- 17 Mar, 2016 3 commits
-
-
Boris BREZILLON authored
Crypto requests are not guaranteed to be finalized (->final() call), and can be freed at any moment, without getting any notification from the core. This can lead to memory leaks of the ->cache buffer. Make this buffer part of the request object, and allocate an extra buffer from the DMA cache pool when doing DMA operations. As a side effect, this patch also fixes another bug related to cache allocation and DMA operations. When the core allocates a new request and import an existing state, a cache buffer can be allocated (depending on the state). The problem is, at that very moment, we don't know yet whether the request will use DMA or not, and since everything is likely to be initialized to zero, mv_cesa_ahash_alloc_cache() thinks it should allocate a buffer for standard operation. But when mv_cesa_ahash_free_cache() is called, req->type has been set to CESA_DMA_REQ in the meantime, thus leading to an invalind dma_pool_free() call (the buffer passed in argument has not been allocated from the pool). Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com> Reported-by: Gregory CLEMENT <gregory.clement@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Gary R Hook authored
This patch simplifies an unneeded read-write lock. Signed-off-by: Gary R Hook <gary.hook@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
eCryptfs: Fix null pointer dereference on kzalloc error path The conversion to skcipher and shash added a couple of null pointer dereference bugs on the kzalloc failure path. This patch fixes them. Fixes: 3095e8e3 ("eCryptfs: Use skcipher and shash") Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 11 Mar, 2016 9 commits
-
-
Tadeusz Struk authored
The default arbiter configuration for ring weights and response ordering is exactly what we want so we don't need to configure anything more. This will also fix the problem where number of bundles is different between different devices. Reported-by: Ahsan Atta <ahsan.atta@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Vladimir Zapolskiy authored
The change fixes potential oops while accessing iomem on invalid address, if devm_ioremap_resource() fails due to some reason. The devm_ioremap_resource() function returns ERR_PTR() and never returns NULL, which makes useless a following check for NULL. Signed-off-by: Vladimir Zapolskiy <vz@mleia.com> Fixes: 5a4eea26 ("crypto: ux500 - Use devm_xxx() managed function") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Vladimir Zapolskiy authored
The change fixes potential oops while accessing iomem on invalid address, if devm_ioremap_resource() fails due to some reason. The devm_ioremap_resource() function returns ERR_PTR() and never returns NULL, which makes useless a following check for NULL. Signed-off-by: Vladimir Zapolskiy <vz@mleia.com> Fixes: b0e8b341 ("crypto: atmel - use devm_xxx() managed function") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Pingchao Yang authored
The definition of icp_qat_uof_regtype should be coherent with the definition in firmware compiler. Signed-off-by: Yang Pingchao <pingchao.yang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Arnd Bergmann authored
The exynos random driver uses #ifdef to check for CONFIG_PM, but then uses SIMPLE_DEV_PM_OPS, which leaves the references out when CONFIG_PM_SLEEP is not defined, so we get a warning with PM=y && PM_SLEEP=n: drivers/char/hw_random/exynos-rng.c:166:12: error: 'exynos_rng_suspend' defined but not used [-Werror=unused-function] drivers/char/hw_random/exynos-rng.c:171:12: error: 'exynos_rng_resume' defined but not used [-Werror=unused-function] This removes the incorrect #ifdef and instead uses a __maybe_unused annotation to let the compiler know it can silently drop the function definition. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Krzysztof Kozlowski <k.kozlowski@samsung.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Gary R Hook authored
Support for different generations of the coprocessor requires that an abstraction layer be implemented for interacting with the hardware. This patch splits out version-specific functions to a separate file and populates the version structure (acting as a driver) with function pointers. Signed-off-by: Gary R Hook <gary.hook@amd.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Gary R Hook authored
Future hardware may introduce new algorithms wherein the driver will need to manage resources for different versions of the cryptographic coprocessor. This precursor patch determines the version of the available device, and marks and registers algorithms accordingly. A structure is added which manages the version-specific data. Signed-off-by: Gary R Hook <gary.hook@amd.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Gary R Hook authored
Enable management of >1 CCPs in a system. Each device will get a unique identifier, as well as uniquely named resources. Treat each CCP as an orthogonal unit and register resources individually. Signed-off-by: Gary R Hook <gary.hook@amd.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Gary R Hook authored
Each x86 SoC will make use of a unique PCI ID for the CCP device so it is not necessary to check for the CPU family and model. Signed-off-by: Gary R Hook <gary.hook@amd.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 27 Feb, 2016 8 commits
-
-
Tom Lendacky authored
Since a crypto_ahash_import() can be called against a request context that has not had a crypto_ahash_init() performed, the request context needs to be cleared to insure there is no random data present. If not, the random data can result in a kernel oops during crypto_ahash_update(). Cc: <stable@vger.kernel.org> # 3.14.x- Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Arnd Bergmann authored
When we use CONFIG_PROFILE_ALL_BRANCHES, every 'if()' introduces a static variable, but that is not allowed in 'extern inline' functions: mpi-inline.h:116:204: warning: '______f' is static but declared in inline function 'mpihelp_sub' which is not static mpi-inline.h:113:184: warning: '______f' is static but declared in inline function 'mpihelp_sub' which is not static mpi-inline.h:70:184: warning: '______f' is static but declared in inline function 'mpihelp_add' which is not static mpi-inline.h:56:204: warning: '______f' is static but declared in inline function 'mpihelp_add_1' which is not static This changes the MPI code to use 'static inline' instead, to get rid of hundreds of warnings. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Arnd Bergmann authored
A wrapper around the umull assembly instruction might reuse the input register as an output, which is undefined on some ARM machines, as pointed out by this assembler warning: CC lib/mpi/generic_mpih-mul1.o /tmp/ccxJuxIy.s: Assembler messages: /tmp/ccxJuxIy.s:53: rdhi, rdlo and rm must all be different CC lib/mpi/generic_mpih-mul2.o /tmp/ccI0scAD.s: Assembler messages: /tmp/ccI0scAD.s:53: rdhi, rdlo and rm must all be different CC lib/mpi/generic_mpih-mul3.o /tmp/ccMvVQcp.s: Assembler messages: /tmp/ccMvVQcp.s:53: rdhi, rdlo and rm must all be different This changes the constraints to force different registers to be used as output. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Álvaro Fernández Rojas authored
Allow building when OF is not enabled as suggested by Florian Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com> Reported-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Marcus Meissner authored
RFC 3686 CTR in various authenc methods. rfc3686(ctr(aes)) is already marked fips compliant, so these should be fine. Signed-off-by: Marcus Meissner <meissner@suse.de> Acked-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Pingchao Yang authored
Signed-off-by: Yang Pingchao <pingchao.yang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Michal Marek authored
The limbs are integers in the host endianness, so we can't simply iterate over the individual bytes. The current code happens to work on little-endian, because the order of the limbs in the MPI array is the same as the order of the bytes in each limb, but it breaks on big-endian. Fixes: 0f74fbf7 ("MPI: Fix mpi_read_buffer") Signed-off-by: Michal Marek <mmarek@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Zain Wang authored
Add md5 sha1 sha256 support for crypto engine in rk3288. Signed-off-by: Zain Wang <zain.wang@rock-chips.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 17 Feb, 2016 1 commit
-
-
Stephan Mueller authored
Commit 28856a9e missed the addition of the crypto/xts.h include file for different architecture-specific AES implementations. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 16 Feb, 2016 12 commits
-
-
Stephan Mueller authored
The crypto API received the skcipher API which is intended to replace the ablkcipher and blkcipher API. This patch adds the skcipher API documentation to the DocBook, updates the code sample (including removing the blkcipher example) replaces the references to ablkcipher and blkcipher with skcipher. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Stephan Mueller authored
The associated data handling with the kernel crypto API has been updated. This needs to be reflected in the documentation. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Stephan Mueller authored
Add new crypto API call crypto_rng_generate to DocBook. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Stephan Mueller authored
Reference the new akcipher API calls in the kernel crypto API DocBook. Also, fix the comments in the akcipher.h file: double dashes do not look good in the DocBook; fix a typo. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Fabio Estevam authored
caam_jr_shutdown() is only used in this file, so it can be made static. This avoids the following sparse warning: drivers/crypto/caam/jr.c:68:5: warning: symbol 'caam_jr_shutdown' was not declared. Should it be static? Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tadeusz Struk authored
Fix a leak on error path in qat asym Reported-by: Salvatore Benedetto <salvatore.benedetto@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Stephan Mueller authored
The patch centralizes the XTS key check logic into the service function xts_check_key which is invoked from the different XTS implementations. With this, the XTS implementations in ARM, ARM64, PPC and S390 have now a sanity check for the XTS keys similar to the other arches. In addition, this service function received a check to ensure that the key != the tweak key which is mandated by FIPS 140-2 IG A.9. As the check is not present in the standards defining XTS, it is only enforced in FIPS mode of the kernel. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Joshua Henderson authored
Add support for the hardware true random number generator peripheral found on PIC32. Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com> Signed-off-by: Purna Chandra Mandal <purna.mandal@microchip.com> Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Joshua Henderson authored
Document the devicetree bindings for the random number generator found on Microchip PIC32 class devices. Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com> Acked-by: Rob Herring <robh@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Cyrille Pitchen authored
When (!ctx->bufcnt && !(ctx->flags & SHA_FLAGS_PAD)), the former source code used to set the SHA_FLAGS_BUSY without checking whether this flag was already set. If so, the hardware is already processing another hash request so the processing of the req argument of atmel_sha_final() should be delayed by queueing this request, the same way as done for the (ctx->bufcnt != 0) case. Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Cyrille Pitchen authored
Using only the digest, digcnt[], bufcnt and buffer[] fields of the struct atmel_sha_reqctx was not enough to import/export the request state, so now we use the whole structure. Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Marcus Meissner authored
(2nd try that adds missing , to build.) Signed-off-by: Marcus Meissner <meissner@suse.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 09 Feb, 2016 1 commit
-
-
Herbert Xu authored
This needs to go through the security tree so I'm reverting the patches for now. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 06 Feb, 2016 6 commits
-
-
Marcus Meissner authored
Some more authenc() wrapped algorithms are FIPS compliant, tag them as such. Signed-off-by: Marcus Meissner <meissner@suse.de> Acked-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Jerome Marchand authored
__test_aead() reads MAX_IVLEN bytes from template[i].iv, but the actual length of the initialisation vector can be shorter. The length of the IV is already calculated earlier in the function. Let's just reuses that. Also the IV length is currently calculated several time for no reason. Let's fix that too. This fix an out-of-bound error detected by KASan. Signed-off-by: Jerome Marchand <jmarchan@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Fabio Estevam authored
Currently the sahara driver fails to probe: sahara: probe of 63ff8000.crypto failed with error -22 This happens since commit 8996eafd ("crypto: ahash - ensure statesize is non-zero"), which requires statesize to be filled. Pass the statesize members for sha1 and sha256, so we can probe the driver successfully again. Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Fabio Estevam authored
Based on commit 434b4212 ("crypto: caam - avoid needlessly saving and restoring caam_hash_ctx") from Russell King. When exporting and importing the hash state, we will only export and import into hashes which share the same struct crypto_ahash pointer. (See hash_accept->af_alg_accept->hash_accept_parent.) This means that saving the sahara_ctx structure on export, and restoring it on import is a waste of resources. So, remove this code. Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Fabio Estevam authored
As pointed out by Herbert Xu we should not include the mutex in the exported state, so let's just get rid of it. Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Wang, Rui Y authored
Modify __test_hash() so that hash import/export can be tested from within the kernel. The test is unconditionally done when a struct hash_testvec has its .np > 1. v3: make the test unconditional v2: Leverage template[i].np as suggested by Tim Chen Signed-off-by: Rui Wang <rui.y.wang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-