1. 30 Dec, 2013 3 commits
  2. 20 Dec, 2013 8 commits
  3. 09 Dec, 2013 2 commits
  4. 05 Dec, 2013 14 commits
  5. 28 Nov, 2013 8 commits
    • Horia Geanta's avatar
      crypto: testmgr - fix sglen in test_aead for case 'dst != src' · 8ec25c51
      Horia Geanta authored
      Commit d8a32ac2 (crypto: testmgr - make
      test_aead also test 'dst != src' code paths) added support for different
      source and destination buffers in test_aead.
      
      This patch modifies the source and destination buffer lengths accordingly:
      the lengths are not equal since encryption / decryption adds / removes
      the ICV.
      
      Cc: Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
      Signed-off-by: default avatarHoria Geanta <horia.geanta@freescale.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      8ec25c51
    • Horia Geanta's avatar
      crypto: talitos - fix aead sglen for case 'dst != src' · 62293a37
      Horia Geanta authored
      For aead case when source and destination buffers are different,
      there is an incorrect assumption that the source length includes the ICV
      length. Fix this, since it leads to an oops when using sg_count() to
      find the number of nents in the scatterlist:
      
      Unable to handle kernel paging request for data at address 0x00000004
      Faulting instruction address: 0xf2265a28
      Oops: Kernel access of bad area, sig: 11 [#1]
      SMP NR_CPUS=8 P2020 RDB
      Modules linked in: talitos(+)
      CPU: 1 PID: 2187 Comm: cryptomgr_test Not tainted 3.11.0 #12
      task: c4e72e20 ti: ef634000 task.ti: ef634000
      NIP: f2265a28 LR: f2266ad8 CTR: c000c900
      REGS: ef635bb0 TRAP: 0300   Not tainted  (3.11.0)
      MSR: 00029000 <CE,EE,ME>  CR: 42042084  XER: 00000000
      DEAR: 00000004, ESR: 00000000
      
      GPR00: f2266e10 ef635c60 c4e72e20 00000001 00000014 ef635c69 00000001 c11f3082
      GPR08: 00000010 00000000 00000002 2f635d58 22044084 00000000 00000000 c0755c80
      GPR16: c4bf1000 ef784000 00000000 00000000 00000020 00000014 00000010 ef2f6100
      GPR24: ef2f6200 00000024 ef143210 ef2f6000 00000000 ef635d58 00000000 2f635d58
      NIP [f2265a28] sg_count+0x1c/0xb4 [talitos]
      LR [f2266ad8] talitos_edesc_alloc+0x12c/0x410 [talitos]
      Call Trace:
      [ef635c60] [c0552068] schedule_timeout+0x148/0x1ac (unreliable)
      [ef635cc0] [f2266e10] aead_edesc_alloc+0x54/0x64 [talitos]
      [ef635ce0] [f22680f0] aead_encrypt+0x24/0x70 [talitos]
      [ef635cf0] [c024b948] __test_aead+0x494/0xf68
      [ef635e20] [c024d54c] test_aead+0x64/0xcc
      [ef635e40] [c024d604] alg_test_aead+0x50/0xc4
      [ef635e60] [c024c838] alg_test+0x10c/0x2e4
      [ef635ee0] [c0249d1c] cryptomgr_test+0x4c/0x54
      [ef635ef0] [c005d598] kthread+0xa8/0xac
      [ef635f40] [c000e3bc] ret_from_kernel_thread+0x5c/0x64
      Instruction dump:
      81230024 552807fe 0f080000 5523003a 4bffff24 39000000 2c040000 99050000
      408100a0 7c691b78 38c00001 38600000 <80e90004> 38630001 8109000c 70ea0002
      ---[ end trace 4498123cd8478591 ]---
      Signed-off-by: default avatarHoria Geanta <horia.geanta@freescale.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      62293a37
    • Horia Geanta's avatar
      crypto: caam - fix aead sglen for case 'dst != src' · bbf9c893
      Horia Geanta authored
      For aead case when source and destination buffers are different,
      there is an incorrect assumption that the source length includes the ICV
      length. Fix this, since it leads to an oops when using sg_count() to
      find the number of nents in the scatterlist:
      
      Unable to handle kernel paging request for data at address 0x00000004
      Faulting instruction address: 0xf91f7634
      Oops: Kernel access of bad area, sig: 11 [#1]
      SMP NR_CPUS=8 P4080 DS
      Modules linked in: caamalg(+) caam_jr caam
      CPU: 1 PID: 1053 Comm: cryptomgr_test Not tainted 3.11.0 #16
      task: eeb24ab0 ti: eeafa000 task.ti: eeafa000
      NIP: f91f7634 LR: f91f7f24 CTR: f91f7ef0
      REGS: eeafbbc0 TRAP: 0300   Not tainted  (3.11.0)
      MSR: 00029002 <CE,EE,ME>  CR: 44044044  XER: 00000000
      DEAR: 00000004, ESR: 00000000
      
      GPR00: f91f7f24 eeafbc70 eeb24ab0 00000002 ee8e0900 ee8e0800 00000024 c45c4462
      GPR08: 00000010 00000000 00000014 0c0e4000 24044044 00000000 00000000 c0691590
      GPR16: eeab0000 eeb23000 00000000 00000000 00000000 00000001 00000001 eeafbcc8
      GPR24: 000000d1 00000010 ee2d5000 ee49ea10 ee49ea10 ee46f640 ee46f640 c0691590
      NIP [f91f7634] aead_edesc_alloc.constprop.14+0x144/0x780 [caamalg]
      LR [f91f7f24] aead_encrypt+0x34/0x288 [caamalg]
      Call Trace:
      [eeafbc70] [a1004000] 0xa1004000 (unreliable)
      [eeafbcc0] [f91f7f24] aead_encrypt+0x34/0x288 [caamalg]
      [eeafbcf0] [c020d77c] __test_aead+0x3ec/0xe20
      [eeafbe20] [c020f35c] test_aead+0x6c/0xe0
      [eeafbe40] [c020f420] alg_test_aead+0x50/0xd0
      [eeafbe60] [c020e5e4] alg_test+0x114/0x2e0
      [eeafbee0] [c020bd1c] cryptomgr_test+0x4c/0x60
      [eeafbef0] [c0047058] kthread+0xa8/0xb0
      [eeafbf40] [c000eb0c] ret_from_kernel_thread+0x5c/0x64
      Instruction dump:
      69084321 7d080034 5508d97e 69080001 0f080000 81290024 552807fe 0f080000
      3a600001 5529003a 2f8a0000 40dd0028 <80e90004> 3ab50001 8109000c 70e30002
      ---[ end trace b3c3e23925c7484e ]---
      
      While here, add a tcrypt mode for making it easy to test authenc
      (needed for triggering case above).
      Signed-off-by: default avatarHoria Geanta <horia.geanta@freescale.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      bbf9c893
    • Horia Geanta's avatar
      crypto: ccm - Fix handling of zero plaintext when computing mac · 5638cabf
      Horia Geanta authored
      There are cases when cryptlen can be zero in crypto_ccm_auth():
      -encryptiom: input scatterlist length is zero (no plaintext)
      -decryption: input scatterlist contains only the mac
      plus the condition of having different source and destination buffers
      (or else scatterlist length = max(plaintext_len, ciphertext_len)).
      
      These are not handled correctly, leading to crashes like:
      
      root@p4080ds:~/crypto# insmod tcrypt.ko mode=45
      ------------[ cut here ]------------
      kernel BUG at crypto/scatterwalk.c:37!
      Oops: Exception in kernel mode, sig: 5 [#1]
      SMP NR_CPUS=8 P4080 DS
      Modules linked in: tcrypt(+) crc32c xts xcbc vmac pcbc ecb gcm ghash_generic gf128mul ccm ctr seqiv
      CPU: 3 PID: 1082 Comm: cryptomgr_test Not tainted 3.11.0 #14
      task: ee12c5b0 ti: eecd0000 task.ti: eecd0000
      NIP: c0204d98 LR: f9225848 CTR: c0204d80
      REGS: eecd1b70 TRAP: 0700   Not tainted  (3.11.0)
      MSR: 00029002 <CE,EE,ME>  CR: 22044022  XER: 20000000
      
      GPR00: f9225c94 eecd1c20 ee12c5b0 eecd1c28 ee879400 ee879400 00000000 ee607464
      GPR08: 00000001 00000001 00000000 006b0000 c0204d80 00000000 00000002 c0698e20
      GPR16: ee987000 ee895000 fffffff4 ee879500 00000100 eecd1d58 00000001 00000000
      GPR24: ee879400 00000020 00000000 00000000 ee5b2800 ee607430 00000004 ee607460
      NIP [c0204d98] scatterwalk_start+0x18/0x30
      LR [f9225848] get_data_to_compute+0x28/0x2f0 [ccm]
      Call Trace:
      [eecd1c20] [f9225974] get_data_to_compute+0x154/0x2f0 [ccm] (unreliable)
      [eecd1c70] [f9225c94] crypto_ccm_auth+0x184/0x1d0 [ccm]
      [eecd1cb0] [f9225d40] crypto_ccm_encrypt+0x60/0x2d0 [ccm]
      [eecd1cf0] [c020d77c] __test_aead+0x3ec/0xe20
      [eecd1e20] [c020f35c] test_aead+0x6c/0xe0
      [eecd1e40] [c020f420] alg_test_aead+0x50/0xd0
      [eecd1e60] [c020e5e4] alg_test+0x114/0x2e0
      [eecd1ee0] [c020bd1c] cryptomgr_test+0x4c/0x60
      [eecd1ef0] [c0047058] kthread+0xa8/0xb0
      [eecd1f40] [c000eb0c] ret_from_kernel_thread+0x5c/0x64
      Instruction dump:
      0f080000 81290024 552807fe 0f080000 5529003a 4bffffb4 90830000 39400000
      39000001 8124000c 2f890000 7d28579e <0f090000> 81240008 91230004 4e800020
      ---[ end trace 6d652dfcd1be37bd ]---
      
      Cc: <stable@vger.kernel.org>
      Cc: Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
      Signed-off-by: default avatarHoria Geanta <horia.geanta@freescale.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      5638cabf
    • Gerald Schaefer's avatar
      crypto: s390 - Fix aes-xts parameter corruption · 9dda2769
      Gerald Schaefer authored
      Some s390 crypto algorithms incorrectly use the crypto_tfm structure to
      store private data. As the tfm can be shared among multiple threads, this
      can result in data corruption.
      
      This patch fixes aes-xts by moving the xts and pcc parameter blocks from
      the tfm onto the stack (48 + 96 bytes).
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarGerald Schaefer <gerald.schaefer@de.ibm.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      9dda2769
    • Horia Geanta's avatar
      crypto: talitos - corrrectly handle zero-length assoc data · 935e99a3
      Horia Geanta authored
      talitos does not handle well zero-length assoc data. From dmesg:
      talitos ffe30000.crypto: master data transfer error
      talitos ffe30000.crypto: gather return/length error
      
      Check whether assoc data is provided by inspecting assoclen,
      not assoc pointer.
      This is needed in order to pass testmgr tests.
      Signed-off-by: default avatarHoria Geanta <horia.geanta@freescale.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      935e99a3
    • Tom Lendacky's avatar
      crypto: scatterwalk - Set the chain pointer indication bit · 41da8b5a
      Tom Lendacky authored
      The scatterwalk_crypto_chain function invokes the scatterwalk_sg_chain
      function to chain two scatterlists, but the chain pointer indication
      bit is not set.  When the resulting scatterlist is used, for example,
      by sg_nents to count the number of scatterlist entries, a segfault occurs
      because sg_nents does not follow the chain pointer to the chained scatterlist.
      
      Update scatterwalk_sg_chain to set the chain pointer indication bit as is
      done by the sg_chain function.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      41da8b5a
    • Tom Lendacky's avatar
      crypto: authenc - Find proper IV address in ablkcipher callback · fc019c71
      Tom Lendacky authored
      When performing an asynchronous ablkcipher operation the authenc
      completion callback routine is invoked, but it does not locate and use
      the proper IV.
      
      The callback routine, crypto_authenc_encrypt_done, is updated to use
      the same method of calculating the address of the IV as is done in
      crypto_authenc_encrypt function which sets up the callback.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      fc019c71
  6. 26 Nov, 2013 1 commit
  7. 24 Nov, 2013 1 commit
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · 26b265cd
      Linus Torvalds authored
      Pull crypto update from Herbert Xu:
       - Made x86 ablk_helper generic for ARM
       - Phase out chainiv in favour of eseqiv (affects IPsec)
       - Fixed aes-cbc IV corruption on s390
       - Added constant-time crypto_memneq which replaces memcmp
       - Fixed aes-ctr in omap-aes
       - Added OMAP3 ROM RNG support
       - Add PRNG support for MSM SoC's
       - Add and use Job Ring API in caam
       - Misc fixes
      
      [ NOTE! This pull request was sent within the merge window, but Herbert
        has some questionable email sending setup that makes him public enemy
        #1 as far as gmail is concerned.  So most of his emails seem to be
        trapped by gmail as spam, resulting in me not seeing them.  - Linus ]
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (49 commits)
        crypto: s390 - Fix aes-cbc IV corruption
        crypto: omap-aes - Fix CTR mode counter length
        crypto: omap-sham - Add missing modalias
        padata: make the sequence counter an atomic_t
        crypto: caam - Modify the interface layers to use JR API's
        crypto: caam - Add API's to allocate/free Job Rings
        crypto: caam - Add Platform driver for Job Ring
        hwrng: msm - Add PRNG support for MSM SoC's
        ARM: DT: msm: Add Qualcomm's PRNG driver binding document
        crypto: skcipher - Use eseqiv even on UP machines
        crypto: talitos - Simplify key parsing
        crypto: picoxcell - Simplify and harden key parsing
        crypto: ixp4xx - Simplify and harden key parsing
        crypto: authencesn - Simplify key parsing
        crypto: authenc - Export key parsing helper function
        crypto: mv_cesa: remove deprecated IRQF_DISABLED
        hwrng: OMAP3 ROM Random Number Generator support
        crypto: sha256_ssse3 - also test for BMI2
        crypto: mv_cesa - Remove redundant of_match_ptr
        crypto: sahara - Remove redundant of_match_ptr
        ...
      26b265cd
  8. 23 Nov, 2013 1 commit
    • Linus Torvalds's avatar
      Merge branch 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86 · 2e7babfa
      Linus Torvalds authored
      Pull x86 platform driver updates from Matthew Garrett:
       "A moderate diffstat, but it's almost entirely just moving the
        chromebook driver into its own directory in order to ease ARM support,
        adding back rfkill support to the one Dell laptop model where it's
        expected to work, updates to the Intel IPC driver for hardware I've
        never actually seen and the usual set of small fixes"
      
      [ This actually came in before the merge window closed, and I had just
        missed it because it didn't match my git pull email pattern.  - Linus ]
      
      * 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86: (24 commits)
        x86, wmi fix modalias_show return values
        ipc: Added support for IPC interrupt mode
        ipc: Handle error conditions in ipc command
        ipc: Enabled ipc support for additional intel platforms
        ipc: Added platform data structure
        thinkpad_acpi: Fix build error when CONFIG_SND_MAX_CARDS > 32
        platform: add chrome platform directory
        hp-wmi: detect "2009 BIOS or later" flag by WMI 0x0d for wireless cmd
        dell-wmi: Add KEY_MICMUTE to bios_to_linux_keycode
        platform:x86: Remove OOM message after input_allocate_device
        sony-laptop: fixe typos in sony_laptop_input_keycode_map
        sony-laptop: warn on multiple KBD backlight handles
        dell-laptop: Only enable rfkill functionality on laptops with a hw killswitch
        dell-laptop: Add a force_rfkill module parameter
        dell-laptop: Wait less long before updating rfkill after an rfkill keypress
        dell-laptop: Do not skip setting blocked bit rfkill_set while hw-blocked
        dell-laptop: Sync current block state to BIOS on hw switch change
        dell-laptop: Allow changing the sw_state while the radio is blocked by hw
        dell-laptop: Don't read-back sw_state on machines with a hardware switch
        dell-laptop: Don't set sw_state from the query callback
        ...
      2e7babfa
  9. 22 Nov, 2013 2 commits