14 Dec, 2020
2 commits
-
Added suspend/resume operations for PM support in the DCP driver.
After a suspend/resume cycle DCP would still be in a low-power mode
and have its clocks gated, thus requiring state to be saved beforehand:
- Control register value(DCP_CTRL)
- Channel control register value(DCP_CHANNELCTRL)Signed-off-by: Dragos Rosioru
Reviewed-by: Horia Geantă -
In case of zero-length input for ablkcipher algorithms, IV copying
accesses invalid memory - due to (last_out_len-AES_BLOCK_SIZE)
turning into a big unsigned offset for last_out_len = 0U.Since zero-length input is allowed for ablkcipher / skcipher algorithms,
make this case a no-op by returning immediately.Signed-off-by: Horia Geantă
16 Jul, 2020
1 commit
-
Even though the mxs-dcp driver implements asynchronous versions of
ecb(aes) and cbc(aes), the fallbacks it allocates are required to be
synchronous. Given that SIMD based software implementations are usually
asynchronous as well, even though they rarely complete asynchronously
(this typically only happens in cases where the request was made from
softirq context, while SIMD was already in use in the task context that
it interrupted), these implementations are disregarded, and either the
generic C version or another table based version implemented in assembler
is selected instead.Since falling back to synchronous AES is not only a performance issue, but
potentially a security issue as well (due to the fact that table based AES
is not time invariant), let's fix this, by allocating an ordinary skcipher
as the fallback, and invoke it with the completion routine that was given
to the outer request.Signed-off-by: Ard Biesheuvel
Reviewed-by: Horia Geantă
Signed-off-by: Herbert Xu
06 Mar, 2020
1 commit
-
The incorrect traversal of the scatterlist, during the linearization phase
lead to computing the hash value of the wrong input buffer.
New implementation uses scatterwalk_map_and_copy()
to address this issue.Cc:
Fixes: 15b59e7c3733 ("crypto: mxs - Add Freescale MXS DCP driver")
Signed-off-by: Rosioru Dragos
Reviewed-by: Horia Geantă
Signed-off-by: Herbert Xu
09 Jan, 2020
1 commit
-
The CRYPTO_TFM_RES_* flags were apparently meant as a way to make the
->setkey() functions provide more information about errors. But these
flags weren't actually being used or tested, and in many cases they
weren't being set correctly anyway. So they've now been removed.Also, if someone ever actually needs to start better distinguishing
->setkey() errors (which is somewhat unlikely, as this has been unneeded
for a long time), we'd be much better off just defining different return
values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.So just remove CRYPTO_TFM_RES_MASK and all the unneeded logic that
propagates these flags around.Signed-off-by: Eric Biggers
Signed-off-by: Herbert Xu
17 Nov, 2019
1 commit
-
Commit 7a7ffe65c8c5 ("crypto: skcipher - Add top-level skcipher interface")
dated 20 august 2015 introduced the new skcipher API which is supposed to
replace both blkcipher and ablkcipher. While all consumers of the API have
been converted long ago, some producers of the ablkcipher remain, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.So switch this driver to the skcipher API, allowing us to finally drop the
ablkcipher code in the near future.Tested-by: Horia Geantă
Signed-off-by: Ard Biesheuvel
Signed-off-by: Herbert Xu
09 Aug, 2019
1 commit
-
We don't need dev_err() messages when platform_get_irq() fails now that
platform_get_irq() prints an error message itself when something goes
wrong. Let's remove these prints with a simple semantic patch.//
@@
expression ret;
struct platform_device *E;
@@ret =
(
platform_get_irq(E, ...)
|
platform_get_irq_byname(E, ...)
);if ( \( ret < 0 \| ret
While we're here, remove braces on if statements that only have one
statement (manually).Cc: Greg Kroah-Hartman
Cc: Herbert Xu
Cc: "David S. Miller"
Cc:
Signed-off-by: Stephen Boyd
Signed-off-by: Herbert Xu
09 Jul, 2019
1 commit
-
Pull crypto updates from Herbert Xu:
"Here is the crypto update for 5.3:API:
- Test shash interface directly in testmgr
- cra_driver_name is now mandatoryAlgorithms:
- Replace arc4 crypto_cipher with library helper
- Implement 5 way interleave for ECB, CBC and CTR on arm64
- Add xxhash
- Add continuous self-test on noise source to drbg
- Update jitter RNGDrivers:
- Add support for SHA204A random number generator
- Add support for 7211 in iproc-rng200
- Fix fuzz test failures in inside-secure
- Fix fuzz test failures in talitos
- Fix fuzz test failures in qat"* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (143 commits)
crypto: stm32/hash - remove interruptible condition for dma
crypto: stm32/hash - Fix hmac issue more than 256 bytes
crypto: stm32/crc32 - rename driver file
crypto: amcc - remove memset after dma_alloc_coherent
crypto: ccp - Switch to SPDX license identifiers
crypto: ccp - Validate the the error value used to index error messages
crypto: doc - Fix formatting of new crypto engine content
crypto: doc - Add parameter documentation
crypto: arm64/aes-ce - implement 5 way interleave for ECB, CBC and CTR
crypto: arm64/aes-ce - add 5 way interleave routines
crypto: talitos - drop icv_ool
crypto: talitos - fix hash on SEC1.
crypto: talitos - move struct talitos_edesc into talitos.h
lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
crypto/NX: Set receive window credits to max number of CRBs in RxFIFO
crypto: asymmetric_keys - select CRYPTO_HASH where needed
crypto: serpent - mark __serpent_setkey_sbox noinline
crypto: testmgr - dynamically allocate crypto_shash
crypto: testmgr - dynamically allocate testvec_config
crypto: talitos - eliminate unneeded 'done' functions at build time
...
13 Jun, 2019
1 commit
-
Use devm_platform_ioremap_resource() to simplify the code a bit.
Signed-off-by: Fabio Estevam
Signed-off-by: Herbert Xu
31 May, 2019
1 commit
-
Based on 1 normalized pattern(s):
the code contained herein is licensed under the gnu general public
license you may obtain a copy of the gnu general public license
version 2 or later at the following locations http www opensource
org licenses gpl license html http www gnu org copyleft gpl htmlextracted by the scancode license scanner the SPDX license identifier
GPL-2.0-or-later
has been chosen to replace the boilerplate/reference in 161 file(s).
Signed-off-by: Thomas Gleixner
Reviewed-by: Richard Fontana
Reviewed-by: Allison Randal
Reviewed-by: Kate Stewart
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190527070033.383790741@linutronix.de
Signed-off-by: Greg Kroah-Hartman
18 Apr, 2019
1 commit
-
Fixes gcc '-Wunused-but-set-variable' warning:
drivers/crypto/mxs-dcp.c: In function 'dcp_chan_thread_sha':
drivers/crypto/mxs-dcp.c:707:11: warning:
variable 'fini' set but not used [-Wunused-but-set-variable]It's not used since commit d80771c08363 ("crypto: mxs-dcp - Fix wait
logic on chan threads"),so can be removed.Signed-off-by: YueHaibing
Signed-off-by: Herbert Xu
08 Apr, 2019
1 commit
-
'err' is set in err path, but it's not returned to callers.
Don't always return -EINPROGRESS, return err.Signed-off-by: YueHaibing
Reviewed-by: Mukesh Ojha
Signed-off-by: Herbert Xu
16 Nov, 2018
1 commit
-
On 6ull and 6sll the DCP block has a clock which needs to be explicitly
enabled.Add minimal handling for this at probe/remove time.
Signed-off-by: Leonard Crestez
Reviewed-by: Fabio Estevam
Signed-off-by: Herbert Xu
17 Oct, 2018
1 commit
-
Merge crypto tree to pick up chelsio bug fix.
12 Oct, 2018
1 commit
-
Fixes the following sparse warnings:
drivers/crypto/mxs-dcp.c:39:15: warning:
symbol 'sha1_null_hash' was not declared. Should it be static?
drivers/crypto/mxs-dcp.c:43:15: warning:
symbol 'sha256_null_hash' was not declared. Should it be static?Fixes: c709eebaf5c5 ("crypto: mxs-dcp - Fix SHA null hashes and output length")
Signed-off-by: Wei Yongjun
Signed-off-by: Herbert Xu
08 Oct, 2018
3 commits
-
The DCP driver does not obey cryptlen, when doing android CTS this
results in passing to hardware input stream lengths which are not
multiple of block size.Add a check to prevent future erroneous stream lengths from reaching the
hardware and adjust the scatterlist walking code to obey cryptlen.Also properly copy-out the IV for chaining.
Signed-off-by: Radu Solea
Signed-off-by: Franck LENORMAND
Signed-off-by: Leonard Crestez
Signed-off-by: Herbert Xu -
DCP writes at least 32 bytes in the output buffer instead of hash length
as documented. Add intermediate buffer to prevent write out of bounds.When requested to produce null hashes DCP fails to produce valid output.
Add software workaround to bypass hardware and return valid output.Signed-off-by: Radu Solea
Signed-off-by: Leonard Crestez
Signed-off-by: Herbert Xu -
The mxs-dcp driver fails to probe if sha1/sha256 are supported:
[ 2.455404] mxs-dcp 80028000.dcp: Failed to register sha1 hash!
[ 2.464042] mxs-dcp: probe of 80028000.dcp failed with error -22This happens because since commit 8996eafdcbad ("crypto: ahash - ensure
statesize is non-zero") import/export is mandatory and ahash_prepare_alg
fails on statesize == 0.A set of dummy import/export functions were implemented in commit
9190b6fd5db9 ("crypto: mxs-dcp - Add empty hash export and import") but
statesize is still zero and the driver fails to probe. That change was
apparently part of some unrelated refactoring.Fix by actually implementing import/export.
Signed-off-by: Dan Douglass
Signed-off-by: Leonard Crestez
Signed-off-by: Herbert Xu
28 Sep, 2018
2 commits
-
In the quest to remove all stack VLA usage from the kernel[1], this
replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage
with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(),
which uses a fixed stack size.[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
Signed-off-by: Kees Cook
Signed-off-by: Herbert Xu -
When compiling with CONFIG_DEBUG_ATOMIC_SLEEP=y the mxs-dcp driver
prints warnings such as:WARNING: CPU: 0 PID: 120 at kernel/sched/core.c:7736 __might_sleep+0x98/0x9c
do not call blocking ops when !TASK_RUNNING; state=1 set at [] dcp_chan_thread_sha+0x3c/0x2ecThe problem is that blocking ops will manipulate current->state
themselves so it is not allowed to call them between
set_current_state(TASK_INTERRUPTIBLE) and schedule().Fix this by converting the per-chan mutex to a spinlock (it only
protects tiny list ops anyway) and rearranging the wait logic so that
callbacks are called current->state as TASK_RUNNING. Those callbacks
will indeed call blocking ops themselves so this is required.Cc:
Signed-off-by: Leonard Crestez
Signed-off-by: Herbert Xu
15 Feb, 2018
1 commit
-
Crypto framework requires export/import in async hash. If driver do not
implement them, wrapper functions in framework will be used, and it will
cause error during ahash alg registration (unless one disables crypto
internal tests). To make change in framework and expose this requirement,
I will remove wrappers from crypto/ahash.c , but this can broke code which
depends on them. Add empty hash export and import, with the same behaviour
as in framework and expose this directly in driver. This can also prevent
OOPS when config option in Cryptographic API 'Disable run-time self tests'
will be enabled.Signed-off-by: Kamil Konieczny
Signed-off-by: Herbert Xu
18 Jul, 2017
1 commit
-
Print error message on platform_get_irq failure before return.
Signed-off-by: Gustavo A. R. Silva
Signed-off-by: Herbert Xu
01 Jul, 2016
1 commit
-
This patch replaces use of the obsolete ablkcipher with skcipher.
Signed-off-by: Herbert Xu
28 Feb, 2015
1 commit
-
return type of wait_for_completion_timeout is unsigned long not int, this
patch changes the type of ret from int to unsigned long.Signed-off-by: Nicholas Mc Guire
Signed-off-by: Herbert Xu
20 Oct, 2014
1 commit
-
A platform_driver does not need to set an owner, it will be populated by the
driver core.Signed-off-by: Wolfram Sang
22 May, 2014
2 commits
-
Signed-off-by: Marek Vasut
Signed-off-by: Herbert Xu -
Remove mutex_lock from probe in order to avoid the following warning:
[ 8.526613] Freeing unused kernel memory: 232K (c0683000 - c06bd000)
starting pid 56, tty '': '/etc/rc.d/rcS'
[ 9.110314]
[ 9.111864] =====================================
[ 9.116603] [ BUG: init/1 still has locks held! ]
[ 9.121488] 3.15.0-rc4-next-20140509-00001-g319564e #1154 Not tainted
[ 9.128071] -------------------------------------
[ 9.132825] 1 lock held by init/1:
[ 9.136252] #0: (global_mutex){+.+.+.}, at: [] mxs_dcp_probe+0x14
[ 9.144196]
[ 9.144196] stack backtrace:
[ 9.148888] CPU: 0 PID: 1 Comm: init Not tainted 3.15.0-rc4-next-20140509-004
[ 9.157610] [] (unwind_backtrace) from [] (show_stack+0x)
[ 9.165595] [] (show_stack) from [] (do_fork+0x2c8/0x3cc)
[ 9.172921] [] (do_fork) from [] (sys_vfork+0x20/0x2c)
[ 9.179973] [] (sys_vfork) from [] (ret_fast_syscall+0x0)Signed-off-by: Fabio Estevam
Signed-off-by: Herbert Xu
10 Mar, 2014
2 commits
-
Optimize the hashing operation in the MXS-DCP by doing two adjustments:
1) Given that the output buffer for the hash is now always correctly aligned,
we can just use the buffer for the DCP DMA to store the resulting hash.
We thus get rid of one copying of data. Moreover, we remove an entry from
dcp_coherent_block{} and thus lower the memory footprint of the driver.
2) We map the output buffer for the hash for DMA only in case we will output
the hash, not always, as it was now.Signed-off-by: Marek Vasut
Cc: David S. Miller
Cc: Fabio Estevam
Cc: Herbert Xu
Cc: Shawn Guo
Cc: Tom Lendacky
Signed-off-by: Herbert Xu -
The DCP needs the bounce buffers, DMA descriptors and result buffers aligned
to 64 bytes (yet another hardware limitation). Make sure they are aligned by
properly aligning the structure which contains them during allocation.Signed-off-by: Marek Vasut
Cc: David S. Miller
Cc: Fabio Estevam
Cc: Herbert Xu
Cc: Shawn Guo
Cc: Tom Lendacky
Signed-off-by: Herbert Xu
27 Feb, 2014
1 commit
-
We should test the error case for each platform_get_irq() assignment and
propagate the error accordingly.Signed-off-by: Fabio Estevam
Acked-by: Marek Vasut
Signed-off-by: Herbert Xu
09 Feb, 2014
3 commits
-
stmp_reset_block() may fail, so check its return value and propagate it in the
case of error.Signed-off-by: Fabio Estevam
Acked-by: Marek Vasut
Signed-off-by: Herbert Xu -
Using devm_kzalloc() can make the code cleaner.
While at it, remove the devm_kzalloc error message as there is standard OOM
message done by the core.Signed-off-by: Fabio Estevam
Acked-by: Marek Vasut
Signed-off-by: Herbert Xu -
Move the AES operation type and mode from async crypto context to
crypto request context. This allows for recycling of the async crypto
context for different kinds of operations.I found this problem when I used dm-crypt, which uses the same async
crypto context (actx) for both encryption and decryption requests.
Since the requests are enqueued into the processing queue, immediatelly
storing the type of operation into async crypto context (actx) caused
corruption of this information when encryption and decryption operations
followed imediatelly one after the other. When the first operation was
dequeued, the second operation was already enqueued and overwritten the
type of operation in actx, thus causing incorrect result of the first
operation.Fix this problem by storing the type of operation into the crypto request
context.Signed-off-by: Marek Vasut
Cc: David S. Miller
Cc: Fabio Estevam
Cc: Shawn Guo
Cc: Tom Lendacky
Signed-off-by: Herbert Xu
15 Jan, 2014
1 commit
-
Fixes the following sparse warning:
drivers/crypto/mxs-dcp.c:103:1: warning:
symbol 'global_mutex' was not declared. Should it be static?Signed-off-by: Wei Yongjun
Acked-by: Marek Vasut
Signed-off-by: Herbert Xu
05 Jan, 2014
1 commit
-
Add support for the MXS DCP block. The driver currently supports
SHA-1/SHA-256 hashing and AES-128 CBC/ECB modes. The non-standard
CRC32 is not yet supported.Signed-off-by: Marek Vasut
Cc: David S. Miller
Cc: Fabio Estevam
Cc: Shawn Guo
Cc: devicetree@vger.kernel.org
Signed-off-by: Herbert Xu