- 26 Aug, 2022 18 commits
-
-
Jack Wang authored
dma_map_sg return 0 on error. Cc: Corentin Labbe <clabbe@baylibre.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-amlogic@lists.infradead.org Cc: linux-kernel@vger.kernel.org Signed-off-by:
Jack Wang <jinpu.wang@ionos.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Jack Wang authored
dma_map_sg return 0 on error, fix the error check and return -EIO to caller. Cc: Thara Gopinath <thara.gopinath@gmail.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-arm-msm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by:
-
Jack Wang authored
dma_map_sg return 0 on error, it returns the number of DMA address segments mapped (this may be shorter than <nents> passed in if some elements of the scatter/gather list are physically or virtually adjacent and an IOMMU maps them with a single entry). Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by:
-
Jack Wang authored
dma_map_sg return 0 on error. Cc: Corentin Labbe <clabbe@baylibre.com> Cc: Hans Ulli Kroll <ulli.kroll@googlemail.com> Cc: Linus Walleij <linus.walleij@linaro.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org Cc: linux-kernel@vger.kernel.org Signed-off-by:
Linus Walleij <linus.walleij@linaro.org> Signed-off-by:
-
Wolfram Sang authored
Follow the advice of the below link and prefer 'strscpy' in this subsystem. Conversion is 1:1 because the return value is not used. Generated by a coccinelle script. Link: https://lore.kernel.org/r/CAHk-=wgfRnXz0W3D37d01q3JFkr_i_uTL=V6A6G1oUZcprmknw@mail.gmail.com/Signed-off-by:
Wolfram Sang <wsa+renesas@sang-engineering.com> Acked-by:
Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by:
-
Wolfram Sang authored
Follow the advice of the below link and prefer 'strscpy' in this subsystem. Conversion is 1:1 because the return value is not used. Generated by a coccinelle script. Link: https://lore.kernel.org/r/CAHk-=wgfRnXz0W3D37d01q3JFkr_i_uTL=V6A6G1oUZcprmknw@mail.gmail.com/Signed-off-by:
-
Neal Liu authored
Add HACE crypto driver to support symmetric-key encryption and decryption with multiple modes of operation. Signed-off-by:
Neal Liu <neal_liu@aspeedtech.com> Signed-off-by:
Johnny Huang <johnny_huang@aspeedtech.com> Reviewed-by:
Dhananjay Phadke <dphadke@linux.microsoft.com> Signed-off-by:
-
Neal Liu authored
Add device tree binding documentation for the Aspeed Hash and Crypto Engines (HACE) Controller. Signed-off-by:
Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Signed-off-by:
-
Neal Liu authored
Add hace node to device tree for AST2500/AST2600. Signed-off-by:
-
Neal Liu authored
Add HACE reset bit definition for AST2500/AST2600. Signed-off-by:
-
Neal Liu authored
Hash and Crypto Engine (HACE) is designed to accelerate the throughput of hash data digest, encryption, and decryption. Basically, HACE can be divided into two independently engines - Hash Engine and Crypto Engine. This patch aims to add HACE hash engine driver for hash accelerator. Signed-off-by:
-
Jacky Li authored
Currently the OS continues the PSP initialization when there is a write failure to the init_ex_file. Therefore, the userspace would be told that SEV is properly INIT'd even though the psp data file is not updated. This is problematic because later when asked for the SEV data, the OS won't be able to provide it. Fixes: 3d725965 ("crypto: ccp - Add SEV_INIT_EX support") Reported-by:
Peter Gonda <pgonda@google.com> Reported-by:
kernel test robot <lkp@intel.com> Signed-off-by:
Jacky Li <jackyli@google.com> Acked-by:
David Rientjes <rientjes@google.com> Acked-by:
Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by:
-
Jacky Li authored
Currently the OS fails the PSP initialization when the file specified at 'init_ex_path' does not exist or has invalid content. However the SEV spec just requires users to allocate 32KB of 0xFF in the file, which can be taken care of by the OS easily. To improve the robustness during the PSP init, leverage the retry mechanism and continue the init process: Before the first INIT_EX call, if the content is invalid or missing, continue the process by feeding those contents into PSP instead of aborting. PSP will then override it with 32KB 0xFF and return SEV_RET_SECURE_DATA_INVALID status code. In the second INIT_EX call, this 32KB 0xFF content will then be fed and PSP will write the valid data to the file. In order to do this, sev_read_init_ex_file should only be called once for the first INIT_EX call. Calling it again for the second INIT_EX call will cause the invalid file content overwriting the valid 32KB 0xFF data provided by PSP in the first INIT_EX call. Co-developed-by:
Alper Gun <alpergun@google.com> Acked-by:
-
Martin Kaiser authored
Replace hwrng_register with devm_hwrng_register and let devres unregister our hwrng when the device is removed. It's possible to do this now that devres also handles clock disable+uprepare. When we had to disable+unprepare the clock ourselves, we had to unregister the hwrng before this and couldn't use devres. There's nothing left to do for imx_rngc_remove, this function can go. Signed-off-by:
Martin Kaiser <martin@kaiser.cx> Signed-off-by:
-
Martin Kaiser authored
Use the new devm_clk_get_enabled function to get our clock. We don't have to disable and unprepare the clock ourselves any more in error paths and in the remove function. Signed-off-by:
-
Robert Elliott authored
The lists of algothms checked for existence by modprobe tcrypt mode=1000 generates three bogus errors: modprobe tcrypt mode=1000 console log: tcrypt: alg rot13 not found tcrypt: alg cts not found tcrypt: alg arc4 not found rot13 is not an algorithm in the crypto API or tested. cts is a wrapper, not a base algorithm. arc4 is named ecb(arc4), not arc4. Also, the list is missing numerous algorithms that are tested by other test modes: blake2b-512 blake2s-256 crct10dif xxhash64 ghash cast5 sm4 ansi_prng Several of the algorithms are only available if CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE is enabled: arc4 khazad seed tea, xtea, xeta Rather that fix that list, remove test mode=1000 entirely. It seems to have limited utility, and a web search shows no discussion of anybody using it. Suggested-by:Ard Biesheuvel <ardb@kernel.org> Signed-off-by:
Robert Elliott <elliott@hpe.com> Reviewed-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6Herbert Xu authored
Merge crypto tree to pick up backport of XOR_BLOCKS Kconfig fix.
-
Eric Biggers authored
CRYPTO_LIB_CHACHA_GENERIC doesn't need to select XOR_BLOCKS. It perhaps was thought that it's needed for __crypto_xor, but that's not the case. Enabling XOR_BLOCKS is problematic because the XOR_BLOCKS code runs a benchmark when it is initialized. That causes a boot time regression on systems that didn't have it enabled before. Therefore, remove this unnecessary and problematic selection. Fixes: e56e1898 ("lib/crypto: add prompts back to crypto libraries") Cc: stable@vger.kernel.org Signed-off-by:
Eric Biggers <ebiggers@google.com> Signed-off-by:
-
- 19 Aug, 2022 22 commits
-
-
Martin Kaiser authored
Use KBUILD_MODNAME instead of hard coding the driver name. Signed-off-by:
-
Tuo Cao authored
it is unnecessary to call spin_lock_bh in a tasklet. Signed-off-by:
Tuo Cao <91tuocao@gmail.com> Signed-off-by:
-
Robert Elliott authored
This userspace command: modprobe tcrypt or modprobe tcrypt mode=0 runs all the tcrypt test cases numbered <200 (i.e., all the test cases calling tcrypt_test() and returning return values). Tests are sparsely numbered from 0 to 1000. For example: modprobe tcrypt mode=12 tests sha512, and modprobe tcrypt mode=152 tests rfc4543(gcm(aes))) - AES-GCM as GMAC The test manager generates WARNING crashdumps every time it attempts a test using an algorithm that is not available (not built-in to the kernel or available as a module): alg: skcipher: failed to allocate transform for ecb(arc4): -2 ------------[ cut here ]----------- alg: self-tests for ecb(arc4) (ecb(arc4)) failed (rc=-2) WARNING: CPU: 9 PID: 4618 at crypto/testmgr.c:5777 alg_test+0x30b/0x510 [50 more lines....] ---[ end trace 0000000000000000 ]--- If the kernel is compiled with CRYPTO_USER_API_ENABLE_OBSOLETE disabled (the default), then these algorithms are not compiled into the kernel or made into modules and trigger WARNINGs: arc4 tea xtea khazad anubis xeta seed Additionally, any other algorithms that are not enabled in .config will generate WARNINGs. In RHEL 9.0, for example, the default selection of algorithms leads to 16 WARNING dumps. One attempt to fix this was by modifying tcrypt_test() to check crypto_has_alg() and immediately return 0 if crypto_has_alg() fails, rather than proceed and return a non-zero error value that causes the caller (alg_test() in crypto/testmgr.c) to invoke WARN(). That knocks out too many algorithms, though; some combinations like ctr(des3_ede) would work. Instead, change the condition on the WARN to ignore a return value is ENOENT, which is the value returned when the algorithm or combination of algorithms doesn't exist. Add a pr_warn to communicate that information in case the WARN is skipped. This approach allows algorithm tests to work that are combinations, not provided by one driver, like ctr(blowfish). Result - no more WARNINGs: modprobe tcrypt [ 115.541765] tcrypt: testing md5 [ 115.556415] tcrypt: testing sha1 [ 115.570463] tcrypt: testing ecb(des) [ 115.585303] cryptomgr: alg: skcipher: failed to allocate transform for ecb(des): -2 [ 115.593037] cryptomgr: alg: self-tests for ecb(des) using ecb(des) failed (rc=-2) [ 115.593038] tcrypt: testing cbc(des) [ 115.610641] cryptomgr: alg: skcipher: failed to allocate transform for cbc(des): -2 [ 115.618359] cryptomgr: alg: self-tests for cbc(des) using cbc(des) failed (rc=-2) ... Signed-off-by: -
Robert Elliott authored
x86 optimized crypto modules built as modules rather than built-in to the kernel end up as .ko files in the filesystem, e.g., in /usr/lib/modules. If the filesystem itself is a module, these might not be available when the crypto API is initialized, resulting in the generic implementation being used (e.g., sha512_transform rather than sha512_transform_avx2). In one test case, CPU utilization in the sha512 function dropped from 15.34% to 7.18% after forcing loading of the optimized module. Add module aliases for this x86 optimized crypto module based on CPU feature bits so udev gets a chance to load them later in the boot process when the filesystems are all running. Signed-off-by:
-
Weili Qian authored
Data in the hardware cache needs to be written back to the memory before the queue memory is released. Currently, the queue memory is applied for when the driver is loaded and released when the driver is removed. Therefore, the hardware cache does not need to be written back when process puts queue. Signed-off-by:
Weili Qian <qianweili@huawei.com> Signed-off-by:
Yang Shen <shenyang39@huawei.com> Signed-off-by:
-
Junchong Pan authored
The dump_show() is used to output hardware information for error locating. It is not need to apply for memory to temporarily store the converted data. It can directly output the data. Therefore, remove some unnecessary code. Signed-off-by:
Junchong Pan <panjunchong@hisilicon.com> Signed-off-by:
-
Weili Qian authored
In the function hisi_qm_memory_init(), if resource alloc fails after idr_init, the initialized qp_idr needs to be destroyed. Signed-off-by:
-
Weili Qian authored
hpre_cluster_inqry_write() always returns 0. So change the type of hpre_cluster_inqry_write() to void. Signed-off-by:
-
Yang Shen authored
Some cleanup for code: 1. Change names for easy to understand. 2. Unify the variables type. 3. Use the right return value. Signed-off-by:
-
Yang Shen authored
1.Remove some useless steps during doing requests. 2.Adjust the possibility of branch prediction. Signed-off-by:
-
Lucas Segarra Fernandez authored
Acomp API supports NULL destination buffer for compression and decompression requests. In such cases allocation is performed by API. Add test cases for crypto_acomp_compress() and crypto_acomp_decompress() with dst buffer allocated by API. Tests will only run if CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y. Signed-off-by:
Lucas Segarra Fernandez <lucas.segarra.fernandez@intel.com> Reviewed-by:
-
Jason Wang authored
The double `to' is duplicated in the comment, remove one. Signed-off-by:
Jason Wang <wangborong@cdjrlc.com> Signed-off-by:
-
Jason Wang authored
The double `the' is duplicated in the comment, remove one. Signed-off-by:
-
Dong Chuanjian authored
remove unnecessary void* type casting v2: Turn assignments less than 75 characters into one line. Signed-off-by:
Dong Chuanjian <chuanjian@nfschina.com> Signed-off-by:
-
Jarkko Sakkinen authored
A quirk for fixing the committed TCB version, when upgrading from a firmware version earlier than 1.50. This is a known issue, and the documented workaround is to load the firmware twice. Currently, this issue requires the following workaround: sudo modprobe -r kvm_amd sudo modprobe -r ccp sudo modprobe ccp sudo modprobe kvm_amd Implement this workaround inside kernel by checking whether the API version is less than 1.50, and if so, download the firmware twice. This addresses the TCB version issue. Link: https://lore.kernel.org/all/de02389f-249d-f565-1136-4af3655fab2a@profian.com/Reported-by:
Harald Hoyer <harald@profian.com> Signed-off-by:
Jarkko Sakkinen <jarkko@profian.com> Acked-by:
-
Jean Delvare authored
Since commit 0166dc11 ("of: make CONFIG_OF user selectable"), it is possible to test-build any driver which depends on OF on any architecture by explicitly selecting OF. Therefore depending on COMPILE_TEST as an alternative is no longer needed. It is actually better to always build such drivers with OF enabled, so that the test builds are closer to how each driver will actually be built on its intended target. Building them without OF may not test much as the compiler will optimize out potentially large parts of the code. In the worst case, this could even pop false positive warnings. Dropping COMPILE_TEST here improves the quality of our testing and avoids wasting time on non-existent issues. Signed-off-by:
Jean Delvare <jdelvare@suse.de> Cc: Declan Murphy <declan.murphy@intel.com> Cc: Daniele Alessandrelli <daniele.alessandrelli@intel.com> Cc: Mark Gross <mgross@linux.intel.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Prabhjot Khurana <prabhjot.khurana@intel.com> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by:
-
ye xingchen authored
Using pm_runtime_resume_and_get() to instade of pm_runtime_get_sync and pm_runtime_put_noidle. Reported-by:
Zeal Robot <zealci@zte.com.cn> Signed-off-by:
ye xingchen <ye.xingchen@zte.com.cn> Acked-by:
Jernej Skrabec <jernej.skrabec@gmail.com> Signed-off-by:
-
Zhuo Chen authored
Calls to pci_cleanup_aer_uncorrect_error_status() have already been removed after commit 62b36c3e ("PCI/AER: Remove pci_cleanup_aer_uncorrect_error_status() calls"). But in commit 6c6dd580 ("crypto: hisilicon/qm - add controller reset interface") pci_aer_clear_nonfatal_status() was used again, so remove it in this patch. note: pci_cleanup_aer_uncorrect_error_status() was renamed to pci_aer_clear_nonfatal_status() in commit 894020fd ("PCI/AER: Rationalize error status register clearing") Signed-off-by:
Zhuo Chen <chenzhuo.1@bytedance.com> Signed-off-by:
-
James Cowgill authored
The SMCCC_RET_TRNG_NO_ENTROPY switch arm is never used because the NO_ENTROPY return value is negative and negative values are handled above the switch by immediately returning. Fix by handling errors using a default arm in the switch. Fixes: 0888d04b ("hwrng: Add Arm SMCCC TRNG based driver") Signed-off-by:
James Cowgill <james.cowgill@blaize.com> Signed-off-by:
-
Herbert Xu authored
Module device tables need to be declared as maybe_unused because they will be unused when built-in and the corresponding option is also disabled. This patch adds the maybe_unused attributes to OF and ACPI. This also allows us to remove the ifdef around the ACPI data structure. Reported-by:
Vinod Koul <vkoul@kernel.org> Signed-off-by:
-
Jason A. Donenfeld authored
There are two deadlock scenarios that need addressing, which cause problems when the computer goes to sleep, the interface is set down, and hwrng_unregister() is called. When the deadlock is hit, sleep is delayed for tens of seconds, causing it to fail. These scenarios are: 1) The hwrng kthread can't be stopped while it's sleeping, because it uses msleep_interruptible() which does not react to kthread_stop. 2) A normal user thread can't be interrupted by hwrng_unregister() while it's sleeping, because hwrng_unregister() is called from elsewhere. We solve both issues by add a completion object called dying that fulfils waiters once we have started the process in hwrng_unregister. At the same time, we should cleanup a common and useless dmesg splat in the same area. Cc: <stable@vger.kernel.org> Reported-by:
Gregory Erwin <gregerwin256@gmail.com> Fixes: fcd09c90 ("ath9k: use hw_random API instead of directly dumping into random.c") Link: https://lore.kernel.org/all/CAO+Okf6ZJC5-nTE_EJUGQtd8JiCkiEHytGgDsFGTEjs0c00giw@mail.gmail.com/ Link: https://lore.kernel.org/lkml/CAO+Okf5k+C+SE6pMVfPf-d8MfVPVq4PO7EY8Hys_DVXtent3HA@mail.gmail.com/ Link: https://bugs.archlinux.org/task/75138Signed-off-by:
Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by:
Toke Høiland-Jørgensen <toke@toke.dk> Acked-by:
Kalle Valo <kvalo@kernel.org> Signed-off-by:
-
Ye Weihua authored
KASAN reported this Bug: [17619.659757] BUG: KASAN: global-out-of-bounds in param_get_int+0x34/0x60 [17619.673193] Read of size 4 at addr fffff01332d7ed00 by task read_all/1507958 ... [17619.698934] The buggy address belongs to the variable: [17619.708371] sgl_sge_nr+0x0/0xffffffffffffa300 [hisi_zip] There is a mismatch in hisi_zip when get/set the variable sgl_sge_nr. The type of sgl_sge_nr is u16, and get/set sgl_sge_nr by param_get/set_int. Replacing param_get/set_int to param_get/set_ushort can fix this bug. Fixes: f081fda2 ("crypto: hisilicon - add sgl_sge_nr module param for zip") Signed-off-by:
Ye Weihua <yeweihua4@huawei.com> Signed-off-by:
-
