- 03 Jul, 2020 5 commits
-
-
John Allen authored
Running the crypto manager self tests with CONFIG_CRYPTO_MANAGER_EXTRA_TESTS may result in several types of errors when using the ccp-crypto driver: alg: skcipher: cbc-des3-ccp encryption failed on test vector 0; expected_error=0, actual_error=-5 ... alg: skcipher: ctr-aes-ccp decryption overran dst buffer on test vector 0 ... alg: ahash: sha224-ccp test failed (wrong result) on test vector ... These errors are the result of improper processing of scatterlists mapped for DMA. Given a scatterlist in which entries are merged as part of mapping the scatterlist for DMA, the DMA length of a merged entry will reflect the combined length of the entries that were merged. The subsequent scatterlist entry will contain DMA information for the scatterlist entry after the last merged entry, but the non-DMA information will be that of the first merged entry. The ccp driver does not take this scatterlist merging into account. To address this, add a second scatterlist pointer to track the current position in the DMA mapped representation of the scatterlist. Both the DMA representation and the original representation of the scatterlist must be tracked as while most of the driver can use just the DMA representation, scatterlist_map_and_copy() must use the original representation and expects the scatterlist pointer to be accurate to the original representation. In order to properly walk the original scatterlist, the scatterlist must be walked until the combined lengths of the entries seen is equal to the DMA length of the current entry being processed in the DMA mapped representation. Fixes: 63b94509 ("crypto: ccp - CCP device driver and interface support") Signed-off-by:
John Allen <john.allen@amd.com> Cc: stable@vger.kernel.org Acked-by:
Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Sivaprakash Murugesan authored
Crypto test driver's test_ahash_speed calls crypto_ahash_update and crypto_ahash_final APIs repeatedly for all the available test vector buffer lengths. if we mark the end for scatterlist based on the current vector size then the subsequent vectors might fail if the later buffer lengths are higher. To avoid this, in qce do not mark the end of scatterlist in update API, the qce_ahash_async_req_handle API already takes care of this copying right amount of buffer from the request scatter list. Signed-off-by:
Sivaprakash Murugesan <sivaprak@codeaurora.org> Signed-off-by:
-
Sivaprakash Murugesan authored
crypto testmgr deliberately corrupts the request context while passing vectors to the import. This is to make sure that drivers do not rely on request but they take all the necessary input from io vec passed to it. qce casts the request context from request parameter, since it is corrupted the sub squent hash request fails and qce hangs. To avoid this re-initialize request context on import. The qce import API alreasy takes care of taking the input vectors from passed io vec. Signed-off-by:
-
Sivaprakash Murugesan authored
crypto test module passes zero length vectors as test input to sha-1 and sha-256. To provide correct output for these vectors, hash zero support has been added as in other crypto drivers. Signed-off-by:
-
Dinghao Liu authored
pm_runtime_get_sync() increments the runtime PM usage counter even the call returns an error code. Thus a corresponding decrement is needed on the error handling path to keep the counter balanced. Fix this by adding the missed function call. Signed-off-by:
Dinghao Liu <dinghao.liu@zju.edu.cn> Signed-off-by:
-
- 26 Jun, 2020 12 commits
-
-
Gilad Ben-Yossef authored
Remove yet another unused field left over from times gone by. Signed-off-by:
Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by:
-
Gilad Ben-Yossef authored
The ESSIV support in ccree was added before the kernel generic support and using a slightly different API. Brings the ccree essiv interface into compliance with kernel crypto api one. Since CryptoCell only support 256 bit AES key for ESSIV, also use a fallback if requested a smaller key size. Signed-off-by:
-
Gilad Ben-Yossef authored
Fix a small resource leak on the error path of cipher processing. Signed-off-by:
-
Horia Geantă authored
ahash_finup_no_ctx() returns -ENOMEM in most error cases, and this is fine for almost all of them. However, the return code provided by dpaa2_caam_enqueue() (e.g. -EIO or -EBUSY) shouldn't be overridden by -ENOMEM. Signed-off-by:
Horia Geantă <horia.geanta@nxp.com> Signed-off-by:
-
Colin Ian King authored
The variable err is being initialized with a value that is never read and it is being updated later with a new value. The initialization is redundant and can be removed. Addresses-Coverity: ("Unused value") Signed-off-by:Colin Ian King <colin.king@canonical.com> Signed-off-by:
-
Colin Ian King authored
The variable ret is being assigned with a value that is never read and it is being updated later with a new value. The assignment is redundant and can be removed. Addresses-Coverity: ("Unused value") Signed-off-by: -
Herbert Xu authored
We haven't used string.h since the memcpy calls were removed so this patch removes its inclusion. The file uaccess.h isn't needed at all. However, removing it reveals that we do need to add an inclusion for refcount.h. Signed-off-by: -
Mikulas Patocka authored
There is this call chain: sec_alg_skcipher_encrypt -> sec_alg_skcipher_crypto -> sec_alg_alloc_and_calc_split_sizes -> kcalloc where we call sleeping allocator function even if CRYPTO_TFM_REQ_MAY_SLEEP was not specified. Signed-off-by:
Mikulas Patocka <mpatocka@redhat.com> Cc: stable@vger.kernel.org # v4.19+ Fixes: 915e4e84 ("crypto: hisilicon - SEC security accelerator driver") Acked-by:
Jonathan Cameron <Jonathan.Cameron@huawei.com> Signed-off-by:
-
Mikulas Patocka authored
There is this call chain: cvm_encrypt -> cvm_enc_dec -> cptvf_do_request -> process_request -> kzalloc where we call sleeping allocator function even if CRYPTO_TFM_REQ_MAY_SLEEP was not specified. Signed-off-by:
-
Herbert Xu authored
This patch fixes sparse endianness warnings as well as compiler warnings on 64-bit hosts. Signed-off-by:
Tero Kristo <t-kristo@ti.com> Signed-off-by:
-
Herbert Xu authored
This patch fixes sparse endianness warnings as well as compiler warnings on 64-bit hosts. Signed-off-by:
-
Zhangfei Gao authored
Use strscpy to fix the warning warning: 'strncpy' specified bound 64 equals destination size Reported-by:
kernel test robot <lkp@intel.com> Signed-off-by:
Zhangfei Gao <zhangfei.gao@linaro.org> Signed-off-by:
-
- 18 Jun, 2020 22 commits
-
-
Herbert Xu authored
This patch fixes all the sparse warnings in the octeontx driver. Some of these are just trivial type changes. However, some of the changes are non-trivial on little-endian hosts. Obviously the driver appears to be broken on either LE or BE as it was doing different things. I've taken the BE behaviour as the correct one. Reported-by:
-
Herbert Xu authored
The function handle_imx6_err005766 needs to take an __iomem argument as otherwise sparse will generate two warnings. Fixes: 33d69455 ("crypto: caam - limit AXI pipeline to a...") Signed-off-by:
Iuliana Prodan <iuliana.prodan@nxp.com> Signed-off-by:
-
Wojciech Ziemba authored
Replace timeout logic in adf_put_admin_msg_sync() with existing macro readl_poll_timeout(). Signed-off-by:
Wojciech Ziemba <wojciech.ziemba@intel.com> Signed-off-by:
Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by:
-
Wojciech Ziemba authored
Update the logic that sends admin messages to be able to target a subset of Acceleration Engines (AEs) in the device. In future not all admin messages need to be sent to all the AEs. Signed-off-by:
-
Wojciech Ziemba authored
This patch tidies up the definition of init/admin request and response messages by removing the icp_qat_fw_init_admin_resp_pars structure and embedding it into icp_qat_fw_init_admin_resp. Signed-off-by:
-
Colin Ian King authored
The variable ret is being assigned a value that is never read, the error exit path via label 'unmap' returns -ENOMEM anyhow, so assigning ret with -ENOMEM is redundamt. Addresses-Coverity: ("Unused value") Signed-off-by: -
Eric Biggers authored
- Correctly compare the algorithm name in crc_t10dif_notify(). - Use proper NOTIFY_* status codes instead of 0. - Consistently use CRC_T10DIF_STRING instead of "crct10dif" directly. - Use a proper type for the shash_desc context. - Use crypto_shash_driver_name() instead of open-coding it. - Make crc_t10dif_transform_show() use snprintf() rather than sprintf(). This isn't actually necessary since the buffer has size PAGE_SIZE and CRYPTO_MAX_ALG_NAME < PAGE_SIZE, but it's good practice. - Give the "transform" sysfs file mode 0444 rather than 0644, since it doesn't implement a setter method. - Adjust the module description to not be the same as crct10dif-generic. Cc: Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by:
Eric Biggers <ebiggers@google.com> Signed-off-by:
-
Eric Biggers authored
Currently the crc-t10dif module starts out with the fallback disabled and crct10dif_tfm == NULL. crc_t10dif_mod_init() tries to allocate crct10dif_tfm, and if it fails it enables the fallback. This is backwards because it means that any call to crc_t10dif() prior to module_init (which could theoretically happen from built-in code) will crash rather than use the fallback as expected. Also, it means that if the initial tfm allocation fails, then the fallback stays permanently enabled even if a crct10dif implementation is loaded later. Change it to use the more logical solution of starting with the fallback enabled, and disabling the fallback when a tfm gets allocated for the first time. This change also ends up simplifying the code. Also take the opportunity to convert the code to use the new static_key API, which is much less confusing than the old and deprecated one. Cc: Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by:
-
Longfang Liu authored
As stress-ng running SEC engine on the Ubuntu OS, we found that SEC only supports two threads each with one TFM based on the default module parameter 'ctx_q_num'. If running more threads, stress-ng will fail since it cannot get more TFMs. In order to fix this, we adjusted the default values of the module parameters to support more TFMs. Signed-off-by:
Longfang Liu <liulongfang@huawei.com> Signed-off-by:
Zaibo Xu <xuzaibo@huawei.com> Signed-off-by:
-
Herbert Xu authored
The crypto notify call occurs with a read mutex held so you must not do any substantial work directly. In particular, you cannot call crypto_alloc_* as they may trigger further notifications which may dead-lock in the presence of another writer. This patch fixes this by postponing the work into a work queue and taking the same lock in the module init function. While we're at it this patch also ensures that all RCU accesses are marked appropriately (tested with sparse). Finally this also reveals a race condition in module param show function as it may be called prior to the module init function. It's fixed by testing whether crct10dif_tfm is NULL (this is true iff the init function has not completed assuming fallback is false). Fixes: 11dcb103 ("crc-t10dif: Allow current transform to be...") Fixes: b7637754 ("crc-t10dif: Pick better transform if one...") Signed-off-by:
Martin K. Petersen <martin.petersen@oracle.com> Reviewed-by:
-
Giovanni Cabiddu authored
Remove packed attribute in adf_etr_bank_data and adf_etr_ring_data. Fields in these structures are reordered in order to avoid holes. Signed-off-by:
-
Wojciech Ziemba authored
Kernel source code should not contain stdint.h types. This patch replaces uintXX_t types with kernel space ABI types. Signed-off-by:
-
Wojciech Ziemba authored
Kernel source code should not include stdint.h types. This patch replaces uintXX_t types with respective ones defined in kernel headers. Signed-off-by:
-
Andrei Botila authored
Add support for dpseci_reset() command for DPSECI objects. For DPSECI DPAA2 objects with version lower than v5.4 reset command was broken in MC f/w. Signed-off-by:
Andrei Botila <andrei.botila@nxp.com> Reviewed-by:
-
Dan Carpenter authored
Originally this code rejected any read less than 256 bytes. There is no need for this artificial limit. We should just use the normal helper functions to read a string from the kernel. Signed-off-by:
Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by:
-
Andrey Smirnov authored
Add a small bit of plumbing necessary to use CAAM on VFxxx SoCs. Signed-off-by:
Andrey Smirnov <andrew.smirnov@gmail.com> Cc: Chris Healy <cphealy@gmail.com> Cc: Fabio Estevam <festevam@gmail.com> Cc: linux-imx@nxp.com Cc: linux-kernel@vger.kernel.org Reviewed-by:
-
Olivier Sobrie authored
Silex insight BA431 is an IP designed to generate random numbers that can be integrated in various FPGA. This driver adds support for it through the hwrng interface. This driver is used in Silex Insight Viper OEM boards. Signed-off-by:
Olivier Sobrie <olivier.sobrie@silexinsight.com> Signed-off-by:
Waleed Ziad <waleed94ziad@gmail.com> Acked-by:
Arnd Bergmann <arnd@arndb.de> Signed-off-by:
-
Olivier Sobrie authored
This patch documents the device tree bindings of the BA431 hardware random number generator. This IP is for instance present in the Viper OEM boards sold by Silex Insight. Signed-off-by:
Rob Herring <robh@kernel.org> Signed-off-by:
-
Herbert Xu authored
AEAD does not support partial requests so we must not wake up while ctx->more is set. In order to distinguish between the case of no data sent yet and a zero-length request, a new init flag has been added to ctx. SKCIPHER has also been modified to ensure that at least a block of data is available if there is more data to come. Fixes: 2d97591e ("crypto: af_alg - consolidation of...") Signed-off-by:
-
Giovanni Cabiddu authored
Replace License Headers with SPDX License Identifiers. Signed-off-by:
-
Daniel Jordan authored
A 5.7 kernel hangs during a tcrypt test of padata that waits for an AEAD request to finish. This is only seen on large machines running many concurrent requests. The issue is that padata never serializes the request. The removal of the reorder_objects atomic missed that the memory barrier in padata_do_serial() depends on it. Upgrade the barrier from smp_mb__after_atomic to smp_mb to get correct ordering again. Fixes: 3facced7 ("padata: remove reorder_objects") Signed-off-by:
Daniel Jordan <daniel.m.jordan@oracle.com> Cc: Steffen Klassert <steffen.klassert@secunet.com> Cc: linux-kernel@vger.kernel.org Cc: <stable@vger.kernel.org> Signed-off-by:
-
Herbert Xu authored
The locking in af_alg_release_parent is broken as the BH socket lock can only be taken if there is a code-path to handle the case where the lock is owned by process-context. Instead of adding such handling, we can fix this by changing the ref counts to atomic_t. This patch also modifies the main refcnt to include both normal and nokey sockets. This way we don't have to fudge the nokey ref count when a socket changes from nokey to normal. Credits go to Mauricio Faria de Oliveira who diagnosed this bug and sent a patch for it: https://lore.kernel.org/linux-crypto/20200605161657.535043-1-mfo@canonical.com/Reported-by:
Brian Moyles <bmoyles@netflix.com> Reported-by:
Mauricio Faria de Oliveira <mfo@canonical.com> Fixes: 37f96694 ("crypto: af_alg - Use bh_lock_sock in...") Cc: <stable@vger.kernel.org> Signed-off-by:
-
- 15 Jun, 2020 1 commit
-
-
Stephan Müller authored
The Jitter RNG is unconditionally allocated as a seed source follwoing the patch 97f2650e. Thus, the instance must always be deallocated. Reported-by: syzbot+2e635807decef724a1fa@syzkaller.appspotmail.com Fixes: 97f2650e ("crypto: drbg - always seeded with SP800-90B ...") Signed-off-by:
Stephan Mueller <smueller@chronox.de> Signed-off-by:
-
