Merge tag 'v6.7-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

What:		/sys/kernel/debug/qat_<device>_<BDF>/qat/fw_counters

What:		/sys/kernel/debug/qat_<device>_<BDF>/fw_counters

Date:		November 2023

KernelVersion:	6.6

Contact:	qat-linux@intel.com

		The driver does not monitor for Heartbeat. It is left for a user

		to poll the status periodically.

What:		/sys/kernel/debug/qat_<device>_<BDF>/pm_status

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:	(RO) Read returns power management information specific to the

		QAT device.

		This attribute is only available for qat_4xxx devices.

What:		/sys/kernel/debug/qat_<device>_<BDF>/cnv_errors

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:	(RO) Read returns, for each Acceleration Engine (AE), the number

		of errors and the type of the last error detected by the device

		when performing verified compression.

		Reported counters::

			<N>: Number of Compress and Verify (CnV) errors and type

			     of the last CnV error detected by Acceleration

			     Engine N.

		  services

		* asym;sym: identical to sym;asym

		* dc: the device is configured for running compression services

		* dcc: identical to dc but enables the dc chaining feature,

		  hash then compression. If this is not required chose dc

		* sym: the device is configured for running symmetric crypto

		  services

		* asym: the device is configured for running asymmetric crypto

			0

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat/rp2srv

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:

		(RW) This attribute provides a way for a user to query a

		specific ring pair for the type of service that it is currently

		configured for.

		When written to, the value is cached and used to perform the

		read operation. Allowed values are in the range 0 to N-1, where

		N is the max number of ring pairs supported by a device. This

		can be queried using the attribute qat/num_rps.

		A read returns the service associated to the ring pair queried.

		The values are:

		* dc: the ring pair is configured for running compression services

		* sym: the ring pair is configured for running symmetric crypto

		  services

		* asym: the ring pair is configured for running asymmetric crypto

		  services

		Example usage::

			# echo 1 > /sys/bus/pci/devices/<BDF>/qat/rp2srv

			# cat /sys/bus/pci/devices/<BDF>/qat/rp2srv

			sym

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat/num_rps

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:

		(RO) Returns the number of ring pairs that a single device has.

		Example usage::

			# cat /sys/bus/pci/devices/<BDF>/qat/num_rps

			64

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_ras/errors_correctable

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:	(RO) Reports the number of correctable errors detected by the device.

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_ras/errors_nonfatal

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:	(RO) Reports the number of non fatal errors detected by the device.

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_ras/errors_fatal

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:	(RO) Reports the number of fatal errors detected by the device.

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_ras/reset_error_counters

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:	(WO) Write to resets all error counters of a device.

		The following example reports how to reset the counters::

			# echo 1 > /sys/bus/pci/devices/<BDF>/qat_ras/reset_error_counters

			# cat /sys/bus/pci/devices/<BDF>/qat_ras/errors_correctable

			0

			# cat /sys/bus/pci/devices/<BDF>/qat_ras/errors_nonfatal

			0

			# cat /sys/bus/pci/devices/<BDF>/qat_ras/errors_fatal

			0

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_rl/sla_op

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:

		(WO) This attribute is used to perform an operation on an SLA.

		The supported operations are: add, update, rm, rm_all, and get.

		Input values must be filled through the associated attribute in

		this group before a write to this file.

		If the operation completes successfully, the associated

		attributes will be updated.

		The associated attributes are: cir, pir, srv, rp, and id.

		Supported operations:

		* add: Creates a new SLA with the provided inputs from user.

			* Inputs: cir, pir, srv, and rp

			* Output: id

		* get: Returns the configuration of the specified SLA in id attribute

			* Inputs: id

			* Outputs: cir, pir, srv, and rp

		* update: Updates the SLA with new values set in the following attributes

			* Inputs: id, cir, and pir

		* rm: Removes the specified SLA in the id attribute.

			* Inputs: id

		* rm_all: Removes all the configured SLAs.

			* Inputs: None

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_rl/rp

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:

		(RW) When read, reports the current assigned ring pairs for the

		queried SLA.

		When wrote to, configures the ring pairs associated to a new SLA.

		The value is a 64-bit bit mask and is written/displayed in hex.

		Each bit of this mask represents a single ring pair i.e.,

		bit 1 == ring pair id 0; bit 3 == ring pair id 2.

		Selected ring pairs must to be assigned to a single service,

		i.e. the one provided with the srv attribute. The service

		assigned to a certain ring pair can be checked by querying

		the attribute qat/rp2srv.

		The maximum number of ring pairs is 4 per SLA.

		Applicability in sla_op:

		* WRITE: add operation

		* READ: get operation

		Example usage::

			## Read

			# echo 4 > /sys/bus/pci/devices/<BDF>/qat_rl/id

			# cat /sys/bus/pci/devices/<BDF>/qat_rl/rp

			0x5

			## Write

			# echo 0x5 > /sys/bus/pci/devices/<BDF>/qat_rl/rp

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_rl/id

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:

		(RW) If written to, the value is used to retrieve a particular

		SLA and operate on it.

		This is valid only for the following operations: update, rm,

		and get.

		A read of this attribute is only guaranteed to have correct data

		after creation of an SLA.

		Applicability in sla_op:

		* WRITE: rm and update operations

		* READ: add and get operations

		Example usage::

			## Read

			## Set attributes e.g. cir, pir, srv, etc

			# echo "add" > /sys/bus/pci/devices/<BDF>/qat_rl/sla_op

			# cat /sys/bus/pci/devices/<BDF>/qat_rl/id

			4

			## Write

			# echo 7 > /sys/bus/pci/devices/<BDF>/qat_rl/id

			# echo "get" > /sys/bus/pci/devices/<BDF>/qat_rl/sla_op

			# cat /sys/bus/pci/devices/<BDF>/qat_rl/rp

			0x5  ## ring pair ID 0 and ring pair ID 2

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_rl/cir

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:

		(RW) Committed information rate (CIR). Rate guaranteed to be

		achieved by a particular SLA. The value is expressed in

		permille scale, i.e. 1000 refers to the maximum device

		throughput for a selected service.

		After sending a "get" to sla_op, this will be populated with the

		CIR for that queried SLA.

		Write to this file before sending an "add/update" sla_op, to set

		the SLA to the specified value.

		Applicability in sla_op:

		* WRITE: add and update operations

		* READ: get operation

		Example usage::

			## Write

			# echo 500 > /sys/bus/pci/devices/<BDF>/qat_rl/cir

			# echo "add" /sys/bus/pci/devices/<BDF>/qat_rl/sla_op

			## Read

			# echo 4 > /sys/bus/pci/devices/<BDF>/qat_rl/id

			# echo "get" > /sys/bus/pci/devices/<BDF>/qat_rl/sla_op

			# cat /sys/bus/pci/devices/<BDF>/qat_rl/cir

			500

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_rl/pir

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:

		(RW) Peak information rate (PIR). The maximum rate that can be

		achieved by that particular SLA. An SLA can reach a value

		between CIR and PIR when the device is not fully utilized by

		requests from other users (assigned to different SLAs).

		After sending a "get" to sla_op, this will be populated with the

		PIR for that queried SLA.

		Write to this file before sending an "add/update" sla_op, to set

		the SLA to the specified value.

		Applicability in sla_op:

		* WRITE: add and update operations

		* READ: get operation

		Example usage::

			## Write

			# echo 750 > /sys/bus/pci/devices/<BDF>/qat_rl/pir

			# echo "add" > /sys/bus/pci/devices/<BDF>/qat_rl/sla_op

			## Read

			# echo 4 > /sys/bus/pci/devices/<BDF>/qat_rl/id

			# echo "get" > /sys/bus/pci/devices/<BDF>/qat_rl/sla_op

			# cat /sys/bus/pci/devices/<BDF>/qat_rl/pir

			750

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_rl/srv

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:

		(RW) Service (SRV). Represents the service (sym, asym, dc)

		associated to an SLA.

		Can be written to or queried to set/show the SRV type for an SLA.

		The SRV attribute is used to specify the SRV type before adding

		an SLA. After an SLA is configured, reports the service

		associated to that SLA.

		Applicability in sla_op:

		* WRITE: add and update operations

		* READ: get operation

		Example usage::

			## Write

			# echo "dc" > /sys/bus/pci/devices/<BDF>/qat_rl/srv

			# echo "add" > /sys/bus/pci/devices/<BDF>/qat_rl/sla_op

			# cat /sys/bus/pci/devices/<BDF>/qat_rl/id

			4

			## Read

			# echo 4 > /sys/bus/pci/devices/<BDF>/qat_rl/id

			# echo "get" > /sys/bus/pci/devices/<BDF>/qat_rl/sla_op

			# cat /sys/bus/pci/devices/<BDF>/qat_rl/srv

			dc

		This attribute is only available for qat_4xxx devices.

What:		/sys/bus/pci/devices/<BDF>/qat_rl/cap_rem

Date:		January 2024

KernelVersion:	6.7

Contact:	qat-linux@intel.com

Description:

		(RW) This file will return the remaining capability for a

		particular service/sla. This is the remaining value that a new

		SLA can be set to or a current SLA can be increased with.

		Example usage::

			# echo "asym" > /sys/bus/pci/devices/<BDF>/qat_rl/cap_rem

			# cat /sys/bus/pci/devices/<BDF>/qat_rl/cap_rem

			250

			# echo 250 > /sys/bus/pci/devices/<BDF>/qat_rl/cir

			# echo "add" > /sys/bus/pci/devices/<BDF>/qat_rl/sla_op

			# cat /sys/bus/pci/devices/<BDF>/qat_rl/cap_rem

			0

		This attribute is only available for qat_4xxx devices.

This facility uses X.509 ITU-T standard certificates to encode the public keys

involved.  The signatures are not themselves encoded in any industrial standard

type.  The facility currently only supports the RSA public key encryption

standard (though it is pluggable and permits others to be used).  The possible

hash algorithms that can be used are SHA-1, SHA-224, SHA-256, SHA-384, and

SHA-512 (the algorithm is selected by data in the signature).

type.  The built-in facility currently only supports the RSA & NIST P-384 ECDSA

public key signing standard (though it is pluggable and permits others to be

used).  The possible hash algorithms that can be used are SHA-2 and SHA-3 of

sizes 256, 384, and 512 (the algorithm is selected by data in the signature).

==========================

     sign the modules with:

        =============================== ==========================================

	``CONFIG_MODULE_SIG_SHA1``	:menuselection:`Sign modules with SHA-1`

	``CONFIG_MODULE_SIG_SHA224``	:menuselection:`Sign modules with SHA-224`

	``CONFIG_MODULE_SIG_SHA256``	:menuselection:`Sign modules with SHA-256`

	``CONFIG_MODULE_SIG_SHA384``	:menuselection:`Sign modules with SHA-384`

	``CONFIG_MODULE_SIG_SHA512``	:menuselection:`Sign modules with SHA-512`

	``CONFIG_MODULE_SIG_SHA3_256``	:menuselection:`Sign modules with SHA3-256`

	``CONFIG_MODULE_SIG_SHA3_384``	:menuselection:`Sign modules with SHA3-384`

	``CONFIG_MODULE_SIG_SHA3_512``	:menuselection:`Sign modules with SHA3-512`

        =============================== ==========================================

     The algorithm selected here will also be built into the kernel (rather

file (which is also generated if it does not already exist).

One can select between RSA (``MODULE_SIG_KEY_TYPE_RSA``) and ECDSA

(``MODULE_SIG_KEY_TYPE_ECDSA``) to generate either RSA 4k or NIST

P-384 keypair.

It is strongly recommended that you provide your own x509.genkey file.

Most notably, in the x509.genkey file, the req_distinguished_name section