Merge tag 'v6.18-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Pull crypto fixes from Herbert Xu:

- Fix zstd regression

- Ensure ti driver algorithm are set as async

- Revert patch disabling SHA1 in FIPS mode

- Fix RNG set_ent null-pointer dereference

* tag 'v6.18-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: rng - Ensure set_ent is always present
Revert "crypto: testmgr - desupport SHA-1 for FIPS 140"
crypto: ti - Add CRYPTO_ALG_ASYNC flag to DTHEv2 AES algos
crypto: zstd - Fix compression bug caused by truncation

Linus Torvalds 6 months ago 7c8dcac8 0d97f206

+16 -1

4 changed files

expand all

crypto

rng.c

testmgr.c

zstd.c

drivers

crypto

dthev2-aes.c

crypto/rng.c

··· 168 168 EXPORT_SYMBOL_GPL(crypto_del_default_rng); 169 169 #endif 170 170 171 + static void rng_default_set_ent(struct crypto_rng *tfm, const u8 *data, 172 + unsigned int len) 173 + { 174 + } 175 + 171 176 int crypto_register_rng(struct rng_alg *alg) 172 177 { 173 178 struct crypto_alg *base = &alg->base; ··· 183 178 base->cra_type = &crypto_rng_type; 184 179 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; 185 180 base->cra_flags |= CRYPTO_ALG_TYPE_RNG; 181 + 182 + if (!alg->set_ent) 183 + alg->set_ent = rng_default_set_ent; 186 184 187 185 return crypto_register_alg(base); 188 186 }

crypto/testmgr.c

··· 4187 4187 .alg = "authenc(hmac(sha1),cbc(aes))", 4188 4188 .generic_driver = "authenc(hmac-sha1-lib,cbc(aes-generic))", 4189 4189 .test = alg_test_aead, 4190 + .fips_allowed = 1, 4190 4191 .suite = { 4191 4192 .aead = __VECS(hmac_sha1_aes_cbc_tv_temp) 4192 4193 } ··· 4208 4207 }, { 4209 4208 .alg = "authenc(hmac(sha1),ctr(aes))", 4210 4209 .test = alg_test_null, 4210 + .fips_allowed = 1, 4211 4211 }, { 4212 4212 .alg = "authenc(hmac(sha1),ecb(cipher_null))", 4213 4213 .generic_driver = "authenc(hmac-sha1-lib,ecb-cipher_null)", ··· 4219 4217 }, { 4220 4218 .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))", 4221 4219 .test = alg_test_null, 4220 + .fips_allowed = 1, 4222 4221 }, { 4223 4222 .alg = "authenc(hmac(sha224),cbc(des))", 4224 4223 .generic_driver = "authenc(hmac-sha224-lib,cbc(des-generic))", ··· 5078 5075 .alg = "hmac(sha1)", 5079 5076 .generic_driver = "hmac-sha1-lib", 5080 5077 .test = alg_test_hash, 5078 + .fips_allowed = 1, 5081 5079 .suite = { 5082 5080 .hash = __VECS(hmac_sha1_tv_template) 5083 5081 } ··· 5452 5448 .alg = "sha1", 5453 5449 .generic_driver = "sha1-lib", 5454 5450 .test = alg_test_hash, 5451 + .fips_allowed = 1, 5455 5452 .suite = { 5456 5453 .hash = __VECS(sha1_tv_template) 5457 5454 }

+1 -1

crypto/zstd.c

··· 83 83 static int zstd_compress_one(struct acomp_req *req, struct zstd_ctx *ctx, 84 84 const void *src, void *dst, unsigned int *dlen) 85 85 { 86 - unsigned int out_len; 86 + size_t out_len; 87 87 88 88 ctx->cctx = zstd_init_cctx(ctx->wksp, ctx->wksp_size); 89 89 if (!ctx->cctx)

drivers/crypto/ti/dthev2-aes.c

··· 367 367 .cra_driver_name = "ecb-aes-dthev2", 368 368 .cra_priority = 299, 369 369 .cra_flags = CRYPTO_ALG_TYPE_SKCIPHER | 370 + CRYPTO_ALG_ASYNC | 370 371 CRYPTO_ALG_KERN_DRIVER_ONLY, 371 372 .cra_alignmask = AES_BLOCK_SIZE - 1, 372 373 .cra_blocksize = AES_BLOCK_SIZE, ··· 390 389 .cra_driver_name = "cbc-aes-dthev2", 391 390 .cra_priority = 299, 392 391 .cra_flags = CRYPTO_ALG_TYPE_SKCIPHER | 392 + CRYPTO_ALG_ASYNC | 393 393 CRYPTO_ALG_KERN_DRIVER_ONLY, 394 394 .cra_alignmask = AES_BLOCK_SIZE - 1, 395 395 .cra_blocksize = AES_BLOCK_SIZE,