1. 03 Aug, 2018 6 commits
    • Horia Geantă's avatar
      crypto: tcrypt - reschedule during speed tests · 2af63299
      Horia Geantă authored
      Avoid RCU stalls in the case of non-preemptible kernel and lengthy
      speed tests by rescheduling when advancing from one block size
      to another.
      Signed-off-by: default avatarHoria Geantă <horia.geanta@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      2af63299
    • Jia-Ju Bai's avatar
      crypto: virtio - Replace GFP_ATOMIC with GFP_KERNEL in __virtio_crypto_ablkcipher_do_req() · f6adeef7
      Jia-Ju Bai authored
      __virtio_crypto_ablkcipher_do_req() is never called in atomic context.
      
      __virtio_crypto_ablkcipher_do_req() is only called by
      virtio_crypto_ablkcipher_crypt_req(), which is only called by
      virtcrypto_find_vqs() that is never called in atomic context.
      
      __virtio_crypto_ablkcipher_do_req() calls kzalloc_node() with GFP_ATOMIC,
      which is not necessary.
      GFP_ATOMIC can be replaced with GFP_KERNEL.
      
      This is found by a static analysis tool named DCNS written by myself.
      I also manually check the kernel code before reporting it.
      Signed-off-by: default avatarJia-Ju Bai <baijiaju1990@gmail.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      f6adeef7
    • Jia-Ju Bai's avatar
      crypto: qat/adf_aer - Replace GFP_ATOMIC with GFP_KERNEL in adf_dev_aer_schedule_reset() · 8e8c0386
      Jia-Ju Bai authored
      adf_dev_aer_schedule_reset() is never called in atomic context, as it
      calls wait_for_completion_timeout().
      
      adf_dev_aer_schedule_reset() calls kzalloc() with GFP_ATOMIC,
      which is not necessary.
      GFP_ATOMIC can be replaced with GFP_KERNEL.
      
      This is found by a static analysis tool named DCNS written by myself.
      I also manually check the kernel code before reporting it.
      Signed-off-by: default avatarJia-Ju Bai <baijiaju1990@gmail.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      8e8c0386
    • Jia-Ju Bai's avatar
      crypto: cavium/nitrox - Replace GFP_ATOMIC with GFP_KERNEL in crypto_alloc_context() · 1c96dde1
      Jia-Ju Bai authored
      crypto_alloc_context() is only called by nitrox_skcipher_init(), which is
      never called in atomic context.
      
      crypto_alloc_context() calls dma_pool_alloc() with GFP_ATOMIC,
      which is not necessary.
      GFP_ATOMIC can be replaced with GFP_KERNEL.
      
      This is found by a static analysis tool named DCNS written by myself.
      I also manually check the kernel code before reporting it.
      Signed-off-by: default avatarJia-Ju Bai <baijiaju1990@gmail.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      1c96dde1
    • Stephan Müller's avatar
      crypto: drbg - in-place cipher operation for CTR · 43490e80
      Stephan Müller authored
      The cipher implementations of the kernel crypto API favor in-place
      cipher operations. Thus, switch the CTR cipher operation in the DRBG to
      perform in-place operations. This is implemented by using the output
      buffer as input buffer and zeroizing it before the cipher operation to
      implement a CTR encryption of a NULL buffer.
      
      The speed improvement is quite visibile with the following comparison
      using the LRNG implementation.
      
      Without the patch set:
      
            16 bytes|           12.267661 MB/s|    61338304 bytes |  5000000213 ns
            32 bytes|           23.603770 MB/s|   118018848 bytes |  5000000073 ns
            64 bytes|           46.732262 MB/s|   233661312 bytes |  5000000241 ns
           128 bytes|           90.038042 MB/s|   450190208 bytes |  5000000244 ns
           256 bytes|          160.399616 MB/s|   801998080 bytes |  5000000393 ns
           512 bytes|          259.878400 MB/s|  1299392000 bytes |  5000001675 ns
          1024 bytes|          386.050662 MB/s|  1930253312 bytes |  5000001661 ns
          2048 bytes|          493.641728 MB/s|  2468208640 bytes |  5000001598 ns
          4096 bytes|          581.835981 MB/s|  2909179904 bytes |  5000003426 ns
      
      With the patch set:
      
            16 bytes |         17.051142 MB/s |     85255712 bytes |  5000000854 ns
            32 bytes |         32.695898 MB/s |    163479488 bytes |  5000000544 ns
            64 bytes |         64.490739 MB/s |    322453696 bytes |  5000000954 ns
           128 bytes |        123.285043 MB/s |    616425216 bytes |  5000000201 ns
           256 bytes |        233.434573 MB/s |   1167172864 bytes |  5000000573 ns
           512 bytes |        384.405197 MB/s |   1922025984 bytes |  5000000671 ns
          1024 bytes |        566.313370 MB/s |   2831566848 bytes |  5000001080 ns
          2048 bytes |        744.518042 MB/s |   3722590208 bytes |  5000000926 ns
          4096 bytes |        867.501670 MB/s |   4337508352 bytes |  5000002181 ns
      Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      43490e80
    • Herbert Xu's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux · c5f5aeef
      Herbert Xu authored
      Merge mainline to pick up c7513c2a ("crypto/arm64: aes-ce-gcm -
      add missing kernel_neon_begin/end pair").
      c5f5aeef
  2. 31 Jul, 2018 1 commit
  3. 29 Jul, 2018 5 commits
    • Linus Torvalds's avatar
      Linux 4.18-rc7 · acb18725
      Linus Torvalds authored
      acb18725
    • Linus Torvalds's avatar
      Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 · 3cfb6772
      Linus Torvalds authored
      Pull ext4 fixes from Ted Ts'o:
       "Some miscellaneous ext4 fixes for 4.18; one fix is for a regression
        introduced in 4.18-rc4.
      
        Sorry for the late-breaking pull. I was originally going to wait for
        the next merge window, but Eric Whitney found a regression introduced
        in 4.18-rc4, so I decided to push out the regression plus the other
        fixes now. (The other commits have been baking in linux-next since
        early July)"
      
      * tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
        ext4: fix check to prevent initializing reserved inodes
        ext4: check for allocation block validity with block group locked
        ext4: fix inline data updates with checksums enabled
        ext4: clear mmp sequence number when remounting read-only
        ext4: fix false negatives *and* false positives in ext4_check_descriptors()
      3cfb6772
    • Linus Torvalds's avatar
      squashfs: be more careful about metadata corruption · 01cfb793
      Linus Torvalds authored
      Anatoly Trosinenko reports that a corrupted squashfs image can cause a
      kernel oops.  It turns out that squashfs can end up being confused about
      negative fragment lengths.
      
      The regular squashfs_read_data() does check for negative lengths, but
      squashfs_read_metadata() did not, and the fragment size code just
      blindly trusted the on-disk value.  Fix both the fragment parsing and
      the metadata reading code.
      Reported-by: default avatarAnatoly Trosinenko <anatoly.trosinenko@gmail.com>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Phillip Lougher <phillip@squashfs.org.uk>
      Cc: stable@kernel.org
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      01cfb793
    • Theodore Ts'o's avatar
      ext4: fix check to prevent initializing reserved inodes · 50122847
      Theodore Ts'o authored
      Commit 8844618d: "ext4: only look at the bg_flags field if it is
      valid" will complain if block group zero does not have the
      EXT4_BG_INODE_ZEROED flag set.  Unfortunately, this is not correct,
      since a freshly created file system has this flag cleared.  It gets
      almost immediately after the file system is mounted read-write --- but
      the following somewhat unlikely sequence will end up triggering a
      false positive report of a corrupted file system:
      
         mkfs.ext4 /dev/vdc
         mount -o ro /dev/vdc /vdc
         mount -o remount,rw /dev/vdc
      
      Instead, when initializing the inode table for block group zero, test
      to make sure that itable_unused count is not too large, since that is
      the case that will result in some or all of the reserved inodes
      getting cleared.
      
      This fixes the failures reported by Eric Whiteney when running
      generic/230 and generic/231 in the the nojournal test case.
      
      Fixes: 8844618d ("ext4: only look at the bg_flags field if it is valid")
      Reported-by: default avatarEric Whitney <enwlinux@gmail.com>
      Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
      50122847
    • Linus Torvalds's avatar
      Merge tag 'random_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random · a26fb01c
      Linus Torvalds authored
      Pull random fixes from Ted Ts'o:
       "In reaction to the fixes to address CVE-2018-1108, some Linux
        distributions that have certain systemd versions in some cases
        combined with patches to libcrypt for FIPS/FEDRAMP compliance, have
        led to boot-time stalls for some hardware.
      
        The reaction by some distros and Linux sysadmins has been to install
        packages that try to do complicated things with the CPU and hope that
        leads to randomness.
      
        To mitigate this, if RDRAND is available, mix it into entropy provided
        by userspace. It won't hurt, and it will probably help"
      
      * tag 'random_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random:
        random: mix rdrand with entropy sent in from userspace
      a26fb01c
  4. 28 Jul, 2018 3 commits
  5. 27 Jul, 2018 25 commits