1. 12 Jul, 2017 4 commits
    • David Gstir's avatar
      crypto: caam - properly set IV after {en,de}crypt · 854b06f7
      David Gstir authored
      Certain cipher modes like CTS expect the IV (req->info) of
      ablkcipher_request (or equivalently req->iv of skcipher_request) to
      contain the last ciphertext block when the {en,de}crypt operation is done.
      This is currently not the case for the CAAM driver which in turn breaks
      e.g. cts(cbc(aes)) when the CAAM driver is enabled.
      
      This patch fixes the CAAM driver to properly set the IV after the
      {en,de}crypt operation of ablkcipher finishes.
      
      This issue was revealed by the changes in the SW CTS mode in commit
      0605c41c ("crypto: cts - Convert to skcipher")
      
      Cc: <stable@vger.kernel.org> # 4.8+
      Signed-off-by: default avatarDavid Gstir <david@sigma-star.at>
      Reviewed-by: default avatarHoria Geantă <horia.geanta@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      854b06f7
    • Gilad Ben-Yossef's avatar
      crypto: atmel - only treat EBUSY as transient if backlog · 1606043f
      Gilad Ben-Yossef authored
      The Atmel SHA driver was treating -EBUSY as indication of queueing
      to backlog without checking that backlog is enabled for the request.
      
      Fix it by checking request flags.
      
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarGilad Ben-Yossef <gilad@benyossef.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      1606043f
    • Herbert Xu's avatar
      Networking · 2acce6aa
      Herbert Xu authored
      crypto: af_alg - Avoid sock_graft call warning
      
      The newly added sock_graft warning triggers in af_alg_accept.
      It's harmless as we're essentially doing sock->sk = sock->sk.
      
      The sock_graft call is actually redundant because all the work
      it does is subsumed by sock_init_data.  However, it was added
      to placate SELinux as it uses it to initialise its internal state.
      
      This patch avoisd the warning by making the SELinux call directly.
      Reported-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      Acked-by: default avatarDavid S. Miller <davem@davemloft.net>
      2acce6aa
    • Horia Geantă's avatar
      crypto: caam - fix signals handling · 7459e1d2
      Horia Geantă authored
      Driver does not properly handle the case when signals interrupt
      wait_for_completion_interruptible():
      -it does not check for return value
      -completion structure is allocated on stack; in case a signal interrupts
      the sleep, it will go out of scope, causing the worker thread
      (caam_jr_dequeue) to fail when it accesses it
      
      wait_for_completion_interruptible() is replaced with uninterruptable
      wait_for_completion().
      We choose to block all signals while waiting for I/O (device executing
      the split key generation job descriptor) since the alternative - in
      order to have a deterministic device state - would be to flush the job
      ring (aborting *all* in-progress jobs).
      
      Cc: <stable@vger.kernel.org>
      Fixes: 045e3678 ("crypto: caam - ahash hmac support")
      Fixes: 4c1ec1f9 ("crypto: caam - refactor key_gen, sg")
      Signed-off-by: default avatarHoria Geantă <horia.geanta@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      7459e1d2
  2. 05 Jul, 2017 2 commits
  3. 28 Jun, 2017 1 commit
  4. 22 Jun, 2017 7 commits
  5. 20 Jun, 2017 26 commits