- 01 Oct, 2023 3 commits
-
-
Gatien Chevallier authored
Introduce st,stm32mp13-rng compatible and add st,rng-lock-conf. If st,rng-lock-conf is set, the RNG configuration in RNG_CR, RNG_HTCR and RNG_NSCR will be locked. It is supported starting from the RNG version present in the STM32MP13 Signed-off-by:
Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by:
Rob Herring <robh@kernel.org> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Select CRYPTO_AEAD so that crypto_has_aead is available. Fixes: 1383e2ab102c ("ipsec: Stop using crypto_has_alg") Reported-by:kernel test robot <lkp@intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202309202112.33V1Ezb1-lkp@intel.com/Signed-off-by:
-
Bartosz Golaszewski authored
Add the compatible string for QCom ICE on sa8775p SoCs. Signed-off-by:
Bartosz Golaszewski <bartosz.golaszewski@linaro.org> Reviewed-by:
Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Signed-off-by:
-
- 20 Sep, 2023 25 commits
-
-
Roxana Nicolescu authored
x86 optimized crypto modules are built as modules rather than build-in and they are not loaded when the crypto API is initialized, resulting in the generic builtin module (sha1-generic) being used instead. It was discovered when creating a sha1/sha256 checksum of a 2Gb file by using kcapi-tools because it would take significantly longer than creating a sha512 checksum of the same file. trace-cmd showed that for sha1/256 the generic module was used, whereas for sha512 the optimized module was used instead. Add module aliases() for these x86 optimized crypto modules based on CPU feature bits so udev gets a chance to load them later in the boot process. This resulted in ~3x decrease in the real-time execution of kcapi-dsg. Fix is inspired from commit aa031b8f ("crypto: x86/sha512 - load based on CPU features") where a similar fix was done for sha512. Cc: stable@vger.kernel.org # 5.15+ Suggested-by:
Dimitri John Ledkov <dimitri.ledkov@canonical.com> Suggested-by:
Julian Andres Klode <julian.klode@canonical.com> Signed-off-by:
Roxana Nicolescu <roxana.nicolescu@canonical.com> Signed-off-by:
-
Wenkai Lin authored
When sec_aead_mac_init returns an error code, sec_cipher_map will exit abnormally, the hardware sgl should be unmmaped. Signed-off-by:
Wenkai Lin <linwenkai6@hisilicon.com> Signed-off-by:
-
Adam Guerin authored
QAT GEN4 devices support chained compression operations. These allow, with a single request to firmware, to hash then compress data. Extend the configuration to enable such mode. The cfg_services operations in sysfs are extended to allow the string "dcc". When selected, the driver downloads to the device both the symmetric crypto and the compression firmware images and sends an admin message to firmware which enables `chained` operations. In addition, it sets the device's capabilities as the combination of compression and symmetric crypto capabilities, while excluding the ICP_ACCEL_CAPABILITIES_CRYPTO_SYMMETRIC bit to indicate that in this mode, symmetric crypto instances are not supported. When "dcc" is enabled, the device will handle compression requests as if the "dc" configuration is loaded ("dcc" is a variation of "dc") and the driver will register the acomp algorithms. As for the other extended configurations, "dcc" is only available for qat_4xxx devices and the chaining service will be only accessible from user space. Signed-off-by:Adam Guerin <adam.guerin@intel.com> Reviewed-by:
Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by:
-
Giovanni Cabiddu authored
The data structure that associates a service id with its name is replicated across the driver. Remove duplication by moving this data structure to a new include file, adf_cfg_services.h in order to have consistency across the drivers. Note that the data structure is re-instantiated every time the new include is added to a compilation unit. Signed-off-by:
Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by:
-
Giovanni Cabiddu authored
The function adf_dev_init(), through the subsystem qat_compression, populates the list of list of compression instances accel_dev->compression_list. If the list of instances is not empty, the function adf_dev_start() will then call qat_compression_registers() register the compression algorithms into the crypto framework. If any of the functions in adf_dev_start() fail, the caller of such function, in the error path calls adf_dev_down() which in turn call adf_dev_stop() and adf_dev_shutdown(), see for example the function state_store in adf_sriov.c. However, if the registration of compression algorithms is not done, adf_dev_stop() will try to unregister the algorithms regardless. This might cause the counter active_devs in qat_compression.c to get to a negative value. Add a new state, ADF_STATUS_COMPRESSION_ALGS_REGISTERED, which tracks if the compression algorithms are registered into the crypto framework. Then use this to unregister the algorithms if such flag is set. This ensures that the compression algorithms are only unregistered if previously registered. Fixes: 1198ae56 ("crypto: qat - expose deflate through acomp api for QAT GEN2") Signed-off-by:
-
Giovanni Cabiddu authored
The function adf_dev_init(), through the subsystem qat_crypto, populates the list of list of crypto instances accel_dev->crypto_list. If the list of instances is not empty, the function adf_dev_start() will then call qat_algs_registers() and qat_asym_algs_register() to register the crypto algorithms into the crypto framework. If any of the functions in adf_dev_start() fail, the caller of such function, in the error path calls adf_dev_down() which in turn call adf_dev_stop() and adf_dev_shutdown(), see for example the function state_store in adf_sriov.c. However, if the registration of crypto algorithms is not done, adf_dev_stop() will try to unregister the algorithms regardless. This might cause the counter active_devs in qat_algs.c and qat_asym_algs.c to get to a negative value. Add a new state, ADF_STATUS_CRYPTO_ALGS_REGISTERED, which tracks if the crypto algorithms are registered into the crypto framework. Then use this to unregister the algorithms if such flag is set. This ensures that the crypto algorithms are only unregistered if previously registered. Fixes: d8cba25d ("crypto: qat - Intel(R) QAT driver framework") Signed-off-by:
-
Giovanni Cabiddu authored
If the device is already in the up state, a subsequent write of `up` to the sysfs attribute /sys/bus/pci/devices/<BDF>/qat/state brings the device down. Fix this behaviour by ignoring subsequent `up` commands if the device is already in the up state. Fixes: 1bdc8555 ("crypto: qat - fix concurrency issue when device state changes") Signed-off-by:
-
Giovanni Cabiddu authored
Do not shadow the return code from adf_dev_down() in the error path of the DEV_DOWN command. Signed-off-by:
-
Giovanni Cabiddu authored
Commit 1bdc8555 ("crypto: qat - fix concurrency issue when device state changes") introduced the function adf_dev_down() which wraps the functions adf_dev_stop() and adf_dev_shutdown(). In a subsequent change, the sequence adf_dev_stop() followed by adf_dev_shutdown() was then replaced across the driver with just a call to the function adf_dev_down(). The functions adf_dev_stop() and adf_dev_shutdown() are called in error paths to stop the accelerator and free up resources and can be called even if the counterparts adf_dev_init() and adf_dev_start() did not complete successfully. However, the implementation of adf_dev_down() prevents the stop/shutdown sequence if the device is found already down. For example, if adf_dev_init() fails, the device status is not set as started and therefore a call to adf_dev_down() won't be calling adf_dev_shutdown() to undo what adf_dev_init() did. Do not check if a device is started in adf_dev_down() but do the equivalent check in adf_sysfs.c when handling a DEV_DOWN command from the user. Fixes: 2b60f79c ("crypto: qat - replace state machine calls") Signed-off-by:
-
Yang Shen authored
Remove the support of zlib-deflate and gzip. Signed-off-by:
Yang Shen <shenyang39@huawei.com> Reviewed-by:
Longfang Liu <liulongfang@huawei.com> Signed-off-by:
-
Yang Shen authored
Add the deflate algorithm support for hisilicon zip hardware. Signed-off-by:
-
Herbert Xu authored
Replace the existing skcipher CBC template with an lskcipher version. Signed-off-by: -
Herbert Xu authored
This patch adds two different implementations of ECB. First of all an lskcipher wrapper around existing ciphers is introduced as a temporary transition aid. Secondly a permanent lskcipher template is also added. It's simply a wrapper around the underlying lskcipher algorithm. Signed-off-by: -
Herbert Xu authored
Test lskcipher algorithms using the same logic as cipher algorithms. Signed-off-by: -
Herbert Xu authored
As an aid to the transition from cipher algorithm implementations to lskcipher, add a temporary wrapper when creating simple lskcipher templates by using ecb(X) instead of X if an lskcipher implementation of X cannot be found. This can be reverted once all cipher implementations have switched over to lskcipher. Signed-off-by: -
Herbert Xu authored
Add a new API type lskcipher designed for taking straight kernel pointers instead of SG lists. Its relationship to skcipher will be analogous to that between shash and ahash. Signed-off-by: -
Herbert Xu authored
Move the macro CRYPTO_ALG_TYPE_AHASH_MASK out of linux/crypto.h and into crypto/ahash.c so that it's not visible to users of the Crypto API. Also remove the unused CRYPTO_ALG_TYPE_HASH_MASK macro. Signed-off-by: -
Herbert Xu authored
Stop using the obsolete crypto_has_alg helper that is type-agnostic. Instead use the type-specific helpers such as the newly added crypto_has_aead. This means that changes in the underlying type/mask values won't affect IPsec. Signed-off-by: -
Herbert Xu authored
Add the helper crypto_has_aead. This is meant to replace the existing use of crypto_has_alg to locate AEAD algorithms. Signed-off-by: -
Bo Liu authored
Remove the repeated word "if" in comments. Signed-off-by:
Bo Liu <liubo03@inspur.com> Signed-off-by:
-
Li zeming authored
tfm is assigned first, so it does not need to initialize the assignment. Signed-off-by:
Li zeming <zeming@nfschina.com> Signed-off-by:
-
Justin Stitt authored
`strncpy` is deprecated for use on NUL-terminated destination strings [1]. We should prefer more robust and less ambiguous string interfaces. `buf` is expected to be NUL-terminated for its eventual use in `kstrtoul()` and NUL-padding is not required. Due to the above, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by:
Justin Stitt <justinstitt@google.com> Acked-by:
Kees Cook <keescook@chromium.org> Signed-off-by:
-
Justin Stitt authored
`strncpy` is deprecated for use on NUL-terminated destination strings [1]. We know `hw.partname` is supposed to be NUL-terminated by its later use with seq_printf: | nitrox_debugfs.c +25 | seq_printf(s, " Part Name: %s\n", ndev->hw.partname); Let's prefer a more robust and less ambiguous string interface. A suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by:
-
Martin Kaiser authored
Set a more reasonable timeout for calculating the initial seed. The reference manuals says that "The initial seed takes approximately 2,000,000 clock cycles." The rngc peripheral clock runs at >= 33.25MHz, so seeding takes at most 60ms. A timeout of 200ms is more appropriate than the current value of 3 seconds. Signed-off-by:
Martin Kaiser <martin@kaiser.cx> Signed-off-by:
-
Martin Kaiser authored
Set a more reasonable timeout for the rngc selftest. According to the reference manual, "The self test takes approximately 29,000 cycles to complete." The lowest possible frequency of the rngc peripheral clock is 33.25MHz, the selftest would then take about 872us. 2.5ms should be enough for the selftest timeout. Signed-off-by:
-
- 15 Sep, 2023 12 commits
-
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Signed-off-by: -
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
Mimi Zohar <zohar@linux.ibm.com> Signed-off-by:
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
Chuck Lever <chuck.lever@oracle.com> Signed-off-by:
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
Matthieu Baerts <matthieu.baerts@tessares.net> Signed-off-by:
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Signed-off-by: -
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Signed-off-by:
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Signed-off-by: -
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
Eric Biggers <ebiggers@google.com> Signed-off-by:
-
Jonas Gorski authored
When the membase and pci_dev pointer were moved to a new struct in priv, the actual membase users were left untouched, and they started reading out arbitrary memory behind the struct instead of registers. This unfortunately turned the RNG into a constant number generator, depending on the content of what was at that offset. To fix this, update geode_rng_data_{read,present}() to also get the membase via amd_geode_priv, and properly read from the right addresses again. Fixes: 9f6ec8dc ("hwrng: geode - Fix PCI device refcount leak") Reported-by:Timur I. Davletshin <timur.davletshin@gmail.com> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=217882Tested-by:
Jo-Philipp Wich <jo@mein.io> Signed-off-by:
Jonas Gorski <jonas.gorski@gmail.com> Signed-off-by:
-
Herbert Xu authored
Use unsigned long instead of u64 to silence compile warnings on 32-bit platforms. Also remove the __force bit which seems no longer needed with a current sparse. Signed-off-by: -
Mario Limonciello authored
On some SOCs DBC is supported through the PSP mailbox instead of the platform mailbox. This capability is advertised in the PSP capabilities register. Allow using this communication path if supported. Signed-off-by:
Mario Limonciello <mario.limonciello@amd.com> Signed-off-by:
-
