14 Mar, 2019
1 commit
-
Pull crypto fixes from Herbert Xu:
"This fixes a bug in the newly added Exynos5433 AES code as well as an
old one in the caam driver"* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: caam - add missing put_device() call
crypto: s5p-sss - fix AES support for Exynos5433
07 Mar, 2019
2 commits
-
The of_find_device_by_node() takes a reference to the underlying device
structure, we should release that reference.Fixes: 35af64038623 ("crypto: caam - Check for CAAM block presence before registering with crypto layer")
Fixes: b189817cf789 ("crypto: caam/qi - add ablkcipher and authenc algorithms")
Reviewed-by: Horia Geantă
Signed-off-by: Wen Yang
Signed-off-by: Herbert Xu -
Commit 0918f18c7179 ("crypto: s5p - add AES support for Exynos5433")
introduced bug in dereferencing clk_names[1] on platforms different from
Exynos5433. On Exynos board XU3 call trace is:"Unable to handle kernel paging request at virtual address 00004000"
(strcmp) from [] (of_property_match_string+0x58/0xd0)
...
(devm_clk_get) from [] (s5p_aes_probe+0xd4/0x4a0)
(s5p_aes_probe) from [] (platform_drv_probe+0x6c/0xa4)Fix this by setting array clk_names size to 2.
Fixes: 0918f18c7179 ("crypto: s5p - add AES support for Exynos5433")
Reported-by: Krzysztof Kozlowski
Signed-off-by: Kamil Konieczny
Reviewed-by: Krzysztof Kozlowski
Tested-by: Krzysztof Kozlowski
Signed-off-by: Herbert Xu
06 Mar, 2019
1 commit
-
Pull crypto update from Herbert Xu:
"API:
- Add helper for simple skcipher modes.
- Add helper to register multiple templates.
- Set CRYPTO_TFM_NEED_KEY when setkey fails.
- Require neither or both of export/import in shash.
- AEAD decryption test vectors are now generated from encryption
ones.
- New option CONFIG_CRYPTO_MANAGER_EXTRA_TESTS that includes random
fuzzing.Algorithms:
- Conversions to skcipher and helper for many templates.
- Add more test vectors for nhpoly1305 and adiantum.Drivers:
- Add crypto4xx prng support.
- Add xcbc/cmac/ecb support in caam.
- Add AES support for Exynos5433 in s5p.
- Remove sha384/sha512 from artpec7 as hardware cannot do partial
hash"[ There is a merge of the Freescale SoC tree in order to pull in changes
required by patches to the caam/qi2 driver. ]* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (174 commits)
crypto: s5p - add AES support for Exynos5433
dt-bindings: crypto: document Exynos5433 SlimSSS
crypto: crypto4xx - add missing of_node_put after of_device_is_available
crypto: cavium/zip - fix collision with generic cra_driver_name
crypto: af_alg - use struct_size() in sock_kfree_s()
crypto: caam - remove redundant likely/unlikely annotation
crypto: s5p - update iv after AES-CBC op end
crypto: x86/poly1305 - Clear key material from stack in SSE2 variant
crypto: caam - generate hash keys in-place
crypto: caam - fix DMA mapping xcbc key twice
crypto: caam - fix hash context DMA unmap size
hwrng: bcm2835 - fix probe as platform device
crypto: s5p-sss - Use AES_BLOCK_SIZE define instead of number
crypto: stm32 - drop pointless static qualifier in stm32_hash_remove()
crypto: chelsio - Fixed Traffic Stall
crypto: marvell - Remove set but not used variable 'ivsize'
crypto: ccp - Update driver messages to remove some confusion
crypto: adiantum - add 1536 and 4096-byte test vectors
crypto: nhpoly1305 - add a test vector with len % 16 != 0
crypto: arm/aes-ce - update IV after partial final CTR block
...
05 Mar, 2019
2 commits
-
Some of these macros were conflicting with global namespace,
hence prefixing them with CXGB4.Signed-off-by: Arjun Vynipadath
Signed-off-by: Vishal Kulkarni
Signed-off-by: David S. Miller
01 Mar, 2019
1 commit
-
Pull crypto fixes from Herbert Xu:
"This fixes a compiler warning introduced by a previous fix, as well as
two crash bugs on ARM"* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: sha512/arm - fix crash bug in Thumb2 build
crypto: sha256/arm - fix crash bug in Thumb2 build
crypto: ccree - add missing inline qualifier
28 Feb, 2019
12 commits
-
Add AES crypto HW acceleration for Exynos5433, with the help of SlimSSS IP.
Reviewed-by: Krzysztof Kozlowski
Signed-off-by: Kamil Konieczny
Signed-off-by: Herbert Xu -
Add an of_node_put when a tested device node is not available.
The semantic patch that fixes this problem is as follows
(http://coccinelle.lip6.fr)://
@@
identifier f;
local idexpression e;
expression x;
@@e = f(...);
... when != of_node_put(e)
when != x = e
when != e = x
when any
if () {
... when != of_node_put(e)
(
return e;
|
+ of_node_put(e);
return ...;
)
}
//Fixes: 5343e674f32fb ("crypto4xx: integrate ppc4xx-rng into crypto4xx")
Signed-off-by: Julia Lawall
Signed-off-by: Herbert Xu -
The cavium/zip implementation of the deflate compression algorithm is
incorrectly being registered under the generic driver name, which
prevents the generic implementation from being registered with the
crypto API when CONFIG_CRYPTO_DEV_CAVIUM_ZIP=y. Similarly the lzs
algorithm (which does not currently have a generic implementation...)
is incorrectly being registered as lzs-generic.Fix the naming collision by adding a suffix "-cavium" to the
cra_driver_name of the cavium/zip algorithms.Fixes: 640035a2dc55 ("crypto: zip - Add ThunderX ZIP driver core")
Cc: Mahipal Challa
Cc: Jan Glauber
Signed-off-by: Eric Biggers
Signed-off-by: Herbert Xu -
unlikely has already included in IS_ERR(), so just
remove redundant likely/unlikely annotation.Signed-off-by: Chengguang Xu
Reviewed-by: Horia Geantă
Signed-off-by: Herbert Xu -
Fix bug "s5p-sss crypto driver doesn't set next AES-CBC IV". While at this,
fix also AES-CTR mode. Tested on Odroid U3 with Eric Biggers branch
"iv-out-testing".Signed-off-by: Kamil Konieczny
Reported-by: Eric Biggers
Reviewed-by: Krzysztof Kozlowski
Signed-off-by: Herbert Xu -
When generating a split key or hashing the key, DMA mapping the key
buffers coming directly from user is incorrect, since they are
not guaranteed to be DMAable.Update driver to first copy user-provided key in the output buffer
("key_out") and then use this buffer for in-place computation
(split key generation, respectively key hashing).Signed-off-by: Horia Geantă
Signed-off-by: Herbert Xu -
Fix a side effect of adding xcbc support, which leads to DMA mapping the
key twice.Fixes: 12b8567f6fa4 ("crypto: caam - add support for xcbc(aes)")
Signed-off-by: Horia Geantă
Signed-off-by: Herbert Xu -
When driver started using state->caam_ctxt for storing both running hash
and final hash, it was not updated to handle different DMA unmap
lengths.Cc: # v4.19+
Fixes: c19650d6ea99 ("crypto: caam - fix DMA mapping of stack memory")
Signed-off-by: Franck LENORMAND
Signed-off-by: Horia Geantă
Signed-off-by: Herbert Xu -
Replace hard coded AES block size with define.
Signed-off-by: Krzysztof Kozlowski
Signed-off-by: Herbert Xu -
There is no need to have the struct stm32_hash_dev *hdev static
since new value always be assigned before use it.Signed-off-by: Mao Wenan
Signed-off-by: Herbert Xu -
Fixed Traffic Stall caused by
- Subcommands except last should have more bit set
- For esn case subcommand is required for linear skb only
- Also Optimized is_eth_imm usageSigned-off-by: Atul Gupta
Signed-off-by: Herbert Xu -
Fixes gcc '-Wunused-but-set-variable' warning:
drivers/crypto/marvell/cipher.c: In function 'mv_cesa_skcipher_dma_req_init':
drivers/crypto/marvell/cipher.c:325:15: warning:
variable 'ivsize' set but not used [-Wunused-but-set-variable]It's not used any more after 0c99620f0ac1 ("crypto: marvell - Use an unique
pool to copy results of requests")Signed-off-by: YueHaibing
Signed-off-by: Herbert Xu
22 Feb, 2019
10 commits
-
The current content of some of the driver messages and the way that they
are issued results in some confusion, especially in the area of the PSP
as it relates to SEV support. If SEV is not supported, a message is issued
that says "psp initialization failed." This makes it seem like there was
a problem, when in fact, the PSP support is just disabled if SEV is not
supported.Update the driver to check SEV support a bit earlier and issue a debug-
level message if SEV is not supported, followed by a debug-level message
that the PSP is disabled. This way you will only see PSP messages if SEV
is supported or if debug information is desired. Also, remove the overall
"enabled" and "disabled" messages for the driver and rely on the CCP and
PSP support to issue component-specific messages.Signed-off-by: Tom Lendacky
Signed-off-by: Herbert Xu -
For chain mode in cipher(eg. AES-CBC/DES-CBC), the iv is continuously
updated in the operation. The new iv value should be written to device
register by software.Reported-by: Eric Biggers
Fixes: 433cd2c617bf ("crypto: rockchip - add crypto driver for rk3288")
Cc: # v4.5+
Signed-off-by: Zhang Zhijie
Signed-off-by: Herbert Xu -
In some cases, the nents of src scatterlist is different from
dst scatterlist. So two variables are used to handle the nents
of src&dst scatterlist.Reported-by: Eric Biggers
Fixes: 433cd2c617bf ("crypto: rockchip - add crypto driver for rk3288")
Cc: # v4.5+
Signed-off-by: Zhang Zhijie
Signed-off-by: Herbert Xu -
Add missing break statement in order to prevent the code from falling
through to case S_DIN_to_DES.This bug was found thanks to the ongoing efforts to enable
-Wimplicit-fallthrough.Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support")
Cc: stable@vger.kernel.org
Signed-off-by: Gustavo A. R. Silva
Signed-off-by: Herbert Xu -
Add cpu_relax() in the loop that tries to enqueue the FDs.
Signed-off-by: Horia Geantă
Signed-off-by: Herbert Xu -
Avoid console being flooded with prints in case HW is too busy to accept
new enqueue requests.Signed-off-by: Horia Geantă
Signed-off-by: Herbert Xu -
Driver was relying on an older DPIO API, which provided a CPU-affine DPIO
in case it was called with preemption disabled.Since this is no longer the case, save the CPU-affine DPIO in per-cpu
private structure during setup and further use it on the hot path.Note that preemption is no longer disabled while trying to enqueue an
FD. Thus it might be possible to run the enqueue on a different CPU
(due to migration, when in process context), however this wouldn't be a
functionality issue.
Since we allow for all cores to enqueue, we take care of data
structures setup to handle the case when number of (Rx, Tx) queue pairs
is smaller than number of cores.Signed-off-by: Horia Geantă
Signed-off-by: Herbert Xu -
Last user of cdev_list_lock was removed in commit
6422ccc5fbefb ("crypto/chelsio/chtls: listen fails with multiadapt")
Cc: Atul Gupta
Cc: Harsh Jain
Signed-off-by: Sebastian Andrzej Siewior
Signed-off-by: Herbert Xu -
Pull changes from Freescale SoC drivers tree that are required by
subsequent caam/qi2 patches. -
Commit 1358c13a48c4 ("crypto: ccree - fix resume race condition on init")
was missing a "inline" qualifier for stub function used when CONFIG_PM
is not set causing a build warning.Fixes: 1358c13a48c4 ("crypto: ccree - fix resume race condition on init")
Cc: stable@kernel.org # v4.20
Signed-off-by: Gilad Ben-Yossef
Acked-by: Geert Uytterhoeven
Signed-off-by: Herbert Xu
16 Feb, 2019
2 commits
-
The netfilter conflicts were rather simple overlapping
changes.However, the cls_tcindex.c stuff was a bit more complex.
On the 'net' side, Cong is fixing several races and memory
leaks. Whilst on the 'net-next' side we have Vlad adding
the rtnl-ness support.What I've decided to do, in order to resolve this, is revert the
conversion over to using a workqueue that Cong did, bringing us back
to pure RCU. I did it this way because I believe that either Cong's
races don't apply with have Vlad did things, or Cong will have to
implement the race fix slightly differently.Signed-off-by: David S. Miller
-
Pull crypto fix from Herbert Xu:
"This fixes a crash on resume in the ccree driver"* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: ccree - fix resume race condition on init
15 Feb, 2019
4 commits
-
Modify setkey callback for cbc des and 3des to check for weak keys.
Signed-off-by: Iuliana Prodan
Reviewed-by: Horia Geantă
Signed-off-by: Herbert Xu -
Add ecb mode support for aes, des, 3des and arc4 ciphers.
ecb(*) reuses existing skcipher implementation, updating it with support
for no IV.Signed-off-by: Iuliana Prodan
Reviewed-by: Horia Geantă
Signed-off-by: Herbert Xu -
Some arc4 cipher algorithm defines show up in two places:
crypto/arc4.c and drivers/crypto/bcm/cipher.h.
Let's export them in a common header and update their users.Signed-off-by: Iuliana Prodan
Reviewed-by: Horia Geantă
Signed-off-by: Herbert Xu -
The mapped_{src,dst}_nents _returned_ from the dma_map_sg call (which
could be less than src/dst_nents) have to be used to generate the aead,
skcipher job descriptors.Signed-off-by: Iuliana Prodan
Reviewed-by: Horia Geantă
Signed-off-by: Herbert Xu
09 Feb, 2019
1 commit
-
An ipvlan bug fix in 'net' conflicted with the abstraction away
of the IPV6 specific support in 'net-next'.Similarly, a bug fix for mlx5 in 'net' conflicted with the flow
action conversion in 'net-next'.Signed-off-by: David S. Miller
08 Feb, 2019
4 commits
-
This patch removes an unused label.
Reported-by: Stephen Rothwell
Fixes: f0fcf9ade46a ("crypto: qat - no need to check return...")
Signed-off-by: Herbert Xu -
when the source sg contains more than 1 fragment and
destination sg contains 1 fragment, the caam driver
mishandle the buffers to be sent to caam.Fixes: f2147b88b2b1 ("crypto: caam - Convert GCM to new AEAD interface")
Cc: # 4.2+
Signed-off-by: Pankaj Gupta
Signed-off-by: Arun Pathak
Reviewed-by: Horia Geanta
Signed-off-by: Herbert Xu -
A kexec reboot may leave the firmware in INIT or WORKING state.
Currently, we issue PLATFORM_INIT command during the probe without
checking the current state. The PLATFORM_INIT command fails if the
FW is already in INIT state. Lets check the current state, if FW
is not in UNINIT state then transition it to UNINIT before
initializing or upgrading the FW.Signed-off-by: Brijesh Singh
Cc: Tom Lendacky
Cc: Gary Hook
Reviewed-by: Tom Lendacky
Signed-off-by: Herbert Xu -
We were enabling autosuspend, which is using data set by the
hash module, prior to the hash module being inited, casuing
a crash on resume as part of the startup sequence if the race
was lost.This was never a real problem because the PM infra was using low
res timers so we were always winning the race, until commit 8234f6734c5d
("PM-runtime: Switch autosuspend over to using hrtimers") changed that :-)Fix this by seperating the PM setup and enablement and doing the
latter only at the end of the init sequence.Signed-off-by: Gilad Ben-Yossef
Cc: Vincent Guittot
Cc: stable@kernel.org # v4.20
Signed-off-by: Herbert Xu
