From ea6ccde7a48e92421d35eca566c216d933bcead4 Mon Sep 17 00:00:00 2001
From: GUO Zihua <guozihua@huawei.com>
Date: Thu, 28 Dec 2023 03:18:52 +0000
Subject: [PATCH 1/2] crypto: kabi: KABI reservation for crypto

hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I8RI9L

--------------------------------

Reserve KABI for future crypto development.

Signed-off-by: GUO Zihua <guozihua@huawei.com>
---
 include/crypto/aead.h            | 3 +++
 include/crypto/akcipher.h        | 4 ++++
 include/crypto/algapi.h          | 4 ++++
 include/crypto/hash.h            | 2 ++
 include/crypto/if_alg.h          | 3 +++
 include/crypto/public_key.h      | 3 +++
 include/crypto/rng.h             | 2 ++
 include/crypto/skcipher.h        | 3 +++
 include/linux/crypto.h           | 2 ++
 include/linux/kernel_read_file.h | 3 +++
 include/linux/kexec.h            | 5 +++++
 11 files changed, 34 insertions(+)

diff --git a/include/crypto/aead.h b/include/crypto/aead.h
index 35e45b854a6f..528fe6fb5013 100644
--- a/include/crypto/aead.h
+++ b/include/crypto/aead.h
@@ -13,6 +13,7 @@
 #include <linux/crypto.h>
 #include <linux/slab.h>
 #include <linux/types.h>
+#include <linux/kabi.h>
 
 /**
  * DOC: Authenticated Encryption With Associated Data (AEAD) Cipher API
@@ -97,6 +98,7 @@ struct aead_request {
 
 	struct scatterlist *src;
 	struct scatterlist *dst;
+	KABI_RESERVE(0);
 
 	void *__ctx[] CRYPTO_MINALIGN_ATTR;
 };
@@ -171,6 +173,7 @@ struct aead_alg {
 	unsigned int chunksize;
 
 	struct crypto_alg base;
+	KABI_RESERVE(0);
 };
 
 struct crypto_aead {
diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h
index 670508f1dca1..9a8d21ee7546 100644
--- a/include/crypto/akcipher.h
+++ b/include/crypto/akcipher.h
@@ -10,6 +10,7 @@
 
 #include <linux/atomic.h>
 #include <linux/crypto.h>
+#include <linux/kabi.h>
 
 /**
  * struct akcipher_request - public key request
@@ -38,6 +39,7 @@ struct akcipher_request {
 	struct scatterlist *dst;
 	unsigned int src_len;
 	unsigned int dst_len;
+	KABI_RESERVE(0);
 	void *__ctx[] CRYPTO_MINALIGN_ATTR;
 };
 
@@ -52,6 +54,7 @@ struct crypto_akcipher {
 	unsigned int reqsize;
 
 	struct crypto_tfm base;
+	KABI_RESERVE(0);
 };
 
 /*
@@ -132,6 +135,7 @@ struct akcipher_alg {
 #endif
 
 	struct crypto_alg base;
+	KABI_RESERVE(0);
 };
 
 /**
diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h
index ca86f4c6ba43..ccc6f36419bb 100644
--- a/include/crypto/algapi.h
+++ b/include/crypto/algapi.h
@@ -13,6 +13,7 @@
 #include <linux/crypto.h>
 #include <linux/types.h>
 #include <linux/workqueue.h>
+#include <linux/kabi.h>
 
 /*
  * Maximum values for blocksize and alignmask, used to allocate
@@ -69,6 +70,7 @@ struct crypto_type {
 	unsigned int maskclear;
 	unsigned int maskset;
 	unsigned int tfmsize;
+	KABI_RESERVE(0);
 };
 
 struct crypto_instance {
@@ -84,6 +86,7 @@ struct crypto_instance {
 	};
 
 	struct work_struct free_work;
+	KABI_RESERVE(0);
 
 	void *__ctx[] CRYPTO_MINALIGN_ATTR;
 };
@@ -111,6 +114,7 @@ struct crypto_spawn {
 	u32 mask;
 	bool dead;
 	bool registered;
+	KABI_RESERVE(0);
 };
 
 struct crypto_queue {
diff --git a/include/crypto/hash.h b/include/crypto/hash.h
index f7c2a22cd776..91c176b42a9b 100644
--- a/include/crypto/hash.h
+++ b/include/crypto/hash.h
@@ -11,6 +11,7 @@
 #include <linux/atomic.h>
 #include <linux/crypto.h>
 #include <linux/string.h>
+#include <linux/kabi.h>
 
 struct crypto_ahash;
 
@@ -78,6 +79,7 @@ struct ahash_request {
 
 	/* This field may only be used by the ahash API code. */
 	void *priv;
+	KABI_RESERVE(0);
 
 	void *__ctx[] CRYPTO_MINALIGN_ATTR;
 };
diff --git a/include/crypto/if_alg.h b/include/crypto/if_alg.h
index ef8ce86b1f78..8b082e953633 100644
--- a/include/crypto/if_alg.h
+++ b/include/crypto/if_alg.h
@@ -14,6 +14,7 @@
 #include <linux/scatterlist.h>
 #include <linux/types.h>
 #include <linux/atomic.h>
+#include <linux/kabi.h>
 #include <net/sock.h>
 
 #include <crypto/aead.h>
@@ -32,6 +33,7 @@ struct alg_sock {
 
 	const struct af_alg_type *type;
 	void *private;
+	KABI_RESERVE(0);
 };
 
 struct af_alg_control {
@@ -154,6 +156,7 @@ struct af_alg_ctx {
 	bool init;
 
 	unsigned int len;
+	KABI_RESERVE(0);
 };
 
 int af_alg_register_type(const struct af_alg_type *type);
diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index 462f8a34cdf8..c0bd4df9dc13 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -12,6 +12,7 @@
 
 #include <linux/keyctl.h>
 #include <linux/oid_registry.h>
+#include <linux/kabi.h>
 
 /*
  * Cryptographic data for the public-key subtype of the asymmetric key type.
@@ -29,6 +30,7 @@ struct public_key {
 	const char *id_type;
 	const char *pkey_algo;
 	unsigned long key_eflags;	/* key extension flags */
+	KABI_RESERVE(0);
 #define KEY_EFLAG_CA		0	/* set if the CA basic constraints is set */
 #define KEY_EFLAG_DIGITALSIG	1	/* set if the digitalSignature usage is set */
 #define KEY_EFLAG_KEYCERTSIGN	2	/* set if the keyCertSign usage is set */
@@ -48,6 +50,7 @@ struct public_key_signature {
 	const char *pkey_algo;
 	const char *hash_algo;
 	const char *encoding;
+	KABI_RESERVE(0);
 };
 
 extern void public_key_signature_free(struct public_key_signature *sig);
diff --git a/include/crypto/rng.h b/include/crypto/rng.h
index 6abe5102e5fb..28fb91c5e278 100644
--- a/include/crypto/rng.h
+++ b/include/crypto/rng.h
@@ -12,6 +12,7 @@
 #include <linux/atomic.h>
 #include <linux/container_of.h>
 #include <linux/crypto.h>
+#include <linux/kabi.h>
 
 struct crypto_rng;
 
@@ -70,6 +71,7 @@ struct rng_alg {
 	unsigned int seedsize;
 
 	struct crypto_alg base;
+	KABI_RESERVE(0);
 };
 
 struct crypto_rng {
diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
index 080d1ba3611d..a8e5793e6f0b 100644
--- a/include/crypto/skcipher.h
+++ b/include/crypto/skcipher.h
@@ -14,6 +14,7 @@
 #include <linux/slab.h>
 #include <linux/string.h>
 #include <linux/types.h>
+#include <linux/kabi.h>
 
 struct scatterlist;
 
@@ -35,6 +36,7 @@ struct skcipher_request {
 	struct scatterlist *dst;
 
 	struct crypto_async_request base;
+	KABI_RESERVE(0);
 
 	void *__ctx[] CRYPTO_MINALIGN_ATTR;
 };
@@ -142,6 +144,7 @@ struct skcipher_alg {
 #endif
 
 	struct crypto_alg base;
+	KABI_RESERVE(0);
 };
 
 #define MAX_SYNC_SKCIPHER_REQSIZE      384
diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index 31f6fee0c36c..7db4ab4ee703 100644
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -16,6 +16,7 @@
 #include <linux/refcount.h>
 #include <linux/slab.h>
 #include <linux/types.h>
+#include <linux/kabi.h>
 
 /*
  * Algorithm masks and types.
@@ -429,6 +430,7 @@ struct crypto_tfm {
 	void (*exit)(struct crypto_tfm *tfm);
 	
 	struct crypto_alg *__crt_alg;
+	KABI_RESERVE(0);
 
 	void *__crt_ctx[] CRYPTO_MINALIGN_ATTR;
 };
diff --git a/include/linux/kernel_read_file.h b/include/linux/kernel_read_file.h
index 90451e2e12bd..19d56c180f7e 100644
--- a/include/linux/kernel_read_file.h
+++ b/include/linux/kernel_read_file.h
@@ -14,6 +14,9 @@
 	id(KEXEC_INITRAMFS, kexec-initramfs)	\
 	id(POLICY, security-policy)		\
 	id(X509_CERTIFICATE, x509-certificate)	\
+	id(KABI_RESERVE0, KABI_RESERVE0)	\
+	id(KABI_RESERVE1, KABI_RESERVE1)	\
+	id(KABI_RESERVE2, KABI_RESERVE2)	\
 	id(MAX_ID, )
 
 #define __fid_enumify(ENUM, dummy) READING_ ## ENUM,
diff --git a/include/linux/kexec.h b/include/linux/kexec.h
index 32c78078552c..0376a9e758a7 100644
--- a/include/linux/kexec.h
+++ b/include/linux/kexec.h
@@ -21,6 +21,7 @@
 
 #include <uapi/linux/kexec.h>
 #include <linux/verification.h>
+#include <linux/kabi.h>
 
 /* Location of a reserved region to hold the crash kernel.
  */
@@ -368,6 +369,10 @@ struct kimage {
 	void *elf_headers;
 	unsigned long elf_headers_sz;
 	unsigned long elf_load_addr;
+
+	KABI_RESERVE(0);
+	KABI_RESERVE(1);
+	KABI_RESERVE(2);
 };
 
 /* kexec interface functions */
-- 
Gitee


From 67890e968b4e1fdda49fdf7c0d95ac75aba68ef3 Mon Sep 17 00:00:00 2001
From: GUO Zihua <guozihua@huawei.com>
Date: Thu, 28 Dec 2023 03:18:53 +0000
Subject: [PATCH 2/2] ima: kabi: KABI reservation for IMA

hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I8RI9L

--------------------------------

KABI reservation for IMA and related modules.

Signed-off-by: GUO Zihua <guozihua@huawei.com>
---
 include/linux/fs.h             | 2 ++
 include/linux/user_namespace.h | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/include/linux/fs.h b/include/linux/fs.h
index fb5accebdcdf..b4e8289ae361 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -43,6 +43,7 @@
 #include <linux/cred.h>
 #include <linux/mnt_idmapping.h>
 #include <linux/slab.h>
+#include <linux/kabi.h>
 
 #include <asm/byteorder.h>
 #include <uapi/linux/fs.h>
@@ -1027,6 +1028,7 @@ struct file {
 	struct address_space	*f_mapping;
 	errseq_t		f_wb_err;
 	errseq_t		f_sb_err; /* for syncfs */
+	KABI_RESERVE(0);
 } __randomize_layout
   __attribute__((aligned(4)));	/* lest something weird decides that 2 is OK */
 
diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
index 45f09bec02c4..e3d858bdd962 100644
--- a/include/linux/user_namespace.h
+++ b/include/linux/user_namespace.h
@@ -10,6 +10,7 @@
 #include <linux/rwsem.h>
 #include <linux/sysctl.h>
 #include <linux/err.h>
+#include <linux/kabi.h>
 
 #define UID_GID_MAP_MAX_BASE_EXTENTS 5
 #define UID_GID_MAP_MAX_EXTENTS 340
@@ -102,6 +103,7 @@ struct user_namespace {
 	struct ucounts		*ucounts;
 	long ucount_max[UCOUNT_COUNTS];
 	long rlimit_max[UCOUNT_RLIMIT_COUNTS];
+	KABI_RESERVE(0);
 } __randomize_layout;
 
 struct ucounts {
-- 
Gitee