21 Mar, 2014
7 commits
-
This git patch adds x86_64 AVX2 optimization of SHA1
transform to crypto support. The patch has been tested with 3.14.0-rc1
kernel.On a Haswell desktop, with turbo disabled and all cpus running
at maximum frequency, tcrypt shows AVX2 performance improvement
from 3% for 256 bytes update to 16% for 1024 bytes update over
AVX implementation.This patch adds sha1_avx2_transform(), the glue, build and
configuration changes needed for AVX2 optimization of
SHA1 transform to crypto support.sha1-ssse3 is one module which adds the necessary optimization
support (SSSE3/AVX/AVX2) for the low-level SHA1 transform function.
With better optimization support, transform function is overridden
as the case may be. In the case of AVX2, due to performance reasons
across datablock sizes, the AVX or AVX2 transform function is used
at run-time as it suits best. The Makefile change therefore appends
the necessary objects to the linkage. Due to this, the patch merely
appends AVX2 transform to the existing build mix and Kconfig support
and leaves the configuration build support as is.Signed-off-by: Chandramouli Narayanan
Reviewed-by: Marek Vasut
Acked-by: H. Peter Anvin
Signed-off-by: Herbert Xu -
The crypto algorithm modules utilizing the crypto daemon could
be used early when the system start up. Using module_init
does not guarantee that the daemon's work queue is initialized
when the cypto alorithm depending on crypto_wq starts. It is necessary
to initialize the crypto work queue earlier at the subsystem
init time to make sure that it is initialized
when used.Signed-off-by: Tim Chen
Signed-off-by: Herbert Xu -
Add test vectors for aead with null encryption and md5,
respectively sha1 authentication.
Input data is taken from test vectors listed in RFC2410.Signed-off-by: Horia Geanta
Signed-off-by: Herbert Xu -
These defines might be needed by crypto drivers.
Signed-off-by: Horia Geanta
Signed-off-by: Herbert Xu -
The ahash_def_finup() can make use of the request save/restore functions,
thus make it so. This simplifies the code a little and unifies the code
paths.Note that the same remark about free()ing the req->priv applies here, the
req->priv can only be free()'d after the original request was restored.Finally, squash a bug in the invocation of completion in the ASYNC path.
In both ahash_def_finup_done{1,2}, the function areq->base.complete(X, err);
was called with X=areq->base.data . This is incorrect , as X=&areq->base
is the correct value. By analysis of the data structures, we see the areq is
of type 'struct ahash_request' , areq->base is of type 'struct crypto_async_request'
and areq->base.completion is of type crypto_completion_t, which is defined in
include/linux/crypto.h as:typedef void (*crypto_completion_t)(struct crypto_async_request *req, int err);
This is one lead that the X should be &areq->base . Next up, we can inspect
other code which calls the completion callback to give us kind-of statistical
idea of how this callback is used. We can try:$ git grep base\.complete\( drivers/crypto/
Finally, by inspecting ahash_request_set_callback() implementation defined
in include/crypto/hash.h , we observe that the .data entry of 'struct
crypto_async_request' is intended for arbitrary data, not for completion
argument.Signed-off-by: Marek Vasut
Cc: David S. Miller
Cc: Fabio Estevam
Cc: Herbert Xu
Cc: Shawn Guo
Cc: Tom Lendacky
Signed-off-by: Herbert Xu -
The functions to save original request within a newly adjusted request
and it's counterpart to restore the original request can be re-used by
more code in the crypto/ahash.c file. Pull these functions out from the
code so they're available.Signed-off-by: Marek Vasut
Cc: David S. Miller
Cc: Fabio Estevam
Cc: Herbert Xu
Cc: Shawn Guo
Cc: Tom Lendacky
Signed-off-by: Herbert Xu -
Add documentation for the pointer voodoo that is happening in crypto/ahash.c
in ahash_op_unaligned(). This code is quite confusing, so add a beefy chunk
of documentation.Moreover, make sure the mangled request is completely restored after finishing
this unaligned operation. This means restoring all of .result, .base.data
and .base.complete .Also, remove the crypto_completion_t complete = ... line present in the
ahash_op_unaligned_done() function. This type actually declares a function
pointer, which is very confusing.Finally, yet very important nonetheless, make sure the req->priv is free()'d
only after the original request is restored in ahash_op_unaligned_done().
The req->priv data must not be free()'d before that in ahash_op_unaligned_finish(),
since we would be accessing previously free()'d data in ahash_op_unaligned_done()
and cause corruption.Signed-off-by: Marek Vasut
Cc: David S. Miller
Cc: Fabio Estevam
Cc: Herbert Xu
Cc: Shawn Guo
Cc: Tom Lendacky
Signed-off-by: Herbert Xu
10 Mar, 2014
2 commits
-
This adds the function blkcipher_aead_walk_virt_block, which allows the caller
to use the blkcipher walk API to handle the input and output scatterlists.Signed-off-by: Ard Biesheuvel
Signed-off-by: Herbert Xu -
In order to allow other uses of the blkcipher walk API than the blkcipher
algos themselves, this patch copies some of the transform data members to the
walk struct so the transform is only accessed at walk init time.Signed-off-by: Ard Biesheuvel
Signed-off-by: Herbert Xu
25 Feb, 2014
1 commit
-
We added the soft module dependency of crc32c module alias
to generic crc32c module so other hardware accelerated crc32c
modules could get loaded and used before the generic version.
We also renamed the crypto/crc32c.c containing the generic
crc32c crypto computation to crypto/crc32c_generic.c according
to convention.Signed-off-by: Tim Chen
Signed-off-by: Herbert Xu
24 Jan, 2014
1 commit
-
Pull crypto update from Herbert Xu:
"Here is the crypto update for 3.14:- Improved crypto_memneq helper
- Use cyprto_memneq in arch-specific crypto code
- Replaced orphaned DCP driver with Freescale MXS DCP driver
- Added AVX/AVX2 version of AESNI-GCM encode and decode
- Added AMD Cryptographic Coprocessor (CCP) driver
- Misc fixes"* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (41 commits)
crypto: aesni - fix build on x86 (32bit)
crypto: mxs - Fix sparse non static symbol warning
crypto: ccp - CCP device enabled/disabled changes
crypto: ccp - Cleanup hash invocation calls
crypto: ccp - Change data length declarations to u64
crypto: ccp - Check for caller result area before using it
crypto: ccp - Cleanup scatterlist usage
crypto: ccp - Apply appropriate gfp_t type to memory allocations
crypto: drivers - Sort drivers/crypto/Makefile
ARM: mxs: dts: Enable DCP for MXS
crypto: mxs - Add Freescale MXS DCP driver
crypto: mxs - Remove the old DCP driver
crypto: ahash - Fully restore ahash request before completing
crypto: aesni - fix build on x86 (32bit)
crypto: talitos - Remove redundant dev_set_drvdata
crypto: ccp - Remove redundant dev_set_drvdata
crypto: crypto4xx - Remove redundant dev_set_drvdata
crypto: caam - simplify and harden key parsing
crypto: omap-sham - Fix Polling mode for larger blocks
crypto: tcrypt - Added speed tests for AEAD crypto alogrithms in tcrypt test suite
...
05 Jan, 2014
1 commit
-
When finishing the ahash request, the ahash_op_unaligned_done() will
call complete() on the request. Yet, this will not call the correct
complete callback. The correct complete callback was previously stored
in the requests' private data, as seen in ahash_op_unaligned(). This
patch restores the correct complete callback and .data field of the
request before calling complete() on it.Signed-off-by: Marek Vasut
Cc: David S. Miller
Cc: Fabio Estevam
Cc: Shawn Guo
Signed-off-by: Herbert Xu
20 Dec, 2013
1 commit
-
Adding simple speed tests for a range of block sizes for AEAD crypto
algorithms.Signed-off-by: Tim Chen
Signed-off-by: Herbert Xu
09 Dec, 2013
1 commit
-
Commit fe8c8a126806 introduced a possible build error for archs
that do not have CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS set. :/
Fix this up by bringing else braces outside of the ifdef.Reported-by: Fengguang Wu
Fixes: fe8c8a126806 ("crypto: more robust crypto_memneq")
Signed-off-by: Daniel Borkmann
Acked-By: Cesar Eduardo Barros
Signed-off-by: Herbert Xu
05 Dec, 2013
3 commits
-
A kernel with enabled lockdep complains about the wrong usage of
rcu_dereference() under a rcu_read_lock_bh() protected region.===============================
[ INFO: suspicious RCU usage. ]
3.13.0-rc1+ #126 Not tainted
-------------------------------
linux/crypto/pcrypt.c:81 suspicious rcu_dereference_check() usage!other info that might help us debug this:
rcu_scheduler_active = 1, debug_locks = 1
1 lock held by cryptomgr_test/153:
#0: (rcu_read_lock_bh){.+....}, at: [] pcrypt_do_parallel.isra.2+0x5/0x200Fix that by using rcu_dereference_bh() instead.
Signed-off-by: Mathias Krause
Cc: "David S. Miller"
Acked-by: Steffen Klassert
Signed-off-by: Herbert Xu -
Disabling compiler optimizations can be fragile, since a new
optimization could be added to -O0 or -Os that breaks the assumptions
the code is making.Instead of disabling compiler optimizations, use a dummy inline assembly
(based on RELOC_HIDE) to block the problematic kinds of optimization,
while still allowing other optimizations to be applied to the code.The dummy inline assembly is added after every OR, and has the
accumulator variable as its input and output. The compiler is forced to
assume that the dummy inline assembly could both depend on the
accumulator variable and change the accumulator variable, so it is
forced to compute the value correctly before the inline assembly, and
cannot assume anything about its value after the inline assembly.This change should be enough to make crypto_memneq work correctly (with
data-independent timing) even if it is inlined at its call sites. That
can be done later in a followup patch.Compile-tested on x86_64.
Signed-off-by: Cesar Eduardo Barros
Acked-by: Daniel Borkmann
Signed-off-by: Herbert Xu -
Pull crypto fixes from Herbert Xu:
"This push fixes a number of crashes triggered by a previous crypto
self-test update. It also fixes a build problem in the caam driver,
as well as a concurrency issue in s390.Finally there is a pair of fixes to bugs in the crypto scatterwalk
code and authenc that may lead to crashes"* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: testmgr - fix sglen in test_aead for case 'dst != src'
crypto: talitos - fix aead sglen for case 'dst != src'
crypto: caam - fix aead sglen for case 'dst != src'
crypto: ccm - Fix handling of zero plaintext when computing mac
crypto: s390 - Fix aes-xts parameter corruption
crypto: talitos - corrrectly handle zero-length assoc data
crypto: scatterwalk - Set the chain pointer indication bit
crypto: authenc - Find proper IV address in ablkcipher callback
crypto: caam - Add missing Job Ring include
03 Dec, 2013
1 commit
-
Pull networking updates from David Miller:
"Here is a pile of bug fixes that accumulated while I was in Europe"1) In fixing kernel leaks to userspace during copying of socket
addresses, we broke a case that used to work, namely the user
providing a buffer larger than the in-kernel generic socket address
structure. This broke Ruby amongst other things. Fix from Dan
Carpenter.2) Fix regression added by byte queue limit support in 8139cp driver,
from Yang Yingliang.3) The addition of MSG_SENDPAGE_NOTLAST buggered up a few sendpage
implementations, they should just treat it the same as MSG_MORE.
Fix from Richard Weinberger and Shawn Landden.4) Handle icmpv4 errors received on ipv6 SIT tunnels correctly, from
Oussama Ghorbel. In particular we should send an ICMPv6 unreachable
in such situations.5) Fix some regressions in the recent genetlink fixes, in particular
get the pmcraid driver to use the new safer interfaces correctly.
From Johannes Berg.6) macvtap was converted to use a per-cpu set of statistics, but some
code was still bumping tx_dropped elsewhere. From Jason Wang.7) Fix build failure of xen-netback due to missing include on some
architectures, from Andy Whitecroft.8) macvtap double counts received packets in statistics, fix from Vlad
Yasevich.9) Fix various cases of using *_STATS_BH() when *_STATS() is more
appropriate. From Eric Dumazet and Hannes Frederic Sowa.10) Pktgen ipsec mode doesn't update the ipv4 header length and checksum
properly after encapsulation. Fix from Fan Du.* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (61 commits)
net/mlx4_en: Remove selftest TX queues empty condition
{pktgen, xfrm} Update IPv4 header total len and checksum after tranformation
virtio_net: make all RX paths handle erors consistently
virtio_net: fix error handling for mergeable buffers
virtio_net: Fixed a trivial typo (fitler --> filter)
netem: fix gemodel loss generator
netem: fix loss 4 state model
netem: missing break in ge loss generator
net/hsr: Support iproute print_opt ('ip -details ...')
net/hsr: Very small fix of comment style.
MAINTAINERS: Added net/hsr/ maintainer
ipv6: fix possible seqlock deadlock in ip6_finish_output2
ixgbe: Make ixgbe_identify_qsfp_module_generic static
ixgbe: turn NETIF_F_HW_L2FW_DOFFLOAD off by default
ixgbe: ixgbe_fwd_ring_down needs to be static
e1000: fix possible reset_task running after adapter down
e1000: fix lockdep warning in e1000_reset_task
e1000: prevent oops when adapter is being closed and reset simultaneously
igb: Fixed Wake On LAN support
inet: fix possible seqlock deadlocks
...
30 Nov, 2013
1 commit
-
Commit 35f9c09fe (tcp: tcp_sendpages() should call tcp_push() once)
added an internal flag MSG_SENDPAGE_NOTLAST, similar to
MSG_MORE.algif_hash, algif_skcipher, and udp used MSG_MORE from tcp_sendpages()
and need to see the new flag as identical to MSG_MORE.This fixes sendfile() on AF_ALG.
v3: also fix udp
Cc: Tom Herbert
Cc: Eric Dumazet
Cc: David S. Miller
Cc: # 3.4.x + 3.2.x
Reported-and-tested-by: Shawn Landden
Original-patch: Richard Weinberger
Signed-off-by: Shawn Landden
Signed-off-by: David S. Miller
28 Nov, 2013
4 commits
-
Commit d8a32ac25698cd60b02bed2100379803c7f964e3 (crypto: testmgr - make
test_aead also test 'dst != src' code paths) added support for different
source and destination buffers in test_aead.This patch modifies the source and destination buffer lengths accordingly:
the lengths are not equal since encryption / decryption adds / removes
the ICV.Cc: Jussi Kivilinna
Signed-off-by: Horia Geanta
Signed-off-by: Herbert Xu -
For aead case when source and destination buffers are different,
there is an incorrect assumption that the source length includes the ICV
length. Fix this, since it leads to an oops when using sg_count() to
find the number of nents in the scatterlist:Unable to handle kernel paging request for data at address 0x00000004
Faulting instruction address: 0xf91f7634
Oops: Kernel access of bad area, sig: 11 [#1]
SMP NR_CPUS=8 P4080 DS
Modules linked in: caamalg(+) caam_jr caam
CPU: 1 PID: 1053 Comm: cryptomgr_test Not tainted 3.11.0 #16
task: eeb24ab0 ti: eeafa000 task.ti: eeafa000
NIP: f91f7634 LR: f91f7f24 CTR: f91f7ef0
REGS: eeafbbc0 TRAP: 0300 Not tainted (3.11.0)
MSR: 00029002 CR: 44044044 XER: 00000000
DEAR: 00000004, ESR: 00000000GPR00: f91f7f24 eeafbc70 eeb24ab0 00000002 ee8e0900 ee8e0800 00000024 c45c4462
GPR08: 00000010 00000000 00000014 0c0e4000 24044044 00000000 00000000 c0691590
GPR16: eeab0000 eeb23000 00000000 00000000 00000000 00000001 00000001 eeafbcc8
GPR24: 000000d1 00000010 ee2d5000 ee49ea10 ee49ea10 ee46f640 ee46f640 c0691590
NIP [f91f7634] aead_edesc_alloc.constprop.14+0x144/0x780 [caamalg]
LR [f91f7f24] aead_encrypt+0x34/0x288 [caamalg]
Call Trace:
[eeafbc70] [a1004000] 0xa1004000 (unreliable)
[eeafbcc0] [f91f7f24] aead_encrypt+0x34/0x288 [caamalg]
[eeafbcf0] [c020d77c] __test_aead+0x3ec/0xe20
[eeafbe20] [c020f35c] test_aead+0x6c/0xe0
[eeafbe40] [c020f420] alg_test_aead+0x50/0xd0
[eeafbe60] [c020e5e4] alg_test+0x114/0x2e0
[eeafbee0] [c020bd1c] cryptomgr_test+0x4c/0x60
[eeafbef0] [c0047058] kthread+0xa8/0xb0
[eeafbf40] [c000eb0c] ret_from_kernel_thread+0x5c/0x64
Instruction dump:
69084321 7d080034 5508d97e 69080001 0f080000 81290024 552807fe 0f080000
3a600001 5529003a 2f8a0000 40dd0028 3ab50001 8109000c 70e30002
---[ end trace b3c3e23925c7484e ]---While here, add a tcrypt mode for making it easy to test authenc
(needed for triggering case above).Signed-off-by: Horia Geanta
Signed-off-by: Herbert Xu -
There are cases when cryptlen can be zero in crypto_ccm_auth():
-encryptiom: input scatterlist length is zero (no plaintext)
-decryption: input scatterlist contains only the mac
plus the condition of having different source and destination buffers
(or else scatterlist length = max(plaintext_len, ciphertext_len)).These are not handled correctly, leading to crashes like:
root@p4080ds:~/crypto# insmod tcrypt.ko mode=45
------------[ cut here ]------------
kernel BUG at crypto/scatterwalk.c:37!
Oops: Exception in kernel mode, sig: 5 [#1]
SMP NR_CPUS=8 P4080 DS
Modules linked in: tcrypt(+) crc32c xts xcbc vmac pcbc ecb gcm ghash_generic gf128mul ccm ctr seqiv
CPU: 3 PID: 1082 Comm: cryptomgr_test Not tainted 3.11.0 #14
task: ee12c5b0 ti: eecd0000 task.ti: eecd0000
NIP: c0204d98 LR: f9225848 CTR: c0204d80
REGS: eecd1b70 TRAP: 0700 Not tainted (3.11.0)
MSR: 00029002 CR: 22044022 XER: 20000000GPR00: f9225c94 eecd1c20 ee12c5b0 eecd1c28 ee879400 ee879400 00000000 ee607464
GPR08: 00000001 00000001 00000000 006b0000 c0204d80 00000000 00000002 c0698e20
GPR16: ee987000 ee895000 fffffff4 ee879500 00000100 eecd1d58 00000001 00000000
GPR24: ee879400 00000020 00000000 00000000 ee5b2800 ee607430 00000004 ee607460
NIP [c0204d98] scatterwalk_start+0x18/0x30
LR [f9225848] get_data_to_compute+0x28/0x2f0 [ccm]
Call Trace:
[eecd1c20] [f9225974] get_data_to_compute+0x154/0x2f0 [ccm] (unreliable)
[eecd1c70] [f9225c94] crypto_ccm_auth+0x184/0x1d0 [ccm]
[eecd1cb0] [f9225d40] crypto_ccm_encrypt+0x60/0x2d0 [ccm]
[eecd1cf0] [c020d77c] __test_aead+0x3ec/0xe20
[eecd1e20] [c020f35c] test_aead+0x6c/0xe0
[eecd1e40] [c020f420] alg_test_aead+0x50/0xd0
[eecd1e60] [c020e5e4] alg_test+0x114/0x2e0
[eecd1ee0] [c020bd1c] cryptomgr_test+0x4c/0x60
[eecd1ef0] [c0047058] kthread+0xa8/0xb0
[eecd1f40] [c000eb0c] ret_from_kernel_thread+0x5c/0x64
Instruction dump:
0f080000 81290024 552807fe 0f080000 5529003a 4bffffb4 90830000 39400000
39000001 8124000c 2f890000 7d28579e 81240008 91230004 4e800020
---[ end trace 6d652dfcd1be37bd ]---Cc:
Cc: Jussi Kivilinna
Signed-off-by: Horia Geanta
Signed-off-by: Herbert Xu -
When performing an asynchronous ablkcipher operation the authenc
completion callback routine is invoked, but it does not locate and use
the proper IV.The callback routine, crypto_authenc_encrypt_done, is updated to use
the same method of calculating the address of the IV as is done in
crypto_authenc_encrypt function which sets up the callback.Cc: stable@vger.kernel.org
Signed-off-by: Tom Lendacky
Signed-off-by: Herbert Xu
24 Nov, 2013
2 commits
-
This reverts commit 09fbc47373826d67531380662b516de2da120545, which
caused the following build errors:crypto/asymmetric_keys/x509_public_key.c: In function ‘x509_key_preparse’:
crypto/asymmetric_keys/x509_public_key.c:237:35: error: ‘system_trusted_keyring’ undeclared (first use in this function)
ret = x509_validate_trust(cert, system_trusted_keyring);
^
crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared identifier is reported only once for each function it appears inreported by Jim Davis. Mimi says:
"I made the classic mistake of requesting this patch to be upstreamed
at the last second, rather than waiting until the next open window.At this point, the best course would probably be to revert the two
commits and fix them for the next open window"Reported-by: Jim Davis
Acked-by: Mimi Zohar
Signed-off-by: Linus Torvalds -
Pull crypto update from Herbert Xu:
- Made x86 ablk_helper generic for ARM
- Phase out chainiv in favour of eseqiv (affects IPsec)
- Fixed aes-cbc IV corruption on s390
- Added constant-time crypto_memneq which replaces memcmp
- Fixed aes-ctr in omap-aes
- Added OMAP3 ROM RNG support
- Add PRNG support for MSM SoC's
- Add and use Job Ring API in caam
- Misc fixes[ NOTE! This pull request was sent within the merge window, but Herbert
has some questionable email sending setup that makes him public enemy
#1 as far as gmail is concerned. So most of his emails seem to be
trapped by gmail as spam, resulting in me not seeing them. - Linus ]* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (49 commits)
crypto: s390 - Fix aes-cbc IV corruption
crypto: omap-aes - Fix CTR mode counter length
crypto: omap-sham - Add missing modalias
padata: make the sequence counter an atomic_t
crypto: caam - Modify the interface layers to use JR API's
crypto: caam - Add API's to allocate/free Job Rings
crypto: caam - Add Platform driver for Job Ring
hwrng: msm - Add PRNG support for MSM SoC's
ARM: DT: msm: Add Qualcomm's PRNG driver binding document
crypto: skcipher - Use eseqiv even on UP machines
crypto: talitos - Simplify key parsing
crypto: picoxcell - Simplify and harden key parsing
crypto: ixp4xx - Simplify and harden key parsing
crypto: authencesn - Simplify key parsing
crypto: authenc - Export key parsing helper function
crypto: mv_cesa: remove deprecated IRQF_DISABLED
hwrng: OMAP3 ROM Random Number Generator support
crypto: sha256_ssse3 - also test for BMI2
crypto: mv_cesa - Remove redundant of_match_ptr
crypto: sahara - Remove redundant of_match_ptr
...
23 Nov, 2013
1 commit
-
Pull networking fixes from David Miller:
1) Fix memory leaks and other issues in mwifiex driver, from Amitkumar
Karwar.2) skb_segment() can choke on packets using frag lists, fix from
Herbert Xu with help from Eric Dumazet and others.3) IPv4 output cached route instantiation properly handles races
involving two threads trying to install the same route, but we
forgot to propagate this logic to input routes as well. Fix from
Alexei Starovoitov.4) Put protections in place to make sure that recvmsg() paths never
accidently copy uninitialized memory back into userspace and also
make sure that we never try to use more that sockaddr_storage for
building the on-kernel-stack copy of a sockaddr. Fixes from Hannes
Frederic Sowa.5) R8152 driver transmit flow bug fixes from Hayes Wang.
6) Fix some minor fallouts from genetlink changes, from Johannes Berg
and Michael Opdenacker.7) AF_PACKET sendmsg path can race with netdevice unregister notifier,
fix by using RCU to make sure the network device doesn't go away
from under us. Fix from Daniel Borkmann.* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (43 commits)
gso: handle new frag_list of frags GRO packets
genetlink: fix genl_set_err() group ID
genetlink: fix genlmsg_multicast() bug
packet: fix use after free race in send path when dev is released
xen-netback: stop the VIF thread before unbinding IRQs
wimax: remove dead code
net/phy: Add the autocross feature for forced links on VSC82x4
net/phy: Add VSC8662 support
net/phy: Add VSC8574 support
net/phy: Add VSC8234 support
net: add BUG_ON if kernel advertises msg_namelen > sizeof(struct sockaddr_storage)
net: rework recvmsg handler msg_name and msg_namelen logic
bridge: flush br's address entry in fdb when remove the
net: core: Always propagate flag changes to interfaces
ipv4: fix race in concurrent ip_route_input_slow()
r8152: fix incorrect type in assignment
r8152: support stopping/waking tx queue
r8152: modify the tx flow
r8152: fix tx/rx memory overflow
netfilter: ebt_ip6: fix source and destination matching
...
22 Nov, 2013
1 commit
-
Pull security subsystem updates from James Morris:
"In this patchset, we finally get an SELinux update, with Paul Moore
taking over as maintainer of that code.Also a significant update for the Keys subsystem, as well as
maintenance updates to Smack, IMA, TPM, and Apparmor"and since I wanted to know more about the updates to key handling,
here's the explanation from David Howells on that:"Okay. There are a number of separate bits. I'll go over the big bits
and the odd important other bit, most of the smaller bits are just
fixes and cleanups. If you want the small bits accounting for, I can
do that too.(1) Keyring capacity expansion.
KEYS: Consolidate the concept of an 'index key' for key access
KEYS: Introduce a search context structure
KEYS: Search for auth-key by name rather than target key ID
Add a generic associative array implementation.
KEYS: Expand the capacity of a keyringSeveral of the patches are providing an expansion of the capacity of a
keyring. Currently, the maximum size of a keyring payload is one page.
Subtract a small header and then divide up into pointers, that only gives
you ~500 pointers on an x86_64 box. However, since the NFS idmapper uses
a keyring to store ID mapping data, that has proven to be insufficient to
the cause.Whatever data structure I use to handle the keyring payload, it can only
store pointers to keys, not the keys themselves because several keyrings
may point to a single key. This precludes inserting, say, and rb_node
struct into the key struct for this purpose.I could make an rbtree of records such that each record has an rb_node
and a key pointer, but that would use four words of space per key stored
in the keyring. It would, however, be able to use much existing code.I selected instead a non-rebalancing radix-tree type approach as that
could have a better space-used/key-pointer ratio. I could have used the
radix tree implementation that we already have and insert keys into it by
their serial numbers, but that means any sort of search must iterate over
the whole radix tree. Further, its nodes are a bit on the capacious side
for what I want - especially given that key serial numbers are randomly
allocated, thus leaving a lot of empty space in the tree.So what I have is an associative array that internally is a radix-tree
with 16 pointers per node where the index key is constructed from the key
type pointer and the key description. This means that an exact lookup by
type+description is very fast as this tells us how to navigate directly to
the target key.I made the data structure general in lib/assoc_array.c as far as it is
concerned, its index key is just a sequence of bits that leads to a
pointer. It's possible that someone else will be able to make use of it
also. FS-Cache might, for example.(2) Mark keys as 'trusted' and keyrings as 'trusted only'.
KEYS: verify a certificate is signed by a 'trusted' key
KEYS: Make the system 'trusted' keyring viewable by userspace
KEYS: Add a 'trusted' flag and a 'trusted only' flag
KEYS: Separate the kernel signature checking keyring from module signingThese patches allow keys carrying asymmetric public keys to be marked as
being 'trusted' and allow keyrings to be marked as only permitting the
addition or linkage of trusted keys.Keys loaded from hardware during kernel boot or compiled into the kernel
during build are marked as being trusted automatically. New keys can be
loaded at runtime with add_key(). They are checked against the system
keyring contents and if their signatures can be validated with keys that
are already marked trusted, then they are marked trusted also and can
thus be added into the master keyring.Patches from Mimi Zohar make this usable with the IMA keyrings also.
(3) Remove the date checks on the key used to validate a module signature.
X.509: Remove certificate date checks
It's not reasonable to reject a signature just because the key that it was
generated with is no longer valid datewise - especially if the kernel
hasn't yet managed to set the system clock when the first module is
loaded - so just remove those checks.(4) Make it simpler to deal with additional X.509 being loaded into the kernel.
KEYS: Load *.x509 files into kernel keyring
KEYS: Have make canonicalise the paths of the X.509 certs better to deduplicateThe builder of the kernel now just places files with the extension ".x509"
into the kernel source or build trees and they're concatenated by the
kernel build and stuffed into the appropriate section.(5) Add support for userspace kerberos to use keyrings.
KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches
KEYS: Implement a big key type that can save to tmpfsFedora went to, by default, storing kerberos tickets and tokens in tmpfs.
We looked at storing it in keyrings instead as that confers certain
advantages such as tickets being automatically deleted after a certain
amount of time and the ability for the kernel to get at these tokens more
easily.To make this work, two things were needed:
(a) A way for the tickets to persist beyond the lifetime of all a user's
sessions so that cron-driven processes can still use them.The problem is that a user's session keyrings are deleted when the
session that spawned them logs out and the user's user keyring is
deleted when the UID is deleted (typically when the last log out
happens), so neither of these places is suitable.I've added a system keyring into which a 'persistent' keyring is
created for each UID on request. Each time a user requests their
persistent keyring, the expiry time on it is set anew. If the user
doesn't ask for it for, say, three days, the keyring is automatically
expired and garbage collected using the existing gc. All the kerberos
tokens it held are then also gc'd.(b) A key type that can hold really big tickets (up to 1MB in size).
The problem is that Active Directory can return huge tickets with lots
of auxiliary data attached. We don't, however, want to eat up huge
tracts of unswappable kernel space for this, so if the ticket is
greater than a certain size, we create a swappable shmem file and dump
the contents in there and just live with the fact we then have an
inode and a dentry overhead. If the ticket is smaller than that, we
slap it in a kmalloc()'d buffer"* 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (121 commits)
KEYS: Fix keyring content gc scanner
KEYS: Fix error handling in big_key instantiation
KEYS: Fix UID check in keyctl_get_persistent()
KEYS: The RSA public key algorithm needs to select MPILIB
ima: define '_ima' as a builtin 'trusted' keyring
ima: extend the measurement list to include the file signature
kernel/system_certificate.S: use real contents instead of macro GLOBAL()
KEYS: fix error return code in big_key_instantiate()
KEYS: Fix keyring quota misaccounting on key replacement and unlink
KEYS: Fix a race between negating a key and reading the error set
KEYS: Make BIG_KEYS boolean
apparmor: remove the "task" arg from may_change_ptraced_domain()
apparmor: remove parent task info from audit logging
apparmor: remove tsk field from the apparmor_audit_struct
apparmor: fix capability to not use the current task, during reporting
Smack: Ptrace access check mode
ima: provide hash algo info in the xattr
ima: enable support for larger default filedata hash algorithms
ima: define kernel parameter 'ima_template=' to change configured default
ima: add Kconfig default measurement list template
...
21 Nov, 2013
2 commits
-
This patch now always passes msg->msg_namelen as 0. recvmsg handlers must
set msg_namelen to the proper size
Suggested-by: Eric Dumazet
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller -
Pull slave-dmaengine changes from Vinod Koul:
"This brings for slave dmaengine:- Change dma notification flag to DMA_COMPLETE from DMA_SUCCESS as
dmaengine can only transfer and not verify validaty of dma
transfers- Bunch of fixes across drivers:
- cppi41 driver fixes from Daniel
- 8 channel freescale dma engine support and updated bindings from
Hongbo- msx-dma fixes and cleanup by Markus
- DMAengine updates from Dan:
- Bartlomiej and Dan finalized a rework of the dma address unmap
implementation.- In the course of testing 1/ a collection of enhancements to
dmatest fell out. Notably basic performance statistics, and
fixed / enhanced test control through new module parameters
'run', 'wait', 'noverify', and 'verbose'. Thanks to Andriy and
Linus [Walleij] for their review.- Testing the raid related corner cases of 1/ triggered bugs in
the recently added 16-source operation support in the ioatdma
driver.- Some minor fixes / cleanups to mv_xor and ioatdma"
* 'next' of git://git.infradead.org/users/vkoul/slave-dma: (99 commits)
dma: mv_xor: Fix mis-usage of mmio 'base' and 'high_base' registers
dma: mv_xor: Remove unneeded NULL address check
ioat: fix ioat3_irq_reinit
ioat: kill msix_single_vector support
raid6test: add new corner case for ioatdma driver
ioatdma: clean up sed pool kmem_cache
ioatdma: fix selection of 16 vs 8 source path
ioatdma: fix sed pool selection
ioatdma: Fix bug in selftest after removal of DMA_MEMSET.
dmatest: verbose mode
dmatest: convert to dmaengine_unmap_data
dmatest: add a 'wait' parameter
dmatest: add basic performance metrics
dmatest: add support for skipping verification and random data setup
dmatest: use pseudo random numbers
dmatest: support xor-only, or pq-only channels in tests
dmatest: restore ability to start test at module load and init
dmatest: cleanup redundant "dmatest: " prefixes
dmatest: replace stored results mechanism, with uniform messages
Revert "dmatest: append verify result to results"
...
16 Nov, 2013
1 commit
-
Pull dmaengine changes from Dan
1/ Bartlomiej and Dan finalized a rework of the dma address unmap
implementation.2/ In the course of testing 1/ a collection of enhancements to dmatest
fell out. Notably basic performance statistics, and fixed / enhanced
test control through new module parameters 'run', 'wait', 'noverify',
and 'verbose'. Thanks to Andriy and Linus for their review.3/ Testing the raid related corner cases of 1/ triggered bugs in the
recently added 16-source operation support in the ioatdma driver.4/ Some minor fixes / cleanups to mv_xor and ioatdma.
Conflicts:
drivers/dma/dmatest.cSigned-off-by: Vinod Koul
15 Nov, 2013
9 commits
-
Use this new function to make code more comprehensible, since we are
reinitialzing the completion, not initializing.[akpm@linux-foundation.org: linux-next resyncs]
Signed-off-by: Wolfram Sang
Acked-by: Linus Walleij (personally at LCE13)
Cc: Ingo Molnar
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
With 24 disks and an ioatdma instance with 16 source support there is a
corner case where the driver needs to be careful to account for the
number of implied sources in the continuation case.Also bump the default case to test more than 16 sources now that it
triggers different paths in offload drivers.Cc: Dave Jiang
Acked-by: Dave Jiang
Signed-off-by: Dan Williams -
Remove no longer needed DMA unmap flags:
- DMA_COMPL_SKIP_SRC_UNMAP
- DMA_COMPL_SKIP_DEST_UNMAP
- DMA_COMPL_SRC_UNMAP_SINGLE
- DMA_COMPL_DEST_UNMAP_SINGLECc: Vinod Koul
Cc: Tomasz Figa
Cc: Dave Jiang
Signed-off-by: Bartlomiej Zolnierkiewicz
Signed-off-by: Kyungmin Park
Acked-by: Jon Mason
Acked-by: Mark Brown
[djbw: clean up straggling skip unmap flags in ntb]
Signed-off-by: Dan Williams -
Use the generic unmap object to unmap dma buffers.
Cc: Vinod Koul
Cc: Tomasz Figa
Cc: Dave Jiang
Reported-by: Bartlomiej Zolnierkiewicz
Signed-off-by: Bartlomiej Zolnierkiewicz
Signed-off-by: Kyungmin Park
Signed-off-by: Dan Williams -
Use the generic unmap object to unmap dma buffers.
Cc: Vinod Koul
Cc: Tomasz Figa
Cc: Dave Jiang
Reported-by: Bartlomiej Zolnierkiewicz
[bzolnier: keep temporary dma_dest array in do_async_gen_syndrome()]
Signed-off-by: Bartlomiej Zolnierkiewicz
Signed-off-by: Kyungmin Park
Signed-off-by: Dan Williams -
Use the generic unmap object to unmap dma buffers.
Cc: Vinod Koul
Cc: Tomasz Figa
Cc: Dave Jiang
Reported-by: Bartlomiej Zolnierkiewicz
[bzolnier: keep temporary dma_dest array in async_mult()]
Signed-off-by: Bartlomiej Zolnierkiewicz
Signed-off-by: Kyungmin Park
Signed-off-by: Dan Williams -
Use the generic unmap object to unmap dma buffers.
Cc: Vinod Koul
Cc: Tomasz Figa
Cc: Dave Jiang
Reported-by: Bartlomiej Zolnierkiewicz
[bzolnier: minor cleanups]
Signed-off-by: Bartlomiej Zolnierkiewicz
Signed-off-by: Kyungmin Park
Signed-off-by: Dan Williams -
Use the generic unmap object to unmap dma buffers.
Later we can push this unmap object up to the raid layer and get rid of
the 'scribble' parameter.Cc: Vinod Koul
Cc: Tomasz Figa
Cc: Dave Jiang
Reported-by: Bartlomiej Zolnierkiewicz
[bzolnier: minor cleanups]
Signed-off-by: Bartlomiej Zolnierkiewicz
Signed-off-by: Kyungmin Park
Signed-off-by: Dan Williams -
Use the generic unmap object to unmap dma buffers.
Cc: Vinod Koul
Cc: Tomasz Figa
Cc: Dave Jiang
Reported-by: Bartlomiej Zolnierkiewicz
[bzolnier: add missing unmap->len initialization]
[bzolnier: fix whitespace damage]
Signed-off-by: Bartlomiej Zolnierkiewicz
Signed-off-by: Kyungmin Park
[djbw: add DMA_ENGINE=n support]
Signed-off-by: Dan Williams
01 Nov, 2013
1 commit
-
The RSA public key algorithm needs to select MPILIB directly in Kconfig as the
'select' directive is not recursive and is thus MPILIB is not enabled by
selecting MPILIB_EXTRA.Without this, the following errors can occur:
crypto/built-in.o: In function `RSA_verify_signature':
rsa.c:(.text+0x1d347): undefined reference to `mpi_get_nbits'
rsa.c:(.text+0x1d354): undefined reference to `mpi_get_nbits'
rsa.c:(.text+0x1d36e): undefined reference to `mpi_cmp_ui'
rsa.c:(.text+0x1d382): undefined reference to `mpi_cmp'
rsa.c:(.text+0x1d391): undefined reference to `mpi_alloc'
rsa.c:(.text+0x1d3b0): undefined reference to `mpi_powm'
rsa.c:(.text+0x1d3c3): undefined reference to `mpi_free'
rsa.c:(.text+0x1d3d8): undefined reference to `mpi_get_buffer'
rsa.c:(.text+0x1d4d4): undefined reference to `mpi_free'
rsa.c:(.text+0x1d503): undefined reference to `mpi_get_nbits'Reported-by: Randy Dunlap
Signed-off-by: David Howells
Acked-by: Randy Dunlap
