Herbert Xu [Wed, 16 Mar 2016 09:06:01 +0000 (17:06 +0800)]
eCryptfs: Use skcipher and shash
eCryptfs: Fix null pointer dereference on kzalloc error path
The conversion to skcipher and shash added a couple of null pointer
dereference bugs on the kzalloc failure path. This patch fixes them.
Fixes:
3095e8e366b4 ("eCryptfs: Use skcipher and shash")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tadeusz Struk [Tue, 8 Mar 2016 18:37:15 +0000 (10:37 -0800)]
crypto: qat - remove redundant arbiter configuration
The default arbiter configuration for ring weights and response ordering
is exactly what we want so we don't need to configure anything more.
This will also fix the problem where number of bundles is different
between different devices.
Reported-by: Ahsan Atta <ahsan.atta@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Vladimir Zapolskiy [Sun, 6 Mar 2016 01:22:04 +0000 (03:22 +0200)]
crypto: ux500 - fix checks of error code returned by devm_ioremap_resource()
The change fixes potential oops while accessing iomem on invalid
address, if devm_ioremap_resource() fails due to some reason.
The devm_ioremap_resource() function returns ERR_PTR() and never
returns NULL, which makes useless a following check for NULL.
Signed-off-by: Vladimir Zapolskiy <vz@mleia.com>
Fixes:
5a4eea2658c93 ("crypto: ux500 - Use devm_xxx() managed function")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Vladimir Zapolskiy [Sun, 6 Mar 2016 01:21:52 +0000 (03:21 +0200)]
crypto: atmel - fix checks of error code returned by devm_ioremap_resource()
The change fixes potential oops while accessing iomem on invalid
address, if devm_ioremap_resource() fails due to some reason.
The devm_ioremap_resource() function returns ERR_PTR() and never
returns NULL, which makes useless a following check for NULL.
Signed-off-by: Vladimir Zapolskiy <vz@mleia.com>
Fixes:
b0e8b3417a62 ("crypto: atmel - use devm_xxx() managed function")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Pingchao Yang [Thu, 3 Mar 2016 07:46:45 +0000 (02:46 -0500)]
crypto: qat - Change the definition of icp_qat_uof_regtype
The definition of icp_qat_uof_regtype should be coherent with
the definition in firmware compiler.
Signed-off-by: Yang Pingchao <pingchao.yang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Arnd Bergmann [Wed, 2 Mar 2016 15:58:59 +0000 (16:58 +0100)]
hwrng: exynos - use __maybe_unused to hide pm functions
The exynos random driver uses #ifdef to check for CONFIG_PM, but
then uses SIMPLE_DEV_PM_OPS, which leaves the references out when
CONFIG_PM_SLEEP is not defined, so we get a warning with
PM=y && PM_SLEEP=n:
drivers/char/hw_random/exynos-rng.c:166:12: error: 'exynos_rng_suspend' defined but not used [-Werror=unused-function]
drivers/char/hw_random/exynos-rng.c:171:12: error: 'exynos_rng_resume' defined but not used [-Werror=unused-function]
This removes the incorrect #ifdef and instead uses a __maybe_unused
annotation to let the compiler know it can silently drop
the function definition.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gary R Hook [Tue, 1 Mar 2016 19:49:25 +0000 (13:49 -0600)]
crypto: ccp - Add abstraction for device-specific calls
Support for different generations of the coprocessor
requires that an abstraction layer be implemented for
interacting with the hardware. This patch splits out
version-specific functions to a separate file and populates
the version structure (acting as a driver) with function
pointers.
Signed-off-by: Gary R Hook <gary.hook@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gary R Hook [Tue, 1 Mar 2016 19:49:15 +0000 (13:49 -0600)]
crypto: ccp - CCP versioning support
Future hardware may introduce new algorithms wherein the
driver will need to manage resources for different versions
of the cryptographic coprocessor. This precursor patch
determines the version of the available device, and marks
and registers algorithms accordingly. A structure is added
which manages the version-specific data.
Signed-off-by: Gary R Hook <gary.hook@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gary R Hook [Tue, 1 Mar 2016 19:49:04 +0000 (13:49 -0600)]
crypto: ccp - Support for multiple CCPs
Enable management of >1 CCPs in a system. Each device will
get a unique identifier, as well as uniquely named
resources. Treat each CCP as an orthogonal unit and register
resources individually.
Signed-off-by: Gary R Hook <gary.hook@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gary R Hook [Tue, 1 Mar 2016 19:48:54 +0000 (13:48 -0600)]
crypto: ccp - Remove check for x86 family and model
Each x86 SoC will make use of a unique PCI ID for the CCP
device so it is not necessary to check for the CPU family
and model.
Signed-off-by: Gary R Hook <gary.hook@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tom Lendacky [Thu, 25 Feb 2016 22:48:13 +0000 (16:48 -0600)]
crypto: ccp - memset request context to zero during import
Since a crypto_ahash_import() can be called against a request context
that has not had a crypto_ahash_init() performed, the request context
needs to be cleared to insure there is no random data present. If not,
the random data can result in a kernel oops during crypto_ahash_update().
Cc: <stable@vger.kernel.org> # 3.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Arnd Bergmann [Fri, 26 Feb 2016 12:46:27 +0000 (13:46 +0100)]
lib/mpi: use "static inline" instead of "extern inline"
When we use CONFIG_PROFILE_ALL_BRANCHES, every 'if()' introduces
a static variable, but that is not allowed in 'extern inline'
functions:
mpi-inline.h:116:204: warning: '______f' is static but declared in inline function 'mpihelp_sub' which is not static
mpi-inline.h:113:184: warning: '______f' is static but declared in inline function 'mpihelp_sub' which is not static
mpi-inline.h:70:184: warning: '______f' is static but declared in inline function 'mpihelp_add' which is not static
mpi-inline.h:56:204: warning: '______f' is static but declared in inline function 'mpihelp_add_1' which is not static
This changes the MPI code to use 'static inline' instead, to get
rid of hundreds of warnings.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Arnd Bergmann [Fri, 26 Feb 2016 12:46:26 +0000 (13:46 +0100)]
lib/mpi: avoid assembler warning
A wrapper around the umull assembly instruction might reuse
the input register as an output, which is undefined on
some ARM machines, as pointed out by this assembler warning:
CC lib/mpi/generic_mpih-mul1.o
/tmp/ccxJuxIy.s: Assembler messages:
/tmp/ccxJuxIy.s:53: rdhi, rdlo and rm must all be different
CC lib/mpi/generic_mpih-mul2.o
/tmp/ccI0scAD.s: Assembler messages:
/tmp/ccI0scAD.s:53: rdhi, rdlo and rm must all be different
CC lib/mpi/generic_mpih-mul3.o
/tmp/ccMvVQcp.s: Assembler messages:
/tmp/ccMvVQcp.s:53: rdhi, rdlo and rm must all be different
This changes the constraints to force different registers to
be used as output.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Álvaro Fernández Rojas [Sun, 21 Feb 2016 09:53:35 +0000 (10:53 +0100)]
hwrng: bcm63xx - fix non device tree compatibility
Allow building when OF is not enabled as suggested by Florian
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Reported-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marcus Meissner [Fri, 19 Feb 2016 12:34:28 +0000 (13:34 +0100)]
crypto: testmgr - allow rfc3686 aes-ctr variants in fips mode.
RFC 3686 CTR in various authenc methods.
rfc3686(ctr(aes)) is already marked fips compliant,
so these should be fine.
Signed-off-by: Marcus Meissner <meissner@suse.de>
Acked-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Pingchao Yang [Thu, 18 Feb 2016 03:29:02 +0000 (22:29 -0500)]
crypto: qat - The AE id should be less than the maximal AE number
Signed-off-by: Yang Pingchao <pingchao.yang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Michal Marek [Wed, 17 Feb 2016 13:46:59 +0000 (14:46 +0100)]
lib/mpi: Endianness fix
The limbs are integers in the host endianness, so we can't simply
iterate over the individual bytes. The current code happens to work on
little-endian, because the order of the limbs in the MPI array is the
same as the order of the bytes in each limb, but it breaks on
big-endian.
Fixes:
0f74fbf77d45 ("MPI: Fix mpi_read_buffer")
Signed-off-by: Michal Marek <mmarek@suse.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Zain Wang [Tue, 16 Feb 2016 02:15:01 +0000 (10:15 +0800)]
crypto: rockchip - add hash support for crypto engine in rk3288
Add md5 sha1 sha256 support for crypto engine in rk3288.
Signed-off-by: Zain Wang <zain.wang@rock-chips.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Stephan Mueller [Wed, 17 Feb 2016 06:00:01 +0000 (07:00 +0100)]
crypto: xts - fix compile errors
Commit
28856a9e52c7 missed the addition of the crypto/xts.h include file
for different architecture-specific AES implementations.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Stephan Mueller [Tue, 16 Feb 2016 10:34:47 +0000 (11:34 +0100)]
crypto: doc - add skcipher API documentation
The crypto API received the skcipher API which is intended to replace
the ablkcipher and blkcipher API. This patch adds the skcipher API
documentation to the DocBook, updates the code sample (including
removing the blkcipher example) replaces the references to ablkcipher
and blkcipher with skcipher.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Stephan Mueller [Tue, 16 Feb 2016 10:33:13 +0000 (11:33 +0100)]
crypto: doc - update AEAD AD handling
The associated data handling with the kernel crypto API has been
updated. This needs to be reflected in the documentation.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Stephan Mueller [Tue, 16 Feb 2016 10:32:34 +0000 (11:32 +0100)]
crypto: doc - add crypto_rng_generate
Add new crypto API call crypto_rng_generate to DocBook.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Stephan Mueller [Tue, 16 Feb 2016 10:32:06 +0000 (11:32 +0100)]
crypto: doc - add akcipher API
Reference the new akcipher API calls in the kernel crypto API DocBook.
Also, fix the comments in the akcipher.h file: double dashes do not look
good in the DocBook; fix a typo.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Fabio Estevam [Sun, 14 Feb 2016 15:08:21 +0000 (13:08 -0200)]
crypto: caam - Staticize caam_jr_shutdown()
caam_jr_shutdown() is only used in this file, so it can be
made static.
This avoids the following sparse warning:
drivers/crypto/caam/jr.c:68:5: warning: symbol 'caam_jr_shutdown' was not declared. Should it be static?
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tadeusz Struk [Wed, 10 Feb 2016 22:59:44 +0000 (14:59 -0800)]
crypto: qat - fix leak on error path
Fix a leak on error path in qat asym
Reported-by: Salvatore Benedetto <salvatore.benedetto@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Stephan Mueller [Tue, 9 Feb 2016 14:37:47 +0000 (15:37 +0100)]
crypto: xts - consolidate sanity check for keys
The patch centralizes the XTS key check logic into the service function
xts_check_key which is invoked from the different XTS implementations.
With this, the XTS implementations in ARM, ARM64, PPC and S390 have now
a sanity check for the XTS keys similar to the other arches.
In addition, this service function received a check to ensure that the
key != the tweak key which is mandated by FIPS 140-2 IG A.9. As the
check is not present in the standards defining XTS, it is only enforced
in FIPS mode of the kernel.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Joshua Henderson [Mon, 8 Feb 2016 21:17:53 +0000 (14:17 -0700)]
hwrng: pic32 - Add PIC32 RNG hardware driver
Add support for the hardware true random number generator
peripheral found on PIC32.
Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Signed-off-by: Purna Chandra Mandal <purna.mandal@microchip.com>
Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Joshua Henderson [Mon, 8 Feb 2016 21:17:52 +0000 (14:17 -0700)]
dt/bindings: Add bindings for the PIC32 random number generator
Document the devicetree bindings for the random number generator found
on Microchip PIC32 class devices.
Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Cyrille Pitchen [Mon, 8 Feb 2016 15:26:49 +0000 (16:26 +0100)]
crypto: atmel-sha - fix race in atmel_sha_final()
When (!ctx->bufcnt && !(ctx->flags & SHA_FLAGS_PAD)), the former source
code used to set the SHA_FLAGS_BUSY without checking whether this flag was
already set. If so, the hardware is already processing another hash
request so the processing of the req argument of atmel_sha_final() should
be delayed by queueing this request, the same way as done for the
(ctx->bufcnt != 0) case.
Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Cyrille Pitchen [Mon, 8 Feb 2016 15:26:48 +0000 (16:26 +0100)]
crypto: atmel-sha - fix .import()/.export() implementation
Using only the digest, digcnt[], bufcnt and buffer[] fields of the
struct atmel_sha_reqctx was not enough to import/export the request state,
so now we use the whole structure.
Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marcus Meissner [Sat, 6 Feb 2016 10:53:07 +0000 (11:53 +0100)]
crypto: testmgr - mark authenticated ctr(aes) also as FIPS able
(2nd try that adds missing , to build.)
Signed-off-by: Marcus Meissner <meissner@suse.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Tue, 9 Feb 2016 08:18:01 +0000 (16:18 +0800)]
crypto: keys - Revert "convert public key to akcipher api"
This needs to go through the security tree so I'm reverting the
patches for now.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marcus Meissner [Fri, 5 Feb 2016 13:23:33 +0000 (14:23 +0100)]
crypto: testmgr - mark more algorithms as FIPS compliant
Some more authenc() wrapped algorithms are FIPS compliant, tag
them as such.
Signed-off-by: Marcus Meissner <meissner@suse.de>
Acked-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Jerome Marchand [Wed, 3 Feb 2016 12:58:12 +0000 (13:58 +0100)]
crypto: testmgr - fix out of bound read in __test_aead()
__test_aead() reads MAX_IVLEN bytes from template[i].iv, but the
actual length of the initialisation vector can be shorter.
The length of the IV is already calculated earlier in the
function. Let's just reuses that. Also the IV length is currently
calculated several time for no reason. Let's fix that too.
This fix an out-of-bound error detected by KASan.
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Fabio Estevam [Wed, 3 Feb 2016 12:46:52 +0000 (10:46 -0200)]
crypto: sahara - fill the statesize field
Currently the sahara driver fails to probe:
sahara: probe of
63ff8000.crypto failed with error -22
This happens since commit
8996eafdcbad ("crypto: ahash - ensure statesize
is non-zero"), which requires statesize to be filled.
Pass the statesize members for sha1 and sha256, so we can probe
the driver successfully again.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Fabio Estevam [Wed, 3 Feb 2016 12:46:51 +0000 (10:46 -0200)]
crypto: sahara - avoid needlessly saving and restoring sahara_ctx
Based on commit
434b421241f2d0 ("crypto: caam - avoid needlessly saving and
restoring caam_hash_ctx") from Russell King.
When exporting and importing the hash state, we will only export and
import into hashes which share the same struct crypto_ahash pointer.
(See hash_accept->af_alg_accept->hash_accept_parent.)
This means that saving the sahara_ctx structure on export, and
restoring it on import is a waste of resources. So, remove this code.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Fabio Estevam [Wed, 3 Feb 2016 12:46:50 +0000 (10:46 -0200)]
crypto: sahara - remove unneeded mutex in the exported state
As pointed out by Herbert Xu we should not include the mutex in the
exported state, so let's just get rid of it.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Wang, Rui Y [Wed, 3 Feb 2016 10:26:57 +0000 (18:26 +0800)]
crypto: testmgr - Add a test case for import()/export()
Modify __test_hash() so that hash import/export can be tested
from within the kernel. The test is unconditionally done when
a struct hash_testvec has its .np > 1.
v3: make the test unconditional
v2: Leverage template[i].np as suggested by Tim Chen
Signed-off-by: Rui Wang <rui.y.wang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tadeusz Struk [Tue, 2 Feb 2016 18:09:03 +0000 (10:09 -0800)]
crypto: public_key - remove MPIs from public_key_signature struct
After digsig_asymmetric.c is converted the MPIs can be now
safely removed from the public_key_signature structure.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tadeusz Struk [Tue, 2 Feb 2016 18:08:58 +0000 (10:08 -0800)]
integrity: convert digsig to akcipher api
Convert asymmetric_verify to akcipher api.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tadeusz Struk [Tue, 2 Feb 2016 18:08:53 +0000 (10:08 -0800)]
crypto: asymmetric_keys - convert public key and digsig asym to the akcipher api
This patch converts the module verification code to the new akcipher API.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tom Lendacky [Tue, 2 Feb 2016 17:38:21 +0000 (11:38 -0600)]
crypto: ccp - Don't assume export/import areas are aligned
Use a local variable for the exported and imported state so that
alignment is not an issue. On export, set a local variable from the
request context and then memcpy the contents of the local variable to
the export memory area. On import, memcpy the import memory area into
a local variable and then use the local variable to set the request
context.
Cc: <stable@vger.kernel.org> # 3.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Wang, Rui Y [Tue, 2 Feb 2016 13:56:45 +0000 (21:56 +0800)]
crypto: sha-mb - Fix load failure
On Monday, February 1, 2016 4:18 PM, Herbert Xu wrote:
>
> On Wed, Jan 27, 2016 at 05:08:35PM +0800, Rui Wang wrote:
>>
>> +static int sha1_mb_async_import(struct ahash_request *req, const void
>> +*in) {
>> + struct ahash_request *mcryptd_req = ahash_request_ctx(req);
>> + struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
>> + struct sha1_mb_ctx *ctx = crypto_ahash_ctx(tfm);
>> + struct mcryptd_ahash *mcryptd_tfm = ctx->mcryptd_tfm;
>> + struct crypto_shash *child = mcryptd_ahash_child(mcryptd_tfm);
>> + struct mcryptd_hash_request_ctx *rctx;
>> + struct shash_desc *desc;
>> + int err;
>> +
>> + memcpy(mcryptd_req, req, sizeof(*req));
>> + ahash_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
>> + rctx = ahash_request_ctx(mcryptd_req);
>> + desc = &rctx->desc;
>> + desc->tfm = child;
>> + desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
>> +
>> + err = crypto_shash_init(desc);
>> + if (err)
>> + return err;
>
> What is this desc for?
Hi Herbert,
Yeah I just realized that the call to crypto_shash_init() isn't necessary
here. What it does is overwritten by crypto_ahash_import(). But this desc
still needs to be initialized here because it's newly allocated by
ahash_request_alloc(). We eventually calls the shash version of import()
which needs desc as an argument. The real context to be imported is then
derived from shash_desc_ctx(desc).
desc is a sub-field of struct mcryptd_hash_request_ctx, which is again a
sub-field of the bigger blob allocated by ahash_request_alloc(). The entire
blob's size is set in sha1_mb_async_init_tfm(). So a better version is as
follows:
(just removed the call to crypto_shash_init())
>From
4bcb73adbef99aada94c49f352063619aa24d43d Mon Sep 17 00:00:00 2001
From: Rui Wang <rui.y.wang@intel.com>
Date: Mon, 14 Dec 2015 17:22:13 +0800
Subject: [PATCH v2 1/4] crypto x86/sha1_mb: Fix load failure
modprobe sha1_mb fails with the following message:
modprobe: ERROR: could not insert 'sha1_mb': No such device
It is because it needs to set its statesize and implement its
import() and export() interface.
v2: remove redundant call to crypto_shash_init()
Signed-off-by: Rui Wang <rui.y.wang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tadeusz Struk [Mon, 1 Feb 2016 19:17:30 +0000 (11:17 -0800)]
crypto: aead - move aead_request_cast helper to aead.h
Move the helper function to common header for everybody to use.
changes in v2:
- move the helper to crypto/internal/aead.h
instead of crypto/aead.h
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Andre Przywara [Mon, 1 Feb 2016 17:39:21 +0000 (17:39 +0000)]
crypto: sunxi-ss - prevent compilation on 64-bit
The driver for the sunxi-ss crypto engine is not entirely 64-bit safe,
compilation on arm64 spits some warnings.
The proper fix was deemed to involved [1], so since 64-bit SoCs won't
have this IP block we just disable this driver for 64-bit.
[1]: http://lists.infradead.org/pipermail/linux-arm-kernel/2016-January/399988.html
(and the reply)
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Corentin LABBE <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Mon, 1 Feb 2016 13:36:54 +0000 (21:36 +0800)]
crypto: hash - Remove crypto_hash interface
This patch removes all traces of the crypto_hash interface, now
that everyone has switched over to shash or ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Mon, 1 Feb 2016 13:36:53 +0000 (21:36 +0800)]
staging: lustre: Use ahash
This patch replaces uses of the long obsolete hash interface with
ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Herbert Xu [Mon, 1 Feb 2016 13:36:52 +0000 (21:36 +0800)]
crypto: hash - Add helpers to return alg and driver names
This patch adds helpers to retrieve the alg name and driver name
of crypto_shash and crypto_ahash objects.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Mon, 1 Feb 2016 13:36:51 +0000 (21:36 +0800)]
crypto: skcipher - Fix driver name helper
The helper crypto_skcipher_driver_name was returning the alg
name and not the driver name.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Mon, 1 Feb 2016 13:36:50 +0000 (21:36 +0800)]
crypto: doc - Use ahash
This patch replaces the crypto_hash example in api-intro.txt with
crypto_ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Mon, 1 Feb 2016 13:36:49 +0000 (21:36 +0800)]
crypto: tcrypt - Use ahash
This patch removes the last user of the obsolete crypto_hash
interface, tcrypt, by simply switching it over to ahash. In
fact it already has all the code there so it's just a matter
of calling the ahash speed test code with the right mask.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Dan Carpenter [Sat, 30 Jan 2016 14:38:28 +0000 (17:38 +0300)]
crypto: keywrap - memzero the correct memory
We're clearing the wrong memory. The memory corruption is likely
harmless because we weren't going to use that stack memory again but not
zeroing is a potential information leak.
Fixes:
e28facde3c39 ('crypto: keywrap - add key wrapping block chaining mode')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tom Lendacky [Fri, 29 Jan 2016 18:45:14 +0000 (12:45 -0600)]
crypto: ccp - Limit the amount of information exported
Since the exported information can be exposed to user-space, instead of
exporting the entire request context only export the minimum information
needed.
Cc: <stable@vger.kernel.org> # 3.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Baolin Wang [Tue, 26 Jan 2016 12:25:40 +0000 (20:25 +0800)]
crypto: omap-aes - Support crypto engine framework
Integrate with the newly added crypto engine to make the crypto hardware
engine underutilized as each block needs to be processed before the crypto
hardware can start working on the next block.
The requests from dm-crypt will be listed into engine queue and processed
by engine automatically, so remove the 'queue' and 'queue_task' things in
omap aes driver.
Signed-off-by: Baolin Wang <baolin.wang@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Baolin Wang [Tue, 26 Jan 2016 12:25:39 +0000 (20:25 +0800)]
crypto: engine - Introduce the block request crypto engine framework
Now block cipher engines need to implement and maintain their own queue/thread
for processing requests, moreover currently helpers provided for only the queue
itself (in crypto_enqueue_request() and crypto_dequeue_request()) but they
don't help with the mechanics of driving the hardware (things like running the
request immediately, DMA map it or providing a thread to process the queue in)
even though a lot of that code really shouldn't vary that much from device to
device.
Thus this patch provides a mechanism for pushing requests to the hardware
as it becomes free that drivers could use. And this framework is patterned
on the SPI code and has worked out well there.
(https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/
drivers/spi/spi.c?id=
ffbbdd21329f3e15eeca6df2d4bc11c04d9d91c0)
Signed-off-by: Baolin Wang <baolin.wang@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Baolin Wang [Tue, 26 Jan 2016 12:25:38 +0000 (20:25 +0800)]
crypto: api - Introduce crypto_queue_len() helper function
This patch introduces crypto_queue_len() helper function to help to get the
queue length in the crypto queue list now.
Signed-off-by: Baolin Wang <baolin.wang@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Cyrille Pitchen [Fri, 29 Jan 2016 16:04:02 +0000 (17:04 +0100)]
crypto: atmel-sha - fix algorihtm registration
This patch implements the missing .import() and .export() mandatory
hooks for asynchronous hash algorithms. It also sets the relevant, non
zero, value for the .statesize field when declaring the supported SHA
algorithms. Indeed a zero value of .statesize prevents the algorithm from
being registered.
Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Fri, 29 Jan 2016 10:20:17 +0000 (18:20 +0800)]
crypto: crc32 - Rename generic implementation
The generic crc32 implementation is currently called crc32. This
is a problem because it clashes with the lib implementation of crc32.
This patch renames the crypto crc32 to crc32_generic so that it is
consistent with crc32c. An alias for the driver is also added.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Wang, Rui Y [Wed, 27 Jan 2016 09:08:36 +0000 (17:08 +0800)]
crypto: mcryptd - Fix load failure
mcryptd_create_hash() fails by returning -EINVAL, causing any
driver using mcryptd to fail to load. It is because it needs
to set its statesize properly.
Signed-off-by: Rui Wang <rui.y.wang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Arnd Bergmann [Tue, 26 Jan 2016 13:47:10 +0000 (14:47 +0100)]
crypto: jitterentropy - always select CRYPTO_RNG
When building the jitterentropy driver by itself, we get a link error
when CRYPTO_RNG is not enabled as well:
crypto/built-in.o: In function `jent_mod_init':
jitterentropy-kcapi.c:(.init.text+0x98): undefined reference to `crypto_register_rng'
crypto/built-in.o: In function `jent_mod_exit':
jitterentropy-kcapi.c:(.exit.text+0x60): undefined reference to `crypto_unregister_rng'
This adds a 'select CRYPTO_RNG' to CRYPTO_JITTERENTROPY to ensure the API
is always there when it's used, not just when DRBG is also enabled.
CRYPTO_DRBG would set it implicitly through CRYPTO_JITTERENTROPY now,
but this leaves it in place to make it explicit what the driver does.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Arnd Bergmann [Tue, 26 Jan 2016 13:44:50 +0000 (14:44 +0100)]
crypto: sunxi - don't print confusing data
gcc correctly warns that the printk output contains a variable that
it thinks is not initialized in some cases:
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c: In function 'sun4i_ss_cipher_poll':
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c:254:76: warning: 'todo' may be used uninitialized in this function [-Wmaybe-uninitialized]
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c:144:15: note: 'todo' was declared here
A closer look at the function reveals that the variable is always
initialized at this point (ileft is guaranteed to be positive at the
start), but its contents are not well-defined:
Depending on some other variables, it might be either a count in
words or bytes, and it could refer to either input or output.
The easiest solution apparently is to remove the confusing output
and let the reader figure out the state from the other variables.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Ilya Dryomov [Tue, 26 Jan 2016 10:54:55 +0000 (18:54 +0800)]
libceph: Remove unnecessary ivsize variables
This patch removes the unnecessary ivsize variabls as they always
have the value of AES_BLOCK_SIZE.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Joonsoo Kim [Tue, 26 Jan 2016 08:15:03 +0000 (17:15 +0900)]
crypto: compress - remove unused pcomp interface
It is unused now, so remove it.
Signed-off-by: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Megha Dey [Tue, 26 Jan 2016 00:46:09 +0000 (16:46 -0800)]
crypto: sha1-mb - Add missing args_digest offset
The _args_digest is defined as _args+_digest, both of which are the first
members of 2 separate structures, effectively yielding _args_digest to have
a value of zero. Thus, no errors have spawned yet due to this. To ensure
sanity, adding the missing _args_digest offset to the sha1_mb_mgr_submit.S.
Signed-off-by: Megha Dey <megha.dey@linux.intel.com>
Acked-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Mon, 25 Jan 2016 02:29:33 +0000 (10:29 +0800)]
eCryptfs: Use skcipher and shash
This patch replaces uses of ablkcipher and blkcipher with skcipher,
and the long obsolete hash interface with shash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:20:23 +0000 (21:20 +0800)]
tcp: Use ahash
This patch replaces uses of the long obsolete hash interface with
ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Sun, 24 Jan 2016 13:20:12 +0000 (21:20 +0800)]
sctp: Use shash
This patch replaces uses of the long obsolete hash interface with
shash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Sun, 24 Jan 2016 13:20:02 +0000 (21:20 +0800)]
nfsd: Use shash
This patch replaces uses of the long obsolete hash interface with
shash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:19:52 +0000 (21:19 +0800)]
iscsi-target: Use shash and ahash
This patch replaces uses of the long obsolete hash interface with
either shash (for non-SG users) or ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:19:41 +0000 (21:19 +0800)]
iscsi_tcp: Use ahash
This patch replaces uses of the long obsolete hash interface with
ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Mike Christie <michaelc@cs.wisc.edu>
Herbert Xu [Sun, 24 Jan 2016 13:19:31 +0000 (21:19 +0800)]
nfc: s3fwrn5: Use shash
This patch replaces uses of the long obsolete hash interface with
shash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:19:21 +0000 (21:19 +0800)]
drbd: Use shash and ahash
This patch replaces uses of the long obsolete hash interface with
either shash (for non-SG users) or ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:19:11 +0000 (21:19 +0800)]
ipsec: Use skcipher and ahash when probing algorithms
This patch removes the last reference to hash and ablkcipher from
IPsec and replaces them with ahash and skcipher respectively. For
skcipher there is currently no difference at all, while for ahash
the current code is actually buggy and would prevent asynchronous
algorithms from being discovered.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Sun, 24 Jan 2016 13:19:01 +0000 (21:19 +0800)]
rxrpc: Use skcipher
This patch replaces uses of blkcipher with skcipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:18:50 +0000 (21:18 +0800)]
mac802154: Use skcipher
This patch replaces uses of blkcipher with skcipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Stefan Schmidt <stefan@osg.samsung.com>
Herbert Xu [Sun, 24 Jan 2016 13:18:40 +0000 (21:18 +0800)]
libceph: Use skcipher
This patch replaces uses of blkcipher with skcipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:18:30 +0000 (21:18 +0800)]
Bluetooth: Use skcipher and hash
This patch replaces uses of blkcipher with skcipher and the long
obsolete hash interface with shash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Herbert Xu [Sun, 24 Jan 2016 13:18:19 +0000 (21:18 +0800)]
KEYS: Use skcipher
This patch replaces uses of blkcipher with skcipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:18:09 +0000 (21:18 +0800)]
lib80211: Use skcipher and ahash
This patch replaces uses of blkcipher with skcipher and the long
obsolete hash interface with ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:17:59 +0000 (21:17 +0800)]
sunrpc: Use skcipher and ahash/shash
This patch replaces uses of blkcipher with skcipher and the long
obsolete hash interface with either shash (for non-SG users) and
ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:17:49 +0000 (21:17 +0800)]
f2fs: Use skcipher
This patch replaces uses of ablkcipher with skcipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:17:38 +0000 (21:17 +0800)]
ext4: Use skcipher
This patch replaces uses of ablkcipher with skcipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:17:17 +0000 (21:17 +0800)]
cifs: Use skcipher
This patch replaces uses of blkcipher with skcipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:17:07 +0000 (21:17 +0800)]
wusb: Use skcipher
This patch replaces uses of blkcipher with skcipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:16:57 +0000 (21:16 +0800)]
staging: rtl8192u: Use skcipher and ahash
This patch replaces uses of blkcipher with skcipher, and the long
obsolete hash interface with ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Herbert Xu [Sun, 24 Jan 2016 13:16:47 +0000 (21:16 +0800)]
orinoco: Use ahash
This patch replaces uses the long obsolete hash interface with ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:16:36 +0000 (21:16 +0800)]
dm crypt: Use skcipher and ahash
This patch replaces uses of ablkcipher with skcipher, and the long
obsolete hash interface with ahash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:16:26 +0000 (21:16 +0800)]
staging: rtl8192e: Replace uses of obsolete blkcipher and hash
The interfaces blkcipher and hash are obsolete. This patch replaces
them with skcipher and ahash respectively.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Herbert Xu [Sun, 24 Jan 2016 13:16:16 +0000 (21:16 +0800)]
ppp_mppe: Use skcipher and ahash
This patch replaces uses of blkcipher with skcipher, and the long
obsolete hash interface with ahash. This is a bug-for-bug conversion
and no attempt has been made to fix bugs such as the ignored return
values of the crypto operations.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 24 Jan 2016 13:16:06 +0000 (21:16 +0800)]
block: cryptoloop - Use new skcipher interface
This patch replaces uses of blkcipher with the new skcipher
interface.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Tue, 26 Jan 2016 14:14:36 +0000 (22:14 +0800)]
crypto: skcipher - Add helper to retrieve driver name
This patch adds the helper crypto_skcipher_driver_name which returns
the driver name of the alg object for a given tfm. This is needed by
ecryptfs.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Anatoly Pugachev [Mon, 25 Jan 2016 21:19:02 +0000 (00:19 +0300)]
hwrng: n2 - Attach on T5/M5, T7/M7 SPARC CPUs
n2rng: Attach on T5/M5, T7/M7 SPARC CPUs
(space to tab fixes after variable names)
Signed-off-by: Anatoly Pugachev <matorola@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Anatoly Pugachev [Mon, 25 Jan 2016 16:09:21 +0000 (19:09 +0300)]
hwrng: n2 - documentation, add DT bindings, vendor prefixes
n2rng: documentation, add DT bindings, vendor prefixes
Signed-off-by: Anatoly Pugachev <matorola@gmail.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sat, 23 Jan 2016 05:52:40 +0000 (13:52 +0800)]
crypto: hash - Add crypto_has_ahash helper
This patch adds the helper crypto_has_ahash which should replace
crypto_has_hash.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sat, 23 Jan 2016 05:51:01 +0000 (13:51 +0800)]
crypto: api - Add crypto_type_has_alg helper
This patch adds the helper crypto_type_has_alg which is meant
to replace crypto_has_alg for new-style crypto types. Rather
than hard-coding type/mask information they're now retrieved
from the crypto_type object.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Fri, 22 Jan 2016 15:21:10 +0000 (23:21 +0800)]
crypto: skcipher - Add helper to zero stack request
As the size of an skcipher_request is variable, it's awkward to
zero it explicitly. This patch adds a helper to do that which
should be used when it is created on the stack.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Fri, 22 Jan 2016 15:17:58 +0000 (23:17 +0800)]
crypto: hash - Add helpers to zero stack request/descriptor
As the size of an ahash_request or shash_desc is variable, it's
awkward to zero them explicitly. This patch adds helpers to do
that which should be used when they are created on the stack.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Stephan Mueller [Fri, 22 Jan 2016 08:52:28 +0000 (09:52 +0100)]
crypto: drbg - remove FIPS 140-2 continuous test
The newly released FIPS 140-2 IG 9.8 specifies that for SP800-90A
compliant DRBGs, the FIPS 140-2 continuous random number generator test
is not required any more.
This patch removes the test and all associated data structures.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Thu, 21 Jan 2016 09:10:56 +0000 (17:10 +0800)]
crypto: skcipher - Add default key size helper
While converting ecryptfs over to skcipher I found that it needs
to pick a default key size if one isn't given. Rather than having
it poke into the guts of the algorithm to get max_keysize, let's
provide a helper that is meant to give a sane default (just in
case we ever get an algorithm that has no maximum key size).
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Cabiddu, Giovanni [Tue, 19 Jan 2016 17:34:04 +0000 (17:34 +0000)]
crypto: qat - Reduced reqsize in qat_algs
req_alloc functions already take into account the request data structure
when allocating memory.
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
projects / cascardo / linux.git / log