1. 27 Oct, 2023 7 commits
    • Eric Biggers's avatar
      crypto: stm32 - remove unnecessary alignmask · 0174275a
      Eric Biggers authored
      The stm32 crc32 algorithms set a nonzero alignmask, but they don't seem
      to actually need it.  Their ->update function already has code that
      handles aligning the data to the same alignment that the alignmask
      specifies, their ->setkey function already uses get_unaligned_le32(),
      and their ->final function already uses put_unaligned_le32().
      Therefore, stop setting the alignmask.  This will allow these algorithms
      to keep being registered after alignmask support is removed from shash.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      0174275a
    • Eric Biggers's avatar
      crypto: sparc/crc32c - stop using the shash alignmask · 99240038
      Eric Biggers authored
      As far as I can tell, "crc32c-sparc64" is the only "shash" algorithm in
      the kernel that sets a nonzero alignmask and actually relies on it to
      get the crypto API to align the inputs and outputs.  This capability is
      not really useful, though.  To unblock removing the support for
      alignmask from shash_alg, this patch updates crc32c-sparc64 to no longer
      use the alignmask.  This means doing 8-byte alignment of the data when
      doing an update, using get_unaligned_le32() when setting a non-default
      initial CRC, and using put_unaligned_le32() to output the final CRC.
      
      Partially tested with:
      
          export ARCH=sparc64 CROSS_COMPILE=sparc64-linux-gnu-
          make sparc64_defconfig
          echo CONFIG_CRYPTO_CRC32C_SPARC64=y >> .config
          echo '# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set' >> .config
          echo CONFIG_DEBUG_KERNEL=y >> .config
          echo CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y >> .config
          make olddefconfig
          make -j$(getconf _NPROCESSORS_ONLN)
          qemu-system-sparc64 -kernel arch/sparc/boot/image  -nographic
      
      However, qemu doesn't actually support the sparc CRC32C instructions, so
      for the test I temporarily replaced crc32c_sparc64() with __crc32c_le()
      and made sparc64_has_crc32c_opcode() always return true.  So essentially
      I tested the glue code, not the actual SPARC part which is unchanged.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      99240038
    • Eric Biggers's avatar
      crypto: shash - eliminate indirect call for default import and export · 08debaa5
      Eric Biggers authored
      Most shash algorithms don't have custom ->import and ->export functions,
      resulting in the memcpy() based default being used.  Yet,
      crypto_shash_import() and crypto_shash_export() still make an indirect
      call, which is expensive.  Therefore, change how the default import and
      export are called to make it so that crypto_shash_import() and
      crypto_shash_export() don't do an indirect call in this case.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      08debaa5
    • Om Prakash Singh's avatar
      dt-bindings: crypto: qcom,prng: document SA8775P and SC7280 · a411f6de
      Om Prakash Singh authored
      Document SA8775P and SC7280 compatible for the True Random Number
      Generator.
      Signed-off-by: default avatarOm Prakash Singh <quic_omprsing@quicinc.com>
      Reviewed-by: default avatarKrzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
      Reviewed-by: default avatarBjorn Andersson <andersson@kernel.org>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      a411f6de
    • Herbert Xu's avatar
      crypto: rsa - Add module alias for pkcs1pad · f5fb88e5
      Herbert Xu authored
      Add a module alias for pkcs1pas so that it can be auto-loaded by
      modprobe.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      f5fb88e5
    • Herbert Xu's avatar
      certs: Break circular dependency when selftest is modular · 04a93202
      Herbert Xu authored
      The modular build fails because the self-test code depends on pkcs7
      which in turn depends on x509 which contains the self-test.
      
      Split the self-test out into its own module to break the cycle.
      
      Fixes: 3cde3174 ("certs: Add FIPS selftests")
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      Reviewed-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      04a93202
    • WangJinchao's avatar
      padata: Fix refcnt handling in padata_free_shell() · 7ddc21e3
      WangJinchao authored
      In a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead
      to system UAF (Use-After-Free) issues. Due to the lengthy analysis of
      the pcrypt_aead01 function call, I'll describe the problem scenario
      using a simplified model:
      
      Suppose there's a user of padata named `user_function` that adheres to
      the padata requirement of calling `padata_free_shell` after `serial()`
      has been invoked, as demonstrated in the following code:
      
      ```c
      struct request {
          struct padata_priv padata;
          struct completion *done;
      };
      
      void parallel(struct padata_priv *padata) {
          do_something();
      }
      
      void serial(struct padata_priv *padata) {
          struct request *request = container_of(padata,
          				struct request,
      				padata);
          complete(request->done);
      }
      
      void user_function() {
          DECLARE_COMPLETION(done)
          padata->parallel = parallel;
          padata->serial = serial;
          padata_do_parallel();
          wait_for_completion(&done);
          padata_free_shell();
      }
      ```
      
      In the corresponding padata.c file, there's the following code:
      
      ```c
      static void padata_serial_worker(struct work_struct *serial_work) {
          ...
          cnt = 0;
      
          while (!list_empty(&local_list)) {
              ...
              padata->serial(padata);
              cnt++;
          }
      
          local_bh_enable();
      
          if (refcount_sub_and_test(cnt, &pd->refcnt))
              padata_free_pd(pd);
      }
      ```
      
      Because of the high system load and the accumulation of unexecuted
      softirq at this moment, `local_bh_enable()` in padata takes longer
      to execute than usual. Subsequently, when accessing `pd->refcnt`,
      `pd` has already been released by `padata_free_shell()`, resulting
      in a UAF issue with `pd->refcnt`.
      
      The fix is straightforward: add `refcount_dec_and_test` before calling
      `padata_free_pd` in `padata_free_shell`.
      
      Fixes: 07928d9b ("padata: Remove broken queue flushing")
      Signed-off-by: default avatarWangJinchao <wangjinchao@xfusion.com>
      Acked-by: default avatarDaniel Jordan <daniel.m.jordan@oracle.com>
      Acked-by: default avatarDaniel Jordan <daniel.m.jordan@oracle.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      7ddc21e3
  2. 20 Oct, 2023 26 commits
  3. 14 Oct, 2023 1 commit
    • Weili Qian's avatar
      crypto: hisilicon/qm - alloc buffer to set and get xqc · 5b90073d
      Weili Qian authored
      If the temporarily applied memory is used to set or get the xqc
      information, the driver releases the memory immediately after the
      hardware mailbox operation time exceeds the driver waiting time.
      However, the hardware does not cancel the operation, so the hardware
      may write data to released memory.
      
      Therefore, when the driver is bound to a device, the driver reserves
      memory for the xqc configuration. The subsequent xqc configuration
      uses the reserved memory to prevent hardware from accessing the
      released memory.
      Signed-off-by: default avatarWeili Qian <qianweili@huawei.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      5b90073d
  4. 13 Oct, 2023 6 commits