/tg3.c                |    3 +-
 drivers/net/ethernet/freescale/fec_main.c          |    4 +-
 drivers/net/ethernet/freescale/fs_enet/fec.h       |    3 -
 drivers/net/ethernet/freescale/fs_enet/mac-fec.c   |    3 +-
 drivers/net/ethernet/micrel/ks8851_mll.c           |    3 +-
 drivers/net/ethernet/synopsys/dwc-xlgmac-hw.c      |    4 +-
 drivers/staging/rtl8712/rtl871x_security.c         |    5 +-
 drivers/staging/rtl8723bs/core/rtw_security.c      |    5 +-
 drivers/staging/skein/skein_generic.c              |    3 -
 include/crypto/dh.h                                |    4 +
 include/crypto/drbg.h                              |    3 +-
 include/crypto/scatterwalk.h                       |   15 +-
 include/crypto/sha.h                               |    4 +
 include/crypto/vmac.h                              |   63 -
 include/linux/crc32poly.h                          |   20 +
 lib/crc32.c                                        |   11 +-
 lib/crc32defs.h                                    |   14 -
 lib/decompress_bunzip2.c                           |    3 +-
 lib/gen_crc32table.c                               |    5 +-
 lib/mpi/mpi-pow.c                                  |    3 +-
 lib/xz/xz_crc32.c                                  |    3 +-
 net/tls/tls_device_fallback.c                      |    2 +-
 security/keys/dh.c                                 |    2 +-
 175 files changed, 6690 insertions(+), 2011 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.19
  2018-06-22 14:54                   ` Crypto Fixes for 4.18 Herbert Xu
  2018-07-08 16:20                     ` Herbert Xu
  2018-07-19  7:39                     ` Herbert Xu
@ 2018-08-29  3:33                     ` Herbert Xu
  2018-09-19  6:22                       ` Herbert Xu
  2018-11-16  6:31                       ` Crypto Fixes for 4.20 Herbert Xu
  2 siblings, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2018-08-29  3:33 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Check for the right CPU feature bit in sm4-ce on arm64.
- Fix scatterwalk WARN_ON in aes-gcm-ce on arm64.
- Fix unaligned fault in aesni on x86.
- Fix potential NULL pointer dereference on exit in chtls.
- Fix DMA mapping direction for RSA in caam.
- Fix error path return value for xts setkey in caam.
- Fix address endianness when DMA unmapping in caam.
- Fix sleep-in-atomic in vmx.
- Fix command corruption when queue is full in cavium/nitrox.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (2):
      crypto: arm64/sm4-ce - check for the right CPU feature bit
      crypto: arm64/aes-gcm-ce - fix scatterwalk API violation

Dave Watson (1):
      crypto: aesni - Use unaligned loads from gcm_context_data

Ganesh Goudar (1):
      crypto: chtls - fix null dereference chtls_free_uld()

Horia Geantă (3):
      crypto: caam/jr - fix descriptor DMA unmapping
      crypto: caam/qi - fix error path in xts setkey
      crypto: caam - fix DMA mapping direction for RSA forms 2 & 3

Ondrej Mosnacek (1):
      crypto: vmx - Fix sleep-in-atomic bugs

Srikanth Jampala (1):
      crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions.

 arch/arm64/crypto/ghash-ce-glue.c            |   29 ++++++++---
 arch/arm64/crypto/sm4-ce-glue.c              |    2 +-
 arch/x86/crypto/aesni-intel_asm.S            |   66 +++++++++++++-------------
 drivers/crypto/caam/caamalg_qi.c             |    6 +--
 drivers/crypto/caam/caampkc.c                |   20 ++++----
 drivers/crypto/caam/jr.c                     |    3 +-
 drivers/crypto/cavium/nitrox/nitrox_dev.h    |    3 +-
 drivers/crypto/cavium/nitrox/nitrox_lib.c    |    1 +
 drivers/crypto/cavium/nitrox/nitrox_reqmgr.c |   57 ++++++++++++----------
 drivers/crypto/chelsio/chtls/chtls.h         |    5 ++
 drivers/crypto/chelsio/chtls/chtls_main.c    |    7 ++-
 drivers/crypto/vmx/aes_cbc.c                 |   30 ++++++------
 drivers/crypto/vmx/aes_xts.c                 |   21 +++++---
 13 files changed, 144 insertions(+), 106 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.19
  2018-08-29  3:33                     ` Crypto Fixes for 4.19 Herbert Xu
@ 2018-09-19  6:22                       ` Herbert Xu
  2018-09-19 13:23                         ` Greg KH
  2018-10-05  2:08                         ` Crypto Fixes for 4.19 Herbert Xu
  2018-11-16  6:31                       ` Crypto Fixes for 4.20 Herbert Xu
  1 sibling, 2 replies; 79+ messages in thread
From: Herbert Xu @ 2018-09-19  6:22 UTC (permalink / raw)
  To: Greg KH, Linus Torvalds, David S. Miller,
	Linux Kernel Mailing List, Linux Crypto Mailing List

Hi Greg: 

This push fixes a potential boot hang in ccp and an incorrect
CPU capability check in aegis/morus on x86.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Brijesh Singh (1):
      crypto: ccp - add timeout support in the SEV command

Ondrej Mosnacek (1):
      crypto: x86/aegis,morus - Do not require OSXSAVE for SSE2

 arch/x86/crypto/aegis128-aesni-glue.c  |  1 -
 arch/x86/crypto/aegis128l-aesni-glue.c |  1 -
 arch/x86/crypto/aegis256-aesni-glue.c  |  1 -
 arch/x86/crypto/morus1280-sse2-glue.c  |  1 -
 arch/x86/crypto/morus640-sse2-glue.c   |  1 -
 drivers/crypto/ccp/psp-dev.c           | 46 ++++++++++++++++++++++++++++++----
 6 files changed, 41 insertions(+), 10 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.19
  2018-09-19  6:22                       ` Herbert Xu
@ 2018-09-19 13:23                         ` Greg KH
  2018-09-19 16:10                           ` process? [Re: Crypto Fixes for 4.19] Randy Dunlap
  2018-10-05  2:08                         ` Crypto Fixes for 4.19 Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: Greg KH @ 2018-09-19 13:23 UTC (permalink / raw)
  To: Herbert Xu
  Cc: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

On Wed, Sep 19, 2018 at 02:22:01PM +0800, Herbert Xu wrote:
> Hi Greg: 
> 
> This push fixes a potential boot hang in ccp and an incorrect
> CPU capability check in aegis/morus on x86.
> 
> 
> Please pull from
> 
> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus

Now pulled, thanks.

greg k-h

^ permalink raw reply	[flat|nested] 79+ messages in thread

* process? [Re: Crypto Fixes for 4.19]
  2018-09-19 13:23                         ` Greg KH
@ 2018-09-19 16:10                           ` Randy Dunlap
  2018-09-19 16:40                             ` Greg KH
  0 siblings, 1 reply; 79+ messages in thread
From: Randy Dunlap @ 2018-09-19 16:10 UTC (permalink / raw)
  To: Greg KH, Herbert Xu
  Cc: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

On 9/19/18 6:23 AM, Greg KH wrote:
> On Wed, Sep 19, 2018 at 02:22:01PM +0800, Herbert Xu wrote:
>> Hi Greg: 
>>
>> This push fixes a potential boot hang in ccp and an incorrect
>> CPU capability check in aegis/morus on x86.
>>
>>
>> Please pull from
>>
>> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus
> 
> Now pulled, thanks.
> 
> greg k-h

Hi,
Just a process question:

It looks like Greg is not adding Signed-of-by: <himself>
to mainline git commits, although the prior mainline git committer did so.

Is that omission on purpose?

submitting-patches.rst says:
The Signed-off-by: tag indicates that the signer was involved in the
development of the patch, or that he/she was in the patch's delivery path.


thanks,
-- 
~Randy

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: process? [Re: Crypto Fixes for 4.19]
  2018-09-19 16:10                           ` process? [Re: Crypto Fixes for 4.19] Randy Dunlap
@ 2018-09-19 16:40                             ` Greg KH
  2018-09-19 16:48                               ` Randy Dunlap
  0 siblings, 1 reply; 79+ messages in thread
From: Greg KH @ 2018-09-19 16:40 UTC (permalink / raw)
  To: Randy Dunlap
  Cc: Herbert Xu, Linus Torvalds, David S. Miller,
	Linux Kernel Mailing List, Linux Crypto Mailing List

On Wed, Sep 19, 2018 at 09:10:55AM -0700, Randy Dunlap wrote:
> On 9/19/18 6:23 AM, Greg KH wrote:
> > On Wed, Sep 19, 2018 at 02:22:01PM +0800, Herbert Xu wrote:
> >> Hi Greg: 
> >>
> >> This push fixes a potential boot hang in ccp and an incorrect
> >> CPU capability check in aegis/morus on x86.
> >>
> >>
> >> Please pull from
> >>
> >> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus
> > 
> > Now pulled, thanks.
> > 
> > greg k-h
> 
> Hi,
> Just a process question:
> 
> It looks like Greg is not adding Signed-of-by: <himself>
> to mainline git commits, although the prior mainline git committer did so.
> 
> Is that omission on purpose?

s-o-b does not get added to git pulls, I "trust" the subsystem
maintainer got it correct.  That's what Linus has always done in the
past, what am I doing differently here?

> submitting-patches.rst says:
> The Signed-off-by: tag indicates that the signer was involved in the
> development of the patch, or that he/she was in the patch's delivery path.

Yes, but not for git pulls.

I have not applied any patches sent in emails at this point in time, so
there's nothing that I could have even signed off on.

confused,

greg k-h

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: process? [Re: Crypto Fixes for 4.19]
  2018-09-19 16:40                             ` Greg KH
@ 2018-09-19 16:48                               ` Randy Dunlap
  2018-09-19 17:00                                 ` Willy Tarreau
  0 siblings, 1 reply; 79+ messages in thread
From: Randy Dunlap @ 2018-09-19 16:48 UTC (permalink / raw)
  To: Greg KH
  Cc: Herbert Xu, Linus Torvalds, David S. Miller,
	Linux Kernel Mailing List, Linux Crypto Mailing List

On 9/19/18 9:40 AM, Greg KH wrote:
> On Wed, Sep 19, 2018 at 09:10:55AM -0700, Randy Dunlap wrote:
>> On 9/19/18 6:23 AM, Greg KH wrote:
>>> On Wed, Sep 19, 2018 at 02:22:01PM +0800, Herbert Xu wrote:
>>>> Hi Greg: 
>>>>
>>>> This push fixes a potential boot hang in ccp and an incorrect
>>>> CPU capability check in aegis/morus on x86.
>>>>
>>>>
>>>> Please pull from
>>>>
>>>> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus
>>>
>>> Now pulled, thanks.
>>>
>>> greg k-h
>>
>> Hi,
>> Just a process question:
>>
>> It looks like Greg is not adding Signed-of-by: <himself>
>> to mainline git commits, although the prior mainline git committer did so.
>>
>> Is that omission on purpose?
> 
> s-o-b does not get added to git pulls, I "trust" the subsystem
> maintainer got it correct.  That's what Linus has always done in the
> past, what am I doing differently here?
> 
>> submitting-patches.rst says:
>> The Signed-off-by: tag indicates that the signer was involved in the
>> development of the patch, or that he/she was in the patch's delivery path.
> 
> Yes, but not for git pulls.
> 
> I have not applied any patches sent in emails at this point in time, so
> there's nothing that I could have even signed off on.

OK, I see.

> confused,

no, that's me :)


thanks,
-- 
~Randy

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: process? [Re: Crypto Fixes for 4.19]
  2018-09-19 16:48                               ` Randy Dunlap
@ 2018-09-19 17:00                                 ` Willy Tarreau
  0 siblings, 0 replies; 79+ messages in thread
From: Willy Tarreau @ 2018-09-19 17:00 UTC (permalink / raw)
  To: Randy Dunlap
  Cc: Greg KH, Herbert Xu, Linus Torvalds, David S. Miller,
	Linux Kernel Mailing List, Linux Crypto Mailing List

On Wed, Sep 19, 2018 at 09:48:42AM -0700, Randy Dunlap wrote:
> On 9/19/18 9:40 AM, Greg KH wrote:
> > On Wed, Sep 19, 2018 at 09:10:55AM -0700, Randy Dunlap wrote:
> >> submitting-patches.rst says:
> >> The Signed-off-by: tag indicates that the signer was involved in the
> >> development of the patch, or that he/she was in the patch's delivery path.
> > 
> > Yes, but not for git pulls.
> > 
> > I have not applied any patches sent in emails at this point in time, so
> > there's nothing that I could have even signed off on.
> 
> OK, I see.

Just FWIW, if this line was added, it would change the commit message
hence the resulting hash. That's why it only appears on patches really
committed by the mentioned people (typically using "git am").

Willy

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.19
  2018-09-19  6:22                       ` Herbert Xu
  2018-09-19 13:23                         ` Greg KH
@ 2018-10-05  2:08                         ` Herbert Xu
  2018-10-05 15:37                           ` Greg KH
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2018-10-05  2:08 UTC (permalink / raw)
  To: Greg KH, Linus Torvalds, David S. Miller,
	Linux Kernel Mailing List, Linux Crypto Mailing List

Hi Greg: 

This push fixes the following issues:

- Out-of-bound stack access in qat.
- Illegal schedule in mxs-dcp.
- Memory corruption in chelsio.
- Incorrect pointer computation in caam.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Harsh Jain (1):
      crypto: chelsio - Fix memory corruption in DMA Mapped buffers.

Horia Geantă (1):
      crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic

Leonard Crestez (1):
      crypto: mxs-dcp - Fix wait logic on chan threads

Waiman Long (1):
      crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe()

 drivers/crypto/caam/caamalg.c               |  8 ++---
 drivers/crypto/chelsio/chcr_algo.c          | 32 +++++++++++------
 drivers/crypto/chelsio/chcr_crypto.h        |  2 ++
 drivers/crypto/mxs-dcp.c                    | 53 ++++++++++++++++-------------
 drivers/crypto/qat/qat_c3xxx/adf_drv.c      |  6 ++--
 drivers/crypto/qat/qat_c3xxxvf/adf_drv.c    |  6 ++--
 drivers/crypto/qat/qat_c62x/adf_drv.c       |  6 ++--
 drivers/crypto/qat/qat_c62xvf/adf_drv.c     |  6 ++--
 drivers/crypto/qat/qat_dh895xcc/adf_drv.c   |  6 ++--
 drivers/crypto/qat/qat_dh895xccvf/adf_drv.c |  6 ++--
 10 files changed, 76 insertions(+), 55 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Fixes for 4.19
  2018-10-05  2:08                         ` Crypto Fixes for 4.19 Herbert Xu
@ 2018-10-05 15:37                           ` Greg KH
  0 siblings, 0 replies; 79+ messages in thread
From: Greg KH @ 2018-10-05 15:37 UTC (permalink / raw)
  To: Herbert Xu
  Cc: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

On Fri, Oct 05, 2018 at 10:08:30AM +0800, Herbert Xu wrote:
> Hi Greg: 
> 
> This push fixes the following issues:
> 
> - Out-of-bound stack access in qat.
> - Illegal schedule in mxs-dcp.
> - Memory corruption in chelsio.
> - Incorrect pointer computation in caam.
> 
> 
> Please pull from
> 
> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus

Now merged, thanks.

greg k-h

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Update for 4.20
  2017-11-13  7:43       ` Crypto Update for 4.15 Herbert Xu
  2018-01-29 14:50         ` Crypto Update for 4.16 Herbert Xu
@ 2018-10-23 10:09         ` Herbert Xu
  2018-10-25 23:46           ` Linus Torvalds
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2018-10-23 10:09 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

Here is the crypto update for 4.20:

API:

- Remove VLA usage.
- Add cryptostat user-space interface.
- Add notifier for new crypto algorithms.

Algorithms:

- Add OFB mode.
- Remove speck.

Drivers:

- Remove x86/sha*-mb as they are buggy.
- Remove pcbc(aes) from x86/aesni.
- Improve performance of arm/ghash-ce by up to 85%.
- Implement CTS-CBC in arm64/aes-blk, faster by up to 50%.
- Remove PMULL based arm64/crc32 driver.
- Use PMULL in arm64/crct10dif.
- Add aes-ctr support in s5p-sss.
- Add caam/qi2 driver.

Others:

- Pick better transform if one becomes available in crc-t10dif.

Please note that there is a conflict with the compiler-attributes
tree as one of the lines that was removed by a patch in the crypto
tree was moved to a different file in the compiler-attributes tree.
The fix is to remove that line from the moved file.

There is also a conflict with the mac80211 tree because the code
modified by the VLA fixes in the crypto tree has been removed in
the mac80211 tree.  The resolution is to simply use the mac80211
file.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (17):
      crypto: ccm - Remove VLA usage
      crypto: x86 - remove SHA multibuffer routines and mcryptd
      crypto: arm/ghash-ce - implement support for 4-way aggregation
      crypto: arm64/aes-modes - get rid of literal load of addend vector
      crypto: arm64/crc32 - remove PMULL based CRC32 driver
      crypto: arm64/crct10dif - preparatory refactor for 8x8 PMULL version
      crypto: arm64/crct10dif - implement non-Crypto Extensions alternative
      crypto: arm64/aes-blk - remove pointless (u8 *) casts
      crypto: arm64/aes-blk - revert NEON yield for skciphers
      crypto: arm64/aes-blk - add support for CTS-CBC mode
      crypto: arm64/aes-blk - improve XTS mask handling
      crypto: x86/aes-ni - remove special handling of AES in PCBC mode
      crypto: qat - move temp buffers off the stack
      crypto: lrw - fix rebase error after out of bounds fix
      crypto: morus/generic - fix for big endian systems
      crypto: aegis/generic - fix for big endian systems
      crypto: arm64/aes-blk - ensure XTS mask is always loaded

Arnd Bergmann (2):
      crypto: caam/qi2 - add CONFIG_NETDEVICES dependency
      crypto: caam/qi2 - avoid double export

Brijesh Singh (1):
      crypto: ccp - add timeout support in the SEV command

Christoph Manszewski (4):
      crypto: s5p-sss: Fix race in error handling
      crypto: s5p-sss: Fix Fix argument list alignment
      crypto: s5p-sss: Minor code cleanup
      crypto: s5p-sss: Add aes-ctr support

Corentin Labbe (2):
      crypto: user - Implement a generic crypto statistics
      crypto: tools - Add cryptostat userspace

Dan Aloni (1):
      crypto: fix a memory leak in rsa-kcs1pad's encryption mode

Dan Douglass (1):
      crypto: mxs-dcp - Implement sha import/export

Eric Biggers (4):
      crypto: arm/chacha20 - faster 8-bit rotations and other optimizations
      crypto: chacha20 - Fix chacha20_block() keystream alignment (again)
      crypto: arm64/aes - fix handling sub-block CTS-CBC inputs
      crypto: x86/aes-ni - fix build error following fpu template removal

Gilad Ben-Yossef (3):
      crypto: testmgr - update sm4 test vectors
      crypto: ofb - add output feedback mode
      crypto: tcrypt - add OFB functional tests

Harsh Jain (1):
      crypto: chelsio - Update ntx queue received from cxgb4

Herbert Xu (2):
      Merge git://git.kernel.org/.../herbert/crypto-2.6
      Merge git://git.kernel.org/.../herbert/crypto-2.6

Horia Geantă (20):
      crypto: caam/jr - remove ablkcipher IV generation
      crypto: caam/qi - remove ablkcipher IV generation
      crypto: caam/jr - ablkcipher -> skcipher conversion
      crypto: caam/qi - ablkcipher -> skcipher conversion
      bus: fsl-mc: add support for dpseci device type
      soc: fsl: dpio: add back some frame queue functions
      soc: fsl: dpio: add frame list format support
      soc: fsl: dpio: add congestion notification support
      crypto: caam - fix implicit casts in endianness helpers
      crypto: caam - add DPAA2-CAAM (DPSECI) backend API
      crypto: caam - add Queue Interface v2 error codes
      crypto: caam/qi2 - add DPAA2-CAAM driver
      crypto: caam/qi2 - add skcipher algorithms
      crypto: caam - export ahash shared descriptor generation
      crypto: caam/qi2 - add support for ahash algorithms
      arm64: defconfig: enable CAAM crypto engine on QorIQ DPAA2 SoCs
      crypto: tcrypt - fix ghash-generic speed test
      crypto: tcrypt - remove remnants of pcomp-based zlib
      crypto: caam/qi - simplify CGR allocation, freeing
      crypto: caam - add SPDX license identifier to all files

Janakarajan Natarajan (2):
      crypto: ccp - Fix static checker warning
      crypto: ccp - Allow SEV firmware to be chosen based on Family and Model

Jason A. Donenfeld (1):
      crypto: speck - remove Speck

Kees Cook (30):
      crypto: xcbc - Remove VLA usage
      crypto: cbc - Remove VLA usage
      crypto: hash - Remove VLA usage
      crypto: api - Introduce generic max blocksize and alignmask
      crypto: qat - Remove VLA usage
      crypto: shash - Remove VLA usage in unaligned hashing
      dm: Remove VLA usage from hashes
      crypto: skcipher - Introduce crypto_sync_skcipher
      gss_krb5: Remove VLA usage of skcipher
      lib80211: Remove VLA usage of skcipher
      mac802154: Remove VLA usage of skcipher
      s390/crypto: Remove VLA usage of skcipher
      x86/fpu: Remove VLA usage of skcipher
      block: cryptoloop: Remove VLA usage of skcipher
      libceph: Remove VLA usage of skcipher
      ppp: mppe: Remove VLA usage of skcipher
      rxrpc: Remove VLA usage of skcipher
      wusb: Remove VLA usage of skcipher
      crypto: ccp - Remove VLA usage of skcipher
      crypto: vmx - Remove VLA usage of skcipher
      crypto: null - Remove VLA usage of skcipher
      crypto: cryptd - Remove VLA usage of skcipher
      crypto: sahara - Remove VLA usage of skcipher
      crypto: qce - Remove VLA usage of skcipher
      crypto: artpec6 - Remove VLA usage of skcipher
      crypto: chelsio - Remove VLA usage of skcipher
      crypto: mxs-dcp - Remove VLA usage of skcipher
      crypto: omap-aes - Remove VLA usage of skcipher
      crypto: picoxcell - Remove VLA usage of skcipher
      crypto: skcipher - Remove SKCIPHER_REQUEST_ON_STACK()

Martin K. Petersen (3):
      crypto: api - Introduce notifier for new crypto algorithms
      crc-t10dif: Pick better transform if one becomes available
      crc-t10dif: Allow current transform to be inspected in sysfs

Michael S. Tsirkin (1):
      hwrng: core - document the quality field

Michael Schupikov (1):
      crypto: testmgr - fix sizeof() on COMP_BUF_SIZE

Mikulas Patocka (1):
      crypto: aesni - don't use GFP_ATOMIC allocation if the request doesn't cross a page in gcm

Nathan Chancellor (2):
      crypto: ccp - Remove forward declaration
      crypto: ccree - avoid implicit enum conversion

Ondrej Mosnacek (5):
      crypto: xts - Drop use of auxiliary buffer
      crypto: lrw - Fix out-of bounds access on counter overflow
      crypto: testmgr - Add test for LRW counter wrap-around
      crypto: lrw - Optimize tweak computation
      crypto: lrw - Do not use auxiliary buffer

Radu Solea (2):
      crypto: mxs-dcp - Fix SHA null hashes and output length
      crypto: mxs-dcp - Fix AES issues

Srikanth Jampala (9):
      crypto: cavium/nitrox - Added support for SR-IOV configuration.
      crypto: cavium/nitrox - use dma_pool_zalloc()
      crypto: cavium/nitrox - added support to identify the NITROX device partname.
      crypto: cavium/nitrox - add support for per device request statistics.
      crypto: cavium/nitrox - updated debugfs information.
      crypto: cavium/nitrox - fix warnings while printing atomic64_t types
      crypto: cavium/nitrox - use pcie_flr instead of duplicating it
      crypto: cavium/nitrox - NITROX command queue changes.
      crypto: cavium/nitrox - use pci_alloc_irq_vectors() while enabling MSI-X.

Stefan Agner (2):
      cpufeature: avoid warning when compiling with clang
      crypto: arm/crc32 - avoid warning when compiling with Clang

Tudor Ambarus (1):
      crypto: atmel - switch to SPDX license identifiers

Valdis Kletnieks (1):
      crypto/morus(640,1280) - make crypto_...-algs static

Wei Yongjun (2):
      crypto: ccp - Make function sev_get_firmware() static
      crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static

YueHaibing (2):
      crypto: axis - fix platform_no_drv_owner.cocci warnings
      crypto: chtls - remove set but not used variable 'csk'

kbuild test robot (1):
      crc-t10dif: crc_t10dif_mutex can be static

zhong jiang (2):
      crypto: chtls - remove redundant null pointer check before kfree_skb
      crypto: cavium - remove redundant null pointer check before kfree

 Documentation/filesystems/fscrypt.rst              |   10 -
 MAINTAINERS                                        |    8 -
 arch/arm/crypto/Kconfig                            |    7 +-
 arch/arm/crypto/Makefile                           |    2 -
 arch/arm/crypto/chacha20-neon-core.S               |  277 +-
 arch/arm/crypto/crc32-ce-glue.c                    |    2 +-
 arch/arm/crypto/ghash-ce-core.S                    |  108 +-
 arch/arm/crypto/ghash-ce-glue.c                    |   38 +-
 arch/arm/crypto/speck-neon-core.S                  |  434 --
 arch/arm/crypto/speck-neon-glue.c                  |  288 --
 arch/arm64/configs/defconfig                       |    2 +-
 arch/arm64/crypto/Kconfig                          |   11 -
 arch/arm64/crypto/Makefile                         |    6 -
 arch/arm64/crypto/aes-ce.S                         |    5 +
 arch/arm64/crypto/aes-glue.c                       |  217 +-
 arch/arm64/crypto/aes-modes.S                      |  416 +-
 arch/arm64/crypto/aes-neon.S                       |    6 +
 arch/arm64/crypto/crc32-ce-core.S                  |  287 --
 arch/arm64/crypto/crc32-ce-glue.c                  |  244 -
 arch/arm64/crypto/crct10dif-ce-core.S              |  314 +-
 arch/arm64/crypto/crct10dif-ce-glue.c              |   14 +-
 arch/arm64/crypto/speck-neon-core.S                |  352 --
 arch/arm64/crypto/speck-neon-glue.c                |  282 --
 arch/m68k/configs/amiga_defconfig                  |    2 -
 arch/m68k/configs/apollo_defconfig                 |    2 -
 arch/m68k/configs/atari_defconfig                  |    2 -
 arch/m68k/configs/bvme6000_defconfig               |    2 -
 arch/m68k/configs/hp300_defconfig                  |    2 -
 arch/m68k/configs/mac_defconfig                    |    2 -
 arch/m68k/configs/multi_defconfig                  |    2 -
 arch/m68k/configs/mvme147_defconfig                |    2 -
 arch/m68k/configs/mvme16x_defconfig                |    2 -
 arch/m68k/configs/q40_defconfig                    |    2 -
 arch/m68k/configs/sun3_defconfig                   |    2 -
 arch/m68k/configs/sun3x_defconfig                  |    2 -
 arch/s390/configs/debug_defconfig                  |    1 -
 arch/s390/configs/performance_defconfig            |    1 -
 arch/s390/crypto/aes_s390.c                        |   48 +-
 arch/s390/defconfig                                |    1 -
 arch/x86/crypto/Makefile                           |    5 +-
 arch/x86/crypto/aesni-intel_glue.c                 |   47 +-
 arch/x86/crypto/fpu.c                              |  207 -
 arch/x86/crypto/sha1-mb/Makefile                   |   14 -
 arch/x86/crypto/sha1-mb/sha1_mb.c                  | 1011 ----
 arch/x86/crypto/sha1-mb/sha1_mb_ctx.h              |  134 -
 arch/x86/crypto/sha1-mb/sha1_mb_mgr.h              |  110 -
 arch/x86/crypto/sha1-mb/sha1_mb_mgr_datastruct.S   |  287 --
 arch/x86/crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S   |  304 --
 arch/x86/crypto/sha1-mb/sha1_mb_mgr_init_avx2.c    |   64 -
 arch/x86/crypto/sha1-mb/sha1_mb_mgr_submit_avx2.S  |  209 -
 arch/x86/crypto/sha1-mb/sha1_x8_avx2.S             |  492 --
 arch/x86/crypto/sha256-mb/Makefile                 |   14 -
 arch/x86/crypto/sha256-mb/sha256_mb.c              | 1013 ----
 arch/x86/crypto/sha256-mb/sha256_mb_ctx.h          |  134 -
 arch/x86/crypto/sha256-mb/sha256_mb_mgr.h          |  108 -
 .../crypto/sha256-mb/sha256_mb_mgr_datastruct.S    |  304 --
 .../crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S    |  307 --
 .../x86/crypto/sha256-mb/sha256_mb_mgr_init_avx2.c |   65 -
 .../crypto/sha256-mb/sha256_mb_mgr_submit_avx2.S   |  214 -
 arch/x86/crypto/sha256-mb/sha256_x8_avx2.S         |  598 ---
 arch/x86/crypto/sha512-mb/Makefile                 |   12 -
 arch/x86/crypto/sha512-mb/sha512_mb.c              | 1047 ----
 arch/x86/crypto/sha512-mb/sha512_mb_ctx.h          |  128 -
 arch/x86/crypto/sha512-mb/sha512_mb_mgr.h          |  104 -
 .../crypto/sha512-mb/sha512_mb_mgr_datastruct.S    |  281 --
 .../crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S    |  297 --
 .../x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.c |   69 -
 .../crypto/sha512-mb/sha512_mb_mgr_submit_avx2.S   |  224 -
 arch/x86/crypto/sha512-mb/sha512_x4_avx2.S         |  531 --
 crypto/Kconfig                                     |  101 +-
 crypto/Makefile                                    |    4 +-
 crypto/aegis.h                                     |   20 +-
 crypto/ahash.c                                     |   25 +-
 crypto/algapi.c                                    |   17 +-
 crypto/algboss.c                                   |    2 +
 crypto/algif_aead.c                                |   12 +-
 crypto/algif_hash.c                                |    2 +-
 crypto/authenc.c                                   |    8 +-
 crypto/authencesn.c                                |    8 +-
 crypto/ccm.c                                       |    9 +-
 crypto/chacha20_generic.c                          |    7 +-
 crypto/cryptd.c                                    |   32 +-
 crypto/crypto_null.c                               |   11 +-
 crypto/{crypto_user.c => crypto_user_base.c}       |    9 +-
 crypto/crypto_user_stat.c                          |  463 ++
 crypto/echainiv.c                                  |    4 +-
 crypto/gcm.c                                       |    8 +-
 crypto/internal.h                                  |    8 -
 crypto/lrw.c                                       |  339 +-
 crypto/mcryptd.c                                   |  675 ---
 crypto/morus1280.c                                 |    7 +-
 crypto/morus640.c                                  |   16 +-
 crypto/ofb.c                                       |  225 +
 crypto/rng.c                                       |    1 +
 crypto/rsa-pkcs1pad.c                              |    9 -
 crypto/seqiv.c                                     |    4 +-
 crypto/shash.c                                     |   33 +-
 crypto/skcipher.c                                  |   24 +
 crypto/speck.c                                     |  307 --
 crypto/tcrypt.c                                    |   27 +-
 crypto/tcrypt.h                                    |    1 +
 crypto/testmgr.c                                   |   42 +-
 crypto/testmgr.h                                   |  863 +---
 crypto/xcbc.c                                      |    8 +-
 crypto/xts.c                                       |  269 +-
 drivers/block/cryptoloop.c                         |   22 +-
 drivers/bus/fsl-mc/fsl-mc-bus.c                    |    5 +
 drivers/char/hw_random/core.c                      |    4 +-
 drivers/char/random.c                              |   24 +-
 drivers/crypto/Makefile                            |    2 +-
 drivers/crypto/atmel-aes.c                         |    5 +-
 drivers/crypto/atmel-authenc.h                     |   13 +-
 drivers/crypto/atmel-ecc.c                         |   11 +-
 drivers/crypto/atmel-ecc.h                         |   14 +-
 drivers/crypto/atmel-sha.c                         |    5 +-
 drivers/crypto/atmel-tdes.c                        |    5 +-
 drivers/crypto/axis/artpec6_crypto.c               |   20 +-
 drivers/crypto/caam/Kconfig                        |   57 +-
 drivers/crypto/caam/Makefile                       |   10 +-
 drivers/crypto/caam/caamalg.c                      |  728 +--
 drivers/crypto/caam/caamalg_desc.c                 |  143 +-
 drivers/crypto/caam/caamalg_desc.h                 |   28 +-
 drivers/crypto/caam/caamalg_qi.c                   |  627 +--
 drivers/crypto/caam/caamalg_qi2.c                  | 5165 ++++++++++++++++++++
 drivers/crypto/caam/caamalg_qi2.h                  |  223 +
 drivers/crypto/caam/caamhash.c                     |   80 +-
 drivers/crypto/caam/caamhash_desc.c                |   80 +
 drivers/crypto/caam/caamhash_desc.h                |   21 +
 drivers/crypto/caam/caampkc.c                      |    1 +
 drivers/crypto/caam/caamrng.c                      |    1 +
 drivers/crypto/caam/compat.h                       |    2 +
 drivers/crypto/caam/ctrl.c                         |    1 +
 drivers/crypto/caam/dpseci.c                       |  426 ++
 drivers/crypto/caam/dpseci.h                       |  333 ++
 drivers/crypto/caam/dpseci_cmd.h                   |  149 +
 drivers/crypto/caam/error.c                        |   79 +-
 drivers/crypto/caam/error.h                        |    6 +-
 drivers/crypto/caam/jr.c                           |    1 +
 drivers/crypto/caam/qi.c                           |   43 +-
 drivers/crypto/caam/qi.h                           |    3 +-
 drivers/crypto/caam/regs.h                         |   30 +-
 drivers/crypto/caam/sg_sw_qm.h                     |   29 +-
 drivers/crypto/caam/sg_sw_qm2.h                    |   30 +-
 drivers/crypto/cavium/cpt/cptvf_reqmanager.c       |   20 +-
 drivers/crypto/cavium/nitrox/Makefile              |    3 +
 drivers/crypto/cavium/nitrox/nitrox_common.h       |   19 +-
 drivers/crypto/cavium/nitrox/nitrox_csr.h          |  111 +
 drivers/crypto/cavium/nitrox/nitrox_debugfs.c      |  115 +
 drivers/crypto/cavium/nitrox/nitrox_dev.h          |  162 +-
 drivers/crypto/cavium/nitrox/nitrox_hal.c          |   71 +-
 drivers/crypto/cavium/nitrox/nitrox_hal.h          |   23 +
 drivers/crypto/cavium/nitrox/nitrox_isr.c          |  337 +-
 drivers/crypto/cavium/nitrox/nitrox_isr.h          |   10 +
 drivers/crypto/cavium/nitrox/nitrox_lib.c          |   98 +-
 drivers/crypto/cavium/nitrox/nitrox_main.c         |  203 +-
 drivers/crypto/cavium/nitrox/nitrox_reqmgr.c       |   49 +-
 drivers/crypto/cavium/nitrox/nitrox_sriov.c        |  151 +
 drivers/crypto/ccp/ccp-crypto-aes-xts.c            |   13 +-
 drivers/crypto/ccp/ccp-crypto.h                    |    2 +-
 drivers/crypto/ccp/psp-dev.c                       |   47 +-
 drivers/crypto/ccp/sp-platform.c                   |   53 +-
 drivers/crypto/ccree/cc_hw_queue_defs.h            |    6 +-
 drivers/crypto/chelsio/chcr_algo.c                 |   30 +-
 drivers/crypto/chelsio/chcr_core.c                 |    2 +-
 drivers/crypto/chelsio/chcr_crypto.h               |    2 +-
 drivers/crypto/chelsio/chtls/chtls_cm.c            |    7 +-
 drivers/crypto/chelsio/chtls/chtls_main.c          |    3 +-
 drivers/crypto/mxs-dcp.c                           |  142 +-
 drivers/crypto/omap-aes.c                          |   17 +-
 drivers/crypto/omap-aes.h                          |    2 +-
 drivers/crypto/picoxcell_crypto.c                  |   21 +-
 drivers/crypto/qat/qat_common/qat_algs.c           |   60 +-
 drivers/crypto/qce/ablkcipher.c                    |   13 +-
 drivers/crypto/qce/cipher.h                        |    2 +-
 drivers/crypto/s5p-sss.c                           |  113 +-
 drivers/crypto/sahara.c                            |   31 +-
 drivers/crypto/vmx/aes_cbc.c                       |   22 +-
 drivers/crypto/vmx/aes_ctr.c                       |   18 +-
 drivers/crypto/vmx/aes_xts.c                       |   18 +-
 drivers/md/dm-integrity.c                          |   23 +-
 drivers/md/dm-verity-fec.c                         |    5 +-
 drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.c     |   20 +-
 drivers/net/ppp/ppp_mppe.c                         |   27 +-
 drivers/soc/fsl/dpio/dpio-service.c                |   58 +
 drivers/staging/rtl8192e/rtllib_crypt_tkip.c       |   34 +-
 drivers/staging/rtl8192e/rtllib_crypt_wep.c        |   28 +-
 .../rtl8192u/ieee80211/ieee80211_crypt_tkip.c      |   34 +-
 .../rtl8192u/ieee80211/ieee80211_crypt_wep.c       |   26 +-
 drivers/usb/wusbcore/crypto.c                      |   16 +-
 fs/crypto/fscrypt_private.h                        |    4 -
 fs/crypto/keyinfo.c                                |   10 -
 include/crypto/acompress.h                         |   38 +-
 include/crypto/aead.h                              |   51 +-
 include/crypto/akcipher.h                          |   76 +-
 include/crypto/algapi.h                            |   14 +-
 include/crypto/cbc.h                               |    2 +-
 include/crypto/chacha20.h                          |    3 +-
 include/crypto/hash.h                              |   38 +-
 include/crypto/internal/cryptouser.h               |    8 +
 include/crypto/internal/geniv.h                    |    2 +-
 include/crypto/kpp.h                               |   51 +-
 include/crypto/mcryptd.h                           |  114 -
 include/crypto/morus1280_glue.h                    |    2 +-
 include/crypto/morus640_glue.h                     |    2 +-
 include/crypto/null.h                              |    2 +-
 include/crypto/rng.h                               |   29 +-
 include/crypto/skcipher.h                          |  118 +-
 include/crypto/speck.h                             |   62 -
 include/linux/compiler_types.h                     |    1 -
 include/linux/cpufeature.h                         |    2 +-
 include/linux/crc-t10dif.h                         |    1 +
 include/linux/crypto.h                             |  110 +-
 include/linux/fsl/mc.h                             |    6 +
 include/linux/hw_random.h                          |    3 +-
 include/linux/sunrpc/gss_krb5.h                    |   30 +-
 include/soc/fsl/dpaa2-fd.h                         |  242 +
 include/soc/fsl/dpaa2-global.h                     |   15 +
 include/soc/fsl/dpaa2-io.h                         |    4 +
 include/uapi/linux/cryptouser.h                    |   52 +
 include/uapi/linux/fs.h                            |    4 +-
 lib/chacha20.c                                     |    6 +-
 lib/crc-t10dif.c                                   |   57 +-
 net/ceph/crypto.c                                  |   12 +-
 net/ceph/crypto.h                                  |    2 +-
 net/mac802154/llsec.c                              |   16 +-
 net/mac802154/llsec.h                              |    2 +-
 net/rxrpc/ar-internal.h                            |    2 +-
 net/rxrpc/rxkad.c                                  |   44 +-
 net/sunrpc/auth_gss/gss_krb5_crypto.c              |   87 +-
 net/sunrpc/auth_gss/gss_krb5_keys.c                |    9 +-
 net/sunrpc/auth_gss/gss_krb5_mech.c                |   53 +-
 net/sunrpc/auth_gss/gss_krb5_seqnum.c              |   18 +-
 net/sunrpc/auth_gss/gss_krb5_wrap.c                |   20 +-
 net/wireless/lib80211_crypt_tkip.c                 |   34 +-
 net/wireless/lib80211_crypt_wep.c                  |   28 +-
 tools/crypto/getstat.c                             |  294 ++
 236 files changed, 11951 insertions(+), 15861 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Re: Crypto Update for 4.20
  2018-10-23 10:09         ` Crypto Update for 4.20 Herbert Xu
@ 2018-10-25 23:46           ` Linus Torvalds
  0 siblings, 0 replies; 79+ messages in thread
From: Linus Torvalds @ 2018-10-25 23:46 UTC (permalink / raw)
  To: herbert; +Cc: David Miller, Linux Kernel Mailing List, linux-crypto

On Tue, Oct 23, 2018 at 3:10 AM Herbert Xu <herbert@gondor.apana.org.au> wrote:
>
> Here is the crypto update for 4.20:

Pulled.

> Please note that there is a conflict with the compiler-attributes
> tree as one of the lines that was removed by a patch in the crypto
> tree was moved to a different file in the compiler-attributes tree.
> The fix is to remove that line from the moved file.

Thanks for noting that. I haven't pulled the compiler-attributes tree
yet, but I will hopefully remember this note when I do.

The lib80211 conflicts looked trivial, but I'm building the tree to
verify that I didn't screw something up..

               Linus

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.20
  2018-08-29  3:33                     ` Crypto Fixes for 4.19 Herbert Xu
  2018-09-19  6:22                       ` Herbert Xu
@ 2018-11-16  6:31                       ` Herbert Xu
  2018-12-07  6:14                         ` Herbert Xu
  1 sibling, 1 reply; 79+ messages in thread
From: Herbert Xu @ 2018-11-16  6:31 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Potential memory overwrite in simd.
- Kernel info leaks in crypto_user.
- NULL dereference and use-after-free in hisilicon.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (1):
      crypto: simd - correctly take reqsize of wrapped skcipher into account

Corentin Labbe (1):
      crypto: user - Zeroize whole structure given to user space

Eric Biggers (1):
      crypto: user - fix leaking uninitialized memory to userspace

John Garry (2):
      crypto: hisilicon - Fix NULL dereference for same dst and src
      crypto: hisilicon - Fix reference after free of memories on error path

 crypto/crypto_user_base.c               | 18 +++++++++---------
 crypto/crypto_user_stat.c               | 21 +++++++++++++++++++++
 crypto/simd.c                           |  5 +++--
 drivers/crypto/hisilicon/sec/sec_algs.c | 31 +++++++++++++++++--------------
 4 files changed, 50 insertions(+), 25 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

* Crypto Fixes for 4.20
  2018-11-16  6:31                       ` Crypto Fixes for 4.20 Herbert Xu
@ 2018-12-07  6:14                         ` Herbert Xu
  0 siblings, 0 replies; 79+ messages in thread
From: Herbert Xu @ 2018-12-07  6:14 UTC (permalink / raw)
  To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
	Linux Crypto Mailing List

Hi Linus: 

This push fixes the following issues:

- Disable the new crypto stats interface as it's still being changed.
- Fix potential uses-after-free in cbc/cfb/pcbc.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
      crypto: user - Disable statistics interface

Pan Bian (1):
      crypto: do not free algorithm before using

 crypto/Kconfig | 2 +-
 crypto/cbc.c   | 6 ++++--
 crypto/cfb.c   | 6 ++++--
 crypto/pcbc.c  | 6 ++++--
 4 files changed, 13 insertions(+), 7 deletions(-)

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 79+ messages in thread

end of thread, back to index

Thread overview: 79+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-11-19 10:27 Crypto Fixes for 4.9 Herbert Xu
2016-11-23  5:36 ` Herbert Xu
2016-12-05  6:37 ` Herbert Xu
2016-12-10  6:01   ` Herbert Xu
2016-12-13 13:24 ` Crypto Update for 4.10 Herbert Xu
2017-02-23 12:51   ` Crypto Update for 4.11 Herbert Xu
2017-05-01 14:26     ` Crypto Update for 4.12 Herbert Xu
2017-07-05 13:01     ` Crypto Update for 4.13 Herbert Xu
2017-07-05 20:02       ` Linus Torvalds
2017-07-06  2:19         ` Herbert Xu
2017-07-14 14:18     ` Crypto Fixes " Herbert Xu
2017-07-28  8:49       ` Herbert Xu
2017-08-09 12:04         ` Herbert Xu
2017-08-14  9:43           ` Herbert Xu
2017-09-01  7:53             ` Herbert Xu
2017-09-22  8:44       ` Crypto Fixes for 4.14 Herbert Xu
2017-10-12 10:51         ` Herbert Xu
2017-10-30  7:20           ` Herbert Xu
2017-11-06  6:37             ` Herbert Xu
2017-11-28 23:09         ` Crypto Fixes for 4.15 Herbert Xu
2017-12-11  7:22           ` Herbert Xu
2017-12-22  6:49           ` Herbert Xu
2018-01-05  7:38             ` Herbert Xu
2018-01-12  6:44               ` Herbert Xu
2018-02-12  3:17               ` Crypto Fixes for 4.16 Herbert Xu
2018-02-22 14:15                 ` Herbert Xu
2018-04-28  8:05                 ` Crypto Fixes for 4.17 Herbert Xu
2018-05-30 16:17                   ` Herbert Xu
2018-06-22 14:54                   ` Crypto Fixes for 4.18 Herbert Xu
2018-07-08 16:20                     ` Herbert Xu
2018-07-08 18:31                       ` Linus Torvalds
2018-07-09  9:47                         ` Ondrej Mosnáček
2018-07-09 15:52                           ` Linus Torvalds
2018-07-19  7:39                     ` Herbert Xu
2018-08-03  5:44                       ` Herbert Xu
2018-08-09  5:47                         ` Herbert Xu
2018-08-29  3:33                     ` Crypto Fixes for 4.19 Herbert Xu
2018-09-19  6:22                       ` Herbert Xu
2018-09-19 13:23                         ` Greg KH
2018-09-19 16:10                           ` process? [Re: Crypto Fixes for 4.19] Randy Dunlap
2018-09-19 16:40                             ` Greg KH
2018-09-19 16:48                               ` Randy Dunlap
2018-09-19 17:00                                 ` Willy Tarreau
2018-10-05  2:08                         ` Crypto Fixes for 4.19 Herbert Xu
2018-10-05 15:37                           ` Greg KH
2018-11-16  6:31                       ` Crypto Fixes for 4.20 Herbert Xu
2018-12-07  6:14                         ` Herbert Xu
2017-09-04 10:12     ` Crypto Update for 4.14 Herbert Xu
2017-11-13  7:43       ` Crypto Update for 4.15 Herbert Xu
2018-01-29 14:50         ` Crypto Update for 4.16 Herbert Xu
2018-04-04 15:27           ` Crypto Update for 4.17 Herbert Xu
2018-06-04 17:15             ` Crypto Update for 4.18 Herbert Xu
2018-08-15 12:05               ` Crypto Update for 4.19 Herbert Xu
2018-10-23 10:09         ` Crypto Update for 4.20 Herbert Xu
2018-10-25 23:46           ` Linus Torvalds
2016-12-15 16:07 ` Crypto Fixes for 4.10 Herbert Xu
2016-12-27  9:45   ` Herbert Xu
2016-12-30 10:19     ` Herbert Xu
2017-01-11 11:56   ` Herbert Xu
2017-02-01  9:04     ` Herbert Xu
2017-02-06  9:25       ` Herbert Xu
2017-03-04  7:41     ` Crypto Fixes for 4.11 Herbert Xu
2017-03-15  6:31       ` Herbert Xu
2017-03-24 13:46         ` Herbert Xu
2017-03-31 10:29           ` Herbert Xu
2017-04-10 11:04             ` Herbert Xu
2017-04-18 10:27               ` Herbert Xu
2017-05-23  3:42       ` Crypto Fixes for 4.12 Herbert Xu
2017-06-08  9:23         ` Herbert Xu
2017-06-08 14:05           ` David Miller
2017-06-09  2:52             ` Herbert Xu
2017-06-15  0:54           ` Herbert Xu
2017-06-15  9:04             ` Linus Torvalds
2017-06-15  9:05               ` Linus Torvalds
2017-06-15  9:42               ` Herbert Xu
2017-06-15 15:02                 ` David Miller
2017-06-15 15:01               ` David Miller
2017-06-16 12:50                 ` Theodore Ts'o
2017-06-16 16:49                   ` David Miller

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org linux-kernel@archiver.kernel.org
	public-inbox-index lkml


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/ public-inbox