- 17 Oct, 2018 3 commits
-
-
Horia Geantă authored
Previously, a tree-wide change added SPDX license identifiers to files lacking licensing information: b2441318 ("License cleanup: add SPDX GPL-2.0 license identifier to files with no license") To be consistent update the rest of the files: -files with license specified by means of MODULE_LICENSE() -files with complete license text -Kconfig Signed-off-by:
Horia Geantă <horia.geanta@nxp.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Horia Geantă authored
CGRs (Congestion Groups) have to be freed by the same CPU that initialized them. This is why currently the driver takes special measures; however, using set_cpus_allowed_ptr() is incorrect - as reported by Sebastian. Instead of the generic solution of replacing set_cpus_allowed_ptr() with work_on_cpu_safe(), we use the qman_delete_cgr_safe() QBMan API instead of qman_delete_cgr() - which internally takes care of proper CGR deletion. Link: https://lkml.kernel.org/r/20181005125443.dfhd2asqktm22ney@linutronix.deReported-by:
Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6Herbert Xu authored
Merge crypto tree to pick up chelsio bug fix.
-
- 12 Oct, 2018 5 commits
-
-
Wei Yongjun authored
Fixes the following sparse warnings: drivers/crypto/mxs-dcp.c:39:15: warning: symbol 'sha1_null_hash' was not declared. Should it be static? drivers/crypto/mxs-dcp.c:43:15: warning: symbol 'sha256_null_hash' was not declared. Should it be static? Fixes: c709eeba ("crypto: mxs-dcp - Fix SHA null hashes and output length") Signed-off-by:
Wei Yongjun <weiyongjun1@huawei.com> Signed-off-by:
-
Ard Biesheuvel authored
Commit 2e5d2f33 ("crypto: arm64/aes-blk - improve XTS mask handling") optimized away some reloads of the XTS mask vector, but failed to take into account that calls into the XTS en/decrypt routines will take a slightly different code path if a single block of input is split across different buffers. So let's ensure that the first load occurs unconditionally, and move the reload to the end so it doesn't occur needlessly. Fixes: 2e5d2f33 ("crypto: arm64/aes-blk - improve XTS mask handling") Signed-off-by:
Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by:
-
Michael Schupikov authored
After allocation, output and decomp_output both point to memory chunks of size COMP_BUF_SIZE. Then, only the first bytes are zeroed out using sizeof(COMP_BUF_SIZE) as parameter to memset(), because sizeof(COMP_BUF_SIZE) provides the size of the constant and not the size of allocated memory. Instead, the whole allocated memory is meant to be zeroed out. Use COMP_BUF_SIZE as parameter to memset() directly in order to accomplish this. Fixes: 33607384 ("crypto: testmgr - Allow different compression results") Signed-off-by:
Michael Schupikov <michael@schupikov.de> Reviewed-by:
-
YueHaibing authored
Fixes gcc '-Wunused-but-set-variable' warning: drivers/crypto/chelsio/chtls/chtls_cm.c: In function 'chtls_disconnect': drivers/crypto/chelsio/chtls/chtls_cm.c:408:21: warning: variable 'csk' set but not used [-Wunused-but-set-variable] drivers/crypto/chelsio/chtls/chtls_cm.c: In function 'chtls_recv_sock': drivers/crypto/chelsio/chtls/chtls_cm.c:1016:23: warning: variable 'tcph' set but not used [-Wunused-but-set-variable] 'csk' and 'tcph' are never used since introduce in commit cc35c88a ("crypto : chtls - CPL handler definition") Signed-off-by:
YueHaibing <yuehaibing@huawei.com> Signed-off-by:
-
YueHaibing authored
Remove .owner field if calls are used which set it automatically Generated by: scripts/coccinelle/api/platform_no_drv_owner.cocci Signed-off-by:
-
- 08 Oct, 2018 8 commits
-
-
Eric Biggers authored
aesni-intel_glue.c still calls crypto_fpu_init() and crypto_fpu_exit() to register/unregister the "fpu" template. But these functions don't exist anymore, causing a build error. Remove the calls to them. Fixes: 944585a6 ("crypto: x86/aes-ni - remove special handling of AES in PCBC mode") Signed-off-by:
Eric Biggers <ebiggers@google.com> Signed-off-by:
-
Eric Biggers authored
In the new arm64 CTS-CBC implementation, return an error code rather than crashing on inputs shorter than AES_BLOCK_SIZE bytes. Also set cra_blocksize to AES_BLOCK_SIZE (like is done in the cts template) to indicate the minimum input size. Fixes: dd597fb3 ("crypto: arm64/aes-blk - add support for CTS-CBC mode") Signed-off-by:
-
Arnd Bergmann authored
Both the caam ctrl file and dpaa2_caam export a couple of flags. They use an #ifdef check to make sure that each flag is only built once, but this fails if they are both loadable modules: WARNING: drivers/crypto/caam/dpaa2_caam: 'caam_little_end' exported twice. Previous export was in drivers/crypto/caam/caam.ko WARNING: drivers/crypto/caam/dpaa2_caam: 'caam_imx' exported twice. Previous export was in drivers/crypto/caam/caam.ko Change the #ifdef to an IS_ENABLED() check in order to make it work in all configurations. It may be better to redesign this aspect of the two drivers in a cleaner way. Fixes: 8d818c10 ("crypto: caam/qi2 - add DPAA2-CAAM driver") Signed-off-by:
Arnd Bergmann <arnd@arndb.de> Acked-by:
-
Radu Solea authored
The DCP driver does not obey cryptlen, when doing android CTS this results in passing to hardware input stream lengths which are not multiple of block size. Add a check to prevent future erroneous stream lengths from reaching the hardware and adjust the scatterlist walking code to obey cryptlen. Also properly copy-out the IV for chaining. Signed-off-by:
Radu Solea <radu.solea@nxp.com> Signed-off-by:
Franck LENORMAND <franck.lenormand@nxp.com> Signed-off-by:
Leonard Crestez <leonard.crestez@nxp.com> Signed-off-by:
-
Radu Solea authored
DCP writes at least 32 bytes in the output buffer instead of hash length as documented. Add intermediate buffer to prevent write out of bounds. When requested to produce null hashes DCP fails to produce valid output. Add software workaround to bypass hardware and return valid output. Signed-off-by:
-
Dan Douglass authored
The mxs-dcp driver fails to probe if sha1/sha256 are supported: [ 2.455404] mxs-dcp 80028000.dcp: Failed to register sha1 hash! [ 2.464042] mxs-dcp: probe of 80028000.dcp failed with error -22 This happens because since commit 8996eafd ("crypto: ahash - ensure statesize is non-zero") import/export is mandatory and ahash_prepare_alg fails on statesize == 0. A set of dummy import/export functions were implemented in commit 9190b6fd ("crypto: mxs-dcp - Add empty hash export and import") but statesize is still zero and the driver fails to probe. That change was apparently part of some unrelated refactoring. Fix by actually implementing import/export. Signed-off-by:
Dan Douglass <dan.douglass@nxp.com> Signed-off-by:
-
Ard Biesheuvel authored
Use the correct __le32 annotation and accessors to perform the single round of AES encryption performed inside the AEGIS transform. Otherwise, tcrypt reports: alg: aead: Test 1 failed on encryption for aegis128-generic 00000000: 6c 25 25 4a 3c 10 1d 27 2b c1 d4 84 9a ef 7f 6e alg: aead: Test 1 failed on encryption for aegis128l-generic 00000000: cd c6 e3 b8 a0 70 9d 8e c2 4f 6f fe 71 42 df 28 alg: aead: Test 1 failed on encryption for aegis256-generic 00000000: aa ed 07 b1 96 1d e9 e6 f2 ed b5 8e 1c 5f dc 1c Fixes: f606a88e ("crypto: aegis - Add generic AEGIS AEAD implementations") Cc: <stable@vger.kernel.org> # v4.18+ Signed-off-by:
Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by:
-
Ard Biesheuvel authored
Omit the endian swabbing when folding the lengths of the assoc and crypt input buffers into the state to finalize the tag. This is not necessary given that the memory representation of the state is in machine native endianness already. This fixes an error reported by tcrypt running on a big endian system: alg: aead: Test 2 failed on encryption for morus640-generic 00000000: a8 30 ef fb e6 26 eb 23 b0 87 dd 98 57 f3 e1 4b 00000010: 21 alg: aead: Test 2 failed on encryption for morus1280-generic 00000000: 88 19 1b fb 1c 29 49 0e ee 82 2f cb 97 a6 a5 ee 00000010: 5f Fixes: 396be41f ("crypto: morus - Add generic MORUS AEAD implementations") Cc: <stable@vger.kernel.org> # v4.18+ Reviewed-by:
-
- 05 Oct, 2018 12 commits
-
-
Ard Biesheuvel authored
Due to an unfortunate interaction between commit fbe1a850 ("crypto: lrw - Fix out-of bounds access on counter overflow") and commit c778f96b ("crypto: lrw - Optimize tweak computation"), we ended up with a version of next_index() that always returns 127. Fixes: c778f96b ("crypto: lrw - Optimize tweak computation") Signed-off-by:
-
Srikanth Jampala authored
replace pci_enable_msix_exact() with pci_alloc_irq_vectors(). get the required vector count from pci_msix_vec_count(). use struct nitrox_q_vector as the argument to tasklets. Signed-off-by:
Srikanth Jampala <Jampala.Srikanth@cavium.com> Reviewed-by:
Gadam Sreerama <sgadam@cavium.com> Signed-off-by:
-
Srikanth Jampala authored
Use node based allocations for queues. consider the dma address alignment changes, while calculating the queue base address. added checks in cleanup functions. Minor changes to queue variable names Signed-off-by:
-
Srikanth Jampala authored
check the flr capability using pcie_has_flr() and do the flr. Signed-off-by:
-
Srikanth Jampala authored
fix compilation warnings with nitrox_debugfs.c while printing atomic64_t types on arm64. typecast the atomic64_read() value to u64 This issue is reported by Ard Biesheuvel drivers/crypto/cavium/nitrox/nitrox_debugfs.c:62:30: warning: format ‘%lld’ expects argument of type ‘long long int’, but argument 3 has type ‘long int’ [-Wformat=] seq_printf(s, " Posted: %lld\n", atomic64_read(&ndev->stats.posted)); ^ Fixes: 2a8780be (crypto: cavium/nitrox - updated debugfs information) Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reported-by: -
valdis.kletnieks@vt.edu authored
sparse complains thusly: CHECK arch/x86/crypto/morus640-sse2-glue.c arch/x86/crypto/morus640-sse2-glue.c:38:1: warning: symbol 'crypto_morus640_sse2_algs' was not declared. Should it be static? CHECK arch/x86/crypto/morus1280-sse2-glue.c arch/x86/crypto/morus1280-sse2-glue.c:38:1: warning: symbol 'crypto_morus1280_sse2_algs' was not declared. Should it be static? CHECK arch/x86/crypto/morus1280-avx2-glue.c arch/x86/crypto/morus1280-avx2-glue.c:38:1: warning: symbol 'crypto_morus1280_avx2_algs' was not declared. Should it be static? and sparse is correct - these don't need to be global and polluting the namespace. Signed-off-by:
Valdis Kletnieks <valdis.kletnieks@vt.edu> Acked-by:
Ondrej Mosnacek <omosnacek@gmail.com> Signed-off-by:
-
Arnd Bergmann authored
This driver implements a (part of a) network driver, and fails to build if we have turned off networking support: drivers/crypto/caam/caamalg_qi2.o: In function `dpaa2_caam_fqdan_cb': caamalg_qi2.c:(.text+0x577c): undefined reference to `napi_schedule_prep' caamalg_qi2.c:(.text+0x578c): undefined reference to `__napi_schedule_irqoff' drivers/crypto/caam/caamalg_qi2.o: In function `dpaa2_dpseci_poll': caamalg_qi2.c:(.text+0x59b8): undefined reference to `napi_complete_done' drivers/crypto/caam/caamalg_qi2.o: In function `dpaa2_caam_remove': caamalg_qi2.c:(.text.unlikely+0x4e0): undefined reference to `napi_disable' caamalg_qi2.c:(.text.unlikely+0x4e8): undefined reference to `netif_napi_del' drivers/crypto/caam/caamalg_qi2.o: In function `dpaa2_dpseci_setup': caamalg_qi2.c:(.text.unlikely+0xc98): undefined reference to `netif_napi_add' From what I can tell, CONFIG_NETDEVICES is the correct dependency here, and adding it fixes the randconfig failures. Fixes: 8d818c10 ("crypto: caam/qi2 - add DPAA2-CAAM driver") Signed-off-by:
-
Ard Biesheuvel authored
Arnd reports that with Kees's latest VLA patches applied, the HMAC handling in the QAT driver uses a worst case estimate of 160 bytes for the SHA blocksize, allowing the compiler to determine the size of the stack frame at compile time and throw a warning: drivers/crypto/qat/qat_common/qat_algs.c: In function 'qat_alg_do_precomputes': drivers/crypto/qat/qat_common/qat_algs.c:257:1: error: the frame size of 1112 bytes is larger than 1024 bytes [-Werror=frame-larger-than=] Given that this worst case estimate is only 32 bytes larger than the actual block size of SHA-512, the use of a VLA here was hiding the excessive size of the stack frame from the compiler, and so we should try to move these buffers off the stack. So move the ipad/opad buffers and the various SHA state descriptors into the tfm context struct. Since qat_alg_do_precomputes() is only called in the context of a setkey() operation, this should be safe. Using SHA512_BLOCK_SIZE for the size of the ipad/opad buffers allows them to be used by SHA-1/SHA-256 as well. Reported-by:
Kees Cook <keescook@chromium.org> Signed-off-by:
-
Wei Yongjun authored
Fixes the following sparse warning: drivers/crypto/ccp/psp-dev.c:444:5: warning: symbol 'sev_get_firmware' was not declared. Should it be static? Fixes: e9372060 ("crypto: ccp - Allow SEV firmware to be chosen based on Family and Model") Signed-off-by:
-
Michael S. Tsirkin authored
quality field is currently documented as being 'per mill'. In fact the math involved is: add_hwgenerator_randomness((void *)rng_fillbuf, rc, rc * current_quality * 8 >> 10); thus the actual definition is "bits of entropy per 1024 bits of input". The current documentation seems to have confused multiple people in the past, let's fix the documentation to match code. An alternative is to change core to match driver expectations, replacing rc * current_quality * 8 >> 10 with rc * current_quality / 1000 but that has performance costs, so probably isn't a good option. Fixes: 0f734e6e ("hwrng: add per-device entropy derating") Reported-by:"Dr. David Alan Gilbert" <dgilbert@redhat.com> Signed-off-by:
Michael S. Tsirkin <mst@redhat.com> Signed-off-by:
-
Nathan Chancellor authored
Clang emits a warning about this construct: drivers/crypto/ccp/sp-platform.c:36:36: warning: tentative array definition assumed to have one element static const struct acpi_device_id sp_acpi_match[]; ^ 1 warning generated. Just remove the forward declarations and move the initializations up so that they can be used in sp_get_of_version and sp_get_acpi_version. Reported-by:Nick Desaulniers <ndesaulniers@google.com> Signed-off-by:
Nathan Chancellor <natechancellor@gmail.com> Reviewed-by:
Gary R Hook <gary.hook@amd.com> Signed-off-by:
-
Ard Biesheuvel authored
For historical reasons, the AES-NI based implementation of the PCBC chaining mode uses a special FPU chaining mode wrapper template to amortize the FPU start/stop overhead over multiple blocks. When this FPU wrapper was introduced, it supported widely used chaining modes such as XTS and CTR (as well as LRW), but currently, PCBC is the only remaining user. Since there are no known users of pcbc(aes) in the kernel, let's remove this special driver, and rely on the generic pcbc driver to encapsulate the AES-NI core cipher. Signed-off-by:
-
- 28 Sep, 2018 12 commits
-
-
zhong jiang authored
kfree has taken the null pointer into account. hence it is safe to remove the redundant null pointer check before kfree. Signed-off-by:
zhong jiang <zhongjiang@huawei.com> Signed-off-by:
-
Srikanth Jampala authored
Updated debugfs to provide device partname and frequency etc. New file "stats" shows the number of requests posted, dropped and completed. Signed-off-by:
-
Srikanth Jampala authored
Add per device statistics like number of requests posted, dropped and completed etc. Signed-off-by:
-
Srikanth Jampala authored
Get the device partname based on it's capabilities like, core frequency, number of cores and revision id. Signed-off-by:
-
Gilad Ben-Yossef authored
We already have OFB test vectors and tcrypt OFB speed tests. Add OFB functional tests to tcrypt as well. Signed-off-by:
Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by:
-
Gilad Ben-Yossef authored
Add a generic version of output feedback mode. We already have support of several hardware based transformations of this mode and the needed test vectors but we somehow missed adding a generic software one. Fix this now. Signed-off-by:
-
Gilad Ben-Yossef authored
Add additional test vectors from "The SM4 Blockcipher Algorithm And Its Modes Of Operations" draft-ribose-cfrg-sm4-10 and register cipher speed tests for sm4. Signed-off-by:
-
zhong jiang authored
kfree_skb has taken the null pointer into account. hence it is safe to remove the redundant null pointer check before kfree_skb. Signed-off-by:
-
Horia Geantă authored
Commit 11049218 ("crypto: compress - remove unused pcomp interface") removed pcomp interface but missed cleaning up tcrypt. Signed-off-by:
-
Corentin Labbe authored
This patch adds an userspace tool for displaying kernel crypto API statistics. Signed-off-by:
Corentin Labbe <clabbe@baylibre.com> Signed-off-by:
-
Corentin Labbe authored
This patch implement a generic way to get statistics about all crypto usages. Signed-off-by:
-
Kees Cook authored
Now that all the users of the VLA-generating SKCIPHER_REQUEST_ON_STACK() macro have been moved to SYNC_SKCIPHER_REQUEST_ON_STACK(), we can remove the former. Signed-off-by:
-
