Eric Lee / smarc-fsl-linux-kernel

09 Jan, 2020

1 commit

674f368a9 crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN ... Browse Code »

The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.

However, no one actually checks for this flag, which makes it pointless.

Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.

Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.

So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.

So just remove this flag.

Signed-off-by: Eric Biggers
Reviewed-by: Horia Geantă
Signed-off-by: Herbert Xu

Eric Biggers
2020-01-09 11:30:53 +0800

11 Dec, 2019

1 commit

9c1e8836e crypto: x86 - Regularize glue function prototypes ... Browse Code »

The crypto glue performed function prototype casting via macros to make
indirect calls to assembly routines. Instead of performing casts at the
call sites (which trips Control Flow Integrity prototype checking), switch
each prototype to a common standard set of arguments which allows the
removal of the existing macros. In order to keep pointer math unchanged,
internal casting between u128 pointers and u8 pointers is added.

Co-developed-by: João Moreira
Signed-off-by: João Moreira
Signed-off-by: Kees Cook
Reviewed-by: Eric Biggers
Signed-off-by: Herbert Xu

Kees Cook
2019-12-11 16:36:54 +0800

31 May, 2019

1 commit

1cc6582ee treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 140 ... Browse Code »

Based on 1 normalized pattern(s):

this program is free software you can redistribute it and or modify
it under the terms of gnu general public license as published by the
free software foundation either version 2 of the license or at your
option any later version you should have received a copy of the gnu
general public license along with this program if not see http www
gnu org licenses

extracted by the scancode license scanner the SPDX license identifier

GPL-2.0-or-later

has been chosen to replace the boilerplate/reference in 2 file(s).

Signed-off-by: Thomas Gleixner
Reviewed-by: Richard Fontana
Reviewed-by: Kate Stewart
Reviewed-by: Allison Randal
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190524100844.276644418@linutronix.de
Signed-off-by: Greg Kroah-Hartman

Thomas Gleixner
2019-05-31 02:25:16 +0800

18 Apr, 2019

1 commit

c4741b230 crypto: run initcalls for generic implementations earlier ... Browse Code »

Use subsys_initcall for registration of all templates and generic
algorithm implementations, rather than module_init. Then change
cryptomgr to use arch_initcall, to place it before the subsys_initcalls.

This is needed so that when both a generic and optimized implementation
of an algorithm are built into the kernel (not loadable modules), the
generic implementation is registered before the optimized one.
Otherwise, the self-tests for the optimized implementation are unable to
allocate the generic implementation for the new comparison fuzz tests.

Note that on arm, a side effect of this change is that self-tests for
generic implementations may run before the unaligned access handler has
been installed. So, unaligned accesses will crash the kernel. This is
arguably a good thing as it makes it easier to detect that type of bug.

Signed-off-by: Eric Biggers
Signed-off-by: Herbert Xu

Eric Biggers
2019-04-18 22:15:03 +0800

29 Nov, 2017

1 commit

1af39daaa crypto: replace FSF address with web source in license notices ... Browse Code »

A few years ago the FSF moved and "59 Temple Place" is wrong. Having this
still in our source files feels old and unmaintained.

Let's take the license statement serious and not confuse users.

As https://www.gnu.org/licenses/gpl-howto.html suggests, we replace the
postal address with "".

Signed-off-by: Martin Kepplinger
Signed-off-by: Herbert Xu

Martin Kepplinger
2017-11-29 14:33:25 +0800

13 Jan, 2015

1 commit

3e14dcf7c crypto: add missing crypto module aliases ... Browse Code »

Commit 5d26a105b5a7 ("crypto: prefix module autoloading with "crypto-"")
changed the automatic module loading when requesting crypto algorithms
to prefix all module requests with "crypto-". This requires all crypto
modules to have a crypto specific module alias even if their file name
would otherwise match the requested crypto algorithm.

Even though commit 5d26a105b5a7 added those aliases for a vast amount of
modules, it was missing a few. Add the required MODULE_ALIAS_CRYPTO
annotations to those files to make them get loaded automatically, again.
This fixes, e.g., requesting 'ecb(blowfish-generic)', which used to work
with kernels v3.18 and below.

Also change MODULE_ALIAS() lines to MODULE_ALIAS_CRYPTO(). The former
won't work for crypto modules any more.

Fixes: 5d26a105b5a7 ("crypto: prefix module autoloading with "crypto-"")
Cc: Kees Cook
Signed-off-by: Mathias Krause
Signed-off-by: Herbert Xu

Mathias Krause
2015-01-13 19:29:11 +0800

24 Nov, 2014

1 commit

5d26a105b crypto: prefix module autoloading with "crypto-" ... Browse Code »

This prefixes all crypto module loading with "crypto-" so we never run
the risk of exposing module auto-loading to userspace via a crypto API,
as demonstrated by Mathias Krause:

https://lkml.org/lkml/2013/3/4/70

Signed-off-by: Kees Cook
Signed-off-by: Herbert Xu

Kees Cook
2014-11-24 22:43:57 +0800

06 Dec, 2012

1 commit

044ab5257 crypto: cast5/cast6 - move lookup tables to shared module ... Browse Code »

CAST5 and CAST6 both use same lookup tables, which can be moved shared module
'cast_common'.

Signed-off-by: Jussi Kivilinna
Acked-by: David S. Miller
Signed-off-by: Herbert Xu

Jussi Kivilinna
2012-12-06 17:16:26 +0800

07 Sep, 2012

1 commit

312639bb1 Revert "[CRYPTO] cast6: inline bloat--" ... Browse Code »

This reverts commit e6ccc727f30a02670f6a00df6d548942bc988f43.

Above commit caused performance regression for CAST6. Reverting gives
following increase in tcrypt speed tests (revert-vs-old ratios).

AMD Phenom II X6 1055T, x86-64:

size ecb cbc ctr lrw xts
enc dec enc dec enc dec enc dec enc dec
16b 1.15x 1.17x 1.16x 1.17x 1.16x 1.16x 1.14x 1.19x 1.05x 1.07x
64b 1.19x 1.23x 1.20x 1.22x 1.19x 1.19x 1.16x 1.24x 1.12x 1.12x
256b 1.21x 1.24x 1.22x 1.24x 1.20x 1.20x 1.17x 1.21x 1.16x 1.14x
1kb 1.21x 1.25x 1.22x 1.24x 1.21x 1.21x 1.18x 1.22x 1.17x 1.15x
8kb 1.21x 1.25x 1.22x 1.24x 1.21x 1.21x 1.18x 1.22x 1.18x 1.15x

Cc: Ilpo Järvinen
Signed-off-by: Jussi Kivilinna
Signed-off-by: Herbert Xu

Jussi Kivilinna
2012-09-07 04:17:06 +0800

01 Aug, 2012

1 commit

2b49b9067 crypto: cast6 - prepare generic module for optimized implementations ... Browse Code »

Rename cast6 module to cast6_generic to allow autoloading of optimized
implementations. Generic functions and s-boxes are exported to be able to use
them within optimized implementations.

Signed-off-by: Johannes Goetzfried
Signed-off-by: Herbert Xu

Johannes Goetzfried
2012-08-01 17:47:30 +0800