Revision tags: v4.20-rc5, v4.20-rc4 |
|
#
cee7a36e |
| 20-Nov-2018 |
Martin Willi <martin@strongswan.org> |
crypto: x86/chacha20 - Add a 8-block AVX-512VL variant
This variant is similar to the AVX2 version, but benefits from the AVX-512 rotate instructions and the additional registers, so it can operate
crypto: x86/chacha20 - Add a 8-block AVX-512VL variant
This variant is similar to the AVX2 version, but benefits from the AVX-512 rotate instructions and the additional registers, so it can operate without any data on the stack. It uses ymm registers only to avoid the massive core throttling on Skylake-X platforms. Nontheless does it bring a ~30% speed improvement compared to the AVX2 variant for random encryption lengths.
The AVX2 version uses "rep movsb" for partial block XORing via the stack. With AVX-512, the new "vmovdqu8" can do this much more efficiently. The associated "kmov" instructions to work with dynamic masks is not part of the AVX-512VL instruction set, hence we depend on AVX-512BW as well. Given that the major AVX-512VL architectures provide AVX-512BW and this extension does not affect core clocking, this seems to be no problem at least for now.
Signed-off-by: Martin Willi <martin@strongswan.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
show more ...
|
#
2ac5e38e |
| 20-Nov-2018 |
Jani Nikula <jani.nikula@intel.com> |
Merge drm/drm-next into drm-intel-next-queued
Pull in v4.20-rc3 via drm-next.
Signed-off-by: Jani Nikula <jani.nikula@intel.com>
|
Revision tags: v4.20-rc3 |
|
#
0ea0397a |
| 13-Nov-2018 |
Maarten Lankhorst <maarten.lankhorst@linux.intel.com> |
Merge remote-tracking branch 'drm/drm-next' into drm-misc-next
drm-next is forwarded to v4.20-rc1, and we need this to make a patch series apply.
Signed-off-by: Maarten Lankhorst <maarten.lankhorst
Merge remote-tracking branch 'drm/drm-next' into drm-misc-next
drm-next is forwarded to v4.20-rc1, and we need this to make a patch series apply.
Signed-off-by: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
show more ...
|
#
26b76320 |
| 12-Nov-2018 |
James Morris <james.morris@microsoft.com> |
Merge tag 'v4.20-rc2' into next-general
Sync to Linux 4.20-rc2 for downstream developers.
|
Revision tags: v4.20-rc2 |
|
#
07fa3fa2 |
| 08-Nov-2018 |
Tony Lindgren <tony@atomide.com> |
Merge tag 'v4.20-rc1' into omap-for-v4.21/dt-ti-sysc
Linux 4.20-rc1
|
#
91e43395 |
| 08-Nov-2018 |
Tony Lindgren <tony@atomide.com> |
Merge branch 'fixes-dts' into omap-for-v4.20/fixes
|
#
0c724420 |
| 06-Nov-2018 |
Jiri Kosina <jkosina@suse.cz> |
Merge branch 'master' into for-4.20/upstream-fixes
Pull in a merge commit that brought in 3b692c55e58d ("HID: asus: only support backlight when it's not driven by WMI") so that fixup could be applie
Merge branch 'master' into for-4.20/upstream-fixes
Pull in a merge commit that brought in 3b692c55e58d ("HID: asus: only support backlight when it's not driven by WMI") so that fixup could be applied on top of it.
show more ...
|
Revision tags: v4.20-rc1 |
|
#
f0718d79 |
| 29-Oct-2018 |
Ingo Molnar <mingo@kernel.org> |
Merge branch 'linus' into perf/urgent, to pick up fixes
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
#
97ec37c5 |
| 29-Oct-2018 |
Ingo Molnar <mingo@kernel.org> |
Merge branch 'linus' into x86/urgent, to refresh the tree
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
#
62606c22 |
| 26-Oct-2018 |
Linus Torvalds <torvalds@linux-foundation.org> |
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu: "API: - Remove VLA usage - Add cryptostat user-space interface
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu: "API: - Remove VLA usage - Add cryptostat user-space interface - Add notifier for new crypto algorithms
Algorithms: - Add OFB mode - Remove speck
Drivers: - Remove x86/sha*-mb as they are buggy - Remove pcbc(aes) from x86/aesni - Improve performance of arm/ghash-ce by up to 85% - Implement CTS-CBC in arm64/aes-blk, faster by up to 50% - Remove PMULL based arm64/crc32 driver - Use PMULL in arm64/crct10dif - Add aes-ctr support in s5p-sss - Add caam/qi2 driver
Others: - Pick better transform if one becomes available in crc-t10dif"
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (124 commits) crypto: chelsio - Update ntx queue received from cxgb4 crypto: ccree - avoid implicit enum conversion crypto: caam - add SPDX license identifier to all files crypto: caam/qi - simplify CGR allocation, freeing crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static crypto: arm64/aes-blk - ensure XTS mask is always loaded crypto: testmgr - fix sizeof() on COMP_BUF_SIZE crypto: chtls - remove set but not used variable 'csk' crypto: axis - fix platform_no_drv_owner.cocci warnings crypto: x86/aes-ni - fix build error following fpu template removal crypto: arm64/aes - fix handling sub-block CTS-CBC inputs crypto: caam/qi2 - avoid double export crypto: mxs-dcp - Fix AES issues crypto: mxs-dcp - Fix SHA null hashes and output length crypto: mxs-dcp - Implement sha import/export crypto: aegis/generic - fix for big endian systems crypto: morus/generic - fix for big endian systems crypto: lrw - fix rebase error after out of bounds fix crypto: cavium/nitrox - use pci_alloc_irq_vectors() while enabling MSI-X. crypto: cavium/nitrox - NITROX command queue changes. ...
show more ...
|
Revision tags: v4.19, v4.19-rc8, v4.19-rc7, v4.19-rc6 |
|
#
944585a6 |
| 24-Sep-2018 |
Ard Biesheuvel <ard.biesheuvel@linaro.org> |
crypto: x86/aes-ni - remove special handling of AES in PCBC mode
For historical reasons, the AES-NI based implementation of the PCBC chaining mode uses a special FPU chaining mode wrapper template t
crypto: x86/aes-ni - remove special handling of AES in PCBC mode
For historical reasons, the AES-NI based implementation of the PCBC chaining mode uses a special FPU chaining mode wrapper template to amortize the FPU start/stop overhead over multiple blocks.
When this FPU wrapper was introduced, it supported widely used chaining modes such as XTS and CTR (as well as LRW), but currently, PCBC is the only remaining user.
Since there are no known users of pcbc(aes) in the kernel, let's remove this special driver, and rely on the generic pcbc driver to encapsulate the AES-NI core cipher.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
show more ...
|
Revision tags: v4.19-rc5, v4.19-rc4, v4.19-rc3, v4.19-rc2, v4.19-rc1 |
|
#
ab8085c1 |
| 22-Aug-2018 |
Ard Biesheuvel <ard.biesheuvel@linaro.org> |
crypto: x86 - remove SHA multibuffer routines and mcryptd
As it turns out, the AVX2 multibuffer SHA routines are currently broken [0], in a way that would have likely been noticed if this code were
crypto: x86 - remove SHA multibuffer routines and mcryptd
As it turns out, the AVX2 multibuffer SHA routines are currently broken [0], in a way that would have likely been noticed if this code were in wide use. Since the code is too complicated to be maintained by anyone except the original authors, and since the performance benefits for real-world use cases are debatable to begin with, it is better to drop it entirely for the moment.
[0] https://marc.info/?l=linux-crypto-vger&m=153476243825350&w=2
Suggested-by: Eric Biggers <ebiggers@google.com> Cc: Megha Dey <megha.dey@linux.intel.com> Cc: Tim Chen <tim.c.chen@linux.intel.com> Cc: Geert Uytterhoeven <geert@linux-m68k.org> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: Heiko Carstens <heiko.carstens@de.ibm.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@redhat.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
show more ...
|
Revision tags: v4.18, v4.18-rc8, v4.18-rc7 |
|
#
c74a7469 |
| 23-Jul-2018 |
Rodrigo Vivi <rodrigo.vivi@intel.com> |
Merge drm/drm-next into drm-intel-next-queued
We need a backmerge to get DP_DPCD_REV_14 before we push other i915 changes to dinq that could break compilation.
Signed-off-by: Rodrigo Vivi <rodrigo.
Merge drm/drm-next into drm-intel-next-queued
We need a backmerge to get DP_DPCD_REV_14 before we push other i915 changes to dinq that could break compilation.
Signed-off-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
show more ...
|
Revision tags: v4.18-rc6, v4.18-rc5, v4.18-rc4, v4.18-rc3 |
|
#
6b16f5d1 |
| 28-Jun-2018 |
Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com> |
Merge tag 'v4.18-rc2' of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux into fbdev-for-next
Linux 4.18-rc2
|
#
57b54d74 |
| 25-Jun-2018 |
James Morris <james.morris@microsoft.com> |
Merge tag 'v4.18-rc2' into next-general
Merge to Linux 4.18-rc2 for security subsystem developers.
|
Revision tags: v4.18-rc2 |
|
#
7731b8bc |
| 22-Jun-2018 |
Thomas Gleixner <tglx@linutronix.de> |
Merge branch 'linus' into x86/urgent
Required to queue a dependent fix.
|
Revision tags: v4.18-rc1 |
|
#
3e1a29b3 |
| 06-Jun-2018 |
Linus Torvalds <torvalds@linux-foundation.org> |
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu: "API:
- Decryption test vectors are now automatically generated fro
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu: "API:
- Decryption test vectors are now automatically generated from encryption test vectors.
Algorithms:
- Fix unaligned access issues in crc32/crc32c.
- Add zstd compression algorithm.
- Add AEGIS.
- Add MORUS.
Drivers:
- Add accelerated AEGIS/MORUS on x86.
- Add accelerated SM4 on arm64.
- Removed x86 assembly salsa implementation as it is slower than C.
- Add authenc(hmac(sha*), cbc(aes)) support in inside-secure.
- Add ctr(aes) support in crypto4xx.
- Add hardware key support in ccree.
- Add support for new Centaur CPU in via-rng"
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (112 commits) crypto: chtls - free beyond end rspq_skb_cache crypto: chtls - kbuild warnings crypto: chtls - dereference null variable crypto: chtls - wait for memory sendmsg, sendpage crypto: chtls - key len correction crypto: salsa20 - Revert "crypto: salsa20 - export generic helpers" crypto: x86/salsa20 - remove x86 salsa20 implementations crypto: ccp - Add GET_ID SEV command crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command crypto: qat - Add MODULE_FIRMWARE for all qat drivers crypto: ccree - silence debug prints crypto: ccree - better clock handling crypto: ccree - correct host regs offset crypto: chelsio - Remove separate buffer used for DMA map B0 block in CCM crypt: chelsio - Send IV as Immediate for cipher algo crypto: chelsio - Return -ENOSPC for transient busy indication. crypto: caam/qi - fix warning in init_cgr() crypto: caam - fix rfc4543 descriptors crypto: caam - fix MC firmware detection crypto: clarify licensing of OpenSSL asm code ...
show more ...
|
Revision tags: v4.17, v4.17-rc7 |
|
#
b7b73cd5 |
| 26-May-2018 |
Eric Biggers <ebiggers@google.com> |
crypto: x86/salsa20 - remove x86 salsa20 implementations
The x86 assembly implementations of Salsa20 use the frame base pointer register (%ebp or %rbp), which breaks frame pointer convention and bre
crypto: x86/salsa20 - remove x86 salsa20 implementations
The x86 assembly implementations of Salsa20 use the frame base pointer register (%ebp or %rbp), which breaks frame pointer convention and breaks stack traces when unwinding from an interrupt in the crypto code. Recent (v4.10+) kernels will warn about this, e.g.
WARNING: kernel stack regs at 00000000a8291e69 in syzkaller047086:4677 has bad 'bp' value 000000001077994c [...]
But after looking into it, I believe there's very little reason to still retain the x86 Salsa20 code. First, these are *not* vectorized (SSE2/SSSE3/AVX2) implementations, which would be needed to get anywhere close to the best Salsa20 performance on any remotely modern x86 processor; they're just regular x86 assembly. Second, it's still unclear that anyone is actually using the kernel's Salsa20 at all, especially given that now ChaCha20 is supported too, and with much more efficient SSSE3 and AVX2 implementations. Finally, in benchmarks I did on both Intel and AMD processors with both gcc 8.1.0 and gcc 4.9.4, the x86_64 salsa20-asm is actually slightly *slower* than salsa20-generic (~3% slower on Skylake, ~10% slower on Zen), while the i686 salsa20-asm is only slightly faster than salsa20-generic (~15% faster on Skylake, ~20% faster on Zen). The gcc version made little difference.
So, the x86_64 salsa20-asm is pretty clearly useless. That leaves just the i686 salsa20-asm, which based on my tests provides a 15-20% speed boost. But that's without updating the code to not use %ebp. And given the maintenance cost, the small speed difference vs. salsa20-generic, the fact that few people still use i686 kernels, the doubt that anyone is even using the kernel's Salsa20 at all, and the fact that a SSE2 implementation would almost certainly be much faster on any remotely modern x86 processor yet no one has cared enough to add one yet, I don't think it's worthwhile to keep.
Thus, just remove both the x86_64 and i686 salsa20-asm implementations.
Reported-by: syzbot+ffa3a158337bbc01ff09@syzkaller.appspotmail.com Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
show more ...
|
#
2808f173 |
| 21-May-2018 |
Ondrej Mosnacek <omosnacek@gmail.com> |
crypto: morus - Mark MORUS SIMD glue as x86-specific
Commit 56e8e57fc3a7 ("crypto: morus - Add common SIMD glue code for MORUS") accidetally consiedered the glue code to be usable by different archi
crypto: morus - Mark MORUS SIMD glue as x86-specific
Commit 56e8e57fc3a7 ("crypto: morus - Add common SIMD glue code for MORUS") accidetally consiedered the glue code to be usable by different architectures, but it seems to be only usable on x86.
This patch moves it under arch/x86/crypto and adds 'depends on X86' to the Kconfig options and also removes the prompt to hide these internal options from the user.
Reported-by: kbuild test robot <lkp@intel.com> Signed-off-by: Ondrej Mosnacek <omosnacek@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
show more ...
|
Revision tags: v4.17-rc6, v4.17-rc5 |
|
#
6ecc9d9f |
| 11-May-2018 |
Ondrej Mosnacek <omosnacek@gmail.com> |
crypto: x86 - Add optimized MORUS implementations
This patch adds optimized implementations of MORUS-640 and MORUS-1280, utilizing the SSE2 and AVX2 x86 extensions.
For MORUS-1280 (which operates o
crypto: x86 - Add optimized MORUS implementations
This patch adds optimized implementations of MORUS-640 and MORUS-1280, utilizing the SSE2 and AVX2 x86 extensions.
For MORUS-1280 (which operates on 256-bit blocks) we provide both AVX2 and SSE2 implementation. Although SSE2 MORUS-1280 is slower than AVX2 MORUS-1280, it is comparable in speed to the SSE2 MORUS-640.
Signed-off-by: Ondrej Mosnacek <omosnacek@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
show more ...
|
#
1d373d4e |
| 11-May-2018 |
Ondrej Mosnacek <omosnacek@gmail.com> |
crypto: x86 - Add optimized AEGIS implementations
This patch adds optimized implementations of AEGIS-128, AEGIS-128L, and AEGIS-256, utilizing the AES-NI and SSE2 x86 extensions.
Signed-off-by: Ond
crypto: x86 - Add optimized AEGIS implementations
This patch adds optimized implementations of AEGIS-128, AEGIS-128L, and AEGIS-256, utilizing the AES-NI and SSE2 x86 extensions.
Signed-off-by: Ondrej Mosnacek <omosnacek@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
show more ...
|
Revision tags: v4.17-rc4, v4.17-rc3, v4.17-rc2, v4.17-rc1, v4.16, v4.16-rc7, v4.16-rc6, v4.16-rc5, v4.16-rc4, v4.16-rc3, v4.16-rc2, v4.16-rc1, v4.15, v4.15-rc9, v4.15-rc8 |
|
#
498495db |
| 08-Jan-2018 |
Mark Brown <broonie@kernel.org> |
Merge branch 'fix/intel' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into asoc-intel
|
Revision tags: v4.15-rc7, v4.15-rc6 |
|
#
70a02f84 |
| 29-Dec-2017 |
Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com> |
Merge tag 'v4.15-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux into fbdev-for-next
Linux 4.15-rc5
|
Revision tags: v4.15-rc5 |
|
#
2ef6765c |
| 18-Dec-2017 |
Zhenyu Wang <zhenyuw@linux.intel.com> |
Merge tag 'drm-intel-next-2017-12-14' into gvt-next
- Fix documentation build issues (Randy, Markus) - Fix timestamp frequency calculation for perf on CNL (Lionel) - New DMC firmware for Skylake (An
Merge tag 'drm-intel-next-2017-12-14' into gvt-next
- Fix documentation build issues (Randy, Markus) - Fix timestamp frequency calculation for perf on CNL (Lionel) - New DMC firmware for Skylake (Anusha) - GTT flush fixes and other GGTT write track and refactors (Chris) - Taint kernel when GPU reset fails (Chris) - Display workarounds organization (Lucas) - GuC and HuC initialization clean-up and fixes (Michal) - Other fixes around GuC submission (Michal) - Execlist clean-ups like caching ELSP reg offset and improving log readability (Chri\ s) - Many other improvements on our logs and dumps (Chris) - Restore GT performance in headless mode with DMC loaded (Tvrtko) - Stop updating legacy fb parameters since FBC is not using anymore (Daniel) - More selftest improvements (Chris) - Preemption fixes and improvements (Chris) - x86/early-quirks improvements for Intel graphics stolen memory. (Joonas, Matthew) - Other improvements on Stolen Memory code to be resource centric. (Matthew) - Improvements and fixes on fence allocation/release (Chris).
GVT:
- fixes for two coverity scan errors (Colin) - mmio switch code refine (Changbin) - more virtual display dmabuf fixes (Tina/Gustavo) - misc cleanups (Pei) - VFIO mdev display dmabuf interface and gvt support (Tina) - VFIO mdev opregion support/fixes (Tina/Xiong/Chris) - workload scheduling optimization (Changbin) - preemption fix and temporal workaround (Zhenyu) - and misc fixes after refactor (Chris)
show more ...
|
Revision tags: v4.15-rc4 |
|
#
d21bd689 |
| 11-Dec-2017 |
James Morris <james.l.morris@oracle.com> |
Sync to v4.15-rc3 for security subsystem developers to work against.
|