- 12 Mar, 2021 17 commits
-
-
Álvaro Fernández Rojas authored
brcm,bcm6368-rng controllers require enabling the IPSEC clock in order to get a functional RNG. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com> Reviewed-by: Rob Herring <robh@kernel.org> Acked-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Hui Tang authored
DMA_TO_DEVICE synchronisation must be done after the last modification of the memory region by the software and before it is handed off to the device. Signed-off-by: Hui Tang <tanghui20@huawei.com> Reported-by: kernel test robot <lkp@intel.com> Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Hui Tang authored
'dma_mapping_error' return a negative value if 'dma_addr' is equal to 'DMA_MAPPING_ERROR' not zero, so fix initialization of 'dma_addr'. Signed-off-by: Hui Tang <tanghui20@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Jia-Ju Bai authored
When dma_mapping_error() returns an error, no error return code of sun8i_ce_prng_generate() is assigned. To fix this bug, err is assigned with -EFAULT as error return code. Reported-by: TOTE Robot <oslab@tsinghua.edu.cn> Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com> Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com> Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Meng Yu authored
Enable 'CURVE25519' algorithm in Kunpeng 930. Signed-off-by: Meng Yu <yumeng18@huawei.com> Reviewed-by: Zaibo Xu <xuzaibo@huawei.com> Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Meng Yu authored
1. Add curve 25519 parameters in 'crypto/ecc_curve_defs.h'; 2. Add curve25519 interface 'ecc_get_curve25519_param' in 'include/crypto/ecc_curve.h', to make its parameters be exposed to everyone in kernel tree. Signed-off-by: Meng Yu <yumeng18@huawei.com> Reviewed-by: Zaibo Xu <xuzaibo@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Meng Yu authored
1. Enable 'ECDH' algorithm in Kunpeng 930; 2. HPRE ECDH Support: ecdh-nist-p192, ecdh-nist-p256. Signed-off-by: Meng Yu <yumeng18@huawei.com> Reviewed-by: Zaibo Xu <xuzaibo@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Meng Yu authored
Move 'ecc_get_curve' to 'include/crypto/ecc_curve.h', so everyone in kernel tree can easily get ecc curve params; Signed-off-by: Meng Yu <yumeng18@huawei.com> Reviewed-by: Zaibo Xu <xuzaibo@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Meng Yu authored
1. crypto and crypto/atmel-ecc: Move curve id of ECDH from the key into the algorithm name instead in crypto and atmel-ecc, so ECDH algorithm name change form 'ecdh' to 'ecdh-nist-pxxx', and we cannot use 'curve_id' in 'struct ecdh'; 2. crypto/testmgr and net/bluetooth: Modify 'testmgr.c', 'testmgr.h' and 'net/bluetooth' to adapt the modification. Signed-off-by: Meng Yu <yumeng18@huawei.com> Reviewed-by: Zaibo Xu <xuzaibo@huawei.com> Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Meng Yu authored
Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu <yumeng18@huawei.com> Reviewed-by: Zaibo Xu <xuzaibo@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Meng Yu authored
A new generation of accelerator Kunpeng930 has appeared, and the corresponding driver needs to be updated to support some new algorithms of Kunpeng930. To be compatible with Kunpeng920, we add parameter 'struct hisi_qm *qm' to sec_algs_(un)register to identify the chip's version. Signed-off-by: Meng Yu <yumeng18@huawei.com> Reviewed-by: Zaibo Xu <xuzaibo@huawei.com> Reviewed-by: Longfang Liu <liulongfang@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tom Lendacky authored
If SEV has been disabled (e.g. through BIOS), the driver probe will still issue SEV firmware commands. The SEV INIT firmware command will return an error in this situation, but the error code is a general error code that doesn't highlight the exact reason. Add a check for X86_FEATURE_SEV in sev_dev_init() and emit a meaningful message and skip attempting to initialize the SEV firmware if the feature is not enabled. Since building the SEV code is dependent on X86_64, adding the check won't cause any build problems. Cc: John Allen <john.allen@amd.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Reviewed-By: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Ard Biesheuvel authored
Given that crypto_alloc_tfm() may return ERR pointers, and to avoid crashes on obscure error paths where such pointers are presented to crypto_destroy_tfm() (such as [0]), add an ERR_PTR check there before dereferencing the second argument as a struct crypto_tfm pointer. [0] https://lore.kernel.org/linux-crypto/000000000000de949705bc59e0f6@google.com/ Reported-by: syzbot+12cf5fbfdeba210a89dd@syzkaller.appspotmail.com Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Colin Ian King authored
In the case where the dma_iv mapping fails, the return error path leaks the memory allocated to object d. Fix this by adding a new error return label and jumping to this to ensure d is free'd before the return. Addresses-Coverity: ("Resource leak") Fixes: ac2614d7 ("crypto: sun8i-ss - Add support for the PRNG") Signed-off-by: Colin Ian King <colin.king@canonical.com> Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com> Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com> Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tian Tao authored
Remove including <linux/version.h> that don't need it. Signed-off-by: Tian Tao <tiantao6@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tian Tao authored
Use devm_hwrng_register to get rid of manual unregistration. Signed-off-by: Tian Tao <tiantao6@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tian Tao authored
Use devm_hwrng_register to get rid of manual unregistration. Signed-off-by: Tian Tao <tiantao6@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 07 Mar, 2021 23 commits
-
-
Yang Li authored
In one of the error paths of the for_each_child_of_node() loop, add missing call to of_node_put(). Fix the following coccicheck warning: ./drivers/crypto/nx/nx-common-powernv.c:927:1-23: WARNING: Function "for_each_child_of_node" should have of_node_put() before return around line 936. Reported-by: Abaci Robot <abaci@linux.alibaba.com> Signed-off-by: Yang Li <yang.lee@linux.alibaba.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Kai Ye authored
Delete sg_data function, because sg_data function definition same as sg_virt(), so need to delete it and use sg_virt() replace to sg_data(). Signed-off-by: Kai Ye <yekai13@huawei.com> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tian Tao authored
This commit fixes the checkpatch warning: WARNING: Use #include <linux/io.h> instead of <asm/io.h> drivers/char/hw_random/omap-rng.c:34 Signed-off-by: Tian Tao <tiantao6@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Krzysztof Kozlowski authored
The driver for Slim Security Subsystem (SlimSSS) on Exynos5433 takes two clocks - aclk (AXI/AHB clock) and pclk (APB/Advanced Peripheral Bus clock). The "aclk", as main high speed bus clock, is enabled first. Then the "pclk" is enabled. However the driver assigned reversed names for lookup of these clocks from devicetree, so effectively the "pclk" was enabled first. Although it might not matter in reality, the correct order is to enable first main/high speed bus clock - "aclk". Also this was the intention of the actual code. Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Corentin Labbe authored
This patch fixes a memory leak on an error path. Fixes: d9b45418 ("crypto: sun8i-ss - support hash algorithms") Reported-by: kernel test robot <lkp@intel.com> Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
totallen is used to get the size of the data to be transformed. This is also available via nbytes or cryptlen in the qce_sha_reqctx and qce_cipher_ctx. Similarly offset convey nothing for the supported encryption and authentication transformations and is always 0. Remove these two redundant parameters in qce_start. Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
src_table is unused and hence remove it from struct qce_cipher_reqctx Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
Set the register REG_ENCR_XTS_DU_SIZE to cryptlen for AES XTS transformation. Anything else causes the engine to return back wrong results. Acked-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
The following are the conditions for requesting AES fallback cipher. - AES-192 - AES-XTS request with len <= 512 byte (Allow messages of length less than 512 bytes for all other AES encryption algorithms other than AES XTS) - AES-XTS request with len > QCE_SECTOR_SIZE and is not a multiple of it Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
ECB transformations do not have an IV and hence set the ivsize to 0 for ecb(aes). Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
ECB/CBC encryption/decryption requires the data to be blocksize aligned. Crypto engine hangs on non-block sized operations for these algorithms. Return invalid data if data size is not blocksize aligned for these algorithms. Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
Crypto engine BAM dma does not support 0 length data. Return unsupported if zero length messages are passed for transformation. Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
Return unsupported if any three keys are same for DES3 algorithms since CE does not support this and the operation causes the engine to hang. Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
Crypto engine does not support key1 = key2 for AES XTS algorithm; the operation hangs the engines. Return -EINVAL in case key1 and key2 are the same. Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
If the available data to transfer is exactly a multiple of block size, save the last block to be transferred in qce_ahash_final (with the last block bit set) if this is indeed the end of data stream. If not this saved block will be transferred as part of next update. If this block is not held back and if this is indeed the end of data stream, the digest obtained will be wrong since qce_ahash_final will see that rctx->buflen is 0 and return doing nothing which in turn means that a digest will not be copied to the destination result buffer. qce_ahash_final cannot be made to alter this behavior and allowed to proceed if rctx->buflen is 0 because the crypto engine BAM does not allow for zero length transfers. Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thara Gopinath authored
Export and import interfaces save and restore partial transformation states. The partial states were being stored and restored in struct sha1_state for sha1/hmac(sha1) transformations and sha256_state for sha256/hmac(sha256) transformations.This led to a bunch of corner cases where improper state was being stored and restored. A few of the corner cases that turned up during testing are: - wrong byte_count restored if export/import is called twice without h/w transaction in between - wrong buflen restored back if the pending buffer length is exactly the block size. - wrong state restored if buffer length is 0. To fix these issues, save and restore the partial transformation state using the newly introduced qce_sha_saved_state struct. This ensures that all the pieces required to properly restart the transformation is captured and restored back Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Wei Yongjun authored
Fix to return negative error code -ENOMEM from the error handling case instead of 0, as done elsewhere in this function. Fixes: 88574332 ("crypto: keembay - Add support for Keem Bay OCS AES/SM4") Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com> Reviewed-by: Daniele Alessandrelli <daniele.alessandrelli@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Wei Yongjun authored
Fix to return negative error code -ENOMEM from the error handling case instead of 0, as done elsewhere in this function. Fixes: 472b0444 ("crypto: keembay - Add Keem Bay OCS HCU driver") Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com> Reviewed-by: Daniele Alessandrelli <daniele.alessandrelli@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
This patch fixes the byte order markings in serpent. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Tested-by: Ard Biesheuvel <ardb@kernel.org> # arm64 big-endian Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tang Bin authored
The function meson_crypto_probe() is only called with an openfirmware platform device. Therefore there is no need to check that the passed in device is NULL. Signed-off-by: Tang Bin <tangbin@cmss.chinamobile.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tian Tao authored
clk_prepare_enable() and clk_disable_unprepare() will check NULL clock parameter, so It is not necessary to add additional checks. Signed-off-by: Tian Tao <tiantao6@hisilicon.com> Acked-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Bhaskar Chowdhury authored
Trivial fix to spelling mistake in adf_pf2vf_msg.c and adf_vf2pf_msg.c. s/messge/message/ Signed-off-by: Bhaskar Chowdhury <unixbhaskar@gmail.com> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tian Tao authored
Use devm_platform_ioremap_resource() to simplify the code. Signed-off-by: Tian Tao <tiantao6@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-