- 10 Oct, 2024 2 commits
-
-
Herbert Xu authored
The previous patch removed the ENOENT warning at the point of allocation, but the overall self-test warning is still there. Fix all of them by returning zero as the test result. This is safe because if the algorithm has gone away, then it cannot be marked as tested. Fixes: 4eded6d1 ("crypto: testmgr - Hide ENOENT errors") Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
As algorithm testing is carried out without holding the main crypto lock, it is always possible for the algorithm to go away during the test. So before crypto_alg_tested updates the status of the tested alg, it checks whether it's still on the list of all algorithms. This is inaccurate because it may be off the main list but still on the list of algorithms to be removed. Updating the algorithm status is safe per se as the larval still holds a reference to it. However, killing spawns of other algorithms that are of lower priority is clearly a deficiency as it adds unnecessary churn. Fix the test by checking whether the algorithm is dead. Signed-off-by:
-
- 21 Sep, 2024 3 commits
-
-
Danny Tsen authored
Data mismatch found when testing ipsec tunnel with AES/GCM crypto. Disabling CRYPTO_AES_GCM_P10 in Kconfig for this feature. Fixes: fd0e9b3e ("crypto: p10-aes-gcm - An accelerated AES/GCM stitched implementation") Fixes: cdcecfd9 ("crypto: p10-aes-gcm - Glue code for AES/GCM stitched implementation") Fixes: 45a4672b ("crypto: p10-aes-gcm - Update Kconfig and Makefile") Signed-off-by:
Danny Tsen <dtsen@linux.ibm.com> Signed-off-by:
-
Herbert Xu authored
The paes_s390 module didn't declare the correct aliases for the algorithms that it registered. Instead it declared an alias for the non-existent paes algorithm. The Crypto API will eventually try to load the paes algorithm, to construct the cbc(paes) instance. But because the module does not actually contain a "paes" algorithm, this will fail. Previously this failure was hidden and the the cbc(paes) lookup will be retried. This was fixed recently, thus exposing the buggy alias in paes_s390. Replace the bogus paes alias with aliases for the actual algorithms. Reported-by:
Ingo Franzki <ifranzki@linux.ibm.com> Fixes: e7a4142b ("crypto: api - Fix generic algorithm self-test races") Signed-off-by:
-
Herbert Xu authored
Because hardware will read in multiples of 4 SG entries, ensure the allocated length is always padded. This was already done by some callers of ahash_edesc_alloc, but ahash_digest was conspicuously missing. In any case, doing it in the allocation function ensures that the memory is always there. Reported-by:
Guangwu Zhang <guazhang@redhat.com> Fixes: a5e5c133 ("crypto: caam - fix S/G table passing page boundary") Signed-off-by:
-
- 13 Sep, 2024 7 commits
-
-
Herbert Xu authored
Return EINVAL if the snprintf check fails when constructing the algorithm names. Fixes: 8c20982c ("crypto: n2 - Silence gcc format-truncation false positive warnings") Reported-by:
kernel test robot <lkp@intel.com> Reported-by:
Dan Carpenter <dan.carpenter@linaro.org> Closes: https://lore.kernel.org/r/202409090726.TP0WfY7p-lkp@intel.com/Signed-off-by:
-
Chen Yufan authored
Instead of directly casting and returning (void *) pointer, use ERR_CAST to explicitly return an error-valued pointer. This makes the error handling more explicit and improves code clarity. Signed-off-by:
Chen Yufan <chenyufan@vivo.com> Signed-off-by:
-
WangYuli authored
When entering the "len & sizeof(u32)" branch, len must be less than 8. So after one operation, len must be less than 4. At this time, "len -= sizeof(u32)" is not necessary for 64-bit CPUs. After that, replace `while' loops with equivalent `for' to make the code structure a little bit better by the way. Suggested-by:
Maciej W. Rozycki <macro@orcam.me.uk> Link: https://lore.kernel.org/all/alpine.DEB.2.21.2406281713040.43454@angie.orcam.me.uk/Suggested-by:
Guan Wentao <guanwentao@uniontech.com> Signed-off-by:
WangYuli <wangyuli@uniontech.com> Signed-off-by:
-
Brian Masney authored
The qcom-rng driver supports both ACPI and device tree based systems. Let's rename all instances of *of_data to *match_data so that it's not implied that this driver only supports device tree-based systems. Signed-off-by:
Brian Masney <bmasney@redhat.com> Reviewed-by:
Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by:
-
Brian Masney authored
The qcom-rng driver supports both ACPI and device tree-based systems. ACPI support was broken when the hw_random interface support was added. Let's go ahead and fix this by adding the appropriate driver data to the ACPI match table, and change the of_device_get_match_data() call to device_get_match_data() so that it will also work on ACPI-based systems. This fix was boot tested on a Qualcomm Amberwing server (ACPI based) and on a Qualcomm SA8775p Automotive Development Board (DT based). I also verified that qcom-rng shows up in /proc/crypto on both systems. Fixes: f29cd5bb ("crypto: qcom-rng - Add hw_random interface support") Reported-by:
Ernesto A. Fernández <ernesto.mnd.fernandez@gmail.com> Closes: https://lore.kernel.org/linux-arm-msm/20240828184019.GA21181@eaf/ Cc: stable@vger.kernel.org Signed-off-by:
-
Nikunj Kela authored
Document SA8255p compatible for the True Random Number Generator. Reviewed-by:
Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Signed-off-by:
Nikunj Kela <quic_nkela@quicinc.com> Signed-off-by:
-
Riyan Dhiman authored
The code in crypto_aegis128_process_crypt() had an indentation issue where spaces were used instead of tabs. This commit corrects the indentation to use tabs, adhering to the Linux kernel coding style guidelines. Issue reported by checkpatch: - ERROR: code indent should use tabs where possible No functional changes are intended. Signed-off-by:
Riyan Dhiman <riyandhiman14@gmail.com> Signed-off-by:
-
- 06 Sep, 2024 15 commits
-
-
Herbert Xu authored
Select CRYPTO_AUTHENC as the function crypto_authenec_extractkeys may not be available without it. Fixes: 311eea7e ("crypto: octeontx - Fix authenc setkey") Fixes: 7ccb750d ("crypto: octeontx2 - Fix authenc setkey") Reported-by:
-
Herbert Xu authored
When a crypto algorithm with a higher priority is registered, it kills the spawns of all lower-priority algorithms. Thus it is to be expected for an algorithm to go away at any time, even during a self-test. This is now much more common with asynchronous testing. Remove the printk when an ENOENT is encountered during a self-test. This is not really an error since the algorithm being tested is no longer there (i.e., it didn't fail the test which is what we care about). Signed-off-by: -
Colin Ian King authored
There is a extraneous space after a newline in a pr_err message. Remove it. Signed-off-by:
Colin Ian King <colin.i.king@gmail.com> Signed-off-by:
-
Colin Ian King authored
There is a extraneous space after a newline in a dev_err message. Remove it. Signed-off-by:
-
Herbert Xu authored
Pass any errors we get during instance creation up through the larval. Signed-off-by: -
Herbert Xu authored
On Fri, Aug 30, 2024 at 10:51:54AM -0700, Eric Biggers wrote: > > Given below in defconfig form, use 'make olddefconfig' to apply. The failures > are nondeterministic and sometimes there are different ones, for example: > > [ 0.358017] alg: skcipher: failed to allocate transform for cbc(twofish-generic): -2 > [ 0.358365] alg: self-tests for cbc(twofish) using cbc(twofish-generic) failed (rc=-2) > [ 0.358535] alg: skcipher: failed to allocate transform for cbc(camellia-generic): -2 > [ 0.358918] alg: self-tests for cbc(camellia) using cbc(camellia-generic) failed (rc=-2) > [ 0.371533] alg: skcipher: failed to allocate transform for xts(ecb(aes-generic)): -2 > [ 0.371922] alg: self-tests for xts(aes) using xts(ecb(aes-generic)) failed (rc=-2) > > Modules are not enabled, maybe that matters (I haven't checked yet). Yes I think that was the key. This triggers a massive self-test run which executes in parallel and reveals a few race conditions in the system. I think it boils down to the following scenario: Base algorithm X-generic, X-optimised Template Y Optimised algorithm Y-X-optimised Everything gets registered, and then the self-tests are started. When Y-X-optimised gets tested, it requests the creation of the generic Y(X-generic). Which then itself undergoes testing. The race is that after Y(X-generic) gets registered, but just before it gets tested, X-optimised finally finishes self-testing which then causes all spawns of X-generic to be destroyed. So by the time the self-test for Y(X-generic) comes along, it can no longer find the algorithm. This error then bubbles up all the way up to the self-test of Y-X-optimised which then fails. Note that there is some complexity that I've omitted here because when the generic self-test fails to find Y(X-generic) it actually triggers the construction of it again which then fails for various other reasons (these are not important because the construction should *not* be triggered at this point). So in a way the error is expected, and we should probably remove the pr_err for the case where ENOENT is returned for the algorithm that we're currently testing. The solution is two-fold. First when an algorithm undergoes self-testing it should not trigger its construction. Secondly if an instance larval fails to materialise due to it being destroyed by a more optimised algorithm coming along, it should obviously retry the construction. Remove the check in __crypto_alg_lookup that stops a larval from matching new requests based on differences in the mask. It is better to block new requests even if it is wrong and then simply retry the lookup. If this ends up being the wrong larval it will sort iself out during the retry. Reduce the CRYPTO_ALG_TYPE_MASK bits in type during larval creation as otherwise LSKCIPHER algorithms may not match SKCIPHER larvals. Also block the instance creation during self-testing in the function crypto_larval_lookup by checking for CRYPTO_ALG_TESTED in the mask field. Finally change the return value when crypto_alg_lookup fails in crypto_larval_wait to EAGAIN to redo the lookup. Fixes: 37da5d0f ("crypto: api - Do not wait for tests during registration") Reported-by:
Eric Biggers <ebiggers@kernel.org> Signed-off-by:
-
Weili Qian authored
The master ooo cannot be completely closed when the accelerator core reports memory error. Therefore, the driver needs to inject the qm error to close the master ooo. Currently, the qm error is injected after stopping queue, memory may be released immediately after stopping queue, causing the device to access the released memory. Therefore, error is injected to close master ooo before stopping queue to ensure that the device does not access the released memory. Fixes: 6c6dd580 ("crypto: hisilicon/qm - add controller reset interface") Signed-off-by:
Weili Qian <qianweili@huawei.com> Signed-off-by:
-
Weili Qian authored
The timeout threshold of the hpre cluster is 16ms. When the CPU and device share virtual address, page fault processing time may exceed the threshold. In the current test, there is a high probability that the cluster times out. However, the cluster is waiting for the completion of memory access, which is not an error, the device does not need to be reset. If an error occurs in the cluster, qm also reports the error. Therefore, the cluster timeout error of hpre can be masked. Fixes: d90fab0d ("crypto: hisilicon/qm - get error type from hardware registers") Signed-off-by:
-
Weili Qian authored
Before the device is enabled again, the device may still store the previously processed data. If an error occurs in the previous task, the device may fail to be enabled again. Therefore, before enabling device, reset the device to restore the initial state. Signed-off-by:
-
Chenghai Huang authored
Header files is included Order-ref: standard library headers, OS library headers, and project-specific headers. This patch modifies the order of header files according to suggestions. In addition, use %u to print unsigned int variables to prevent overflow. Signed-off-by:
Chenghai Huang <huangchenghai2@huawei.com> Signed-off-by:
-
Chenghai Huang authored
Apply for a lock before the qp send operation to ensure no resource race in multi-concurrency situations. This modification has almost no impact on performance. Signed-off-by:
-
Yang Shen authored
If an error occurs in the process after the SGL is mapped successfully, it need to unmap the SGL. Otherwise, memory problems may occur. Signed-off-by:
Yang Shen <shenyang39@huawei.com> Signed-off-by:
-
Amit Shah authored
While sending a command to the PSP, we always requested an interrupt from the PSP after command completion. This worked for most cases. For the special case of irqs being disabled -- e.g. when running within crashdump or kexec contexts, we should not set the SEV_CMDRESP_IOC flag, so the PSP knows to not attempt interrupt delivery. Fixes: 8ef97958 ("crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump") Based-on-patch-by:
Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by:
Amit Shah <amit.shah@amd.com> Signed-off-by:
-
Eric Biggers authored
Update the kconfig help and module description to reflect that VAES instructions are now used in some cases. Also fix XTR => XCTR. Signed-off-by:
Eric Biggers <ebiggers@google.com> Signed-off-by:
-
Guoqing Jiang authored
Replace pm_runtime_enable with the devres-enabled version which can trigger pm_runtime_disable. Otherwise, the below appears during reload driver. mtk_rng 1020f000.rng: Unbalanced pm_runtime_enable! Fixes: 81d2b345 ("hwrng: mtk - add runtime PM support") Cc: <stable@vger.kernel.org> Suggested-by:
Chen-Yu Tsai <wenst@chromium.org> Signed-off-by:
Guoqing Jiang <guoqing.jiang@canonical.com> Signed-off-by:
-
- 03 Sep, 2024 1 commit
-
-
Herbert Xu authored
This reverts the following commits: 87a3fcf5 58bf9910 3b1c9df6 8bc1bfa0 c32f08d0 f036dd56 c76c9ec3 5d22d37a b63483b3 2d6213bd fc61c658 cb67c924 06af76b4 9f1a7ab4 8ebb14de c8981d92 They were submitted with no device tree bindings. Reported-by:
Rob Herring <robh@kernel.org> Signed-off-by:
-
- 30 Aug, 2024 12 commits
-
-
Kuan-Wei Chiu authored
The req_lock is currently implemented as a rw_lock, but there are no instances where read_lock() is called. This means that the lock is effectively only used by writers, making it functionally equivalent to a simple spinlock. As stated in Documentation/locking/spinlocks.rst: "Reader-writer locks require more atomic memory operations than simple spinlocks. Unless the reader critical section is long, you are better off just using spinlocks." Since the rw_lock in this case incurs additional atomic memory operations without any benefit from reader-writer locking, it is more efficient to replace it with a spinlock. This patch implements that replacement to optimize the driver's performance. Signed-off-by:
Kuan-Wei Chiu <visitorckw@gmail.com> Signed-off-by:
-
Chunhai Guo authored
Simplify the code by replacing devm_clk_get() and clk_prepare_enable() with devm_clk_get_enabled(), which also avoids the call to clk_disable_unprepare(). Signed-off-by:
Chunhai Guo <guochunhai@vivo.com> Signed-off-by:
-
Chunhai Guo authored
Simplify the code by replacing devm_clk_get() and clk_prepare() with devm_clk_get_prepared(), which also avoids the call to clk_unprepare(). Signed-off-by:
-
Kamlesh Gurudasani authored
In the case where we are forcing the ps.chunk_size to be at least 1, we are ignoring the caller's alignment. Move the forcing of ps.chunk_size to be at least 1 before rounding it up to caller's alignment, so that caller's alignment is honored. While at it, use max() to force the ps.chunk_size to be at least 1 to improve readability. Fixes: 6d45e1c9 ("padata: Fix possible divide-by-0 panic in padata_mt_helper()") Signed-off-by:
Kamlesh Gurudasani <kamlesh@ti.com> Acked-by:
Waiman Long <longman@redhat.com> Acked-by:
Daniel Jordan <daniel.m.jordan@oracle.com> Signed-off-by:
-
Frank Li authored
Add two description for register space of rtic. There are two register space, one is for control and status, the other optional space is recoverable error indication register space. Fix below CHECK_DTBS error: arch/arm64/boot/dts/freescale/fsl-ls1012a-frdm.dtb: crypto@1700000: rtic@60000:reg: [[393216, 256], [396800, 24]] is too long from schema $id: http://devicetree.org/schemas/crypto/fsl,sec-v4.0.yaml#Signed-off-by:Frank Li <Frank.Li@nxp.com> Acked-by:
Conor Dooley <conor.dooley@microchip.com> Signed-off-by:
-
Martin Kaiser authored
It's unlikely that devm_pm_runtime_enable ever fails. Still, it makes sense to read the return value and handle errors. Signed-off-by:
Martin Kaiser <martin@kaiser.cx> Signed-off-by:
-
Martin Kaiser authored
The driver uses the rst variable only for an initial reset when the chip is probed. There's no need to store rst in the driver's private data, we can make it a local variable in the probe function. Signed-off-by:
-
Huan Yang authored
The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). Signed-off-by:Huan Yang <link@vivo.com> Reviewed-by:
-
Yue Haibing authored
This function is never implemented and used since introduction in commit 049359d6 ("crypto: amcc - Add crypt4xx driver"). Signed-off-by:
Yue Haibing <yuehaibing@huawei.com> Signed-off-by:
-
Yue Haibing authored
This function is never implemented and used since introduction in commit 48fe583f ("crypto: amlogic - Add crypto accelerator for amlogic GXL"). Signed-off-by:
-
Yue Haibing authored
This function is never implemented and used since introduction in commit 720419f0 ("crypto: ccp - Introduce the AMD Secure Processor device"). Signed-off-by:
-
Yue Haibing authored
This function is never implemented and used since introduction in commit 10b4f094 ("crypto: marvell - add the Virtual Function driver for CPT") Signed-off-by:
-
