- 07 Mar, 2019 2 commits
-
-
Wen Yang authored
The of_find_device_by_node() takes a reference to the underlying device structure, we should release that reference. Fixes: 35af6403 ("crypto: caam - Check for CAAM block presence before registering with crypto layer") Fixes: b189817c ("crypto: caam/qi - add ablkcipher and authenc algorithms") Reviewed-by:
Horia Geantă <horia.geanta@nxp.com> Signed-off-by:
Wen Yang <yellowriver2010@hotmail.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Kamil Konieczny authored
Commit 0918f18c ("crypto: s5p - add AES support for Exynos5433") introduced bug in dereferencing clk_names[1] on platforms different from Exynos5433. On Exynos board XU3 call trace is: "Unable to handle kernel paging request at virtual address 00004000" (strcmp) from [<c0774014>] (of_property_match_string+0x58/0xd0) ... (devm_clk_get) from [<c075c248>] (s5p_aes_probe+0xd4/0x4a0) (s5p_aes_probe) from [<c059dbc4>] (platform_drv_probe+0x6c/0xa4) Fix this by setting array clk_names size to 2. Fixes: 0918f18c ("crypto: s5p - add AES support for Exynos5433") Reported-by:
Krzysztof Kozlowski <krzk@kernel.org> Signed-off-by:
Kamil Konieczny <k.konieczny@partner.samsung.com> Reviewed-by:
-
- 28 Feb, 2019 16 commits
-
-
Kamil Konieczny authored
Add AES crypto HW acceleration for Exynos5433, with the help of SlimSSS IP. Reviewed-by:
-
Kamil Konieczny authored
Document DT bindings for crypto Samsung Exynos5433 SlimSSS (Slim Security SubSystem) IP. Signed-off-by:
-
Julia Lawall authored
Add an of_node_put when a tested device node is not available. The semantic patch that fixes this problem is as follows (http://coccinelle.lip6.fr): // <smpl> @@ identifier f; local idexpression e; expression x; @@ e = f(...); ... when != of_node_put(e) when != x = e when != e = x when any if (<+...of_device_is_available(e)...+>) { ... when != of_node_put(e) ( return e; | + of_node_put(e); return ...; ) } // </smpl> Fixes: 5343e674 ("crypto4xx: integrate ppc4xx-rng into crypto4xx") Signed-off-by:
Julia Lawall <Julia.Lawall@lip6.fr> Signed-off-by:
-
Eric Biggers authored
The cavium/zip implementation of the deflate compression algorithm is incorrectly being registered under the generic driver name, which prevents the generic implementation from being registered with the crypto API when CONFIG_CRYPTO_DEV_CAVIUM_ZIP=y. Similarly the lzs algorithm (which does not currently have a generic implementation...) is incorrectly being registered as lzs-generic. Fix the naming collision by adding a suffix "-cavium" to the cra_driver_name of the cavium/zip algorithms. Fixes: 640035a2 ("crypto: zip - Add ThunderX ZIP driver core") Cc: Mahipal Challa <mahipalreddy2006@gmail.com> Cc: Jan Glauber <jglauber@cavium.com> Signed-off-by:
Eric Biggers <ebiggers@google.com> Signed-off-by:
-
Gustavo A. R. Silva authored
Make use of the struct_size() helper instead of an open-coded version in order to avoid any potential type mistakes, in particular in the context in which this code is being used. So, change the following form: sizeof(*sgl) + sizeof(sgl->sg[0]) * (MAX_SGL_ENTS + 1) to : struct_size(sgl, sg, MAX_SGL_ENTS + 1) This code was detected with the help of Coccinelle. Signed-off-by:
Gustavo A. R. Silva <gustavo@embeddedor.com> Signed-off-by:
-
Chengguang Xu authored
unlikely has already included in IS_ERR(), so just remove redundant likely/unlikely annotation. Signed-off-by:
Chengguang Xu <cgxu519@gmx.com> Reviewed-by:
-
Kamil Konieczny authored
Fix bug "s5p-sss crypto driver doesn't set next AES-CBC IV". While at this, fix also AES-CTR mode. Tested on Odroid U3 with Eric Biggers branch "iv-out-testing". Signed-off-by:
Eric Biggers <ebiggers@kernel.org> Reviewed-by:
-
Tommi Hirvola authored
1-block SSE2 variant of poly1305 stores variables s1..s4 containing key material on the stack. This commit adds missing zeroing of the stack memory. Benchmarks show negligible performance hit (tested on i7-3770). Signed-off-by:
Tommi Hirvola <tommi@hirvola.fi> Signed-off-by:
-
Horia Geantă authored
When generating a split key or hashing the key, DMA mapping the key buffers coming directly from user is incorrect, since they are not guaranteed to be DMAable. Update driver to first copy user-provided key in the output buffer ("key_out") and then use this buffer for in-place computation (split key generation, respectively key hashing). Signed-off-by: -
Horia Geantă authored
Fix a side effect of adding xcbc support, which leads to DMA mapping the key twice. Fixes: 12b8567f ("crypto: caam - add support for xcbc(aes)") Signed-off-by:
-
Franck LENORMAND authored
When driver started using state->caam_ctxt for storing both running hash and final hash, it was not updated to handle different DMA unmap lengths. Cc: <stable@vger.kernel.org> # v4.19+ Fixes: c19650d6 ("crypto: caam - fix DMA mapping of stack memory") Signed-off-by:
Franck LENORMAND <franck.lenormand@nxp.com> Signed-off-by:
-
Jonas Gorski authored
BCM63XX (MIPS) does not use device tree, so there cannot be any of_device_id, causing the driver to fail on probe: [ 0.904564] bcm2835-rng: probe of bcm63xx-rng failed with error -22 Fix this by checking for match data only if we are probing from device tree. Fixes: 8705f24f ("hwrng: bcm2835 - Enable BCM2835 RNG to work on BCM63xx platforms") Signed-off-by:
Jonas Gorski <jonas.gorski@gmail.com> Acked-by:
Florian Fainelli <f.fainelli@gmail.com> Signed-off-by:
-
Krzysztof Kozlowski authored
Replace hard coded AES block size with define. Signed-off-by:
-
Mao Wenan authored
There is no need to have the struct stm32_hash_dev *hdev static since new value always be assigned before use it. Signed-off-by:
Mao Wenan <maowenan@huawei.com> Signed-off-by:
-
Atul Gupta authored
Fixed Traffic Stall caused by - Subcommands except last should have more bit set - For esn case subcommand is required for linear skb only - Also Optimized is_eth_imm usage Signed-off-by:
Atul Gupta <atul.gupta@chelsio.com> Signed-off-by:
-
YueHaibing authored
Fixes gcc '-Wunused-but-set-variable' warning: drivers/crypto/marvell/cipher.c: In function 'mv_cesa_skcipher_dma_req_init': drivers/crypto/marvell/cipher.c:325:15: warning: variable 'ivsize' set but not used [-Wunused-but-set-variable] It's not used any more after 0c99620f ("crypto: marvell - Use an unique pool to copy results of requests") Signed-off-by:
YueHaibing <yuehaibing@huawei.com> Signed-off-by:
-
- 22 Feb, 2019 17 commits
-
-
Lendacky, Thomas authored
The current content of some of the driver messages and the way that they are issued results in some confusion, especially in the area of the PSP as it relates to SEV support. If SEV is not supported, a message is issued that says "psp initialization failed." This makes it seem like there was a problem, when in fact, the PSP support is just disabled if SEV is not supported. Update the driver to check SEV support a bit earlier and issue a debug- level message if SEV is not supported, followed by a debug-level message that the PSP is disabled. This way you will only see PSP messages if SEV is supported or if debug information is desired. Also, remove the overall "enabled" and "disabled" messages for the driver and rely on the CCP and PSP support to issue component-specific messages. Signed-off-by:
Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by:
-
Eric Biggers authored
Add 1536 and 4096-byte Adiantum test vectors so that the case where there are multiple NH hashes is tested. This is already tested by the nhpoly1305 test vectors, but it should be tested at the Adiantum level too. Moreover the 4096-byte case is especially important. As with the other Adiantum test vectors, these were generated by the reference Python implementation at https://github.com/google/adiantum and then automatically formatted for testmgr by a script. Signed-off-by:
-
Eric Biggers authored
This is needed to test that the end of the message is zero-padded when the length is not a multiple of 16 (NH_MESSAGE_UNIT). It's already tested indirectly by the 31-byte Adiantum test vector, but it should be tested directly at the nhpoly1305 level too. As with the other nhpoly1305 test vectors, this was generated by the reference Python implementation at https://github.com/google/adiantum and then automatically formatted for testmgr by a script. Signed-off-by:
-
Eric Biggers authored
Make the arm ctr-aes-ce algorithm update the IV buffer to contain the next counter after processing a partial final block, rather than leave it as the last counter. This makes ctr-aes-ce pass the updated AES-CTR tests. This change also makes the code match the arm64 version in arch/arm64/crypto/aes-modes.S more closely. Signed-off-by:
-
Eric Biggers authored
Make the arm64 ctr-aes-neon and ctr-aes-ce algorithms update the IV buffer to contain the next counter after processing a partial final block, rather than leave it as the last counter. This makes these algorithms pass the updated AES-CTR tests. Signed-off-by:
-
Eric Biggers authored
Test that all CTR implementations update the IV buffer to contain the next counter block, aka the IV to continue the encryption/decryption of a larger message. When the length processed is a multiple of the block size, users may rely on this for chaining. When the length processed is *not* a multiple of the block size, simple chaining doesn't work. However, as noted in commit 88a3f582 ("crypto: arm64/aes - don't use IV buffer to return final keystream block"), the generic CCM implementation assumes that the CTR IV is handled in some sane way, not e.g. overwritten with part of the keystream. Since this was gotten wrong once already, it's desirable to test for it. And, the most straightforward way to do this is to enforce that all CTR implementations have the same behavior as the generic implementation, which returns the *next* counter following the final partial block. This behavior also has the advantage that if someone does misuse this case for chaining, then the keystream won't be repeated. Thus, this patch makes the tests expect this behavior. Signed-off-by:
-
Eric Biggers authored
Test that all CBC implementations update the IV buffer to contain the last ciphertext block, aka the IV to continue the encryption/decryption of a larger message. Users may rely on this for chaining. Signed-off-by:
-
Eric Biggers authored
Allow skcipher test vectors to declare the value the IV buffer should be updated to at the end of the encryption or decryption operation. (This check actually used to be supported in testmgr, but it was never used and therefore got removed except for the AES-Keywrap special case. But it will be used by CBC and CTR now, so re-add it.) Signed-off-by:
-
Eric Biggers authored
3DES only has an 8-byte block size, but the 3DES-CTR test vectors use 16-byte IVs. Remove the unused 8 bytes from the ends of the IVs. Signed-off-by:
-
Zhang Zhijie authored
For chain mode in cipher(eg. AES-CBC/DES-CBC), the iv is continuously updated in the operation. The new iv value should be written to device register by software. Reported-by:
Zhang Zhijie <zhangzj@rock-chips.com> Signed-off-by:
-
Zhang Zhijie authored
In some cases, the nents of src scatterlist is different from dst scatterlist. So two variables are used to handle the nents of src&dst scatterlist. Reported-by:
-
Gustavo A. R. Silva authored
Add missing break statement in order to prevent the code from falling through to case S_DIN_to_DES. This bug was found thanks to the ongoing efforts to enable -Wimplicit-fallthrough. Fixes: 63ee04c8 ("crypto: ccree - add skcipher support") Cc: stable@vger.kernel.org Signed-off-by:
-
Horia Geantă authored
Add cpu_relax() in the loop that tries to enqueue the FDs. Signed-off-by:
-
Horia Geantă authored
Avoid console being flooded with prints in case HW is too busy to accept new enqueue requests. Signed-off-by:
-
Horia Geantă authored
Driver was relying on an older DPIO API, which provided a CPU-affine DPIO in case it was called with preemption disabled. Since this is no longer the case, save the CPU-affine DPIO in per-cpu private structure during setup and further use it on the hot path. Note that preemption is no longer disabled while trying to enqueue an FD. Thus it might be possible to run the enqueue on a different CPU (due to migration, when in process context), however this wouldn't be a functionality issue. Since we allow for all cores to enqueue, we take care of data structures setup to handle the case when number of (Rx, Tx) queue pairs is smaller than number of cores. Signed-off-by:
-
Sebastian Andrzej Siewior authored
Last user of cdev_list_lock was removed in commit 6422ccc5 ("crypto/chelsio/chtls: listen fails with multiadapt") Cc: Atul Gupta <atul.gupta@chelsio.com> Cc: Harsh Jain <harsh@chelsio.com> Signed-off-by:
Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/leo/linuxHerbert Xu authored
Pull changes from Freescale SoC drivers tree that are required by subsequent caam/qi2 patches.
-
- 15 Feb, 2019 4 commits
-
-
Iuliana Prodan authored
Modify setkey callback for cbc des and 3des to check for weak keys. Signed-off-by:
Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by:
-
Iuliana Prodan authored
Add ecb mode support for aes, des, 3des and arc4 ciphers. ecb(*) reuses existing skcipher implementation, updating it with support for no IV. Signed-off-by:
-
Iuliana Prodan authored
Some arc4 cipher algorithm defines show up in two places: crypto/arc4.c and drivers/crypto/bcm/cipher.h. Let's export them in a common header and update their users. Signed-off-by:
-
Iuliana Prodan authored
The mapped_{src,dst}_nents _returned_ from the dma_map_sg call (which could be less than src/dst_nents) have to be used to generate the aead, skcipher job descriptors. Signed-off-by:
-
- 08 Feb, 2019 1 commit
-
-
Herbert Xu authored
This patch removes an unused label. Reported-by:
Stephen Rothwell <sfr@canb.auug.org.au> Fixes: f0fcf9ad ("crypto: qat - no need to check return...") Signed-off-by:
-
