- 03 Apr, 2020 2 commits
-
-
Colin Ian King authored
Currently in the case where eq->src != req->ds, the allocation of ptr is kfree'd at the end of the code block. However later on in the case where enc is not null any of the error return paths that return via the error handling return path end up performing an erroneous second kfree of ptr. Fix this by adding an error exit label error_free and only jump to this when ptr needs kfree'ing thus avoiding the double free issue. Addresses-Coverity: ("Double free") Fixes: 10b4f094 ("crypto: marvell - add the Virtual Function driver for CPT") Signed-off-by:Colin Ian King <colin.king@canonical.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
YueHaibing authored
When UACCE is m, CRYPTO_DEV_HISI_QM cannot be built-in. But CRYPTO_DEV_HISI_QM is selected by CRYPTO_DEV_HISI_SEC2 and CRYPTO_DEV_HISI_HPRE unconditionally, which may leads this: drivers/crypto/hisilicon/qm.o: In function 'qm_alloc_uacce': drivers/crypto/hisilicon/qm.c:1579: undefined reference to 'uacce_alloc' Add Kconfig dependency to enforce usable configurations. Fixes: 47c16b44 ("crypto: hisilicon - qm depends on UACCE") Signed-off-by:
YueHaibing <yuehaibing@huawei.com> Reviewed-by:
Arnd Bergmann <arnd@arndb.de> Signed-off-by:
-
- 30 Mar, 2020 12 commits
-
-
Lothar Rubusch authored
When working with bool values the true and false definitions should be used instead of 1 and 0. Hopefully I fixed my mailer and apologize for that. Signed-off-by:
Lothar Rubusch <l.rubusch@gmail.com> Signed-off-by:
-
Jason A. Donenfeld authored
The .S_shipped yields a .S, and the pattern in these directories is to add that to .gitignore so that git-status doesn't raise a fuss. Fixes: a6b803b3 ("crypto: arm/poly1305 - incorporate OpenSSL/CRYPTOGAMS NEON implementation") Fixes: f569ca16 ("crypto: arm64/poly1305 - incorporate OpenSSL/CRYPTOGAMS NEON implementation") Reported-by:
Emil Renner Berthing <kernel@esmil.dk> Cc: Ard Biesheuvel <ardb@kernel.org> Signed-off-by:
Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by:
-
Andrey Smirnov authored
In order to follow recommendation in SP800-90C (section "9.4 The Oversampling-NRBG Construction") limit the output of "generate" JD submitted to CAAM. See https://lore.kernel.org/linux-crypto/VI1PR0402MB3485EF10976A4A69F90E5B0F98580@VI1PR0402MB3485.eurprd04.prod.outlook.com/ for more details. This change should make CAAM's hwrng driver good enough to have 1024 quality rating. Signed-off-by:
Andrey Smirnov <andrew.smirnov@gmail.com> Reviewed-by:
Horia Geantă <horia.geanta@nxp.com> Cc: Chris Healy <cphealy@gmail.com> Cc: Lucas Stach <l.stach@pengutronix.de> Cc: Horia Geantă <horia.geanta@nxp.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Iuliana Prodan <iuliana.prodan@nxp.com> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-imx@nxp.com Signed-off-by:
-
Andrey Smirnov authored
Instantiate CAAM RNG with prediction resistance enabled to improve its quality (with PR on DRNG is forced to reseed from TRNG every time random data is generated). Management Complex firmware with version lower than 10.20.0 doesn't provide prediction resistance support. Consider this and only instantiate rng when mc f/w version is lower. Signed-off-by:
Andrei Botila <andrei.botila@nxp.com> Cc: Chris Healy <cphealy@gmail.com> Cc: Lucas Stach <l.stach@pengutronix.de> Cc: Horia Geantă <horia.geanta@nxp.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Iuliana Prodan <iuliana.prodan@nxp.com> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-imx@nxp.com Reviewed-by:
-
Andrei Botila authored
Add a new api that returns Management Complex firmware version and make the required structure public. The api's first user will be the caam driver for setting prediction resistance bits. Signed-off-by:
Laurentiu Tudor <laurentiu.tudor@nxp.com> Reviewed-by:
-
Andrey Smirnov authored
In order to make sure that we always use non-stale entropy data, change the code to invalidate entropy register during RNG initialization. Signed-off-by:
Aymen Sghaier <aymen.sghaier@nxp.com> Signed-off-by:
Vipul Kumar <vipul_kumar@mentor.com> [andrew.smirnov@gmail.com ported to upstream kernel, rewrote commit msg] Signed-off-by:
-
Andrey Smirnov authored
We shouldn't stay silent if RNG job fails. Add appropriate code to check for that case and propagate error code up appropriately. Signed-off-by:
-
Andrey Smirnov authored
Rework CAAM RNG implementation as follows: - Make use of the fact that HWRNG supports partial reads and will handle such cases gracefully by removing recursion in caam_read() - Convert blocking caam_read() codepath to do a single blocking job read directly into requested buffer, bypassing any intermediary buffers - Convert async caam_read() codepath into a simple single reader/single writer FIFO use-case, thus simplifying concurrency handling and delegating buffer read/write position management to KFIFO subsystem. - Leverage the same low level RNG data extraction code for both async and blocking caam_read() scenarios, get rid of the shared job descriptor and make non-shared one as a simple as possible (just HEADER + ALGORITHM OPERATION + FIFO STORE) - Split private context from DMA related memory, so that the former could be allocated without GFP_DMA. NOTE: On its face value this commit decreased throughput numbers reported by dd if=/dev/hwrng of=/dev/null bs=1 count=100K [iflag=nonblock] by about 15%, however commits that enable prediction resistance and limit JR total size impact the performance so much and move the bottleneck such as to make this regression irrelevant. NOTE: On the bright side, this commit reduces RNG in kernel DMA buffer memory usage from 2 x RN_BUF_SIZE (~256K) to 32K. Signed-off-by:
-
Andrey Smirnov authored
Leverage devres to get rid of code storing global context as well as init_done flag. Original code also has a circular deallocation dependency where unregister_algs() -> caam_rng_exit() -> caam_jr_free() chain would only happen if all of JRs were freed. Fix this by moving caam_rng_exit() outside of unregister_algs() and doing it specifically for JR that instantiated HWRNG. Signed-off-by:
-
Andrey Smirnov authored
Make caamrng code a bit more symmetric by moving initialization code to .init hook of struct hwrng. Signed-off-by:
-
Andrey Smirnov authored
Be consistent with the rest of the codebase and use GFP_DMA when allocating memory for a CAAM JR descriptor. Signed-off-by:
-
YueHaibing authored
Remove duplicated include. Signed-off-by:
-
- 20 Mar, 2020 12 commits
-
-
YueHaibing authored
drivers/crypto/chelsio/chcr_algo.c: In function 'chcr_device_init': drivers/crypto/chelsio/chcr_algo.c:1440:18: warning: variable 'adap' set but not used [-Wunused-but-set-variable] commit 567be3a5 ("crypto: chelsio - Use multiple txq/rxq per tfm to process the requests") involved this unused variable. Signed-off-by:
-
SrujanaChalla authored
Add the OcteonTX cpt options in crypto Kconfig and Makefile Signed-off-by:
SrujanaChalla <schalla@marvell.com> Signed-off-by:
-
SrujanaChalla authored
Add support for the cryptographic accelerator unit virtual functions on OcteonTX 83XX SoC. Co-developed-by:
Lukasz Bartosik <lbartosik@marvell.com> Signed-off-by:
-
SrujanaChalla authored
Add support for the cryptographic acceleration unit (CPT) on OcteonTX CN83XX SoC. Co-developed-by:
-
SrujanaChalla authored
Creats common Kconfig and Makefile for Marvell crypto drivers. Signed-off-by:
-
Torsten Duwe authored
At function exit, do not leave the expanded key in the rk struct which got allocated on the stack. Signed-off-by:
Torsten Duwe <duwe@suse.de> Acked-by:
Will Deacon <will@kernel.org> Acked-by:
Ard Biesheuvel <ardb@kernel.org> Signed-off-by:
-
Takashi Iwai authored
Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Signed-off-by:
Takashi Iwai <tiwai@suse.de> Signed-off-by:
-
Jianhui Zhao authored
The wake token cannot be sent without ignoring the nack for the device address Signed-off-by:
Jianhui Zhao <zhaojh329@gmail.com> Signed-off-by:
-
Kai Ye authored
Combine found device and created qp into one operation instead of found device and create qp both are independent operations. when execute multiple tasks, the different threads may find same device at the same time, but the number of queues is insufficient on the device. causing one of threads fail to create a qp. Now fix this, First find device then create qp, if result failure. the current thread will find next device. Signed-off-by:
Kai Ye <yekai13@huawei.com> Signed-off-by:
Shukun Tan <tanshukun1@huawei.com> Reviewed-by:
Zhou Wang <wangzhou1@hisilicon.com> Reviewed-by:
Zaibo Xu <xuzaibo@huawei.com> Signed-off-by:
-
Hui Tang authored
Optimize finding hpre device process according to priority of numa distance. Signed-off-by:
Hui Tang <tanghui20@huawei.com> Signed-off-by:
-
Shukun Tan authored
Encapsulate hisi_qm_alloc_qps_node() to new interface to replace find_zip_device(), which will fix the bug of creating QP failure especially in multi-thread scenario. Signed-off-by:
-
Weili Qian authored
Use struct hisi_qm to maintain device list. Meanwhile, add two external interface into qm, merge find proper device and create qp into QP alloc logic, merge release qps into QP free logic. Signed-off-by:
Weili Qian <qianweili@huawei.com> Signed-off-by:
-
- 12 Mar, 2020 14 commits
-
-
Gilad Ben-Yossef authored
Our handling of ciphers with IV trailing the AAD was correct but overly complicated. Refactor to simplify and possibly save one DMA burst. This has the added bonus of behaving the same as the generic rfc4543 implementation for none compliants inputs where the IV in the iv field was not the same as the IV in the AAD. There should be no change in behaviour with correct inputs. Signed-off-by:
Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by:
-
Gilad Ben-Yossef authored
Use crypto_ipsec_check_assoclen() instead of home grown functions. Clean up some unneeded code as a result. Delete stale comments while we're at it. Signed-off-by:
-
Gilad Ben-Yossef authored
Move testing of condition to after the point we decide if we need it or not. Signed-off-by:
-
Gilad Ben-Yossef authored
Remove left over ancient and now misleading TODO remarks. Signed-off-by:
-
Hadar Gat authored
removed pointless comment Signed-off-by:
Hadar Gat <hadar.gat@arm.com> Signed-off-by:
-
Hadar Gat authored
Changed CC_GENMASK macro so it can be used for all HW registers. Signed-off-by:
-
Connor Kuehl authored
Instead of using CAP_SYS_ADMIN which is restricted to the root user, check the file mode for write permissions before executing commands that can affect the platform. This allows for more fine-grained access control to the SEV ioctl interface. This would allow a SEV-only user or group the ability to administer the platform without requiring them to be root or granting them overly powerful permissions. For example: chown root:root /dev/sev chmod 600 /dev/sev setfacl -m g:sev:r /dev/sev setfacl -m g:sev-admin:rw /dev/sev In this instance, members of the "sev-admin" group have the ability to perform all ioctl calls (including the ones that modify platform state). Members of the "sev" group only have access to the ioctls that do not modify the platform state. This also makes opening "/dev/sev" more consistent with how file descriptors are usually handled. By only checking for CAP_SYS_ADMIN, the file descriptor could be opened read-only but could still execute ioctls that modify the platform state. This patch enforces that the file descriptor is opened with write privileges if it is going to be used to modify the platform state. This flexibility is completely opt-in, and if it is not desirable by the administrator then they do not need to give anyone else access to /dev/sev. Signed-off-by:
Connor Kuehl <ckuehl@redhat.com> Reviewed-by:
Brijesh Singh <brijesh.singh@amd.com> Reviewed-by:
Bandan Das <bsd@redhat.com> Acked-by:
David Rientjes <rientjes@google.com> Acked-by:
Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by:
-
Martin Kaiser authored
Use a simpler approach for masking / unmasking the rngc interrupt: The interrupt is unmasked while self-test is running and when the rngc driver is used by the hwrng core. Mask the interrupt again when self test is finished, regardless of self test success or failure. Unmask the interrupt in the init function. Add a cleanup function where the rngc interrupt is masked again. Signed-off-by:
Martin Kaiser <martin@kaiser.cx> Signed-off-by:
-
Martin Kaiser authored
Read the rng type and hardware revision during probe. Fail the probe operation if the type is not one of rngc or rngb. (There's also an rnga type, which needs a different driver.) Display the type and revision in a debug print if probe was successful. Reviewed-by:
PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com> Signed-off-by:
-
Martin Kaiser authored
Remove the device name, it is added by the dev_...() routines. Drop the error code as well. It will be shown by the driver core when the probe operation failed. Reviewed-by:
-
Martin Kaiser authored
The rngc requires a new seed for its prng after generating 2^20 160-bit words of random data. At the moment, we seed the prng only once during initalisation. Set the rngc to auto seed mode so that it kicks off the internal reseeding operation when a new seed is required. Keep the manual calculation of the initial seed when the device is probed and switch to automatic seeding afterwards. Reviewed-by:
-
Martin Kaiser authored
Make sure that the rngc interrupt is masked if the rngc self test fails. Self test failure means that probe fails as well. Interrupts should be masked in this case, regardless of the error. Cc: stable@vger.kernel.org Fixes: 1d544944 ("hwrng: mx-rngc - add a driver for Freescale RNGC") Reviewed-by:
-
Randy Dunlap authored
Move the TI Keystone hardware random number generator into the same menu as all of the other hardware random number generators. This makes the driver config be listed in the correct place in the kconfig tools. Fixes: eb428ee0 ("hwrng: ks-sa - add hw_random driver") Signed-off-by:
Randy Dunlap <rdunlap@infradead.org> Cc: Vitaly Andrianov <vitalya@ti.com> Cc: Tero Kristo <t-kristo@ti.com> Cc: Murali Karicheri <m-karicheri2@ti.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Matt Mackall <mpm@selenic.com> Cc: linux-crypto@vger.kernel.org Signed-off-by:
-
Longfang Liu authored
In the scenario of SMMU translation, the SEC performance of short messages (<512Bytes) cannot meet our expectations. To avoid this, we reserve the plat buffer (PBUF) memory for small packets when creating TFM. Signed-off-by:
Longfang Liu <liulongfang@huawei.com> Signed-off-by:
Jonathan Cameron <Jonathan.Cameron@huawei.com> Signed-off-by:
-
