Eric Lee / smarc-fsl-linux-kernel

21 May, 2019

1 commit

  • 1ccea77e2   treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 ... Browse Code »

    Based on 2 normalized pattern(s):

    this program is free software you can redistribute it and or modify
    it under the terms of the gnu general public license as published by
    the free software foundation either version 2 of the license or at
    your option any later version this program is distributed in the
    hope that it will be useful but without any warranty without even
    the implied warranty of merchantability or fitness for a particular
    purpose see the gnu general public license for more details you
    should have received a copy of the gnu general public license along
    with this program if not see http www gnu org licenses

    this program is free software you can redistribute it and or modify
    it under the terms of the gnu general public license as published by
    the free software foundation either version 2 of the license or at
    your option any later version this program is distributed in the
    hope that it will be useful but without any warranty without even
    the implied warranty of merchantability or fitness for a particular
    purpose see the gnu general public license for more details [based]
    [from] [clk] [highbank] [c] you should have received a copy of the
    gnu general public license along with this program if not see http
    www gnu org licenses

    extracted by the scancode license scanner the SPDX license identifier

    GPL-2.0-or-later

    has been chosen to replace the boilerplate/reference in 355 file(s).

    Signed-off-by: Thomas Gleixner
    Reviewed-by: Kate Stewart
    Reviewed-by: Jilayne Lovejoy
    Reviewed-by: Steve Winslow
    Reviewed-by: Allison Randal
    Cc: linux-spdx@vger.kernel.org
    Link: https://lkml.kernel.org/r/20190519154041.837383322@linutronix.de
    Signed-off-by: Greg Kroah-Hartman

    Thomas Gleixner
     

18 Apr, 2019

1 commit

  • c4741b230   crypto: run initcalls for generic implementations earlier ... Browse Code »

    Use subsys_initcall for registration of all templates and generic
    algorithm implementations, rather than module_init. Then change
    cryptomgr to use arch_initcall, to place it before the subsys_initcalls.

    This is needed so that when both a generic and optimized implementation
    of an algorithm are built into the kernel (not loadable modules), the
    generic implementation is registered before the optimized one.
    Otherwise, the self-tests for the optimized implementation are unable to
    allocate the generic implementation for the new comparison fuzz tests.

    Note that on arm, a side effect of this change is that self-tests for
    generic implementations may run before the unaligned access handler has
    been installed. So, unaligned accesses will crash the kernel. This is
    arguably a good thing as it makes it easier to detect that type of bug.

    Signed-off-by: Eric Biggers
    Signed-off-by: Herbert Xu

    Eric Biggers
     

04 Sep, 2018

1 commit

  • 3bdd23f88   crypto: xcbc - Remove VLA usage ... Browse Code »

    In the quest to remove all stack VLA usage from the kernel[1], this uses
    the maximum blocksize and adds a sanity check. For xcbc, the blocksize
    must always be 16, so use that, since it's already being enforced during
    instantiation.

    [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com

    Signed-off-by: Kees Cook
    Signed-off-by: Herbert Xu

    Kees Cook
     

29 Nov, 2017

1 commit

26 Nov, 2014

1 commit

  • 4943ba16b   crypto: include crypto- module prefix in template ... Browse Code »

    This adds the module loading prefix "crypto-" to the template lookup
    as well.

    For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
    includes the "crypto-" prefix at every level, correctly rejecting "vfat":

    net-pf-38
    algif-hash
    crypto-vfat(blowfish)
    crypto-vfat(blowfish)-all
    crypto-vfat

    Reported-by: Mathias Krause
    Signed-off-by: Kees Cook
    Acked-by: Mathias Krause
    Signed-off-by: Herbert Xu

    Kees Cook
     

01 Nov, 2011

1 commit

20 Aug, 2009

1 commit

  • 36f87a4a2   crypto: xcbc - Fix alignment calculation of xcbc_tfm_ctx ... Browse Code »

    The alignment calculation of xcbc_tfm_ctx uses alg->cra_alignmask
    and not alg->cra_alignmask + 1 as it should. This led to frequent
    crashes during the selftest of xcbc(aes-asm) on x86_64
    machines. This patch fixes this. Also we use the alignmask
    of xcbc and not the alignmask of the underlying algorithm
    for the alignmnent calculation in xcbc_create now.

    Signed-off-by: Steffen Klassert
    Signed-off-by: Herbert Xu

    Steffen Klassert
     

22 Jul, 2009

2 commits

15 Jul, 2009

1 commit

14 Jul, 2009

1 commit

02 Apr, 2008

1 commit

  • 1edcf2e1e   [CRYPTO] xcbc: Fix crash when ipsec uses xcbc-mac with big data chunk ... Browse Code »

    The kernel crashes when ipsec passes a udp packet of about 14XX bytes
    of data to aes-xcbc-mac.

    It seems the first xxxx bytes of the data are in first sg entry,
    and remaining xx bytes are in next sg entry. But we don't
    check next sg entry to see if we need to go look the page up.

    I noticed in hmac.c, we do a scatterwalk_sg_next(), to do this check
    and possible lookup, thus xcbc.c needs to use this routine too.

    A 15-hour run of an ipsec stress test sending streams of tcp and
    udp packets of various sizes, using this patch and
    aes-xcbc-mac completed successfully, so hopefully this fixes the
    problem.

    Signed-off-by: Joy Latten
    Signed-off-by: Herbert Xu

    Joy Latten
     

06 Mar, 2008

1 commit

  • 2f40a178e   [CRYPTO] xcbc: Fix crash with IPsec ... Browse Code »

    When using aes-xcbc-mac for authentication in IPsec,
    the kernel crashes. It seems this algorithm doesn't
    account for the space IPsec may make in scatterlist for authtag.
    Thus when crypto_xcbc_digest_update2() gets called,
    nbytes may be less than sg[i].length.
    Since nbytes is an unsigned number, it wraps
    at the end of the loop allowing us to go back
    into loop and causing crash in memcpy.

    I used update function in digest.c to model this fix.
    Please let me know if it looks ok.

    Signed-off-by: Joy Latten
    Signed-off-by: Herbert Xu

    Joy Latten
     

08 Feb, 2008

1 commit

11 Jan, 2008

3 commits

23 Oct, 2007

1 commit

02 May, 2007

1 commit

  • ebc610e5b   [CRYPTO] templates: Pass type/mask when creating instances ... Browse Code »

    This patch passes the type/mask along when constructing instances of
    templates. This is in preparation for templates that may support
    multiple types of instances depending on what is requested. For example,
    the planned software async crypto driver will use this construct.

    For the moment this allows us to check whether the instance constructed
    is of the correct type and avoid returning success if the type does not
    match.

    Signed-off-by: Herbert Xu

    Herbert Xu
     

07 Feb, 2007

3 commits

07 Dec, 2006

2 commits

  • 5b37538a5   [CRYPTO] xcbc: Make needlessly global code static ... Browse Code »

    On Tue, Nov 14, 2006 at 01:41:25AM -0800, Andrew Morton wrote:
    >...
    > Changes since 2.6.19-rc5-mm2:
    >...
    > git-cryptodev.patch
    >...
    > git trees
    >...

    This patch makes some needlessly global code static.

    Signed-off-by: Adrian Bunk
    Signed-off-by: Herbert Xu

    Adrian Bunk
     
  • 333b0d7ee   [CRYPTO] xcbc: New algorithm ... Browse Code »

    This is core code of XCBC.

    XCBC is an algorithm that forms a MAC algorithm out of a cipher algorithm.
    For example, AES-XCBC-MAC is a MAC algorithm based on the AES cipher
    algorithm.

    Signed-off-by: Kazunori MIYAZAWA
    Signed-off-by: Herbert Xu

    Kazunori MIYAZAWA