15 Dec, 2014
1 commit
-
Pull driver core update from Greg KH:
"Here's the set of driver core patches for 3.19-rc1.They are dominated by the removal of the .owner field in platform
drivers. They touch a lot of files, but they are "simple" changes,
just removing a line in a structure.Other than that, a few minor driver core and debugfs changes. There
are some ath9k patches coming in through this tree that have been
acked by the wireless maintainers as they relied on the debugfs
changes.Everything has been in linux-next for a while"
* tag 'driver-core-3.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: (324 commits)
Revert "ath: ath9k: use debugfs_create_devm_seqfile() helper for seq_file entries"
fs: debugfs: add forward declaration for struct device type
firmware class: Deletion of an unnecessary check before the function call "vunmap"
firmware loader: fix hung task warning dump
devcoredump: provide a one-way disable function
device: Add dev__once variants
ath: ath9k: use debugfs_create_devm_seqfile() helper for seq_file entries
ath: use seq_file api for ath9k debugfs files
debugfs: add helper function to create device related seq_file
drivers/base: cacheinfo: remove noisy error boot message
Revert "core: platform: add warning if driver has no owner"
drivers: base: support cpu cache information interface to userspace via sysfs
drivers: base: add cpu_device_create to support per-cpu devices
topology: replace custom attribute macros with standard DEVICE_ATTR*
cpumask: factor out show_cpumap into separate helper function
driver core: Fix unbalanced device reference in drivers_probe
driver core: fix race with userland in device_add()
sysfs/kernfs: make read requests on pre-alloc files use the buffer.
sysfs/kernfs: allow attributes to request write buffer be pre-allocated.
fs: sysfs: return EGBIG on write if offset is larger than file size
...
14 Dec, 2014
1 commit
-
Pull crypto update from Herbert Xu:
- The crypto API is now documented :)
- Disallow arbitrary module loading through crypto API.
- Allow get request with empty driver name through crypto_user.
- Allow speed testing of arbitrary hash functions.
- Add caam support for ctr(aes), gcm(aes) and their derivatives.
- nx now supports concurrent hashing properly.
- Add sahara support for SHA1/256.
- Add ARM64 version of CRC32.
- Misc fixes.* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (77 commits)
crypto: tcrypt - Allow speed testing of arbitrary hash functions
crypto: af_alg - add user space interface for AEAD
crypto: qat - fix problem with coalescing enable logic
crypto: sahara - add support for SHA1/256
crypto: sahara - replace tasklets with kthread
crypto: sahara - add support for i.MX53
crypto: sahara - fix spinlock initialization
crypto: arm - replace memset by memzero_explicit
crypto: powerpc - replace memset by memzero_explicit
crypto: sha - replace memset by memzero_explicit
crypto: sparc - replace memset by memzero_explicit
crypto: algif_skcipher - initialize upon init request
crypto: algif_skcipher - removed unneeded code
crypto: algif_skcipher - Fixed blocking recvmsg
crypto: drbg - use memzero_explicit() for clearing sensitive data
crypto: drbg - use MODULE_ALIAS_CRYPTO
crypto: include crypto- module prefix in template
crypto: user - add MODULE_ALIAS
crypto: sha-mb - remove a bogus NULL check
crytpo: qat - Fix 64 bytes requests
...
04 Dec, 2014
1 commit
-
Fixed issue reported by Dan Carpenter
410 if (adf_get_cfg_int(accel_dev, "Accelerator0",
411 ADF_ETRMGR_COALESCING_ENABLED_FORMAT,
412 bank_num, &coalesc_enabled) && coalesc_enabled)
This condition is reversed, so it only enables coalescing on error.Reported-by: Dan Carpenter
Signed-off-by: Tadeusz Struk
Signed-off-by: Herbert Xu
03 Dec, 2014
4 commits
-
Add support for the MDHA unit in the SAHARA core.
The MDHA can generate hash digests for MD5 and SHA1 in version 3 and
additionally SHA224 and SHA256 in version 4.Add the SHA1 and SHA256 algorithms to the driver.
The implementation was tested with the in-kernel testmgr and a userspace
testprogram using AF_ALG with+without upto 128 pthreads on each AES and
SHA256 on i.MX53.Signed-off-by: Steffen Trumtrar
Signed-off-by: Herbert Xu -
In preparation for SHA support, replace the tasklets with a kthread that
manages one crypto_queue for the core.As the Sahara can only process one AES or SHA request at a time, we make
sure that the queue serializes all requests from userspace. Instead of a
watchdog timer we now use a completion mechanism in the queue manager
thread.
This makes the control flow more obvious and guarantees, that only one
request is dequeued until the completion is completed.Signed-off-by: Steffen Trumtrar
Signed-off-by: Herbert Xu -
The Sahara on the i.MX53 is of version 4. Add support for probing the
device.Signed-off-by: Steffen Trumtrar
Signed-off-by: Herbert Xu -
The driver uses a spinlock, but never initializes it.
Fix this.Signed-off-by: Steffen Trumtrar
Signed-off-by: Herbert Xu
25 Nov, 2014
2 commits
-
Fix invalid inflights calculation for 64 bytes requests.
Signed-off-by: Tadeusz Struk
Signed-off-by: Herbert Xu -
The OF_RECONFIG notifier callback uses a different structure depending
on whether it is a node change or a property change. This is silly, and
not very safe. Rework the code to use the same data structure regardless
of the type of notifier.Signed-off-by: Grant Likely
Cc: Benjamin Herrenschmidt
Cc: Rob Herring
Cc: Pantelis Antoniou
Cc:
24 Nov, 2014
1 commit
-
This prefixes all crypto module loading with "crypto-" so we never run
the risk of exposing module auto-loading to userspace via a crypto API,
as demonstrated by Mathias Krause:https://lkml.org/lkml/2013/3/4/70
Signed-off-by: Kees Cook
Signed-off-by: Herbert Xu
20 Nov, 2014
1 commit
-
This is a specific implementation, is the
multiplexer that has the arch-specific knowledge of which
of the implementations needs to be used, so include that.Signed-off-by: Johannes Berg
Signed-off-by: Herbert Xu
17 Nov, 2014
2 commits
-
Use the new memzero_explicit function to cleanup sensitive data.
Signed-off-by: Tadeusz Struk
Signed-off-by: Herbert Xu -
Recently lockless_dereference() was added which can be used in place of
hard-coding smp_read_barrier_depends(). The following PATCH makes the change.Signed-off-by: Pranith Kumar
Reviewed-by: Kim Phillips
Signed-off-by: Herbert Xu
12 Nov, 2014
1 commit
-
Merge DES Cipher Block Chaining mode (CBC) and Triple DES Cipher Block
Chaining mode (CBC) algorithms from ablkcipher to givencrypt.Signed-off-by: Catalin Vasile
Signed-off-by: Herbert Xu
10 Nov, 2014
2 commits
-
The system PM functions were unused when CONFIG_PM is unset. Let's move
them inside CONFIG_PM_SLEEP to silence the compiler warning.Signed-off-by: Ulf Hansson
Signed-off-by: Herbert Xu -
The system PM functions were unused when CONFIG_PM is unset. Let's move
them inside CONFIG_PM_SLEEP to silence the compiler warning.Signed-off-by: Ulf Hansson
Signed-off-by: Herbert Xu
06 Nov, 2014
17 commits
-
The error code returned by hardware is four bits wide with an expected
zero MSB. A hardware error condition where the error code can get between
0x8 and 0xf will trigger an out of bound array access on the error
message table.
This patch fixes the invalid array access following such an error and
reports the condition.Signed-off-by: Cristian Stoica
Signed-off-by: Herbert Xu -
Add support for one-shot givencrypt algorithms.
Givencrypt algorithms will generate their IV and encrypt data
within the same shared job descriptors.
Current algorithms merged from ablkcipher to givencrypt are:
- AES Cipher Block Chaining (CBC)
- AES Counter Mode (CTR) compliant with RFC3686Signed-off-by: Catalin Vasile
Signed-off-by: Herbert Xu -
Add support for AES Counter Mode (CTR) compliant with RFC3686 to be
used along with authenc algorithms (md5, sha1, sha224, sha256, sha384,
sha512) as one-shot aead algorithms.Signed-off-by: Catalin Vasile
Signed-off-by: Herbert Xu -
Add support for Advanced Encryption Standard (AES) in Counter Mode (CTR)
as provided in IPsec implementation standard RFC3686.ablkcipher shared descriptors now save context registers after job
execution. This is used to load Nonce specific to RFC3686 only at
first execution of shared job descriptor.Signed-off-by: Catalin Vasile
Signed-off-by: Herbert Xu -
Add support for AES working in Counter Mode
Signed-off-by: Catalin Vasile
Signed-off-by: Herbert Xu -
Add AES-GMAC as an IPSec ESP mechanism to provide
data origin authentication, but not confidentiality.
This method is referred as ENCR_NULL_AUTH_AES_GMAC.Signed-off-by: Tudor Ambarus
Signed-off-by: Herbert Xu -
The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.e.g.: in the worst case we could have one sg entry for a single byte.
This patch fixes it modifying the logic of the bound limit
moving it to nx_sg_build_lists and set a correct sg_max limit,
adding a trim function to ensure the bound in sg_list. Also fixing
nx_build_sg_list NULL and untreated return in case of overflow.Signed-off-by: Leonidas S. Barbosa
Signed-off-by: Herbert Xu -
NX SHA algorithms stores the message digest into tfm what
cause a concurrence issue where hashes may be replaced by others.
This patch cleans up the cases where it's handling unnecessarily shared
variables in nx context and copies the current msg digest to a sctx->state
in order to safetly handle with the hashe's state.Also fixes and does some clean ups regarding the right sg max limit
and bounds to the sg list avoind a memory crash.Signed-off-by: Leonidas S. Barbosa
Signed-off-by: Herbert Xu -
The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.This patch removes the old logic and replaces it into nx_sg_build_lists
in order to build a correct nx_sg list using the correct sg_max limit
and bounds.Signed-off-by: Leonidas S. Barbosa
Signed-off-by: Herbert Xu -
The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.This patch removes the old logic and replace it into nx_sg_build_lists
in order to build a correct nx_sg list using the correct sg_max limit
and bounds.Signed-off-by: Leonidas S. Barbosa
Signed-off-by: Herbert Xu -
The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.This patch removes the old logic and replaces it into nx_sg_build_lists
in order to build a correct nx_sg list using the correct sg_max limit
and bounds.Signed-off-by: Leonidas S. Barbosa
Signed-off-by: Herbert Xu -
The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.- This patch removes the old logic and replaces it into nx_sg_build_lists
in order to build a correct nx_sg list using the correct sg_max limit
and bounds.IV vector was not set correctly to zero causing ctr crash in tcrypt tests.
- Fixed setting IV vector bits to zero.
Signed-off-by: Leonidas S. Barbosa
Signed-off-by: Herbert Xu -
The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.This patch removes the old logic and replaces it into nx_sg_build_lists in
order to build a correct nx_sg list using the correct sg_max limit and
bounds.Signed-off-by: Leonidas S. Barbosa
Signed-off-by: Herbert Xu -
The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.This patch removes the old logic and replaces it into nx_sg_build_lists
in order to build a correct nx_sg list using the correct sg_max limit
and bounds.Signed-off-by: Leonidas S. Barbosa
Signed-off-by: Herbert Xu -
This patch fixes the assumption that output sequence is not contiguous
when input sequence is not contiguous and in-place encryption is done.
Output sequence does not need to be contiguous with associated data.Signed-off-by: Tudor Ambarus
Signed-off-by: Herbert Xu -
Move PCI BARs definitions to device specific module where it belongs.
Signed-off-by: Tadeusz Struk
Signed-off-by: Herbert Xu -
If dma mapping for dma_addr_out fails, the descriptor memory is freed
but the previous dma mapping for dma_addr_in remains.
This patch resolves the missing dma unmap and groups resource
allocations at function start.Cc: # 3.13+
Signed-off-by: Cristian Stoica
Signed-off-by: Herbert Xu
24 Oct, 2014
7 commits
-
Add Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM)
as an IPsec Encapsulating Security Payload (ESP) mechanism
to provide confidentiality and data origin authentication.Signed-off-by: Tudor Ambarus
Signed-off-by: Herbert Xu -
Add support for AES working in Galois Counter Mode.
There is a limitation related to IV size, similar to the one present in
SW implementation (crypto/gcm.c):
The only IV size allowed is 12 bytes. It will be padded by HW to the right
with 0x0000_0001 (up to 16 bytes - AES block size), according to the GCM
specification.Signed-off-by: Tudor Ambarus
Signed-off-by: Horia Geanta
Signed-off-by: Herbert Xu -
Signed-off-by: Bruce Allan
Signed-off-by: Herbert Xu -
WARNING:UNNECESSARY_BREAK: break is not useful after a goto or return
#472: FILE: drivers/crypto/qat/qat_common/qat_algs.c:472:
+ goto bad_key;
+ break;Signed-off-by: Bruce Allan
Signed-off-by: Herbert Xu -
Analyzing with coccinelle MODE=report...
Please check for false positives in the output before submitting a patch.
When using "patch" mode, carefully review the patch before submitting it.drivers/crypto/qat/qat_dh895xcc/adf_isr.c:191:3-8: WARNING: NULL check
before freeing functions like kfree, debugfs_remove,
debugfs_remove_recursive or usb_free_urb is not needed. Maybe consider
reorganizing relevant code to avoid passing NULL values.drivers/crypto/qat/qat_dh895xcc/adf_isr.c:208:3-8: WARNING: NULL check
before freeing functions like kfree, debugfs_remove,
debugfs_remove_recursive or usb_free_urb is not needed. Maybe consider
reorganizing relevant code to avoid passing NULL values.Signed-off-by: Bruce Allan
Signed-off-by: Herbert Xu -
The mutex table_lock is unlocked in two functions without first being locked.
Fix the functions to properly protect the accel_table with the table_lock.Also, fix a spelling error in one of the function's header comment.
Signed-off-by: Bruce Allan
Signed-off-by: Herbert Xu -
In a system with NUMA configuration we want to enforce that the accelerator is
connected to a node with memory to avoid cross QPI memory transaction.
Otherwise there is no point in using the accelerator as the encryption in
software will be faster.Cc: stable@vger.kernel.org
Signed-off-by: Tadeusz Struk
Tested-by: Nikolay Aleksandrov
Reviewed-by: Prarit Bhargava
Signed-off-by: Herbert Xu
