Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v6.18.21 2025-09-28T03:54:48+00:00 2025-09-28T03:54:48+00:00 Bagas Sanjaya bagasdotme@gmail.com 2025-09-20T00:16:51+00:00 urn:sha1:298ced6c3b3c116987554364998e9d8cb94e0126 Documentation for crypto programming interfaces lack explicit title. As such, all its sections become entries in the toctree index. Add the title heading to tidy up toctree. Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com> Reviewed-by: Randy Dunlap <rdunlap@infradead.org> Tested-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-07-18T10:52:00+00:00 Ovidiu Panait ovidiu.panait.oss@gmail.com 2025-07-11T18:29:32+00:00 urn:sha1:5eb32430df783e212ffed8d35cc494a8941cda0a The {prepare,unprepare}_crypt_hardware callbacks were added back in 2016 by commit 735d37b5424b ("crypto: engine - Introduce the block request crypto engine framework"), but they were never implemented by any driver. Remove them as they are unused. Since the 'engine->idling' and 'was_busy' flags are no longer needed, remove them as well. Signed-off-by: Ovidiu Panait <ovidiu.panait.oss@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-03-21T09:39:06+00:00 Ard Biesheuvel ardb@kernel.org 2025-03-16T01:21:27+00:00 urn:sha1:fce8b8d5986b76a4fdd062e3eec1bb6420fee6c5 The 'comp' compression API has been superseded by the acomp API, which is a bit more cumbersome to use, but ultimately more flexible when it comes to hardware implementations. Now that all the users and implementations have been removed, let's remove the core plumbing of the 'comp' API as well. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-03-02T21:39:03+00:00 David Howells dhowells@redhat.com 2023-04-14T10:35:12+00:00 urn:sha1:903be6989032267550450bbb9132225e12f61312 Add API documentation for the kerberos crypto library. Signed-off-by: David Howells <dhowells@redhat.com> cc: Herbert Xu <herbert@gondor.apana.org.au> cc: "David S. Miller" <davem@davemloft.net> cc: Chuck Lever <chuck.lever@oracle.com> cc: Marc Dionne <marc.dionne@auristor.com> cc: Eric Dumazet <edumazet@google.com> cc: Jakub Kicinski <kuba@kernel.org> cc: Paolo Abeni <pabeni@redhat.com> cc: Simon Horman <horms@kernel.org> cc: linux-afs@lists.infradead.org cc: linux-nfs@vger.kernel.org cc: linux-crypto@vger.kernel.org cc: netdev@vger.kernel.org 2024-10-10T09:08:02+00:00 Lukas Wunner lukas@wunner.de 2024-10-08T09:12:01+00:00 urn:sha1:5c20772738e1d1d7bec41664eb9d61497e53c10e Stephen reports a documentation build warning for "make htmldocs" introduced by recent commit 6b34562f0cfe ("crypto: akcipher - Drop sign/verify operations"). The commit renamed a paragraph title in a header file, but neglected to amend the title reference in the API documentation. Fix it. Fixes: 6b34562f0cfe ("crypto: akcipher - Drop sign/verify operations") Reported-by: Stephen Rothwell <sfr@canb.auug.org.au> Closes: https://lore.kernel.org/all/20241008172926.0b995ea7@canb.auug.org.au/ Signed-off-by: Lukas Wunner <lukas@wunner.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2024-10-05T05:22:04+00:00 Lukas Wunner lukas@wunner.de 2024-09-10T14:30:27+00:00 urn:sha1:a2471684dae23a676b4badea306140d24e6507f5 software_key_query() returns the maximum signature and digest size for a given key to user space. When it only supported RSA keys, calculating those sizes was trivial as they were always equivalent to the key size. However when ECDSA was added, the function grew somewhat complicated calculations which take the ASN.1 encoding and curve into account. This doesn't scale well and adjusting the calculations is easily forgotten when adding support for new encodings or curves. In fact, when NIST P521 support was recently added, the function was initially not amended: https://lore.kernel.org/all/b749d5ee-c3b8-4cbd-b252-7773e4536e07@linux.ibm.com/ Introduce a ->max_size() callback to struct sig_alg and take advantage of it to move the signature size calculations to ecdsa-x962.c. Introduce a ->digest_size() callback to struct sig_alg and move the maximum ECDSA digest size to ecdsa.c. It is common across ecdsa-x962.c and the upcoming ecdsa-p1363.c and thus inherited by both of them. For all other algorithms, continue using the key size as maximum signature and digest size. Signed-off-by: Lukas Wunner <lukas@wunner.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2024-10-05T05:22:04+00:00 Lukas Wunner lukas@wunner.de 2024-09-10T14:30:26+00:00 urn:sha1:221f00418e726237dbe38ba627ce08b22d3667f7 crypto_sig_maxsize() is a bit of a misnomer as it doesn't return the maximum signature size, but rather the key size. Rename it as well as all implementations of the ->max_size callback. A subsequent commit introduces a crypto_sig_maxsize() function which returns the actual maximum signature size. While at it, change the return type of crypto_sig_keysize() from int to unsigned int for consistency with crypto_akcipher_maxsize(). None of the callers checks for a negative return value and an error condition can always be indicated by returning zero. Signed-off-by: Lukas Wunner <lukas@wunner.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2024-10-05T05:22:04+00:00 Lukas Wunner lukas@wunner.de 2024-09-10T14:30:21+00:00 urn:sha1:6b34562f0cfe81f1f207fc7c146c4ff4b31eb625 A sig_alg backend has just been introduced and all asymmetric sign/verify algorithms have been migrated to it. The sign/verify operations can thus be dropped from akcipher_alg. It is now purely for asymmetric encrypt/decrypt. Move struct crypto_akcipher_sync_data from internal.h to akcipher.c and unexport crypto_akcipher_sync_{prep,post}(): They're no longer used by sig.c but only locally in akcipher.c. In crypto_akcipher_sync_{prep,post}(), drop various NULL pointer checks for data->dst as they were only necessary for the verify operation. In the crypto_sig_*() API calls, remove the forks that were necessary while algorithms were converted from crypto_akcipher to crypto_sig one by one. In struct akcipher_testvec, remove the "params", "param_len" and "algo" elements as they were only needed for the ecrdsa verify operation. Remove corresponding dead code from test_akcipher_one() as well. Signed-off-by: Lukas Wunner <lukas@wunner.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2024-10-05T05:22:04+00:00 Lukas Wunner lukas@wunner.de 2024-09-10T14:30:12+00:00 urn:sha1:65c4c93caaf1a9fca2855942e338530967162d25 Commit 6cb8815f41a9 ("crypto: sig - Add interface for sign/verify") began a transition of asymmetric sign/verify operations from crypto_akcipher to a new crypto_sig frontend. Internally, the crypto_sig frontend still uses akcipher_alg as backend, however: "The link between sig and akcipher is meant to be temporary. The plan is to create a new low-level API for sig and then migrate the signature code over to that from akcipher." https://lore.kernel.org/r/ZrG6w9wsb-iiLZIF@gondor.apana.org.au/ "having a separate alg for sig is definitely where we want to be since there is very little that the two types actually share." https://lore.kernel.org/r/ZrHlpz4qnre0zWJO@gondor.apana.org.au/ Take the next step of that migration and augment the crypto_sig frontend with a sig_alg backend to which all algorithms can be moved. During the migration, there will briefly be signature algorithms that are still based on crypto_akcipher, whilst others are already based on crypto_sig. Allow for that by building a fork into crypto_sig_*() API calls (i.e. crypto_sig_maxsize() and friends) such that one of the two backends is selected based on the transform's cra_type. Signed-off-by: Lukas Wunner <lukas@wunner.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2024-06-12T21:41:09+00:00 Ahmad Fatoum a.fatoum@pengutronix.de 2024-05-29T08:08:29+00:00 urn:sha1:e8496ad6d804234933791daf3198c3a7fee522aa The code example fails to compile: 1) addr_conv is defined twice, once as a VLA, which have been phased out 2) submit is not a pointer, but is still dereferenced with -> 3) The first call to async_xor() lacked the trailing semicolon Fix these issues and while at it, fix some code style nitpicks as well: 1) make the functions static as users are unlikely to export them 2) include the relevant header 3) Shorten the example a bit by removing a redundant variable definition Fixes: 04ce9ab385dc ("async_xor: permit callers to pass in a 'dma/page scribble' region") Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Reviewed-by: Andre Noll <maan@tuebingen.mpg.de> Signed-off-by: Jonathan Corbet <corbet@lwn.net> Link: https://lore.kernel.org/r/20240529-async-dma-docs-v2-1-8faf87e72e6d@pengutronix.de