- 13 Jan, 2015 6 commits
-
-
Allan, Bruce W authored
Signed-off-by: Bruce Allan <bruce.w.allan@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Allan, Bruce W authored
Prior to resetting the hardware, use pci_wait_for_pending_transaction() instead of open coding similar functionality. Signed-off-by: Bruce Allan <bruce.w.allan@intel.com> Acked-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Allan, Bruce W authored
In adf_dev_stop(), adf_ae_stop() is never called because adf_dev_started() will always return false since the ADF_STATUS_STARTED bit is cleared earlier in the function. Signed-off-by: Bruce Allan <bruce.w.allan@intel.com> Acked-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Allan, Bruce W authored
Signed-off-by: Bruce Allan <bruce.w.allan@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Allan, Bruce W authored
When the device needs a reset, e.g. when an uncorrectable PCIe AER event occurs, various services/data structures need to be cleaned up, the hardware reset and the services/data structures initialized and started. The code to perform the cleanup and initialization was not performed when a device reset was done. This patch moves some of the initialization code out of the .probe entry- point into a separate function that is now called during probe as well as after the hardware has been reset. Similarly, a new function is added for first cleaning up these services/data structures prior to resetting. The new functions are adf_dev_init() and adf_dev_shutdown(), respectively, for which there are already prototypes but no actual functions just yet and are now called when the device is reset and during probe/cleanup of the driver. The down and up flows via ioctl calls has similarly been updated. In addition, there are two other bugs in the reset flow - one in the logic for determining whether to schedule a device reset upon receiving an uncorrectable AER event which prevents the reset flow from being initiated, and another with clearing the status bit indicating a device is configured (when resetting the device the configuration remains across the reset so the bit should not be cleared, otherwise, the necessary services will not be re-started in adf_dev_start() after the reset - clear the bit only when actually deleting the configuration). Signed-off-by: Bruce Allan <bruce.w.allan@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Rabin Vincent authored
tcrypt/testmgr uses wait_for_completion_interruptible() everywhere when it waits for a request to be completed. If it's interrupted, then the test is aborted and the request is freed. However, if any of these calls actually do get interrupted, the result will likely be a kernel crash, when the driver handles the now-freed request. Use wait_for_completion() instead. Signed-off-by: Rabin Vincent <rabin.vincent@axis.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 08 Jan, 2015 4 commits
-
-
Daniel Borkmann authored
Lets improve the comment to add a note on when to use memzero_explicit() for those not digging through the git logs. We don't want people to pollute places with memzero_explicit() where it's not really necessary. Reference: https://lkml.org/lkml/2015/1/4/190Suggested-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
memzero_explicit should only be used on stack variables that get zapped just before they go out of scope. This patch replaces all unnecessary uses of memzero_explicit with memset, removes two memzero_explicit calls altogether as the tfm context comes pre-zeroed, and adds a missing memzero_explicit of the stack variable buff in qat_alg_do_precomputes. The memzeros on ipad/opad + digest_size/auth_keylen are also removed as the entire auth_state is already zeroed on entry. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Tadeusz Struk <tadeusz.struk@intel.com>
-
Stephan Mueller authored
The AEAD decryption operation requires the authentication tag to be present as part of the cipher text buffer. The added check verifies that the caller provides a cipher text with at least the authentication tag. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Asaf Vertz authored
dd->total is unsigned so it won't do any good to check for negative value after subtracting instead of that we should check if the subtracted value is bigger than him This was partially found by using a static code analysis program called cppcheck. Signed-off-by: Asaf Vertz <asaf.vertz@tandemg.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 05 Jan, 2015 2 commits
-
-
Masanari Iida authored
This patch removes unnecessary KERN_ERR from bfin_crypto_crc_mod_init(). Signed-off-by: Masanari Iida <standby24x7@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Rickard Strandqvist authored
Remove the function get_dynamic_sa_offset_iv_field() that is not used anywhere. This was partially found by using a static code analysis program called cppcheck. Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 04 Jan, 2015 1 commit
-
-
Herbert Xu authored
This reverts commit 421d82f5. None of the data zeroed are on the stack so the compiler cannot optimise them away. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 29 Dec, 2014 2 commits
-
-
Stephan Mueller authored
Enable compilation of the RNG AF_ALG support and provide a Kconfig option to compile the RNG AF_ALG support. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Stephan Mueller authored
This patch adds the random number generator support for AF_ALG. A random number generator's purpose is to generate data without requiring the caller to provide any data. Therefore, the AF_ALG interface handler for RNGs only implements a callback handler for recvmsg. The following parameters provided with a recvmsg are processed by the RNG callback handler: * sock - to resolve the RNG context data structure accessing the RNG instance private to the socket * len - this parameter allows userspace callers to specify how many random bytes the RNG shall produce and return. As the kernel context for the RNG allocates a buffer of 128 bytes to store random numbers before copying them to userspace, the len parameter is checked that it is not larger than 128. If a caller wants more random numbers, a new request for recvmsg shall be made. The size of 128 bytes is chose because of the following considerations: * to increase the memory footprint of the kernel too much (note, that would be 128 bytes per open socket) * 128 is divisible by any typical cryptographic block size an RNG may have * A request for random numbers typically only shall supply small amount of data like for keys or IVs that should only require one invocation of the recvmsg function. Note, during instantiation of the RNG, the code checks whether the RNG implementation requires seeding. If so, the RNG is seeded with output from get_random_bytes. A fully working example using all aspects of the RNG interface is provided at http://www.chronox.de/libkcapi.htmlSigned-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 25 Dec, 2014 6 commits
-
-
Stephan Mueller authored
alg_setkey should zeroize the sensitive data after use. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
We always do hwrng_init in set_current_rng. In fact, our current reference count system relies on this. So make this explicit by moving hwrng_init into set_current_rng. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Rather than having callers of set_current_rng call drop_current_rng, we can do it directly in set_current_rng. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Currently we only register the device when a valid RNG is added. However the way it's done is buggy because we test whether there is a current RNG to determine whether we need to register. As the current RNG may be missing due to a reinitialisation error this can lead to a reregistration of the device. As the device already has to handle a NULL current RNG anyway, let's just register the device always and remove the complexity. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The kref solution is still buggy because we were only focusing on the register/unregister race. The same race affects the setting of current_rng through sysfs. This patch fixes it by using kref_get_unless_zero. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
There is no point in doing a manual completion for cleanup_done when struct completion fits in perfectly. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 23 Dec, 2014 5 commits
-
-
Aaro Koskinen authored
Enable user to select OCTEON MD5 module. Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Aaro Koskinen authored
Add OCTEON MD5 module. Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Aaro Koskinen authored
Reintroduce run-time check for crypto features. The old one was deleted because it was unreliable, now decide the crypto availability on early boot when the model string is constructed. Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Aaro Koskinen authored
Add instruction definitions for MD5. Based on information extracted from EdgeRouter Pro GPL source tarball. Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Aaro Koskinen authored
Add crypto helper functions which are needed for kernel level usage. The code for these has been extracted from the EdgeRouter Pro GPL tarball. While at it, also delete duplicate definitions of the functions. Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 22 Dec, 2014 14 commits
-
-
Asaf Vertz authored
Fixed a coding style error, code indent should use tabs where possible Signed-off-by: Asaf Vertz <asaf.vertz@tandemg.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tadeusz Struk authored
Add support for cbc(aes) ablkcipher. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Acked-by: Bruce W. Allan <bruce.w.allan@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tadeusz Struk authored
Fixed invalid assumpion that the sgl in and sgl out will always have the same number of entries. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tadeusz Struk authored
algif_skcipher sends 127 sgl buffers for encryption regardless of how many buffers acctually have data to process, where the few first with valid len and the rest with zero len. This is not very eficient. This patch marks the last one with data as the last one to process. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Rusty Russell authored
Another interesting anti-pattern. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Rusty Russell authored
Interesting anti-pattern. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Rusty Russell authored
The previous patch added one potential problem: we can still be reading from a hwrng when it's unregistered. Add a wait for zero in the hwrng_unregister path. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Amos Kong <akong@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Rusty Russell authored
current_rng holds one reference, and we bump it every time we want to do a read from it. This means we only hold the rng_mutex to grab or drop a reference, so accessing /sys/devices/virtual/misc/hw_random/rng_current doesn't block on read of /dev/hwrng. Using a kref is overkill (we're always under the rng_mutex), but a standard pattern. This also solves the problem that the hwrng_fillfn thread was accessing current_rng without a lock, which could change (eg. to NULL) underneath it. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Amos Kong <akong@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Amos Kong authored
In next patch, we use reference counting for each struct hwrng, changing reference count also needs to take mutex_lock. Before releasing the lock, if we try to stop a kthread that waits to take the lock to reduce the referencing count, deadlock will occur. Signed-off-by: Amos Kong <akong@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Rusty Russell authored
There's currently a big lock around everything, and it means that we can't query sysfs (eg /sys/devices/virtual/misc/hw_random/rng_current) while the rng is reading. This is a real problem when the rng is slow, or blocked (eg. virtio_rng with qemu's default /dev/random backend) This doesn't help (it leaves the current lock untouched), just adds a lock to protect the read function and the static buffers, in preparation for transition. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Stephan Mueller authored
Use setsockopt on the tfm FD to provide the authentication tag size for an AEAD cipher. This is achieved by adding a callback function which is intended to be used by the AEAD AF_ALG implementation. The optlen argument of the setsockopt specifies the authentication tag size to be used with the AEAD tfm. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Stephan Mueller authored
This patch adds a panic if the FIPS 140-2 self test error failed. Note, that entire code is only executed with fips_enabled (i.e. when the kernel is booted with fips=1. It is therefore not executed for 99.9% of all user base. As mathematically such failure cannot occur, this panic should never be triggered. But to comply with NISTs current requirements, an endless loop must be replaced with the panic. When the new version of FIPS 140 will be released, this entire continuous self test function will be ripped out as it will not be needed any more. This patch is functionally equivalent as implemented in ansi_cprng.c and drivers/char/random.c. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Joshua I. James authored
Fixed style error identified by checkpatch. WARNING: Missing a blank line after declarations + int err = crypto_remove_alg(&inst->alg, &users); + BUG_ON(err); Signed-off-by: Joshua I. James <joshua@cybercrimetech.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Joshua I. James authored
Fixed style error identified by checkpatch. WARNING: Missing a blank line after declarations + unsigned int unaligned = alignmask + 1 - (offset & alignmask); + if (nbytes > unaligned) Signed-off-by: Joshua I. James <joshua@cybercrimetech.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-