Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b71acb0e authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 

Pull crypto updates from Herbert Xu:
 "API:
   - Add 1472-byte test to tcrypt for IPsec
   - Reintroduced crypto stats interface with numerous changes
   - Support incremental algorithm dumps

  Algorithms:
   - Add xchacha12/20
   - Add nhpoly1305
   - Add adiantum
   - Add streebog hash
   - Mark cts(cbc(aes)) as FIPS allowed

  Drivers:
   - Improve performance of arm64/chacha20
   - Improve performance of x86/chacha20
   - Add NEON-accelerated nhpoly1305
   - Add SSE2 accelerated nhpoly1305
   - Add AVX2 accelerated nhpoly1305
   - Add support for 192/256-bit keys in gcmaes AVX
   - Add SG support in gcmaes AVX
   - ESN for inline IPsec tx in chcr
   - Add support for CryptoCell 703 in ccree
   - Add support for CryptoCell 713 in ccree
   - Add SM4 support in ccree
   - Add SM3 support in ccree
   - Add support for chacha20 in caam/qi2
   - Add support for chacha20 + poly1305 in caam/jr
   - Add support for chacha20 + poly1305 in caam/qi2
   - Add AEAD cipher support in cavium/nitrox"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (130 commits)
  crypto: skcipher - remove remnants of internal IV generators
  crypto: cavium/nitrox - Fix build with !CONFIG_DEBUG_FS
  crypto: salsa20-generic - don't unnecessarily use atomic walk
  crypto: skcipher - add might_sleep() to skcipher_walk_virt()
  crypto: x86/chacha - avoid sleeping under kernel_fpu_begin()
  crypto: cavium/nitrox - Added AEAD cipher support
  crypto: mxc-scc - fix build warnings on ARM64
  crypto: api - document missing stats member
  crypto: user - remove unused dump functions
  crypto: chelsio - Fix wrong error counter increments
  crypto: chelsio - Reset counters on cxgb4 Detach
  crypto: chelsio - Handle PCI shutdown event
  crypto: chelsio - cleanup:send addr as value in function argument
  crypto: chelsio - Use same value for both channel in single WR
  crypto: chelsio - Swap location of AAD and IV sent in WR
  crypto: chelsio - remove set but not used variable 'kctx_len'
  crypto: ux500 - Use proper enum in hash_set_dma_transfer
  crypto: ux500 - Use proper enum in cryp_set_dma_transfer
  crypto: aesni - Add scatter/gather avx stubs, and use them in C
  crypto: aesni - Introduce partial block macro
  ..
parents e0c38a4d c79b411e

Documentation/crypto/api.rst

+0 −9
Original line number Diff line number Diff line 
Programming Interface

=====================



Please note that the kernel crypto API contains the AEAD givcrypt API

(crypto_aead_giv\* and aead_givcrypt\* function calls in

include/crypto/aead.h). This API is obsolete and will be removed in the

future. To obtain the functionality of an AEAD cipher with internal IV

generation, use the IV generator as a regular cipher. For example,

rfc4106(gcm(aes)) is the AEAD cipher with external IV generation and

seqniv(rfc4106(gcm(aes))) implies that the kernel crypto API generates

the IV. Different IV generators are available.



.. class:: toc-title



	   Table of contents

Documentation/crypto/architecture.rst

+5 −26
Original line number Diff line number Diff line
@@ -157,10 +157,6 @@ applicable to a cipher, it is not displayed: 


   -  rng for random number generator



   -  givcipher for cipher with associated IV generator (see the geniv

      entry below for the specification of the IV generator type used by

      the cipher implementation)



   -  kpp for a Key-agreement Protocol Primitive (KPP) cipher such as

      an ECDH or DH implementation
@@ -174,16 +170,7 @@ applicable to a cipher, it is not displayed: 


-  digestsize: output size of the message digest



-  geniv: IV generation type:



   -  eseqiv for encrypted sequence number based IV generation



   -  seqiv for sequence number based IV generation



   -  chainiv for chain iv generation



   -  <builtin> is a marker that the cipher implements IV generation and

      handling as it is specific to the given cipher

-  geniv: IV generator (obsolete)



Key Sizes

---------
@@ -218,10 +205,6 @@ the aforementioned cipher types: 


-  CRYPTO_ALG_TYPE_ABLKCIPHER Asynchronous multi-block cipher



-  CRYPTO_ALG_TYPE_GIVCIPHER Asynchronous multi-block cipher packed

   together with an IV generator (see geniv field in the /proc/crypto

   listing for the known IV generators)



-  CRYPTO_ALG_TYPE_KPP Key-agreement Protocol Primitive (KPP) such as

   an ECDH or DH implementation
@@ -338,18 +321,14 @@ uses the API applicable to the cipher type specified for the block. 


The following call sequence is applicable when the IPSEC layer triggers

an encryption operation with the esp_output function. During

configuration, the administrator set up the use of rfc4106(gcm(aes)) as

the cipher for ESP. The following call sequence is now depicted in the

ASCII art above:

configuration, the administrator set up the use of seqiv(rfc4106(gcm(aes)))

as the cipher for ESP. The following call sequence is now depicted in

the ASCII art above:



1. esp_output() invokes crypto_aead_encrypt() to trigger an

   encryption operation of the AEAD cipher with IV generator.



   In case of GCM, the SEQIV implementation is registered as GIVCIPHER

   in crypto_rfc4106_alloc().



   The SEQIV performs its operation to generate an IV where the core

   function is seqiv_geniv().

   The SEQIV generates the IV.



2. Now, SEQIV uses the AEAD API function calls to invoke the associated

   AEAD cipher. In our case, during the instantiation of SEQIV, the

Documentation/devicetree/bindings/crypto/arm-cryptocell.txt

+6 −2
Original line number Diff line number Diff line 
Arm TrustZone CryptoCell cryptographic engine



Required properties:

- compatible: Should be one of: "arm,cryptocell-712-ree",

  "arm,cryptocell-710-ree" or "arm,cryptocell-630p-ree".

- compatible: Should be one of -

   "arm,cryptocell-713-ree"

   "arm,cryptocell-703-ree"

   "arm,cryptocell-712-ree"

   "arm,cryptocell-710-ree"

   "arm,cryptocell-630p-ree"

- reg: Base physical address of the engine and length of memory mapped region.

- interrupts: Interrupt number for the device.

Documentation/devicetree/bindings/crypto/fsl-dcp.txt

+2 −0
Original line number Diff line number Diff line
@@ -6,6 +6,8 @@ Required properties: 
- interrupts : Should contain MXS DCP interrupt numbers, VMI IRQ and DCP IRQ

               must be supplied, optionally Secure IRQ can be present, but

	       is currently not implemented and not used.

- clocks : Clock reference (only required on some SOCs: 6ull and 6sll).

- clock-names : Must be "dcp".



Example:

MAINTAINERS

+7 −2
Original line number Diff line number Diff line
@@ -3484,6 +3484,7 @@ F: include/linux/spi/cc2520.h 
F:	Documentation/devicetree/bindings/net/ieee802154/cc2520.txt



CCREE ARM TRUSTZONE CRYPTOCELL REE DRIVER

M:	Yael Chemla <yael.chemla@foss.arm.com>

M:	Gilad Ben-Yossef <gilad@benyossef.com>

L:	linux-crypto@vger.kernel.org

S:	Supported
@@ -7147,7 +7148,9 @@ F: crypto/842.c 
F:	lib/842/



IBM Power in-Nest Crypto Acceleration

M:	Paulo Flabiano Smorigo <pfsmorigo@linux.ibm.com>

M:	Breno Leitão <leitao@debian.org>

M:	Nayna Jain <nayna@linux.ibm.com>

M:	Paulo Flabiano Smorigo <pfsmorigo@gmail.com>

L:	linux-crypto@vger.kernel.org

S:	Supported

F:	drivers/crypto/nx/Makefile
@@ -7211,7 +7214,9 @@ S: Supported 
F:	drivers/scsi/ibmvscsi_tgt/



IBM Power VMX Cryptographic instructions

M:	Paulo Flabiano Smorigo <pfsmorigo@linux.ibm.com>

M:	Breno Leitão <leitao@debian.org>

M:	Nayna Jain <nayna@linux.ibm.com>

M:	Paulo Flabiano Smorigo <pfsmorigo@gmail.com>

L:	linux-crypto@vger.kernel.org

S:	Supported

F:	drivers/crypto/vmx/Makefile