- 27 Aug, 2021 7 commits
-
-
Lukas Bulwahn authored
The function sha512_transform() assigns all local variables to 0 before returning to its caller with the intent to erase sensitive data. However, make clang-analyzer warns that all these assignments are dead stores, and as commit 7a4295f6 ("crypto: lib/sha256 - Don't clear temporary variables") already points out for sha256_transform(): The assignments to clear a through h and t1/t2 are optimized out by the compiler because they are unused after the assignments. Clearing individual scalar variables is unlikely to be useful, as they may have been assigned to registers, and even if stack spilling was required, there may be compiler-generated temporaries that are impossible to clear in any case. This applies here again as well. Drop meaningless clearing of local variables and avoid this way that the code suggests that data is erased, which simply does not happen. Signed-off-by:
Lukas Bulwahn <lukas.bulwahn@gmail.com> Reviewed-by:
Nick Desaulniers <ndesaulniers@google.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Shreyansh Chouhan authored
xts_crypt() code doesn't call kernel_fpu_end() after calling kernel_fpu_begin() if walk.nbytes is 0. The correct behavior should be not calling kernel_fpu_begin() if walk.nbytes is 0. Reported-by: syzbot+20191dc583eff8602d2d@syzkaller.appspotmail.com Signed-off-by:
Shreyansh Chouhan <chouhan.shreyansh630@gmail.com> Signed-off-by:
-
Cai Huoqing authored
remove it because SPDX-License-Identifier is already used Signed-off-by:
Cai Huoqing <caihuoqing@baidu.com> Acked-by:
Daniel Jordan <daniel.m.jordan@oracle.com> Signed-off-by:
-
John Allen authored
Add a new CCP/PSP PCI device ID and corresponding entry in the dev_vdata struct. Signed-off-by:
John Allen <john.allen@amd.com> Signed-off-by:
-
Tianjia Zhang authored
Like the implementation of AESNI/AVX, this patch adds an accelerated implementation of AESNI/AVX2. In terms of code implementation, by reusing AESNI/AVX mode-related codes, the amount of code is greatly reduced. From the benchmark data, it can be seen that when the block size is 1024, compared to AVX acceleration, the performance achieved by AVX2 has increased by about 70%, it is also 7.7 times of the pure software implementation of sm4-generic. The main algorithm implementation comes from SM4 AES-NI work by libgcrypt and Markku-Juhani O. Saarinen at: https://github.com/mjosaarinen/sm4ni This optimization supports the four modes of SM4, ECB, CBC, CFB, and CTR. Since CBC and CFB do not support multiple block parallel encryption, the optimization effect is not obvious. Benchmark on Intel i5-6200U 2.30GHz, performance data of three implementation methods, pure software sm4-generic, aesni/avx acceleration, and aesni/avx2 acceleration, the data comes from the 218 mode and 518 mode of tcrypt. The abscissas are blocks of different lengths. The data is tabulated and the unit is Mb/s: block-size | 16 64 128 256 1024 1420 4096 sm4-generic ECB enc | 60.94 70.41 72.27 73.02 73.87 73.58 73.59 ECB dec | 61.87 70.53 72.15 73.09 73.89 73.92 73.86 CBC enc | 56.71 66.31 68.05 69.84 70.02 70.12 70.24 CBC dec | 54.54 65.91 68.22 69.51 70.63 70.79 70.82 CFB enc | 57.21 67.24 69.10 70.25 70.73 70.52 71.42 CFB dec | 57.22 64.74 66.31 67.24 67.40 67.64 67.58 CTR enc | 59.47 68.64 69.91 71.02 71.86 71.61 71.95 CTR dec | 59.94 68.77 69.95 71.00 71.84 71.55 71.95 sm4-aesni-avx ECB enc | 44.95 177.35 292.06 316.98 339.48 322.27 330.59 ECB dec | 45.28 178.66 292.31 317.52 339.59 322.52 331.16 CBC enc | 57.75 67.68 69.72 70.60 71.48 71.63 71.74 CBC dec | 44.32 176.83 284.32 307.24 328.61 312.61 325.82 CFB enc | 57.81 67.64 69.63 70.55 71.40 71.35 71.70 CFB dec | 43.14 167.78 282.03 307.20 328.35 318.24 325.95 CTR enc | 42.35 163.32 279.11 302.93 320.86 310.56 317.93 CTR dec | 42.39 162.81 278.49 302.37 321.11 310.33 318.37 sm4-aesni-avx2 ECB enc | 45.19 177.41 292.42 316.12 339.90 322.53 330.54 ECB dec | 44.83 178.90 291.45 317.31 339.85 322.55 331.07 CBC enc | 57.66 67.62 69.73 70.55 71.58 71.66 71.77 CBC dec | 44.34 176.86 286.10 501.68 559.58 483.87 527.46 CFB enc | 57.43 67.60 69.61 70.52 71.43 71.28 71.65 CFB dec | 43.12 167.75 268.09 499.33 558.35 490.36 524.73 CTR enc | 42.42 163.39 256.17 493.95 552.45 481.58 517.19 CTR dec | 42.49 163.11 256.36 493.34 552.62 481.49 516.83 Signed-off-by:
Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Signed-off-by:
-
Tianjia Zhang authored
Export the reusable functions in the SM4 AESNI/AVX implementation, mainly public functions, which are used to develop the SM4 AESNI/AVX2 implementation, and eliminate unnecessary duplication of code. At the same time, in order to make the public function universal, minor fixes was added. Signed-off-by:
-
Lukas Bulwahn authored
Commit 93f64202 ("crypto: rmd320 - remove RIPE-MD 320 hash algorithm") removes the Kconfig and code, but misses to adjust the Makefile. Hence, ./scripts/checkkconfigsymbols.py warns: CRYPTO_RMD320 Referencing files: crypto/Makefile Remove the missing piece of this code removal. Fixes: 93f64202 ("crypto: rmd320 - remove RIPE-MD 320 hash algorithm") Signed-off-by:
Ard Biesheuvel <ardb@kernel.org> Signed-off-by:
-
- 21 Aug, 2021 33 commits
-
-
Changbin Du authored
Replace the obsolete and ambiguos macro in_irq() with new macro in_hardirq(). Signed-off-by:
Changbin Du <changbin.du@gmail.com> Signed-off-by:
-
Weili Qian authored
To support runtime PM, use the function 'pci_set_power_state' to change the power state. Therefore, method _PS0 or _PR0 needs to be filled by platform. So check whether the method is supported, if not, print a prompt information. Signed-off-by:
Weili Qian <qianweili@huawei.com> Signed-off-by:
-
Weili Qian authored
To avoid repeatedly obtaining 'qm' from 'filp', parameter passing of debugfs function directly use 'qm' instead of 'filp'. Signed-off-by:
-
Weili Qian authored
Add runtime PM support for Kunpeng930 accelerator device. Signed-off-by:
-
Weili Qian authored
Accelerator devices support runtime PM to reduce power consumption. This patch adds the runtime PM suspend/resume callbacks to the accelerator devices. Signed-off-by:
-
Weili Qian authored
The accelerator devices support runtime PM, when device is in suspended, an exception will occur if reading registers. Therefore, this patch uses 'debugfs_create_file' instead of 'debugfs_create_regset32' to create debugfs file, and then the driver can get the device status before reading the register. Signed-off-by:
-
Tianjia Zhang authored
tcrypt supports GCM/CCM mode, CMAC, CBCMAC, and speed test of SM4 algorithm. Signed-off-by:
-
Tianjia Zhang authored
The GCM/CCM mode of the SM4 algorithm is defined in the rfc 8998 specification, and the test case data also comes from rfc 8998. Signed-off-by:
-
Tianjia Zhang authored
There are several places where the return value check of crypto_aead_setkey and crypto_aead_setauthsize were lost. It is necessary to add these checks. At the same time, move the crypto_aead_setauthsize() call out of the loop, and only need to call it once after load transform. Fixee: 53f52d7a ("crypto: tcrypt - Added speed tests for AEAD crypto alogrithms in tcrypt test suite") Signed-off-by:
Vitaly Chikunov <vt@altlinux.org> Signed-off-by:
-
Kai Ye authored
When the endian configuration of the hardware is abnormal, it will cause the SEC engine is faulty that reports empty message. And it will affect the normal function of the hardware. Currently the soft configuration method can't restore the faulty device. The endian needs to be configured according to the system properties. So fix it. Signed-off-by:
Kai Ye <yekai13@huawei.com> Signed-off-by:
-
Kai Ye authored
Because the algs registration process has added a judgment. So need to add the judgment for the abnormal exiting process. Signed-off-by:
-
Giovanni Cabiddu authored
If the VF is newer than the PF, it decides whether it is compatible or not. In case it is compatible, store that information in the vf.compatible flag in the accel_dev structure. Signed-off-by:
Giovanni Cabiddu <giovanni.cabiddu@intel.com> Suggested-by:
Fiona Trahe <fiona.trahe@intel.com> Signed-off-by:
-
Giovanni Cabiddu authored
The function adf_iov_putmsg() is only used inside the intel_qat module therefore should not be exported. Remove EXPORT_SYMBOL for the function adf_iov_putmsg(). Signed-off-by:
-
Ahsan Atta authored
There is a race condition during shutdown in adf_disable_sriov() where both the PF and the VF drivers are loaded on the host system. The PF notifies a VF with a "RESTARTING" message due to which the VF starts an asynchronous worker to stop and shutdown itself. At the same time the PF calls pci_disable_sriov() which invokes the remove() routine on the VF device driver triggering the shutdown flow again. This change fixes the problem by ensuring that the VF flushes the worker that performs stop()/shutdown() before these two functions are called in the remove(). To make sure that no additional PV/VF messages are processed by the VF, interrupts are disabled before flushing the workqueue. Signed-off-by:
Ahsan Atta <ahsan.atta@intel.com> Co-developed-by:
-
Marco Chiappero authored
All QAT GEN2 devices share the same register offset for masking interrupts, so they don't need any complex device specific infrastructure. Remove this function in favor of a constant in order to simplify the code. Also, future generations may require a more complex device specific handling, making the current approach obsolete anyway. Signed-off-by:
Marco Chiappero <marco.chiappero@intel.com> Co-developed-by:
-
Marco Chiappero authored
Currently all the functions related to the activation of the PFVF protocol, both on PF and VF, include the direction specific "vf2pf" name. Replace the existing naming schema with: - a direction agnostic naming, that applies to both PF and VF, for the function pointer ("pfvf") - a direction specific naming schema for the implementations ("pf2vf" or "vf2pf") In particular this patch renames: - adf_pf_enable_vf2pf_comms() in adf_enable_pf2vf_comms() - enable_vf2pf_comms() in enable_pfvf_comms() Signed-off-by: -
Marco Chiappero authored
Make sure all the steps in the initialization sequence are complete before any completion event notification. Signed-off-by:
-
Giovanni Cabiddu authored
Move IOV functions at the end of hw_data so that PFVF functions related functions are group together. Signed-off-by:
-
Marco Chiappero authored
At start and shutdown, VFs notify the PF about their state. These notifications are carried out through a message exchange using the PFVF protocol. Function names lead to believe they do perform init or shutdown logic. This is to fix the naming to better reflect their purpose. Signed-off-by:
-
Kanchana Velusamy authored
In the PF interrupt handler, the interrupt is disabled for a set of VFs by writing to the interrupt source mask register, ERRMSK. The interrupt is re-enabled in the bottom half handler by writing to the same CSR. This is done through the functions enable_vf2pf_interrupts() and disable_vf2pf_interrupts() which perform a read-modify-write operation on the ERRMSK registers to mask and unmask the source of interrupt. There can be a race condition where the top half handler for one VF interrupt runs just as the bottom half for another VF is about to re-enable the interrupt. Depending on whether the top or bottom half updates the CSR first, this would result either in a spurious interrupt or in the interrupt not being re-enabled. This patch protects the access of ERRMSK with a spinlock. The functions adf_enable_vf2pf_interrupts() and adf_disable_vf2pf_interrupts() have been changed to acquire a spin lock before accessing and modifying the ERRMSK registers. These functions use spin_lock_irqsave() to disable IRQs and avoid potential deadlocks. In addition, the function adf_disable_vf2pf_interrupts_irq() has been added. This uses spin_lock() and it is meant to be used in the top half only. Signed-off-by:
Kanchana Velusamy <kanchanax.velusamy@intel.com> Co-developed-by:
-
Marco Chiappero authored
Interrupt code to enable interrupts from PF does not belong to the protocol code, so move it to the interrupt handling specific file for better code organization. Signed-off-by:
-
Marco Chiappero authored
Use reinit_completion() to set to a clean state a completion variable, used to coordinate the VF to PF request-response flow, before every new VF request. Signed-off-by:
-
Svyatoslav Pankratov authored
The PF driver uses the tasklet vf2pf_bh_tasklet to schedule a workqueue to handle the vf2vf protocol (pf2vf_resp_wq). Since the tasklet is only used to schedule the workqueue, this patch removes it and schedules the pf2vf_resp_wq workqueue directly for the top half. Signed-off-by:
Svyatoslav Pankratov <svyatoslav.pankratov@intel.com> Co-developed-by:
-
Marco Chiappero authored
Rename ADF_PFVF_COMPATIBILITY_VERSION in ADF_PFVF_COMPAT_THIS_VERSION since it is used to indicate the current version of the PFVF protocol. Signed-off-by:
-
Marco Chiappero authored
There is a chance that the PFVF handler, adf_vf2pf_req_hndl(), runs twice for the same request when multiple interrupts come simultaneously from different VFs. Since the source VF is identified by a positional bit set in the ERRSOU registers and that is not cleared until the bottom half completes, new top halves from other VFs may reschedule a second bottom half for previous interrupts. This patch solves the problem in the ISR handler by not considering sources with already disabled interrupts (and processing pending), as set in the ERRMSK registers. Also, move some definitions where actually needed. Signed-off-by:
-
Giovanni Cabiddu authored
QAT GEN2 devices suffer from a defect where the MSI interrupt can be sent multiple times. If the second (spurious) interrupt is handled before the bottom half handler runs, then the extra interrupt is effectively ignored because the bottom half is only scheduled once. However, if the top half runs again after the bottom half runs, this will appear as a spurious PF to VF interrupt. This can be avoided by checking the interrupt mask register in addition to the interrupt source register in the interrupt handler. This patch is based on earlier work done by Conor McLoughlin. Signed-off-by:
-
Giovanni Cabiddu authored
The top half of the VF drivers handled only a source at the time. If an interrupt for PF2VF and bundle occurred at the same time, the ISR scheduled only the bottom half for PF2VF. This patch fixes the VF top half so that if both sources of interrupt trigger at the same time, both bottom halves are scheduled. This patch is based on earlier work done by Conor McLoughlin. Signed-off-by:
-
Giovanni Cabiddu authored
The function adf_dev_init() ignores the error code reported by enable_vf2pf_comms(). If the latter fails, e.g. the VF is not compatible with the pf, then the load of the VF driver progresses. This patch changes adf_dev_init() so that the error code from enable_vf2pf_comms() is returned to the caller. Signed-off-by:
-
Marco Chiappero authored
Enable device interrupts after the setup of the interrupt handlers. Signed-off-by:
-
Marco Chiappero authored
Remove the empty implementation of sriov_configure() and set the sriov_configure member of the pci_driver structure to NULL. This way, if a user tries to enable VFs on a device, when kernel and driver are built with CONFIG_PCI_IOV=n, the kernel reports an error message saying that the driver does not support SRIOV configuration via sysfs. Signed-off-by:
-
Giovanni Cabiddu authored
Replace vf_mask type with unsigned long to avoid a stack-out-of-bound. This is to fix the following warning reported by KASAN the first time adf_msix_isr_ae() gets called. [ 692.091987] BUG: KASAN: stack-out-of-bounds in find_first_bit+0x28/0x50 [ 692.092017] Read of size 8 at addr ffff88afdf789e60 by task swapper/32/0 [ 692.092076] Call Trace: [ 692.092089] <IRQ> [ 692.092101] dump_stack+0x9c/0xcf [ 692.092132] print_address_description.constprop.0+0x18/0x130 [ 692.092164] ? find_first_bit+0x28/0x50 [ 692.092185] kasan_report.cold+0x7f/0x111 [ 692.092213] ? static_obj+0x10/0x80 [ 692.092234] ? find_first_bit+0x28/0x50 [ 692.092262] find_first_bit+0x28/0x50 [ 692.092288] adf_msix_isr_ae+0x16e/0x230 [intel_qat] Fixes: ed8ccaef ("crypto: qat - Add support for SRIOV") Signed-off-by: -
Christophe JAILLET authored
s/Enable/Disable/ when describing 'adf_disable_aer()' Signed-off-by:
Christophe JAILLET <christophe.jaillet@wanadoo.fr> Reviewed-by:
Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by:
-
Christophe JAILLET authored
If an error occurs after a 'adf_enable_aer()' call, it must be undone by a corresponding 'adf_disable_aer()' call, as already done in the remove function. Signed-off-by:
-
