- 12 Mar, 2020 20 commits
-
-
Hadar Gat authored
Changed CC_GENMASK macro so it can be used for all HW registers. Signed-off-by:
Hadar Gat <hadar.gat@arm.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Connor Kuehl authored
Instead of using CAP_SYS_ADMIN which is restricted to the root user, check the file mode for write permissions before executing commands that can affect the platform. This allows for more fine-grained access control to the SEV ioctl interface. This would allow a SEV-only user or group the ability to administer the platform without requiring them to be root or granting them overly powerful permissions. For example: chown root:root /dev/sev chmod 600 /dev/sev setfacl -m g:sev:r /dev/sev setfacl -m g:sev-admin:rw /dev/sev In this instance, members of the "sev-admin" group have the ability to perform all ioctl calls (including the ones that modify platform state). Members of the "sev" group only have access to the ioctls that do not modify the platform state. This also makes opening "/dev/sev" more consistent with how file descriptors are usually handled. By only checking for CAP_SYS_ADMIN, the file descriptor could be opened read-only but could still execute ioctls that modify the platform state. This patch enforces that the file descriptor is opened with write privileges if it is going to be used to modify the platform state. This flexibility is completely opt-in, and if it is not desirable by the administrator then they do not need to give anyone else access to /dev/sev. Signed-off-by:
Connor Kuehl <ckuehl@redhat.com> Reviewed-by:
Brijesh Singh <brijesh.singh@amd.com> Reviewed-by:
Bandan Das <bsd@redhat.com> Acked-by:
David Rientjes <rientjes@google.com> Acked-by:
Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by:
-
Martin Kaiser authored
Use a simpler approach for masking / unmasking the rngc interrupt: The interrupt is unmasked while self-test is running and when the rngc driver is used by the hwrng core. Mask the interrupt again when self test is finished, regardless of self test success or failure. Unmask the interrupt in the init function. Add a cleanup function where the rngc interrupt is masked again. Signed-off-by:
Martin Kaiser <martin@kaiser.cx> Signed-off-by:
-
Martin Kaiser authored
Read the rng type and hardware revision during probe. Fail the probe operation if the type is not one of rngc or rngb. (There's also an rnga type, which needs a different driver.) Display the type and revision in a debug print if probe was successful. Reviewed-by:
PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com> Signed-off-by:
-
Martin Kaiser authored
Remove the device name, it is added by the dev_...() routines. Drop the error code as well. It will be shown by the driver core when the probe operation failed. Reviewed-by:
-
Martin Kaiser authored
The rngc requires a new seed for its prng after generating 2^20 160-bit words of random data. At the moment, we seed the prng only once during initalisation. Set the rngc to auto seed mode so that it kicks off the internal reseeding operation when a new seed is required. Keep the manual calculation of the initial seed when the device is probed and switch to automatic seeding afterwards. Reviewed-by:
-
Martin Kaiser authored
Make sure that the rngc interrupt is masked if the rngc self test fails. Self test failure means that probe fails as well. Interrupts should be masked in this case, regardless of the error. Cc: stable@vger.kernel.org Fixes: 1d544944 ("hwrng: mx-rngc - add a driver for Freescale RNGC") Reviewed-by:
-
Randy Dunlap authored
Move the TI Keystone hardware random number generator into the same menu as all of the other hardware random number generators. This makes the driver config be listed in the correct place in the kconfig tools. Fixes: eb428ee0 ("hwrng: ks-sa - add hw_random driver") Signed-off-by:
Randy Dunlap <rdunlap@infradead.org> Cc: Vitaly Andrianov <vitalya@ti.com> Cc: Tero Kristo <t-kristo@ti.com> Cc: Murali Karicheri <m-karicheri2@ti.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Matt Mackall <mpm@selenic.com> Cc: linux-crypto@vger.kernel.org Signed-off-by:
-
Longfang Liu authored
In the scenario of SMMU translation, the SEC performance of short messages (<512Bytes) cannot meet our expectations. To avoid this, we reserve the plat buffer (PBUF) memory for small packets when creating TFM. Signed-off-by:
Longfang Liu <liulongfang@huawei.com> Signed-off-by:
Zaibo Xu <xuzaibo@huawei.com> Reviewed-by:
Jonathan Cameron <Jonathan.Cameron@huawei.com> Signed-off-by:
-
Longfang Liu authored
We have updated the operation method of IV and MAC address to prepare for pbuf patch and fixed coding style. Signed-off-by:
-
Longfang Liu authored
In order to improve performance of small packets (<512Bytes) in SMMU translation scenario, we need to identify the type of IOMMU in the SEC probe to process small packets by a different method. Signed-off-by:
-
Ye Kai authored
Allocate one workqueue for each QM instead of one for all QMs, we found the throughput of SEC engine can be increased to the hardware limit throughput during testing sec2 performance. so we added this scheme. Signed-off-by:
Ye Kai <yekai13@huawei.com> Signed-off-by:
-
Shukun Tan authored
Since SEC need not so many workqueues as our test, we just use one workqueue created by the device driver of QM if necessary, which will also reduce CPU waste without any throughput decreasing. Signed-off-by:
Shukun Tan <tanshukun1@huawei.com> Signed-off-by:
-
Eric Biggers authored
Properly document the scatterlist layout for AEAD ciphers. Reported-by:
Gilad Ben-Yossef <gilad@benyossef.com> Cc: Stephan Mueller <smueller@chronox.de> Signed-off-by:
Eric Biggers <ebiggers@google.com> Signed-off-by:
-
Eric Biggers authored
Do test_aead_vs_generic_impl() before test_aead_inauthentic_inputs() so that any differences with the generic driver are detected before getting to the inauthentic input tests, which intentionally use only the driver being tested (so that they run even if a generic driver is unavailable). Signed-off-by:
-
Eric Biggers authored
rfc4543 was missing from the list of algorithms that may treat the end of the AAD buffer specially. Also, with rfc4106, rfc4309, rfc4543, and rfc7539esp, the end of the AAD buffer is actually supposed to contain a second copy of the IV, and we've concluded that if the IV copies don't match the behavior is implementation-defined. So, the fuzz tests can't easily test that case. So, make the fuzz tests only use inputs where the two IV copies match. Reported-by:
Geert Uytterhoeven <geert+renesas@glider.be> Fixes: 40153b10 ("crypto: testmgr - fuzz AEADs against their generic implementation") Cc: Stephan Mueller <smueller@chronox.de> Originally-from: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by:
-
Eneas U de Queiroz authored
The CONFIG_CRYPTO_DEV_QCE_SOFT_THRESHOLD symbol was renamed during development, but the stringify reference in the parameter description sneaked by unnoticed. Signed-off-by:
Eneas U de Queiroz <cotequeiroz@gmail.com> Signed-off-by:
-
Tianjia Zhang authored
simplify code to remove unnecessary constant string copies. Signed-off-by:
Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Signed-off-by:
-
John Allen authored
Introduce clear_psp_master_device() to ensure that sp_dev_master gets properly cleared on the release of a psp device. Fixes: 2a6170df ("crypto: ccp: Add Platform Security Processor (PSP) device support") Signed-off-by:
John Allen <john.allen@amd.com> Acked-by:
-
John Allen authored
Explicitly free and clear misc_dev in sev_exit(). Since devm_kzalloc() associates misc_dev with the first device that gets probed, change from devm_kzalloc() to kzalloc() and explicitly free memory in sev_exit() as the first device probed is not guaranteed to be the last device released. To ensure that the variable gets properly set to NULL, remove the local definition of misc_dev. Fixes: 200664d5 ("crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support") Signed-off-by:
-
- 06 Mar, 2020 20 commits
-
-
Stefan Agner authored
Building ARMv7 with Clang's integrated assembler leads to errors such as: arch/arm/crypto/ghash-ce-core.S:34:11: error: register name expected t3l .req d16 ^ Since no FPU has selected yet Clang considers d16 not a valid register. Moving the FPU directive on-top allows Clang to parse the registers and allows to successfully build this file with Clang's integrated assembler. Signed-off-by:Stefan Agner <stefan@agner.ch> Reviewed-by:
Nick Desaulniers <ndesaulniers@google.com> Tested-by:
Ard Biesheuvel <ardb@kernel.org> Signed-off-by:
-
Jason A. Donenfeld authored
This updates to the newer register selection proved by HACL*, which leads to a more compact instruction encoding, and saves around 100 cycles. Signed-off-by:
Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by:
-
Andrei Botila authored
Since in the software implementation of XTS-AES there is no notion of sector every input length is processed the same way. CAAM implementation has the notion of sector which causes different results between the software implementation and the one in CAAM for input lengths bigger than 512 bytes. Increase sector size to maximum value on 16 bits. Fixes: c6415a60 ("crypto: caam - add support for acipher xts(aes)") Cc: <stable@vger.kernel.org> # v4.12+ Signed-off-by:
Andrei Botila <andrei.botila@nxp.com> Reviewed-by:
Horia Geantă <horia.geanta@nxp.com> Signed-off-by:
-
Horia Geantă authored
HW generates a Data Size error for chacha20 requests that are not a multiple of 64B, since algorithm state (AS) does not have the FINAL bit set. Since updating req->iv (for chaining) is not required, modify skcipher descriptors to set the FINAL bit for chacha20. [Note that for skcipher decryption we know that ctx1_iv_off is 0, which allows for an optimization by not checking algorithm type, since append_dec_op1() sets FINAL bit for all algorithms except AES.] Also drop the descriptor operations that save the IV. However, in order to keep code logic simple, things like S/G tables generation etc. are not touched. Cc: <stable@vger.kernel.org> # v5.3+ Fixes: 334d37c9 ("crypto: caam - update IV using HW support") Signed-off-by:
Valentin Ciocoi Radulescu <valentin.ciocoi@nxp.com> Signed-off-by:
-
Vinay Kumar Yadav authored
crypto: chtls - Fixed boolinit.cocci warning Signed-off-by:
Vinay Kumar Yadav <vinay.yadav@chelsio.com> Signed-off-by:
-
Hongbo Yao authored
If UACCE=m and CRYPTO_DEV_HISI_QM=y, the following error is seen while building qm.o: drivers/crypto/hisilicon/qm.o: In function `hisi_qm_init': (.text+0x23c6): undefined reference to `uacce_alloc' (.text+0x2474): undefined reference to `uacce_remove' (.text+0x286b): undefined reference to `uacce_remove' drivers/crypto/hisilicon/qm.o: In function `hisi_qm_uninit': (.text+0x2918): undefined reference to `uacce_remove' make[1]: *** [vmlinux] Error 1 make: *** [autoksyms_recursive] Error 2 This patch fixes the config dependency for QM and ZIP. reported-by:
Hulk Robot <hulkci@huawei.com> Suggested-by:
Hongbo Yao <yaohongbo@huawei.com> Signed-off-by:
Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by:
-
Zhangfei Gao authored
When uacce parent device module is removed, user app may still keep the mmaped area, which can be accessed unsafely. When rmmod, Parent device driver will call uacce_remove, which unmap all remaining mapping from user space for safety. VM_FAULT_SIGBUS is also reported to user space accordingly. Suggested-by:
Dave Jiang <dave.jiang@intel.com> Signed-off-by:
Zhangfei Gao <zhangfei.gao@linaro.org> Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in the XTS template's ->create() function by taking advantage of crypto_drop_skcipher() now accepting (as a no-op) a spawn that hasn't been grabbed yet. Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in pkcs1pad_create() by taking advantage of crypto_grab_akcipher() now handling an ERR_PTR() name and by taking advantage of crypto_drop_akcipher() now accepting (as a no-op) a spawn that hasn't been grabbed yet. While we're at it, also simplify the way the hash_name optional argument is handled. We only need to check whether it's present in one place, and we can just assign directly to ctx->digest_info. Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in pcrypt_create_aead() by taking advantage of crypto_grab_aead() now handling an ERR_PTR() name and by taking advantage of crypto_drop_aead() now accepting (as a no-op) a spawn that hasn't been grabbed yet. This required also making padata_free_shell() accept a NULL argument. Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in the LRW template's ->create() function by taking advantage of crypto_drop_skcipher() now accepting (as a no-op) a spawn that hasn't been grabbed yet. Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in aead_geniv_alloc() by taking advantage of crypto_grab_aead() now handling an ERR_PTR() name and by taking advantage of crypto_drop_aead() now accepting (as a no-op) a spawn that hasn't been grabbed yet. Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in crypto_rfc4543_create() by taking advantage of crypto_grab_aead() now handling an ERR_PTR() name and by taking advantage of crypto_drop_aead() now accepting (as a no-op) a spawn that hasn't been grabbed yet. Conveniently, this eliminates the 'ccm_name' variable which was incorrectly named (it should have been 'gcm_name'). Also fix a weird case where a line was terminated by a comma rather than a semicolon, causing the statement to be continued on the next line. Fortunately the code still behaved as intended, though. Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in crypto_rfc4106_create() by taking advantage of crypto_grab_aead() now handling an ERR_PTR() name and by taking advantage of crypto_drop_aead() now accepting (as a no-op) a spawn that hasn't been grabbed yet. Conveniently, this eliminates the 'ccm_name' variable which was incorrectly named (it should have been 'gcm_name'). Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in crypto_cts_create() by taking advantage of crypto_grab_skcipher() now handling an ERR_PTR() name and by taking advantage of crypto_drop_skcipher() now accepting (as a no-op) a spawn that hasn't been grabbed yet. Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in crypto_rfc3686_create() by taking advantage of crypto_grab_skcipher() now handling an ERR_PTR() name and by taking advantage of crypto_drop_skcipher() now accepting (as a no-op) a spawn that hasn't been grabbed yet. Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in the various cryptd_create_*() functions by taking advantage of crypto_grab_*() now handling an ERR_PTR() name and by taking advantage of crypto_drop_*() now accepting (as a no-op) a spawn that hasn't been grabbed yet. Signed-off-by:
-
Eric Biggers authored
Simplify the error handling in crypto_rfc4309_create() by taking advantage of crypto_grab_aead() now handling an ERR_PTR() name and by taking advantage of crypto_drop_aead() now accepting (as a no-op) a spawn that hasn't been grabbed yet. Signed-off-by:
-
Eric Biggers authored
Fix a weird case where a line was terminated by a comma rather than a semicolon, causing the statement to be continued on the next line. Fortunately the code still behaved as intended, though. Signed-off-by:
-
Zhangfei Gao authored
Add Zhangfei Gao and Zhou Wang as maintainers for uacce Signed-off-by:
-
