Linux Kernel 5.18.15 is out: some nice crypto improvements ...

From security standpoint, this kernel update brings adds several fixes for Intel QuickAssist driver, plus some more. Let's have a look.

Intel(R) QuickAssist

QuickAssist is a capability of certain Intel-produced chipsets to perform cryptographic operations in hardware, which is a super cool feature, since cryptography is one of the most resource-consuming types of operations that involves heavy math computations. Remember that modern strong crypto (like Elliptic curve cipher-suites, quantum-safe algorithms) is always hungry for CPU. And forget about MD5 and SHA1, they are not about serious security anymore.

QuickAssist-enabled environment can be described as a combination of several hardware and software components:

• proper hardware
  • this can have various forms, QuickAssist can be integrated into motherboard chipset, or be distributed as a separate PCI expansion board. In either case, for Kernel it's always a PCI device with endpoints.
• firmware binaries
  • they usually look like "qat_xxx.bin" files. They are obtained and loaded whenever the driver starts
• Kernel driver
  • various chipset families are supported: 4xxx, C3xxx, C62x, DH895x
• user-space tools
  • they are provided by Intel, namely adf_ctl and qat_dbg_ctl

What are the specific services that QuickAssist provides? 

Conceptually (and also by architecture and API), they are grouped into "Cryptography" and "Compression" types of services. The former deals with encryption and HMAC, the latter is about compression and verifying data. All over in the documentation they are denoted as "CY" (stands for CrYptography) and "DC" (Data Compression). An application, be it a Kernel code and User-space program, can request one or more instances of CY or DC type, and use it accordingly.

Crypto instances offer the following well-known algorithms: AES in CBC, CCM and GCM modes, modern hashes like SHA-256 and SHA-512, HMAC, RSA, (EC)DSA, (EC)Diffie-Hellman, ChaCha-Poly, and also a random number generator.

Data compression instances provide Deflate, CRCs, LZS and LZ4.

Latest Kernel fixes

Mainly they were around proper memory handling inside drivers, fixing memory leaks and safe memory initializing. Everything for the sake of stability.

Useful Links

• Intel(R) QuickAssist overview
• QAT and Openssl benchmark (pdf)