github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-12 16:18:45 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
d6ea871d73
linux/Documentation
History
Suman Kumar Chakraborty 6ac142bf26 crypto: qat - add anti-rollback support for GEN6 devices 
Anti-Rollback (ARB) is a QAT GEN6 hardware feature that prevents loading
firmware with a Security Version Number (SVN) lower than an authorized
minimum. This protects against downgrade attacks by ensuring that only
firmware at or above a committed SVN can run on the acceleration device.

During firmware loading, the driver checks the SVN validation status via
a hardware CSR. If the check reports a failure, firmware authentication
is aborted. If it reports a retry status, the driver reissues the
authentication command up to a maximum number of retries.

Extend the firmware admin interface with two new messages,
ICP_QAT_FW_SVN_READ and ICP_QAT_FW_SVN_COMMIT, to query and commit the
SVN, respectively. Integrate the SVN check into the firmware
authentication path in qat_uclo.c so the driver can react to
anti-rollback status during device bring-up.

Expose SVN information to userspace via a new sysfs attribute group,
qat_svn, under the PCI device directory. The group provides read-only
attributes for the active, enforced minimum, and permanent minimum SVN
values, as well as a write-only commit attribute that allows a system
administrator to commit the currently active SVN as the new authorized
minimum.

This is based on earlier work by Ciunas Bennett.

Signed-off-by: Suman Kumar Chakraborty <suman.kumar.chakraborty@intel.com>
Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2026-03-27 18:52:43 +09:00
..
ABI crypto: qat - add anti-rollback support for GEN6 devices 2026-03-27 18:52:43 +09:00
accel Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
accounting delayacct: add timestamp of delay max 2026-01-31 16:16:06 -08:00
admin-guide Including fixes from Netfilter. 2026-02-19 10:39:08 -08:00
arch RISC-V updates for v7.0 2026-02-12 19:17:44 -08:00
block block: remove bio_last_bvec_all 2026-01-26 21:07:48 -07:00
bpf bpf-next-7.0 2026-02-10 11:26:21 -08:00
cdrom Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
core-api A handful of small, late-arriving documentation fixes. 2026-02-15 10:47:59 -08:00
cpu-freq
crypto crypto: docs/userspace-if - Fix outdated links 2026-03-07 14:22:53 +09:00
dev-tools Documentation: Coccinelle: document debug log handling 2026-02-21 17:22:45 +01:00
devicetree dt-bindings: crypto: inside-secure,safexcel: add compatible for MT7981 2026-03-15 13:23:12 +09:00
doc-guide Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
driver-api dmaengine updates for v7.0 2026-02-17 11:47:17 -08:00
edac
fault-injection Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
fb Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
features s390: Document s390 stackprotector support 2026-02-03 12:48:27 +01:00
filesystems overlayfs updates for 7.0 2026-02-17 15:08:24 -08:00
firmware_class
firmware-guide docs: fix 're-use' -> 'reuse' in documentation 2026-02-02 09:54:15 -07:00
fpga Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
gpu drm for 7.0-rc1 2026-02-11 12:55:44 -08:00
hid
hwmon hwmon updates for v7.0 2026-02-11 11:00:19 -08:00
i2c Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
iio
images
infiniband Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
input docs: fix 're-use' -> 'reuse' in documentation 2026-02-02 09:54:15 -07:00
isdn Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
kbuild Kbuild/Kconfig updates for 7.0 2026-02-11 13:40:35 -08:00
kernel-hacking
leds docs: leds: Document TI LP5812 LED driver 2026-02-04 09:23:37 +00:00
litmus-tests
livepatch Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
locking Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
maintainer
mhi Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
misc-devices TTY / Serial driver updates for 7.0-rc1 2026-02-17 09:30:52 -08:00
mm A handful of small, late-arriving documentation fixes. 2026-02-15 10:47:59 -08:00
netlabel Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
netlink NFSD 7.0 Release Notes 2026-02-12 08:23:53 -08:00
networking ipv6: icmp: remove obsolete code in icmpv6_xrlim_allow() 2026-02-18 16:46:36 -08:00
nvdimm
nvme
PCI Networking changes for 7.0 2026-02-11 19:31:52 -08:00
pcmcia Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
peci Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
power power supply and reset changes for the 7.0 series 2026-02-12 18:24:37 -08:00
process A handful of small, late-arriving documentation fixes. 2026-02-15 10:47:59 -08:00
RCU A slightly calmer cycle for docs this time around, though there is still a 2026-02-09 20:53:18 -08:00
rust Rust changes for v6.20 / v7.0 2026-02-10 11:53:01 -08:00
scheduler bpf-next-7.0 2026-02-10 11:26:21 -08:00
scsi SCSI misc on 20260212 2026-02-12 15:43:02 -08:00
security docs: trusted-encryped: add PKWM as a new trust source 2026-01-30 09:27:27 +05:30
sound docs: fix 're-use' -> 'reuse' in documentation 2026-02-02 09:54:15 -07:00
sphinx docs: automarkup.py: Skip common English words as C identifiers 2026-01-27 10:35:57 -07:00
sphinx-includes Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
sphinx-static docs: custom.css: add CSS for python 2026-01-23 11:37:38 -07:00
spi spi: Updates for v7.0 2026-02-11 09:43:43 -08:00
staging
sunrpc/xdr Add RPC language definition of NFSv4 POSIX ACL extension 2026-01-29 09:48:33 -05:00
target Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
tee Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
timers Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
tools RTLA patches for v7.0 2026-02-12 14:31:02 -08:00
trace Char/Misc/IIO driver changes for 7.0-rc1 2026-02-17 09:11:04 -08:00
translations mm.git review status for linus..mm-stable 2026-02-12 11:32:37 -08:00
usb USB / Thunderbolt changes for 7.0-rc1 2026-02-17 09:36:43 -08:00
userspace-api Char/Misc/IIO driver changes for 7.0-rc1 2026-02-17 09:11:04 -08:00
virt Loongarch: 2026-02-13 11:31:15 -08:00
w1 Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
watchdog linux-watchdog 6.20-rc1 tag 2026-02-16 12:21:22 -08:00
wmi platform-drivers-x86 for v7.0-1 2026-02-13 15:39:15 -08:00
.gitignore
.renames.txt net: ethernet: neterion: s2io: remove unused driver 2026-01-28 20:08:07 -08:00
atomic_bitops.txt
atomic_t.txt
Changes
CodingStyle
conf.py Documentation: use a source-read extension for the index link boilerplate 2026-01-23 11:59:34 -07:00
docutils.conf
index.rst
Kconfig
Makefile
memory-barriers.txt
SubmittingPatches
subsystem-apis.rst