linux.git/crypto/api.c, branch v7.2-rc1 Linux kernel source tree crypto: api - Fold crypto_alloc_tfmmem() into crypto_create_tfm_node() 2026-05-29T00:45:46+00:00 Eric Biggers ebiggers@kernel.org 2026-05-22T05:30:28+00:00 0200de9d75b15babaa608819b797400198b5b4fc Fold crypto_alloc_tfmmem() into its only remaining caller, crypto_create_tfm_node(). Previously crypto_alloc_tfmmem() was called by crypto_clone_tfm(), but crypto_clone_tfm() was removed. This rolls back the refactoring that was done in commit 3c3a24cb0ae4 ("crypto: api - Add crypto_clone_tfm"). Signed-off-by: Eric Biggers <ebiggers@kernel.org> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Link: https://patch.msgid.link/20260522053028.91165-7-ebiggers@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org> 
Fold crypto_alloc_tfmmem() into its only remaining caller,
crypto_create_tfm_node().  Previously crypto_alloc_tfmmem() was called
by crypto_clone_tfm(), but crypto_clone_tfm() was removed.

This rolls back the refactoring that was done in commit 3c3a24cb0ae4
("crypto: api - Add crypto_clone_tfm").

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Link: https://patch.msgid.link/20260522053028.91165-7-ebiggers@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
crypto: api - Fold __crypto_alloc_tfmgfp() into __crypto_alloc_tfm() 2026-05-29T00:45:46+00:00 Eric Biggers ebiggers@kernel.org 2026-05-22T05:30:27+00:00 9d58d14e3a18a966988f4a9afe5a72c02eec4c20 This reverts commit fa3b3565f3ac ("crypto: api - Add __crypto_alloc_tfmgfp"). Fold __crypto_alloc_tfmgfp() into its only remaining caller, __crypto_alloc_tfm(). Previously __crypto_alloc_tfmgfp() was called by crypto_clone_cipher(), but crypto_clone_cipher() was removed. Signed-off-by: Eric Biggers <ebiggers@kernel.org> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Link: https://patch.msgid.link/20260522053028.91165-6-ebiggers@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org> 
This reverts commit fa3b3565f3ac ("crypto: api - Add
__crypto_alloc_tfmgfp").

Fold __crypto_alloc_tfmgfp() into its only remaining caller,
__crypto_alloc_tfm().  Previously __crypto_alloc_tfmgfp() was called by
crypto_clone_cipher(), but crypto_clone_cipher() was removed.

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Link: https://patch.msgid.link/20260522053028.91165-6-ebiggers@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
crypto: api - Remove per-tfm refcount 2026-05-29T00:45:46+00:00 Eric Biggers ebiggers@kernel.org 2026-05-22T05:30:26+00:00 3065170bfc7f256f9d1339062dae331f731c6763 This reverts commit ae131f4970f0 ("crypto: api - Add crypto_tfm_get"). The refcount in struct crypto_tfm was added solely to support crypto_clone_tfm(). Before then it was a simple non-refcounted object. Since crypto_clone_tfm() has been removed, remove the refcount as well. Note that this eliminates an expensive atomic operation from every tfm freeing operation. So this revert doesn't just remove unused code, but it also fixes a performance regression. Signed-off-by: Eric Biggers <ebiggers@kernel.org> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Link: https://patch.msgid.link/20260522053028.91165-5-ebiggers@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org> 
This reverts commit ae131f4970f0 ("crypto: api - Add crypto_tfm_get").

The refcount in struct crypto_tfm was added solely to support
crypto_clone_tfm().  Before then it was a simple non-refcounted object.

Since crypto_clone_tfm() has been removed, remove the refcount as well.

Note that this eliminates an expensive atomic operation from every tfm
freeing operation.  So this revert doesn't just remove unused code, but
it also fixes a performance regression.

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Link: https://patch.msgid.link/20260522053028.91165-5-ebiggers@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
crypto: api - Remove crypto_clone_tfm() 2026-05-29T00:45:46+00:00 Eric Biggers ebiggers@kernel.org 2026-05-22T05:30:25+00:00 590a46c68a7b0f9ebbd0248a5a00c472f249c204 Since all callers of crypto_clone_tfm() have been removed, remove it. Note that no tests need to be removed, as this function had no tests. Reviewed-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Link: https://patch.msgid.link/20260522053028.91165-4-ebiggers@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org> 
Since all callers of crypto_clone_tfm() have been removed, remove it.

Note that no tests need to be removed, as this function had no tests.

Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Link: https://patch.msgid.link/20260522053028.91165-4-ebiggers@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-22T01:09:51+00:00 Linus Torvalds torvalds@linux-foundation.org 2026-02-22T00:37:42+00:00 bf4afc53b77aeaa48b5409da5c8da6bb4eff7f43 This was done entirely with mindless brute force, using git grep -l '\<k[vmz]*alloc_objs*(.*, GFP_KERNEL)' | xargs sed -i 's/\(alloc_objs*(.*\), GFP_KERNEL)/\1)/' to convert the new alloc_obj() users that had a simple GFP_KERNEL argument to just drop that argument. Note that due to the extreme simplicity of the scripting, any slightly more complex cases spread over multiple lines would not be triggered: they definitely exist, but this covers the vast bulk of the cases, and the resulting diff is also then easier to check automatically. For the same reason the 'flex' versions will be done as a separate conversion. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
This was done entirely with mindless brute force, using

    git grep -l '\<k[vmz]*alloc_objs*(.*, GFP_KERNEL)' |
        xargs sed -i 's/\(alloc_objs*(.*\), GFP_KERNEL)/\1)/'

to convert the new alloc_obj() users that had a simple GFP_KERNEL
argument to just drop that argument.

Note that due to the extreme simplicity of the scripting, any slightly
more complex cases spread over multiple lines would not be triggered:
they definitely exist, but this covers the vast bulk of the cases, and
the resulting diff is also then easier to check automatically.

For the same reason the 'flex' versions will be done as a separate
conversion.

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21T09:02:28+00:00 Kees Cook kees@kernel.org 2026-02-21T07:49:23+00:00 69050f8d6d075dc01af7a5f2f550a8067510366f This is the result of running the Coccinelle script from scripts/coccinelle/api/kmalloc_objs.cocci. The script is designed to avoid scalar types (which need careful case-by-case checking), and instead replace kmalloc-family calls that allocate struct or union object instances: Single allocations: kmalloc(sizeof(TYPE), ...) are replaced with: kmalloc_obj(TYPE, ...) Array allocations: kmalloc_array(COUNT, sizeof(TYPE), ...) are replaced with: kmalloc_objs(TYPE, COUNT, ...) Flex array allocations: kmalloc(struct_size(PTR, FAM, COUNT), ...) are replaced with: kmalloc_flex(*PTR, FAM, COUNT, ...) (where TYPE may also be *VAR) The resulting allocations no longer return "void *", instead returning "TYPE *". Signed-off-by: Kees Cook <kees@kernel.org> 
This is the result of running the Coccinelle script from
scripts/coccinelle/api/kmalloc_objs.cocci. The script is designed to
avoid scalar types (which need careful case-by-case checking), and
instead replace kmalloc-family calls that allocate struct or union
object instances:

Single allocations:	kmalloc(sizeof(TYPE), ...)
are replaced with:	kmalloc_obj(TYPE, ...)

Array allocations:	kmalloc_array(COUNT, sizeof(TYPE), ...)
are replaced with:	kmalloc_objs(TYPE, COUNT, ...)

Flex array allocations:	kmalloc(struct_size(PTR, FAM, COUNT), ...)
are replaced with:	kmalloc_flex(*PTR, FAM, COUNT, ...)

(where TYPE may also be *VAR)

The resulting allocations no longer return "void *", instead returning
"TYPE *".

Signed-off-by: Kees Cook <kees@kernel.org>
crypto: Enable context analysis 2026-01-05T15:43:36+00:00 Marco Elver elver@google.com 2025-12-19T15:40:24+00:00 dc36d55d4e7259ff0f91a154744125ccc2228171 Enable context analysis for crypto subsystem. This demonstrates a larger conversion to use Clang's context analysis. The benefit is additional static checking of locking rules, along with better documentation. Note the use of the __acquire_ret macro how to define an API where a function returns a pointer to an object (struct scomp_scratch) with a lock held. Additionally, the analysis only resolves aliases where the analysis unambiguously sees that a variable was not reassigned after initialization, requiring minor code changes. Signed-off-by: Marco Elver <elver@google.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Link: https://patch.msgid.link/20251219154418.3592607-36-elver@google.com 
Enable context analysis for crypto subsystem.

This demonstrates a larger conversion to use Clang's context
analysis. The benefit is additional static checking of locking rules,
along with better documentation.

Note the use of the __acquire_ret macro how to define an API where a
function returns a pointer to an object (struct scomp_scratch) with a
lock held. Additionally, the analysis only resolves aliases where the
analysis unambiguously sees that a variable was not reassigned after
initialization, requiring minor code changes.

Signed-off-by: Marco Elver <elver@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://patch.msgid.link/20251219154418.3592607-36-elver@google.com
crypto: api - Redo lookup on EEXIST 2025-05-23T11:25:47+00:00 Herbert Xu herbert@gondor.apana.org.au 2025-05-19T10:29:38+00:00 0a3cf32da469ff1df6e016f5f82b439a63d14461 When two crypto algorithm lookups occur at the same time with different names for the same algorithm, e.g., ctr(aes-generic) and ctr(aes), they will both be instantiated. However, only one of them can be registered. The second instantiation will fail with EEXIST. Avoid failing the second lookup by making it retry, but only once because there are tricky names such as gcm_base(ctr(aes),ghash) that will always fail, despite triggering instantiation and EEXIST. Reported-by: Ingo Franzki <ifranzki@linux.ibm.com> Fixes: 2825982d9d66 ("[CRYPTO] api: Added event notification") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
When two crypto algorithm lookups occur at the same time with
different names for the same algorithm, e.g., ctr(aes-generic)
and ctr(aes), they will both be instantiated.  However, only one
of them can be registered.  The second instantiation will fail
with EEXIST.

Avoid failing the second lookup by making it retry, but only once
because there are tricky names such as gcm_base(ctr(aes),ghash)
that will always fail, despite triggering instantiation and EEXIST.

Reported-by: Ingo Franzki <ifranzki@linux.ibm.com>
Fixes: 2825982d9d66 ("[CRYPTO] api: Added event notification")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS 2025-05-12T05:33:14+00:00 Eric Biggers ebiggers@google.com 2025-05-05T20:33:41+00:00 40b9969796bfa49ed1b0f7ddc254f48cb2ac6d2c The negative-sense of CRYPTO_MANAGER_DISABLE_TESTS is a longstanding mistake that regularly causes confusion. Especially bad is that you can have CRYPTO=n && CRYPTO_MANAGER_DISABLE_TESTS=n, which is ambiguous. Replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS which has the expected behavior. The tests continue to be disabled by default. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The negative-sense of CRYPTO_MANAGER_DISABLE_TESTS is a longstanding
mistake that regularly causes confusion.  Especially bad is that you can
have CRYPTO=n && CRYPTO_MANAGER_DISABLE_TESTS=n, which is ambiguous.

Replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS which has the
expected behavior.

The tests continue to be disabled by default.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: hash - Fix clone error handling 2025-04-28T11:40:54+00:00 Herbert Xu herbert@gondor.apana.org.au 2025-04-23T09:22:31+00:00 2cfe41630a1a4f24d46825aa9656a51a38fb7f7d Do not copy the exit function in crypto_clone_tfm as it should only be set after init_tfm or clone_tfm has succeeded. Move the setting into crypto_clone_ahash and crypto_clone_shash instead. Also clone the fb if necessary. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Do not copy the exit function in crypto_clone_tfm as it should
only be set after init_tfm or clone_tfm has succeeded.

Move the setting into crypto_clone_ahash and crypto_clone_shash
instead.

Also clone the fb if necessary.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>