- 03 Jun, 2009 1 commit
-
-
Alexander Clouter authored
Fixed oops when calling device_unregister followed by device_register (changing __init to __devinit) and removed request_mem_region() as platform_device_register already does this which can result in EBUSY Signed-off-by:
Alexander Clouter <alex@digriz.org.uk> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
- 02 Jun, 2009 34 commits
-
-
Alex Riesen authored
Besdies, for the old code, gcc-4.3.3 produced this warning: "format not a string literal and no format arguments" Signed-off-by:
Alex Riesen <raa.lkml@gmail.com> Signed-off-by:
-
Herbert Xu authored
As it stands we will each test hash vector both linearly and as a scatter list if applicable. This means that we cannot have vectors longer than a page, even with scatter lists. This patch fixes this by skipping test vectors with np != 0 when testing linearly. Signed-off-by: -
Herbert Xu authored
As we cannot guarantee the availability of contiguous pages at run-time, all test vectors must either fit within a page, or use scatter lists. In some cases vectors were not checked as to whether they fit inside a page. This patch adds all the missing checks. Signed-off-by: -
Mike Frysinger authored
The remove member of the pci_driver hifn_pci_driver uses __devexit_p(), so the remove function itself should be marked with __devexit. And where there be __devexit on the remove, so is there __devinit on the probe. Similarly, the module_init/module_exit functions should be declared with plain __init/__exit markings, not the hotplug __dev{init,exit} ones. Signed-off-by:Mike Frysinger <vapier@gentoo.org> Acked-by:
Evgeniy Polyakov <zbr@ioremap.net> CC: Patrick McHardy <kaber@trash.net> Signed-off-by:
-
Jarod Wilson authored
At present, the tcrypt module always exits with an -EAGAIN upon successfully completing all the tests its been asked to run. In fips mode, integrity checking is done by running all self-tests from the initrd, and its much simpler to check the ret from modprobe for success than to scrape dmesg and/or /proc/crypto. Simply stay loaded, giving modprobe a retval of 0, if self-tests all pass and we're in fips mode. A side-effect of tracking success/failure for fips mode is that in non-fips mode, self-test failures will return the actual failure return codes, rather than always returning -EAGAIN, which seems more correct anyway. The tcrypt_test() portion of the patch is dependent on my earlier pair of patches that skip non-fips algs in fips mode, at least to achieve the fully intended behavior. Nb: testing this patch against the cryptodev tree revealed a test failure for sha384, which I have yet to look into... Signed-off-by:
Jarod Wilson <jarod@redhat.com> Acked-by:
Neil Horman <nhorman@tuxdriver.com> Signed-off-by:
-
Geert Uytterhoeven authored
If crypto_{,de}compress_{update,final}() succeed, return the actual number of bytes produced instead of zero, so their users don't have to calculate that theirselves. Signed-off-by:Geert Uytterhoeven <Geert.Uytterhoeven@sonycom.com> Signed-off-by:
-
Harald Welte authored
Fix Kconfig to build via-rng.ko on X86_64 builds, as the VIA Nano CPU supports x86_64, too. Signed-off-by:
Harald Welte <HaraldWelte@viatech.com> Signed-off-by:
-
Harald Welte authored
The VIA Nano CPU supports the same XSTORE instruction based RNG, but it lacks the MSR present in earlier CPUs. Signed-off-by:
-
Harald Welte authored
This is a cosmetic change, fixing the MODULE_DESCRIPTION() of via-rng.c Signed-off-by:
-
Jarod Wilson authored
Because all fips-allowed algorithms must be self-tested before they can be used, they will all have entries in testmgr.c's alg_test_descs[]. Skip self-tests for any algs not flagged as fips_approved and return -EINVAL when in fips mode. Signed-off-by:
-
Jarod Wilson authored
Set the fips_allowed flag in testmgr.c's alg_test_descs[] for algs that are allowed to be used when in fips mode. One caveat: des isn't actually allowed anymore, but des (and thus also ecb(des)) has to be permitted, because disallowing them results in des3_ede being unable to properly register (see des module init func). Also, crc32 isn't technically on the fips approved list, but I think it gets used in various places that necessitate it being allowed. This list is based on http://csrc.nist.gov/groups/STM/cavp/index.html Important note: allowed/approved here does NOT mean "validated", just that its an alg that *could* be validated. Signed-off-by:
-
Jarod Wilson authored
Now with multi-block test vectors, all from SP800-38A, Appendix F.5. Also added ctr(aes) to case 10 in tcrypt. Signed-off-by:
-
Herbert Xu authored
We currently allocate temporary memory that is used for testing statically. This renders the testing engine non-reentrant. As algorithms may nest, i.e., one may construct another in order to carry out a part of its operation, this is unacceptable. For example, it has been reported that an AEAD implementation allocates a cipher in its setkey function, which causes it to fail during testing as the temporary memory is overwritten. This patch replaces the static memory with dynamically allocated buffers. We need a maximum of 16 pages so this slightly increases the chances of an algorithm failing due to memory shortage. However, as testing usually occurs at registration, this shouldn't be a big problem. Reported-by:
Shasi Pulijala <spulijala@amcc.com> Signed-off-by:
-
Jarod Wilson authored
According to our FIPS CAVS testing lab guru, when we're in fips mode, we must print out notices of successful self-test completion for every alg to be compliant. New and improved v2, without strncmp crap. Doesn't need to touch a flag though, due to not moving the notest label around anymore. Applies atop '[PATCH v2] crypto: catch base cipher self-test failures in fips mode'. Personally, I wouldn't mind seeing this info printed out regardless of whether or not we're in fips mode, I think its useful info, but will stick with only in fips mode for now. Signed-off-by:
-
Jarod Wilson authored
Signed-off-by:
-
Jarod Wilson authored
Add ANSI X9.31 Continuous Pseudo-Random Number Generator (AES mode), aka 'ansi_cprng' test vectors, taken from Appendix B.2.9 and B.2.10 of the NIST RNGVS document, found here: http://csrc.nist.gov/groups/STM/cavp/documents/rng/RNGVS.pdf Successfully tested against both the cryptodev-2.6 tree and a Red Hat Enterprise Linux 5.4 kernel, via 'modprobe tcrypt mode=150'. The selection of 150 was semi-arbitrary, didn't seem like it should go any place in particular, so I started a new range for rng tests. Signed-off-by: -
Jarod Wilson authored
Add some necessary infrastructure to make it possible to run self-tests for ansi_cprng. The bits are likely very specific to the ANSI X9.31 CPRNG in AES mode, and thus perhaps should be named more specifically if/when we grow additional CPRNG support... Successfully tested against the cryptodev-2.6 tree and a Red Hat Enterprise Linux 5.x kernel with the follow-on patch that adds the actual test vectors. Signed-off-by:
-
Jarod Wilson authored
Add an array of encryption and decryption + verification self-tests for rfc4309(ccm(aes)). Test vectors all come from sample FIPS CAVS files provided to Red Hat by a testing lab. Unfortunately, all the published sample vectors in RFC 3610 and NIST Special Publication 800-38C contain nonce lengths that the kernel's rfc4309 implementation doesn't support, so while using some public domain vectors would have been preferred, its not possible at this time. Signed-off-by:
-
Jarod Wilson authored
Add infrastructure to tcrypt/testmgr to support handling ccm decryption test vectors that are expected to fail verification. Signed-off-by:
-
Herbert Xu authored
When we added 64-bit support to padlock the dependency on x86 was lost. This causes build failures on non-x86 architectures. Reported-by:
Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by:
-
Sebastian Andrzej Siewior authored
Almost everything stays the same, we need just to use the extended registers on the bit variant. Signed-off-by:
Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Signed-off-by:
-
Kim Phillips authored
the ICV check bit only gets set in decrypt entry points Signed-off-by:
Kim Phillips <kim.phillips@freescale.com> Signed-off-by:
-
Kim Phillips authored
no functional changes. Signed-off-by:
-
Kim Phillips authored
no functional changes. Signed-off-by:
-
Lee Nipper authored
Add these ablkcipher algorithms: cbc(aes), cbc(des3_ede). Added handling of chained scatterlists with zero length entry because eseqiv uses it. Added new map and unmap routines. Signed-off-by:
Lee Nipper <lee.nipper@gmail.com> Signed-off-by:
-
Lee Nipper authored
This patch is preparation for adding new algorithm types. Some elements which are AEAD specific were renamed. The algorithm template structure was changed to use crypto_alg, and talitos_alg_alloc was made more general with respect to algorithm types. ipsec_esp_edesc is renamed to talitos_edesc to use it in the upcoming ablkcipher routines. Signed-off-by:
-
Uwe Kleine-König authored
A pointer to omap_rng_probe is passed to the core via platform_driver_register and so the function must not disappear when the .init sections are discarded. Otherwise (if also having HOTPLUG=y) unbinding and binding a device to the driver via sysfs will result in an oops as does a device being registered late. An alternative to this patch is using platform_driver_probe instead of platform_driver_register plus removing the pointer to the probe function from the struct platform_driver. Signed-off-by:
Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Cc: Russell King <rmk+kernel@arm.linux.org.uk> Cc: David Brownell <dbrownell@users.sourceforge.net> Cc: Patrick McHardy <kaber@trash.net> Cc: Jan Engelhardt <jengelh@gmx.de> Cc: Michael Buesch <mb@bu3sch.de> Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
-
Geert Uytterhoeven authored
make C=1: | crypto/pcompress.c:77:5: warning: symbol 'crypto_register_pcomp' was not declared. Should it be static? | crypto/pcompress.c:89:5: warning: symbol 'crypto_unregister_pcomp' was not declared. Should it be static? Signed-off-by:
-
Geert Uytterhoeven authored
make C=1: | crypto/testmgr.c:846:45: warning: incorrect type in argument 5 (different signedness) | crypto/testmgr.c:846:45: expected unsigned int *dlen | crypto/testmgr.c:846:45: got int *<noident> | crypto/testmgr.c:878:47: warning: incorrect type in argument 5 (different signedness) | crypto/testmgr.c:878:47: expected unsigned int *dlen | crypto/testmgr.c:878:47: got int *<noident> Signed-off-by:
-
Huang Ying authored
Because kernel_fpu_begin() and kernel_fpu_end() operations are too slow, the performance gain of general mode implementation + aes-aesni is almost all compensated. The AES-NI support for more modes are implemented as follow: - Add a new AES algorithm implementation named __aes-aesni without kernel_fpu_begin/end() - Use fpu(<mode>(AES)) to provide kenrel_fpu_begin/end() invoking - Add <mode>(AES) ablkcipher, which uses cryptd(fpu(<mode>(AES))) to defer cryption to cryptd context in soft_irq context. Now the ctr, lrw, pcbc and xts support are added. Performance testing based on dm-crypt shows that cryption time can be reduced to 50% of general mode implementation + aes-aesni implementation. Signed-off-by:
Huang Ying <ying.huang@intel.com> Signed-off-by:
-
Huang Ying authored
Blkcipher touching FPU need to be enclosed by kernel_fpu_begin() and kernel_fpu_end(). If they are invoked in cipher algorithm implementation, they will be invoked for each block, so that performance will be hurt, because they are "slow" operations. This patch implements "fpu" template, which makes these operations to be invoked for each request. Signed-off-by:
-
Huang Ying authored
Use crypto_alloc_base() instead of crypto_alloc_ablkcipher() to allocate underlying tfm in cryptd_alloc_ablkcipher. Because crypto_alloc_ablkcipher() prefer GENIV encapsulated crypto instead of raw one, while cryptd_alloc_ablkcipher needed the raw one. Signed-off-by:
-
Johannes Weiner authored
Use kzfree() instead of memset() + kfree(). Signed-off-by:
Johannes Weiner <hannes@cmpxchg.org> Reviewed-by:
Pekka Enberg <penberg@cs.helsinki.fi> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
-
Frank Seidel authored
Applying kernel janitors todos (printk calls need KERN_* constants on linebeginnings, reduce stack footprint where possible) to tcrypts test_hash_speed (where stacks memory footprint was very high (on i386 1184 bytes to 160 now). Signed-off-by:
Frank Seidel <frank@f-seidel.de> Acked-by:
-
- 31 May, 2009 1 commit
-
-
Herbert Xu authored
A quirk that we've always supported is having an sg entry that's bigger than a page, or more generally an sg entry that crosses page boundaries. Even though it would be better to explicitly have to sg entries for this, we need to support it for the existing users, in particular, IPsec. The new ahash sg walking code did try to handle this, but there was a bug where we didn't increment the page so kept on walking on the first page over an dover again. This patch fixes it. Tested-by:
Martin Willi <martin@strongswan.org> Signed-off-by:
-
- 29 May, 2009 4 commits
-
-
git://git.infradead.org/~dwmw2/mtd-2.6.30Linus Torvalds authored
* git://git.infradead.org/~dwmw2/mtd-2.6.30: jffs2: Fix corruption when flash erase/write failure mtd: MXC NAND driver fixes (v5)
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6: Revert "USB: Correct Makefile to make isp1760 buildable" usb-serial: fix crash when sub-driver updates firmware USB: isp1760: urb_dequeue doesn't always find the urbs USB: Yet another Conexant Clone to add to cdc-acm.c USB: atmel_usb_udc: Use kzalloc() to allocate ep structures USB: atmel-usba-udc : fix control out requests.
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core-2.6: Driver Core: do not oops when driver_unregister() is called for unregistered drivers sysfs: file.c: use create_singlethread_workqueue()
-
git://linux-nfs.org/~bfields/linuxLinus Torvalds authored
* 'for-2.6.30' of git://linux-nfs.org/~bfields/linux: svcrdma: dma unmap the correct length for the RPCRDMA header page. nfsd: Revert "svcrpc: take advantage of tcp autotuning" nfsd: fix hung up of nfs client while sync write data to nfs server
-
