Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v6.18.21 2026-02-26T22:59:02+00:00 2026-02-26T22:59:02+00:00 Thomas Fourier fourier.thomas@gmail.com 2025-12-18T10:12:57+00:00 urn:sha1:c6eb4991a17762a0ffa09511ec9a761b15407f2f [ Upstream commit 624a6760bf8464965c17c8df10b40b557eaa3002 ] The size of the buffer in alloc_command_queues() is curr->size + OTX_CPT_NEXT_CHUNK_PTR_SIZE, so used that length for dma_free_coherent(). Fixes: 10b4f09491bf ("crypto: marvell - add the Virtual Function driver for CPT") Signed-off-by: Thomas Fourier <fourier.thomas@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org> 2026-02-16T09:19:44+00:00 Thorsten Blum thorsten.blum@linux.dev 2025-11-26T09:46:13+00:00 urn:sha1:62c89e1992c867a3e701a6bd60a168c59a62b159 commit 5565a72b24fa7935a9f30af386e92c8c9dfb23b9 upstream. OTX_CPT_UCODE_NAME_LENGTH limits the microcode name to 64 bytes. If a user writes a string of exactly 64 characters, the original code used 'strlen(buf) > 64' to check the length, but then strscpy() copies only 63 characters before adding a NUL terminator, silently truncating the copied string. Fix this off-by-one error by using 'count' directly for the length check to ensure long names are rejected early and copied without truncation. Cc: stable@vger.kernel.org Fixes: d9110b0b01ff ("crypto: marvell - add support for OCTEON TX CPT engine") Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2025-08-22T09:28:44+00:00 Thorsten Blum thorsten.blum@linux.dev 2025-08-11T09:24:57+00:00 urn:sha1:361fa7f813e7056cecdb24f3582ab0ad4a088e4e In otx2_cpt_dl_custom_egrp_create(), strscpy() is called with the length of the source string rather than the size of the destination buffer. This is fine as long as the destination buffer is larger than the source string, but we should still use the destination buffer size instead to call strscpy() as intended. And since 'tmp_buf' is a fixed-size buffer, we can safely omit the size argument and let strscpy() infer it using sizeof(). Fixes: d9d7749773e8 ("crypto: octeontx2 - add apis for custom engine groups") Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-07-31T16:45:28+00:00 Linus Torvalds torvalds@linux-foundation.org 2025-07-31T16:45:28+00:00 urn:sha1:44a8c96edd0ee9320a1ad87afc7b10f38e55d5ec Pull crypto update from Herbert Xu: "API: - Allow hash drivers without fallbacks (e.g., hardware key) Algorithms: - Add hmac hardware key support (phmac) on s390 - Re-enable sha384 in FIPS mode - Disable sha1 in FIPS mode - Convert zstd to acomp Drivers: - Lower priority of qat skcipher and aead - Convert aspeed to partial block API - Add iMX8QXP support in caam - Add rate limiting support for GEN6 devices in qat - Enable telemetry for GEN6 devices in qat - Implement full backlog mode for hisilicon/sec2" * tag 'v6.17-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (116 commits) crypto: keembay - Use min() to simplify ocs_create_linked_list_from_sg() crypto: hisilicon/hpre - fix dma unmap sequence crypto: qat - make adf_dev_autoreset() static crypto: ccp - reduce stack usage in ccp_run_aes_gcm_cmd crypto: qat - refactor ring-related debug functions crypto: qat - fix seq_file position update in adf_ring_next() crypto: qat - fix DMA direction for compression on GEN2 devices crypto: jitter - replace ARRAY_SIZE definition with header include crypto: engine - remove {prepare,unprepare}_crypt_hardware callbacks crypto: engine - remove request batching support crypto: qat - flush misc workqueue during device shutdown crypto: qat - enable rate limiting feature for GEN6 devices crypto: qat - add compression slice count for rate limiting crypto: qat - add get_svc_slice_cnt() in device data structure crypto: qat - add adf_rl_get_num_svc_aes() in rate limiting crypto: qat - relocate service related functions crypto: qat - consolidate service enums crypto: qat - add decompression service for rate limiting crypto: qat - validate service in rate limiting sysfs api crypto: hisilicon/sec2 - implement full backlog mode for sec ... 2025-06-17T00:37:49+00:00 Subbaraya Sundeep sbhatta@marvell.com 2025-06-11T11:01:51+00:00 urn:sha1:25d51ebf0f54f9c2424f28bb29125cf24f120df0 Number of RVU PFs on CN20K silicon have increased to 96 from maximum of 32 that were supported on earlier silicons. Every RVU PF and VF is identified by HW using a 16bit PF_FUNC value. Due to the change in Max number of PFs in CN20K, the bit encoding of this PF_FUNC has changed. This patch handles the change by using helper functions(using silicon check) to use PF,VF masks and shifts to support both new silicon CN20K, OcteonTx series. These helper functions are used in different modules. Also moved the NIX AF register offset macros to other files which will be posted in coming patches. Signed-off-by: Subbaraya Sundeep <sbhatta@marvell.com> Signed-off-by: Sai Krishna <saikrishnag@marvell.com> Signed-off-by: Sunil Kovvuri Goutham <sgoutham@marvell.com> Link: https://patch.msgid.link/1749639716-13868-2-git-send-email-sbhatta@marvell.com Signed-off-by: Jakub Kicinski <kuba@kernel.org> 2025-06-13T09:26:17+00:00 Amit Singh Tomar amitsinght@marvell.com 2025-05-28T14:59:41+00:00 urn:sha1:1b9209d57ac3c3e779d68da907505175b6b058b0 Cryptographic Accelerator Unit (CPT) support different engine groups, one for asymmetric algorithms (only AE engines in this group), one for the most common symmetric algorithms (all SE and all IE engines in this group), and one for other symmetric algorithms (only SE engines in this group). For symmetric engine (SE), we obtain the group number using "MBOX_MSG_GET_ENG_GRP_NUM" mailbox. Let's follow a similar approach to determine the group number for asymmetric engine (AE). Signed-off-by: Amit Singh Tomar <amitsinght@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-06-13T09:26:16+00:00 Amit Singh Tomar amitsinght@marvell.com 2025-05-28T14:59:40+00:00 urn:sha1:fbfe4f47d931dc36fccec66546599663e08f4943 By default, otx2_cpt_get_kcrypto_eng_grp_num() returns the engine group number of SE engine type. Add an engine type parameter to support retrieving the engine group number for different engine types. Since otx2_cpt_get_kcrypto_eng_grp_num() always returns the kernel crypto engine group number, rename it to otx2_cpt_get_eng_grp_num(). Signed-off-by: Amit Singh Tomar <amitsinght@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-06-13T09:26:16+00:00 Herbert Xu herbert@gondor.apana.org.au 2025-05-22T12:41:28+00:00 urn:sha1:442134ab30e75b7229c4bfc1ac5641d245cffe27 If an error occurs during queueing the engine load will never be decremented. Fix this by moving the engine load adjustment into the cleanup function. Fixes: bf8f91e71192 ("crypto: marvell - Add load balancing between engines") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-06-13T09:26:16+00:00 Bharat Bhushan bbhushan2@marvell.com 2025-05-22T10:06:27+00:00 urn:sha1:a091a58b8a1eba2f243b0c05bcc82bdc2a4a338d octeontx2 crypto driver allocates memory using kmalloc/kzalloc, and uses this memory for dma (does dma_map_single()). It assumes that kmalloc/kzalloc will return 128-byte aligned address. But kmalloc/kzalloc returns 8-byte aligned address after below changes: "9382bc44b5f5 arm64: allow kmalloc() caches aligned to the smaller cache_line_size() Memory allocated are used for following purpose: - Input data or scatter list address - 8-Byte alignment - Output data or gather list address - 8-Byte alignment - Completion address - 32-Byte alignment. This patch ensures all addresses are aligned as mentioned above. Signed-off-by: Bharat Bhushan <bbhushan2@marvell.com> Cc: <stable@vger.kernel.org> # v6.8+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2025-06-13T09:26:16+00:00 Bharat Bhushan bbhushan2@marvell.com 2025-05-22T10:06:26+00:00 urn:sha1:2e13163b43e6bb861182ea999a80dd1d893c0cbf octeontx2 crypto driver allocates memory using kmalloc/kzalloc, and uses this memory for dma (does dma_map_single()). It assumes that kmalloc/kzalloc will return 128-byte aligned address. But kmalloc/kzalloc returns 8-byte aligned address after below changes: "9382bc44b5f5 arm64: allow kmalloc() caches aligned to the smaller cache_line_size() Memory allocated are used for following purpose: - Input data or scatter list address - 8-Byte alignment - Output data or gather list address - 8-Byte alignment - Completion address - 32-Byte alignment. This patch ensures all addresses are aligned as mentioned above. Signed-off-by: Bharat Bhushan <bbhushan2@marvell.com> Cc: <stable@vger.kernel.org> # v6.5+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>