Eric Lee / smarc-fsl-linux-kernel | Embedian Git Server

22 Jun, 2015

1 commit

341476d6c crypto: chainiv - Offer normal cipher functionality without RNG ... Browse Code »

The RNG may not be available during early boot, e.g., the relevant
modules may not be included in the initramfs. As the RNG Is only
needed for IPsec, we should not let this prevent use of ciphers
without IV generators, e.g., for disk encryption.

This patch postpones the RNG allocation to the init function so
that one failure during early boot does not make the RNG unavailable
for all subsequent users of the same cipher.

More importantly, it lets the cipher live even if RNG allocation
fails. Of course we no longer offer IV generation and which will
fail with an error if invoked. But all other cipher capabilities
will function as usual.

Signed-off-by: Herbert Xu

Herbert Xu
2015-06-22 15:49:28 +0800

04 Jun, 2015

1 commit

65fe6740d crypto: chainiv - Move IV seeding into init function ... Browse Code »

We currently do the IV seeding on the first givencrypt call in
order to conserve entropy. However, this does not work with
DRBG which cannot be called from interrupt context. In fact,
with DRBG we don't need to conserve entropy anyway. So this
patch moves the seeding into the init function.

Signed-off-by: Herbert Xu

Herbert Xu
2015-06-04 15:04:59 +0800

26 Nov, 2014

1 commit

4943ba16b crypto: include crypto- module prefix in template ... Browse Code »

This adds the module loading prefix "crypto-" to the template lookup
as well.

For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
includes the "crypto-" prefix at every level, correctly rejecting "vfat":

net-pf-38
algif-hash
crypto-vfat(blowfish)
crypto-vfat(blowfish)-all
crypto-vfat

Reported-by: Mathias Krause
Signed-off-by: Kees Cook
Acked-by: Mathias Krause
Signed-off-by: Herbert Xu

Kees Cook
2014-11-26 20:06:30 +0800

18 Apr, 2014

1 commit

4e857c58e arch: Mass conversion of smp_mb__*() ... Browse Code »

Mostly scripted conversion of the smp_mb__* barriers.

Signed-off-by: Peter Zijlstra
Acked-by: Paul E. McKenney
Link: http://lkml.kernel.org/n/tip-55dhyhocezdw1dg7u19hmh1u@git.kernel.org
Cc: Linus Torvalds
Cc: linux-arch@vger.kernel.org
Signed-off-by: Ingo Molnar

Peter Zijlstra
2014-04-18 20:20:48 +0800

04 Feb, 2013

1 commit

3e8afe35c crypto: use ERR_CAST ... Browse Code »

Replace PTR_ERR followed by ERR_PTR by ERR_CAST, to be more concise.

The semantic patch that makes this change is as follows:
(http://coccinelle.lip6.fr/)

//
@@
expression err,x;
@@
- err = PTR_ERR(x);
if (IS_ERR(x))
- return ERR_PTR(err);
+ return ERR_CAST(x);
//

Signed-off-by: Julia Lawall
Signed-off-by: Herbert Xu

Julia Lawall
2013-02-04 21:16:53 +0800

19 Feb, 2009

1 commit

0a2e821d6 crypto: chainiv - Use kcrypto_wq instead of keventd_wq ... Browse Code »

keventd_wq has potential starvation problem, so use dedicated
kcrypto_wq instead.

Signed-off-by: Huang Ying
Signed-off-by: Herbert Xu

Huang Ying
2009-02-19 14:44:02 +0800

29 Aug, 2008

2 commits

a0f000ec9 crypto: skcipher - Use RNG interface instead of get_random_bytes ... Browse Code »

This patch makes the IV generators use the new RNG interface so
that the user can pick an RNG other than the default get_random_bytes.

Signed-off-by: Herbert Xu

Herbert Xu
2008-08-29 13:50:06 +0800
5be5e667a crypto: skcipher - Move IV generators into their own modules ... Browse Code »

This patch moves the default IV generators into their own modules
in order to break a dependency loop between cryptomgr, rng, and
blkcipher.

Signed-off-by: Herbert Xu

Herbert Xu
2008-08-29 13:50:00 +0800

10 Jul, 2008

1 commit

872ac8743 crypto: chainiv - Invoke completion function ... Browse Code »

When chainiv postpones requests it never calls their completion functions.
This causes symptoms such as memory leaks when IPsec is in use.

Signed-off-by: Herbert Xu

Herbert Xu
2008-07-10 20:34:38 +0800

08 Mar, 2008

1 commit

f13ba2f7d [CRYPTO] skcipher: Fix section mismatches ... Browse Code »

The previous patch to move chainiv and eseqiv into blkcipher created
a section mismatch for the chainiv exit function which was also called
from __init. This patch removes the __exit marking on it.

Signed-off-by: Herbert Xu

Herbert Xu
2008-03-08 20:29:43 +0800

23 Feb, 2008

1 commit

76fc60a2e [CRYPTO] skcipher: Move chainiv/seqiv into crypto_blkcipher module ... Browse Code »

For compatibility with dm-crypt initramfs setups it is useful to merge
chainiv/seqiv into the crypto_blkcipher module. Since they're required
by most algorithms anyway this is an acceptable trade-off.

Signed-off-by: Herbert Xu

Herbert Xu
2008-02-23 11:12:06 +0800

11 Jan, 2008

2 commits

e7cd2514e [CRYPTO] chainiv: Avoid lock spinning where possible ... Browse Code »

This patch makes chainiv avoid spinning by postponing requests on lock
contention if the user allows the use of asynchronous algorithms. If
a synchronous algorithm is requested then we behave as before.

This should improve IPsec performance on SMP when two CPUs attempt to
transmit over the same SA. Currently one of them will spin doing nothing
waiting for the other CPU to finish its encryption. This patch makes it
postpone the request and get on with other work.

If only one CPU is transmitting for a given SA, then we will process
the request synchronously as before.

Signed-off-by: Herbert Xu

Herbert Xu
2008-01-11 05:16:55 +0800
7f4707391 [CRYPTO] chainiv: Add chain IV generator ... Browse Code »

The chain IV generator is the one we've been using in the IPsec stack.
It simply starts out with a random IV, then uses the last block of each
encrypted packet's cipher text as the IV for the next packet.

It can only be used by synchronous ciphers since we have to make sure
that we don't start the encryption of the next packet until the last
one has completed.

It does have the advantage of using very little CPU time since it doesn't
have to generate anything at all.

Signed-off-by: Herbert Xu

Herbert Xu
2008-01-11 05:16:44 +0800