- 10 Oct, 2019 18 commits
-
-
Ard Biesheuvel authored
Commit 79c65d17 ("crypto: cbc - Convert to skcipher") updated the generic CBC template wrapper from a blkcipher to a skcipher algo, to get away from the deprecated blkcipher interface. However, as a side effect, drivers that instantiate CBC transforms using the blkcipher as a fallback no longer work, since skciphers can wrap blkciphers but not the other way around. This broke the geode-aes driver. So let's fix it by moving to the sync skcipher interface when allocating the fallback. At the same time, align with the generic API for ECB and CBC by rejecting inputs that are not a multiple of the AES block size. Fixes: 79c65d17 ("crypto: cbc - Convert to skcipher") Cc: <stable@vger.kernel.org> # v4.20+ ONLY Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Florian Bezdeka <florian@bezdeka.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Navid Emamdoost authored
In crypto_reportstat, a new skb is created by nlmsg_new(). This skb is leaked if crypto_reportstat_alg() fails. Required release for skb is added. Fixes: cac5818c ("crypto: user - Implement a generic crypto statistics") Cc: <stable@vger.kernel.org> Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Navid Emamdoost authored
In crypto_report, a new skb is created via nlmsg_new(). This skb should be released if crypto_report_alg() fails. Fixes: a38f7907 ("crypto: Add userspace configuration API") Cc: <stable@vger.kernel.org> Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Ayush Sawal authored
when libkcapi test is executed using HW accelerator, cipher operation return -74.Since af_alg_async_cb->ki_complete treat err as unsigned int, libkcapi receive 429467222 even though it expect -ve value. Hence its required to cast resultlen to int so that proper error is returned to libkcapi. AEAD one shot non-aligned test 2(libkcapi test) ./../bin/kcapi -x 10 -c "gcm(aes)" -i 7815d4b06ae50c9c56e87bd7 -k ea38ac0c9b9998c80e28fb496a2b88d9 -a "853f98a750098bec1aa7497e979e78098155c877879556bb51ddeb6374cbaefc" -t "c4ce58985b7203094be1d134c1b8ab0b" -q "b03692f86d1b8b39baf2abb255197c98" Fixes: d887c52d ("crypto: algif_aead - overhaul memory management") Cc: <stable@vger.kernel.org> Signed-off-by: Ayush Sawal <ayush.sawal@chelsio.com> Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Ayush Sawal <ayush.sawal@chelsio.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tudor Ambarus authored
commit 394a9e04 ("crypto: cfb - add missing 'chunksize' property") adds a test vector where the input length is smaller than the IV length (the second test vector). This revealed a NULL pointer dereference in the atmel-aes driver, that is caused by passing an incorrect offset in scatterwalk_map_and_copy() when atmel_aes_complete() is called. Do not save the IV in req->info of ablkcipher_request (or equivalently req->iv of skcipher_request) when req->nbytes < ivsize, because the IV will not be further used. While touching the code, modify the type of ivsize from int to unsigned int, to comply with the return type of crypto_ablkcipher_ivsize(). Fixes: 91308019 ("crypto: atmel-aes - properly set IV after {en,de}crypt") Cc: <stable@vger.kernel.org> Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Ard Biesheuvel authored
Now that the Clang compiler has taken it upon itself to police the compiler command line, and reject combinations for arguments it views as incompatible, the AEGIS128 no longer builds correctly, and errors out like this: clang-10: warning: ignoring extension 'crypto' because the 'armv7-a' architecture does not support it [-Winvalid-command-line-argument] So let's switch to armv8-a instead, which matches the crypto-neon-fp-armv8 FPU profile we specify. Since neither were actually supported by GCC versions before 4.8, let's tighten the Kconfig dependencies as well so we won't run into errors when building with an ancient compiler. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Nathan Chancellor <natechancellor@gmail.com> Tested-by: Nathan Chancellor <natechancellor@gmail.com> Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> Tested-by: Nick Desaulniers <ndesaulniers@google.com> Reported-by: <ci_notify@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Arnd Bergmann authored
When both PCI and OF are disabled, no drivers are registered, and we get some unused-function warnings: drivers/crypto/inside-secure/safexcel.c:1221:13: error: unused function 'safexcel_unregister_algorithms' [-Werror,-Wunused-function] static void safexcel_unregister_algorithms(struct safexcel_crypto_priv *priv) drivers/crypto/inside-secure/safexcel.c:1307:12: error: unused function 'safexcel_probe_generic' [-Werror,-Wunused-function] static int safexcel_probe_generic(void *pdev, drivers/crypto/inside-secure/safexcel.c:1531:13: error: unused function 'safexcel_hw_reset_rings' [-Werror,-Wunused-function] static void safexcel_hw_reset_rings(struct safexcel_crypto_priv *priv) It's better to make the compiler see what is going on and remove such ifdef checks completely. In case of PCI, this is trivial since pci_register_driver() is defined to an empty function that makes the compiler subsequently drop all unused code silently. The global pcireg_rc/ofreg_rc variables are not actually needed here since the driver registration does not fail in ways that would make it helpful. For CONFIG_OF, an IS_ENABLED() check is still required, since platform drivers can exist both with and without it. A little change to linux/pci.h is needed to ensure that pcim_enable_device() is visible to the driver. Moving the declaration outside of ifdef would be sufficient here, but for consistency with the rest of the file, adding an inline helper is probably best. Fixes: 212ef6f2 ("crypto: inside-secure - Fix unused variable warning when CONFIG_PCI=n") Signed-off-by: Arnd Bergmann <arnd@arndb.de> Acked-by: Bjorn Helgaas <bhelgaas@google.com> # pci.h Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Arnd Bergmann authored
A previous fixup avoided an unused variable warning but replaced it with a slightly scarier warning: drivers/crypto/inside-secure/safexcel.c:1100:6: error: variable 'irq' is used uninitialized whenever 'if' condition is false [-Werror,-Wsometimes-uninitialized] This is harmless as it is impossible to get into this case, but the compiler has no way of knowing that. Add an explicit error handling case to make it obvious to both compilers and humans reading the source. Fixes: 212ef6f2 ("crypto: inside-secure - Fix unused variable warning when CONFIG_PCI=n") Signed-off-by: Arnd Bergmann <arnd@arndb.de> Acked-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Zaibo Xu authored
Here adds maintainer information for high performance RSA engine (HPRE) driver. Signed-off-by: Zaibo Xu <xuzaibo@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Zaibo Xu authored
HiSilicon HPRE engine driver uses debugfs to provide debug information, the usage can be found in /Documentation/ABI/testing/debugfs-hisi-hpre. Signed-off-by: Zaibo Xu <xuzaibo@huawei.com> Signed-off-by: Hui Tang <tanghui20@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Zaibo Xu authored
Add debugfs descriptions for HiSilicon HPRE driver. Signed-off-by: Zaibo Xu <xuzaibo@huawei.com> Signed-off-by: Hui Tang <tanghui20@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Zaibo Xu authored
HiSilicon HPRE engine supports PCI SRIOV. This patch enable this feature. User can enable VFs and pass through them to VM, same HPRE driver can work in VM to provide RSA and DH algorithms by crypto akcipher and kpp interfaces. Signed-off-by: Zaibo Xu <xuzaibo@huawei.com> Signed-off-by: Hui tang <tanghui20@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Zaibo Xu authored
The HiSilicon HPRE accelerator implements RSA and DH algorithms. It uses Hisilicon QM as interface to CPU. This patch provides PCIe driver to the accelerator and registers its algorithms to crypto akcipher and kpp interfaces. Signed-off-by: Zaibo Xu <xuzaibo@huawei.com> Signed-off-by: Hui Tang <tanghui20@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Zhou Wang authored
This patch fixes some misc problems in sgl codes, e.g. missing static, sparse error and input parameter check. Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Shukun Tan <tanshukun1@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Zhou Wang authored
When disabling SMMU, it may fail to allocate large continuous memory. This patch fixes this by allocating memory as blocks. Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Shukun Tan <tanshukun1@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Shukun Tan authored
Add a module parameter for zip driver to set the number of SGE in one SGL. Signed-off-by: Shukun Tan <tanshukun1@huawei.com> Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Zhou Wang authored
As HW SGL can be seen as a data format of QM's sqe, we merge sgl code into qm module and rename it as hisi_qm, which reduces the number of module and make the name less generic. This patch also modify the interface of SGL: - Create/free hisi_acc_sgl_pool inside. - Let user to pass the SGE number in one SGL when creating sgl pool, which is better than a unified module parameter for sgl module before. - Modify zip driver according to sgl interface change. Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Shukun Tan <tanshukun1@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Laurent Vivier authored
add_early_randomness() is called every time a new rng backend is added and every time it is set as the current rng provider. add_early_randomness() is called from functions locking rng_mutex, and if it hangs all the hw_random framework hangs: we can't read sysfs, add or remove a backend. This patch move add_early_randomness() out of the rng_mutex zone. It only needs the reading_mutex. Signed-off-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 04 Oct, 2019 22 commits
-
-
Iuliana Prodan authored
The mapped_{src,dst}_nents _returned_ from the dma_map_sg call (which could be less than src/dst_nents) have to be used to generate the job descriptors. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Corentin Labbe authored
This patch enables power management on the Security System. sun4i-ss now depends on PM because it simplify code and prevent some ifdef. But this is not a problem since arch maintainer want ARCH_SUNXI to depend on PM in the future. Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com> Acked-by: Maxime Ripard <mripard@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Corentin Labbe authored
This patch regroups resource enabling/disabling in dedicated function. This simplify error handling and will permit to support power management. Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com> Acked-by: Maxime Ripard <mripard@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Phani Kiran Hemadri authored
This patch fixes assigning UCD block number of Asymmetric crypto firmware to AE cores of CNN55XX device. Fixes: a7268c4d ("crypto: cavium/nitrox - Add support for loading asymmetric crypto firmware") Signed-off-by: Phani Kiran Hemadri <phemadri@marvell.com> Reviewed-by: Srikanth Jampala <jsrikanth@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Eneas U de Queiroz authored
Set the CRYPTO_ALG_KERN_DRIVER_ONLY flag to all algorithms exposed by the qce driver, since they are all hardware accelerated, accessible through a kernel driver only, and not available directly to userspace. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Christophe JAILLET authored
Use '__skb_put_data()' instead of rewritting it. This improves readability. Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Navid Emamdoost authored
Release all allocated memory if sha type is invalid: In ccp_run_sha_cmd, if the type of sha is invalid, the allocated hmac_buf should be released. v2: fix the goto. Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com> Acked-by: Gary R Hook <gary.hook@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Arnd Bergmann authored
To avoid missing arm64 specific warnings that get introduced in this driver, allow compile-testing on all 64-bit architectures. The only actual arm64 specific code in this driver is an open- coded 128 bit MMIO write. On non-arm64 the same can be done using memcpy_toio. What I also noticed is that the mmio store (either one) is not endian-safe, this will only work on little- endian configurations, so I also add a Kconfig dependency on that, regardless of the architecture. Finally, a depenndecy on CONFIG_64BIT is needed because of the writeq(). Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Pascal van Leeuwen authored
This patch adds support for the EIP196, which is an EIP197 derivative that has no classification hardware and a simplified record cache. The patch has been tested with the eip196b-ie and eip197c-iewxkbc configurations on the Xilinx VCU118 development board as well as on the Macchiatobin board (Marvell A8K - EIP197b-ieswx), including the crypto extra tests. Note that this patchset applies on top of the earlier submitted "Add support for eip197f_iewc" series. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Nagadheeraj Rottela authored
Add support to get microcode information in VF from PF via mailbox message. Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com> Reviewed-by: Srikanth Jampala <jsrikanth@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Markus Elfring authored
Simplify this function implementation by using a known wrapper function. This issue was detected by using the Coccinelle software. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Alexander E. Patrakov authored
One should not say "ec can be NULL" and then dereference it. One cannot talk about the return value if the function returns void. Signed-off-by: Alexander E. Patrakov <patrakov@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Markus Elfring authored
Simplify this function implementation by using a known wrapper function. This issue was detected by using the Coccinelle software. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Reviewed-by: Ray Jui <ray.jui@broadcom.com> Reviewed-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Pascal van Leeuwen authored
The current driver assumes one dedicated ring interrupt controller per ring. However, some existing EIP(1)97 HW has less ring AIC's than rings. This patch allows the driver to work with such HW by detecting how many ring AIC's are present and restricting the number of rings it *uses* by the number of ring AIC's present. This allows it to at least function. (optimization for the future: add ring dispatch functionality in the interrupt service routine such that multiple rings can be supported from one ring AIC, allowing all rings to be used) Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Pascal van Leeuwen authored
This patch adds support for large EIP197's with a 256 bit wide internal bus, which affects the format of the result descriptor due to internal alignment requirements. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Pascal van Leeuwen authored
This patch adds support for rfc4309(ccm(aes)) for use with IPsec ESP Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Pascal van Leeuwen authored
This patch adds support for rfc4543(gcm(aes)) - i.e. AES-GMAC - for use with IPsec ESP Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Pascal van Leeuwen authored
This patch adds support for rfc4106(gcm(aes)) for use with IPsec ESP Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Pascal van Leeuwen authored
This patch fixed a corner case admin RAM probing issue witnessed on the Xilinx VCU118 FPGA development board with an EIP197 configuration with 4096 words of admin RAM, of which only 2050 were recognised. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Pascal van Leeuwen authored
This patch corrects an error in the Transform Record Cache initialization code that was causing intermittent stability problems on the Macchiatobin board. Unfortunately, due to HW platform specifics, the problem could not happen on the main development platform, being the VCU118 Xilinx development board. And since it was a problem with hash table access, it was very dependent on the actual physical context record DMA buffers being used, i.e. with some (bad) luck it could seemingly work quit stable for a while. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Nagadheeraj Rottela authored
Self test failures are due to wrong output IV. This patch fixes this issue by copying back output IV into skcipher request. Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com> Reviewed-by: Srikanth Jampala <jsrikanth@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Nagadheeraj Rottela authored
Check if device supports assoclen to solve hung task timeout error when extra tests are enabled. Return -EINVAL if assoclen is not supported. Check authsize to return -EINVAL if authentication tag size is invalid. Change blocksize to 1 to match with generic implementation. Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com> Reported-by: Mallesham Jatharakonda <mallesham.jatharakonda@oneconvergence.com> Suggested-by: Mallesham Jatharakonda <mallesham.jatharakonda@oneconvergence.com> Reviewed-by: Srikanth Jampala <jsrikanth@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-