- 31 Jul, 2020 19 commits
-
-
Herbert Xu authored
The carry variables are assigned but never used, which upsets the compiler. This patch removes them. Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by:
Karthikeyan Bhargavan <karthik.bhargavan@gmail.com> Acked-by:
Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by:
-
周琰杰 (Zhou Yanjie) authored
Add JZ4780 SoC and X1000 SoC random number generator driver, based on PrasannaKumar Muralidharan's JZ4780 RNG driver. Tested-by:
周正 (Zhou Zheng) <sernia.zhou@foxmail.com> Tested-by:
Mathieu Malaterre <malat@debian.org> Suggested-by:
Jeffrey Walton <noloader@gmail.com> Signed-off-by:
PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com> Signed-off-by:
周琰杰 (Zhou Yanjie) <zhouyanjie@wanyeetech.com> Signed-off-by:
-
周琰杰 (Zhou Yanjie) authored
Add the RNG bindings for the JZ4780 SoC and the X1000 SoC from Ingenic. Signed-off-by:
Rob Herring <robh@kernel.org> Signed-off-by:
-
Horia Geantă authored
Add a module alias, to enable udev-based module autoloading: $ modinfo -F alias drivers/crypto/caam/dpaa2_caam.ko fsl-mc:v00001957ddpseci Signed-off-by:
Horia Geantă <horia.geanta@nxp.com> Signed-off-by:
-
Horia Geantă authored
In some cases, e.g. when TRNG is not properly configured, the RNG module could issue a "Hardware error" at runtime. "Continuos check" error is emitted when some of the BISTs fail. Signed-off-by:
-
Dan Douglass authored
caam_jr_register() function is no longer part of the driver since commit 6dad4115 ("crypto: caam - Remove unused functions from Job Ring") This patch removes a comment referencing the function. Signed-off-by:
Dan Douglass <dan.douglass@nxp.com> Signed-off-by:
-
Horia Geantă authored
In case of bad key length, driver emits "key size mismatch" messages, but only for xts(aes) algorithms. Reduce verbosity by making them visible only when debugging. This way crypto fuzz testing log cleans up a bit. Signed-off-by:
-
Horia Geantă authored
For keyed hash algorithms, shared descriptors are currently generated twice: -at tfm initialization time, in cra_init() callback -in setkey() callback Since it's mandatory to call setkey() for keyed algorithms, drop the generation in cra_init(). This is similar to the change in caamhash (caam/jr top-level library) commit 9a2537d0 ("crypto: caam - create ahash shared descriptors only once") Signed-off-by:
-
Horia Geantă authored
Fix error reporting when preparation of an hmac algorithm for registration fails: print the hmac algorithm name, not the unkeyed hash algorithm name. Signed-off-by:
-
Franck LENORMAND authored
When building on a platform with a 32bit DMA address, taking the upper 32 bits makes no sense. Signed-off-by:
Franck LENORMAND <franck.lenormand@nxp.com> Signed-off-by:
-
Vaibhav Gupta authored
Drivers using legacy power management .suspen()/.resume() callbacks have to manage PCI states and device's PM states themselves. They also need to take care of standard configuration registers. Switch to generic power management framework using a single "struct dev_pm_ops" variable to take the unnecessary load from the driver. This also avoids the need for the driver to directly call most of the PCI helper functions and device power state control functions as through the generic framework, PCI Core takes care of the necessary operations, and drivers are required to do only device-specific jobs. Signed-off-by:
Vaibhav Gupta <vaibhavgupta40@gmail.com> Acked-by:
John Allen <john.allen@amd.com> Signed-off-by:
-
Ard Biesheuvel authored
Colin reports that the memcpy() call in xts_cts_final() trigggers a "Overlapping buffer in memory copy" warning in Coverity, which is a false postive, given that tail is guaranteed to be smaller than or equal to the distance between source and destination. However, given that any additional bytes that we copy will be ignored anyway, we can simply copy XTS_BLOCK_SIZE unconditionally, which means we can use struct assignment of the array members instead, which is likely to be more efficient as well. Addresses-Coverity: ("Overlapping buffer in memory copy") Fixes: 8083b1bf ("crypto: xts - add support for ciphertext stealing") Reported-by:Colin Ian King <colin.king@canonical.com> Signed-off-by:
Ard Biesheuvel <ardb@kernel.org> Signed-off-by:
-
Sven Auhagen authored
Balance the irqs of the marvell cesa driver over all available cpus. Currently all interrupts are handled by the first CPU. From my testing with IPSec AES 256 SHA256 on my clearfog base with 2 Cores I get a 2x speed increase: Before the patch: 26.74 Kpps With the patch: 56.11 Kpps Signed-off-by:
Sven Auhagen <sven.auhagen@voleatech.de> Signed-off-by:
-
Sven Auhagen authored
Balance the irqs of the inside secure driver over all available cpus. Currently all interrupts are handled by the first CPU. From my testing with IPSec AES-GCM 256 on my MCbin with 4 Cores I get a 50% speed increase: Before the patch: 99.73 Kpps With the patch: 151.25 Kpps Signed-off-by:
-
Stephan Müller authored
After the generation of a local public key, SP800-56A rev 3 section 5.6.2.1.3 mandates a validation of that key with a full validation compliant to section 5.6.2.3.3. Only if the full validation passes, the key is allowed to be used. The patch adds the full key validation compliant to 5.6.2.3.3 and performs the required check on the generated public key. Signed-off-by:
Stephan Mueller <smueller@chronox.de> Signed-off-by:
-
Stephan Müller authored
After the generation of a local public key, SP800-56A rev 3 section 5.6.2.1.3 mandates a validation of that key with a full validation compliant to section 5.6.2.3.1. Only if the full validation passes, the key is allowed to be used. Signed-off-by:
-
Stephan Müller authored
SP800-56A rev3 section 5.7.1.1 step 2 mandates that the validity of the calculated shared secret is verified before the data is returned to the caller. This patch adds the validation check. Signed-off-by:
Neil Horman <nhorman@redhat.com> Signed-off-by:
-
Marcelo Henrique Cerri authored
Add mpi_sub_ui() based on Gnu MP mpz_sub_ui() function from file mpz/aors_ui.h[1] from change id 510b83519d1c adapting the code to the kernel's data structures, helper functions and coding style and also removing the defines used to produce mpz_sub_ui() and mpz_add_ui() from the same code. [1] https://gmplib.org/repo/gmp-6.2/file/510b83519d1c/mpz/aors.hSigned-off-by:
Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Signed-off-by:
-
Stephan Müller authored
SP800-56A rev3 section 5.7.1.2 step 2 mandates that the validity of the calculated shared secret is verified before the data is returned to the caller. Thus, the export function and the validity check functions are reversed. In addition, the sensitive variables of priv and rand_z are zeroized. Signed-off-by:
Vitaly Chikunov <vt@altlinux.org> Acked-by:
-
- 23 Jul, 2020 21 commits
-
-
Uros Bizjak authored
Resolves conflict with the tip tree. Fixes: d7866e50 ("crypto: x86 - Remove include/asm/inst.h") CC: Thomas Gleixner <tglx@linutronix.de> CC: Ingo Molnar <mingo@redhat.com> CC: Borislav Petkov <bp@alien8.de> CC: "H. Peter Anvin" <hpa@zytor.com> CC: Stephen Rothwell <sfr@canb.auug.org.au>, CC: "Chang S. Bae" <chang.seok.bae@intel.com>, CC: Peter Zijlstra <peterz@infradead.org>, CC: Sasha Levin <sashal@kernel.org> Signed-off-by:
Uros Bizjak <ubizjak@gmail.com> Signed-off-by:
-
Randy Dunlap authored
Delete the doubled word "from" in multiple places. Signed-off-by:
Randy Dunlap <rdunlap@infradead.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Signed-off-by:
-
Alexander A. Klimov authored
Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Deterministic algorithm: For each file: If not .svg: For each line: If doesn't contain `\bxmlns\b`: For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`: If both the HTTP and HTTPS versions return 200 OK and serve the same content: Replace HTTP with HTTPS. Signed-off-by:Alexander A. Klimov <grandmaster@al2klimov.de> Signed-off-by:
-
Randy Dunlap authored
Drop the doubled word "request" in a kernel-doc comment. Signed-off-by:
David S. Miller <davem@davemloft.net> Signed-off-by:
-
Randy Dunlap authored
Drop the doubled word "in" in a comment. Signed-off-by:
-
Herbert Xu authored
This patch fixes all the sparse and W=1 compiler warnings in the driver. Signed-off-by: -
Horia Geantă authored
i.MX6 SL, SLL, ULL, ULZ SoCs have an RNGB block. Since imx-rngc driver supports also rngb, let's enable it for these SoCs too. Signed-off-by:
Martin Kaiser <martin@kaiser.cx> Reviewed-by:
Marco Felsch <m.felsch@pengutronix.de> Signed-off-by:
-
Horia Geantă authored
RNGB block is found in some i.MX6 SoCs - 6SL, 6SLL, 6ULL, 6ULZ. Add corresponding compatible strings. Note: Several NXP SoC from QorIQ family (P1010, P1023, P4080, P3041, P5020) also have a RNGB, however it's part of the CAAM (Cryptograhic Accelerator and Assurance Module) crypto accelerator. In this case, RNGB is managed in the caam driver (drivers/crypto/caam/), since it's tightly related to the caam "job ring" interface, not to mention CAAM internally relying on RNGB as source of randomness. On the other hand, the i.MX6 SoCs with RNGB have a DCP (Data Co-Processor) crypto accelerator and this block and RNGB are independent. Signed-off-by:
-
Daniel Jordan authored
Only its reorder field is actually used now, so remove the struct and embed @reorder directly in parallel_data. No functional change, just a cleanup. Signed-off-by:
Daniel Jordan <daniel.m.jordan@oracle.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Steffen Klassert <steffen.klassert@secunet.com> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by:
-
Daniel Jordan authored
There's no reason to have two interfaces when there's only one caller. Removing _possible saves text and simplifies future changes. Signed-off-by:
-
Daniel Jordan authored
A padata instance has effective cpumasks that store the user-supplied masks ANDed with the online mask, but this middleman is unnecessary. parallel_data keeps the same information around. Removing this saves text and code churn in future changes. Signed-off-by:
-
Daniel Jordan authored
pd_setup_cpumasks() has only one caller. Move its contents inline to prepare for the next cleanup. Signed-off-by:
-
Daniel Jordan authored
padata_stop() has two callers and is unnecessary in both cases. When pcrypt calls it before padata_free(), it's being unloaded so there are no outstanding padata jobs[0]. When __padata_free() calls it, it's either along the same path or else pcrypt initialization failed, which of course means there are also no outstanding jobs. Removing it simplifies padata and saves text. [0] https://lore.kernel.org/linux-crypto/20191119225017.mjrak2fwa5vccazl@gondor.apana.org.au/Signed-off-by:
-
Daniel Jordan authored
padata_start() is only used right after pcrypt allocates an instance with all possible CPUs, when PADATA_INVALID can't happen, so there's no need for a separate "start" step. It can be done during allocation to save text, make using padata easier, and avoid unneeded calls in the future. Signed-off-by:
-
Tom Rix authored
clang static analysis flags this error qat_uclo.c:297:3: warning: Attempt to free released memory [unix.Malloc] kfree(*init_tab_base); ^~~~~~~~~~~~~~~~~~~~~ When input *init_tab_base is null, the function allocates memory for the head of the list. When there is problem allocating other list elements the list is unwound and freed. Then a check is made if the list head was allocated and is also freed. Keeping track of the what may need to be freed is the variable 'tail_old'. The unwinding/freeing block is while (tail_old) { mem_init = tail_old->next; kfree(tail_old); tail_old = mem_init; } The problem is that the first element of tail_old is also what was allocated for the list head init_header = kzalloc(sizeof(*init_header), GFP_KERNEL); ... *init_tab_base = init_header; flag = 1; } tail_old = init_header; So *init_tab_base/init_header are freed twice. There is another problem. When the input *init_tab_base is non null the tail_old is calculated by traveling down the list to first non null entry. tail_old = init_header; while (tail_old->next) tail_old = tail_old->next; When the unwinding free happens, the last entry of the input list will be freed. So the freeing needs a general changed. If locally allocated the first element of tail_old is freed, else it is skipped. As a bit of cleanup, reset *init_tab_base if it came in as null. Fixes: b4b7e67c ("crypto: qat - Intel(R) QAT ucode part of fw loader") Cc: <stable@vger.kernel.org> Signed-off-by:Tom Rix <trix@redhat.com> Signed-off-by:
-
Tero Kristo authored
The child devices for sa2ul (like the RNG) have hard dependency towards the parent, they can't function without the parent enabled. Add device link for this purpose so that the dependencies are taken care of properly. Signed-off-by:
Tero Kristo <t-kristo@ti.com> Signed-off-by:
-
Keerthy authored
Add support for sa2ul hardware AEAD for hmac(sha256),cbc(aes) and hmac(sha1),cbc(aes) algorithms. Signed-off-by:
Keerthy <j-keerthy@ti.com> [t-kristo@ti.com: number of bug fixes, major refactoring and cleanup of code] Signed-off-by:
-
Keerthy authored
Add support for sha1/sha256/sha512 sa2ul based hardware authentication. With the hash update mechanism, we always use software fallback mechanism for now, as there is no way to fetch the partial hash state from the HW accelerator. HW accelerator is only used when digest is called for a data chunk of known size. Signed-off-by:
-
Keerthy authored
Adds a basic crypto driver and currently supports AES/3DES in cbc mode for both encryption and decryption. Signed-off-by:
-
Keerthy authored
The Security Accelerator Ultra Lite (SA2UL) subsystem provides hardware cryptographic acceleration for the following use cases: * Encryption and authentication for secure boot * Encryption and authentication of content in applications requiring DRM (digital rights management) and content/asset protection SA2UL provides support for number of different cryptographic algorithms including SHA1, SHA256, SHA512, AES, 3DES, and various combinations of the previous for AEAD use. Reviewed-by:
-
Arnd Bergmann authored
The clang integrated assembler complains about movzxw: arch/x86/crypto/crc32c-pcl-intel-asm_64.S:173:2: error: invalid instruction mnemonic 'movzxw' It seems that movzwq is the mnemonic that it expects instead, and this is what objdump prints when disassembling the file. Fixes: 6a8ce1ef ("crypto: crc32c - Optimize CRC32C calculation with PCLMULQDQ instruction") Signed-off-by:
Arnd Bergmann <arnd@arndb.de> Reviewed-by:
Nathan Chancellor <natechancellor@gmail.com> Signed-off-by:
-
