1. 13 Oct, 2023 13 commits
  2. 12 Oct, 2023 3 commits
  3. 05 Oct, 2023 15 commits
  4. 01 Oct, 2023 9 commits
    • Uwe Kleine-König's avatar
      crypto: engine - Make crypto_engine_exit() return void · 5ec12f1c
      Uwe Kleine-König authored
      All callers ignore the return value, so simplify by not providing one.
      
      Note that crypto_engine_exit() is typically called in a device driver's
      remove path (or the error path in probe), where errors cannot be handled
      anyhow.
      Signed-off-by: default avatarUwe Kleine-König <u.kleine-koenig@pengutronix.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      5ec12f1c
    • Uwe Kleine-König's avatar
      crypto: keembay - Don't pass errors to the caller in .remove() · 0eb85cb3
      Uwe Kleine-König authored
      Returning an error code in the remove function of a platform device has
      no effect (compared to returning zero) apart from an error message, that
      the error is ignored. Then the device is removed irrespective of the
      returned value.
      
      As kmb_ocs_hcu_remove is only called after kmb_ocs_hcu_probe() returned
      successfully, platform_get_drvdata() never returns NULL and so the
      respective check can just be dropped.
      
      crypto_engine_exit() might return an error code but already emits an
      error message in that case, so better return zero in
      kmb_ocs_hcu_remove() even in this case to suppress another error
      message. All other crypto drivers also ignore the return value of
      crypto_engine_exit().
      Signed-off-by: default avatarUwe Kleine-König <u.kleine-koenig@pengutronix.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      0eb85cb3
    • Kees Cook's avatar
      crypto: qat - Annotate struct adf_fw_counters with __counted_by · 141f12be
      Kees Cook authored
      Prepare for the coming implementation by GCC and Clang of the __counted_by
      attribute. Flexible array members annotated with __counted_by can have
      their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
      (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
      functions).
      
      As found with Coccinelle[1], add __counted_by for struct adf_fw_counters.
      
      [1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci
      
      Cc: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Nathan Chancellor <nathan@kernel.org>
      Cc: Nick Desaulniers <ndesaulniers@google.com>
      Cc: Tom Rix <trix@redhat.com>
      Cc: Adam Guerin <adam.guerin@intel.com>
      Cc: Lucas Segarra Fernandez <lucas.segarra.fernandez@intel.com>
      Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
      Cc: qat-linux@intel.com
      Cc: linux-crypto@vger.kernel.org
      Cc: llvm@lists.linux.dev
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Reviewed-by: default avatarGustavo A. R. Silva <gustavoars@kernel.org>
      Acked-by: default avatarGiovanni Cabiddu <giovanni.cabiddu@intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      141f12be
    • Giovanni Cabiddu's avatar
      crypto: qat - increase size of buffers · 4e4e2ed2
      Giovanni Cabiddu authored
      Increase the size of the buffers used for composing the names used for
      the transport debugfs entries and the vector name to avoid a potential
      truncation.
      
      This resolves the following errors when compiling the driver with W=1
      and KCFLAGS=-Werror on GCC 12.3.1:
      
          drivers/crypto/intel/qat/qat_common/adf_transport_debug.c: In function ‘adf_ring_debugfs_add’:
          drivers/crypto/intel/qat/qat_common/adf_transport_debug.c:100:60: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
          drivers/crypto/intel/qat/qat_common/adf_isr.c: In function ‘adf_isr_resource_alloc’:
          drivers/crypto/intel/qat/qat_common/adf_isr.c:197:47: error: ‘%d’ directive output may be truncated writing between 1 and 11 bytes into a region of size between 0 and 5 [-Werror=format-truncation=]
      
      Fixes: a672a9dc ("crypto: qat - Intel(R) QAT transport code")
      Signed-off-by: default avatarGiovanni Cabiddu <giovanni.cabiddu@intel.com>
      Reviewed-by: default avatarDamian Muszynski <damian.muszynski@intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      4e4e2ed2
    • Gaurav Jain's avatar
      crypto: caam/jr - fix Chacha20 + Poly1305 self test failure · a8d3cdcc
      Gaurav Jain authored
      key buffer is not copied in chachapoly_setkey function,
      results in wrong output for encryption/decryption operation.
      
      fix this by memcpy the key in caam_ctx key arrary
      
      Fixes: d6bbd4ee ("crypto: caam/jr - add support for Chacha20 + Poly1305")
      Signed-off-by: default avatarGaurav Jain <gaurav.jain@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      a8d3cdcc
    • Stephan Müller's avatar
      crypto: jitter - Allow configuration of oversampling rate · 0baa8fab
      Stephan Müller authored
      The oversampling rate used by the Jitter RNG allows the configuration of
      the heuristically implied entropy in one timing measurement. This
      entropy rate is (1 / OSR) bits of entropy per time stamp.
      
      Considering that the Jitter RNG now support APT/RCT health tests for
      different OSRs, allow this value to be configured at compile time to
      support systems with limited amount of entropy in their timer.
      
      The allowed range of OSR values complies with the APT/RCT cutoff health
      test values which range from 1 through 15.
      
      The default value of the OSR selection support is left at 1 which is the
      current default. Thus, the addition of the configuration support does
      not alter the default Jitter RNG behavior.
      Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      0baa8fab
    • Stephan Müller's avatar
      crypto: jitter - Allow configuration of memory size · 59bcfd78
      Stephan Müller authored
      The memory size consumed by the Jitter RNG is one contributing factor in
      the amount of entropy that is gathered. As the amount of entropy
      directly correlates with the distance of the memory from the CPU, the
      caches that are possibly present on a given system have an impact on the
      collected entropy.
      
      Thus, the kernel compile time should offer a means to configure the
      amount of memory used by the Jitter RNG. Although this option could be
      turned into a runtime option (e.g. a kernel command line option), it
      should remain a compile time option as otherwise adminsitrators who may
      not have performed an entropy assessment may select a value that is
      inappropriate.
      
      The default value selected by the configuration is identical to the
      current Jitter RNG value. Thus, the patch should not lead to any change
      in the Jitter RNG behavior.
      
      To accommodate larger memory buffers, kvzalloc / kvfree is used.
      Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      59bcfd78
    • Stephan Müller's avatar
      crypto: jitter - add RCT/APT support for different OSRs · 04597c8d
      Stephan Müller authored
      The oversampling rate (OSR) value specifies the heuristically implied
      entropy in the recorded data - H_submitter = 1/osr. A different entropy
      estimate implies a different APT/RCT cutoff value. This change adds
      support for OSRs 1 through 15. This OSR can be selected by the caller
      of the Jitter RNG.
      
      For this patch, the caller still uses one hard-coded OSR. A subsequent
      patch allows this value to be configured.
      
      In addition, the power-up self test is adjusted as follows:
      
      * It allows the caller to provide an oversampling rate that should be
      tested with - commonly it should be the same as used for the actual
      runtime operation. This makes the power-up testing therefore consistent
      with the runtime operation.
      
      * It calls now jent_measure_jitter (i.e. collects the full entropy
      that can possibly be harvested by the Jitter RNG) instead of only
      jent_condition_data (which only returns the entropy harvested from
      the conditioning component). This should now alleviate reports where
      the Jitter RNG initialization thinks there is too little entropy.
      
      * The power-up test now solely relies on the (enhanced) APT and RCT
      test that is used as a health test at runtime.
      
      The code allowing the different OSRs as well as the power-up test
      changes are present in the user space version of the Jitter RNG 3.4.1
      and thus was already in production use for some time.
      
      Reported-by "Ospan, Abylay" <aospan@amazon.com>
      Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      04597c8d
    • Gaurav Jain's avatar
      crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure · 7b8c6aee
      Gaurav Jain authored
      key buffer is not copied in chachapoly_setkey function,
      results in wrong output for encryption/decryption operation.
      
      fix this by memcpy the key in caam_ctx key arrary
      
      Fixes: c10a5336 ("crypto: caam/qi2 - add support for Chacha20 + Poly1305")
      Signed-off-by: default avatarGaurav Jain <gaurav.jain@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      7b8c6aee