- 20 Sep, 2023 22 commits
-
-
Giovanni Cabiddu authored
The data structure that associates a service id with its name is replicated across the driver. Remove duplication by moving this data structure to a new include file, adf_cfg_services.h in order to have consistency across the drivers. Note that the data structure is re-instantiated every time the new include is added to a compilation unit. Signed-off-by:
Giovanni Cabiddu <giovanni.cabiddu@intel.com> Reviewed-by:
Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Giovanni Cabiddu authored
The function adf_dev_init(), through the subsystem qat_compression, populates the list of list of compression instances accel_dev->compression_list. If the list of instances is not empty, the function adf_dev_start() will then call qat_compression_registers() register the compression algorithms into the crypto framework. If any of the functions in adf_dev_start() fail, the caller of such function, in the error path calls adf_dev_down() which in turn call adf_dev_stop() and adf_dev_shutdown(), see for example the function state_store in adf_sriov.c. However, if the registration of compression algorithms is not done, adf_dev_stop() will try to unregister the algorithms regardless. This might cause the counter active_devs in qat_compression.c to get to a negative value. Add a new state, ADF_STATUS_COMPRESSION_ALGS_REGISTERED, which tracks if the compression algorithms are registered into the crypto framework. Then use this to unregister the algorithms if such flag is set. This ensures that the compression algorithms are only unregistered if previously registered. Fixes: 1198ae56 ("crypto: qat - expose deflate through acomp api for QAT GEN2") Signed-off-by:
Adam Guerin <adam.guerin@intel.com> Signed-off-by:
-
Giovanni Cabiddu authored
The function adf_dev_init(), through the subsystem qat_crypto, populates the list of list of crypto instances accel_dev->crypto_list. If the list of instances is not empty, the function adf_dev_start() will then call qat_algs_registers() and qat_asym_algs_register() to register the crypto algorithms into the crypto framework. If any of the functions in adf_dev_start() fail, the caller of such function, in the error path calls adf_dev_down() which in turn call adf_dev_stop() and adf_dev_shutdown(), see for example the function state_store in adf_sriov.c. However, if the registration of crypto algorithms is not done, adf_dev_stop() will try to unregister the algorithms regardless. This might cause the counter active_devs in qat_algs.c and qat_asym_algs.c to get to a negative value. Add a new state, ADF_STATUS_CRYPTO_ALGS_REGISTERED, which tracks if the crypto algorithms are registered into the crypto framework. Then use this to unregister the algorithms if such flag is set. This ensures that the crypto algorithms are only unregistered if previously registered. Fixes: d8cba25d ("crypto: qat - Intel(R) QAT driver framework") Signed-off-by:
-
Giovanni Cabiddu authored
If the device is already in the up state, a subsequent write of `up` to the sysfs attribute /sys/bus/pci/devices/<BDF>/qat/state brings the device down. Fix this behaviour by ignoring subsequent `up` commands if the device is already in the up state. Fixes: 1bdc8555 ("crypto: qat - fix concurrency issue when device state changes") Signed-off-by:
-
Giovanni Cabiddu authored
Do not shadow the return code from adf_dev_down() in the error path of the DEV_DOWN command. Signed-off-by:
-
Giovanni Cabiddu authored
Commit 1bdc8555 ("crypto: qat - fix concurrency issue when device state changes") introduced the function adf_dev_down() which wraps the functions adf_dev_stop() and adf_dev_shutdown(). In a subsequent change, the sequence adf_dev_stop() followed by adf_dev_shutdown() was then replaced across the driver with just a call to the function adf_dev_down(). The functions adf_dev_stop() and adf_dev_shutdown() are called in error paths to stop the accelerator and free up resources and can be called even if the counterparts adf_dev_init() and adf_dev_start() did not complete successfully. However, the implementation of adf_dev_down() prevents the stop/shutdown sequence if the device is found already down. For example, if adf_dev_init() fails, the device status is not set as started and therefore a call to adf_dev_down() won't be calling adf_dev_shutdown() to undo what adf_dev_init() did. Do not check if a device is started in adf_dev_down() but do the equivalent check in adf_sysfs.c when handling a DEV_DOWN command from the user. Fixes: 2b60f79c ("crypto: qat - replace state machine calls") Signed-off-by:
-
Yang Shen authored
Remove the support of zlib-deflate and gzip. Signed-off-by:
Yang Shen <shenyang39@huawei.com> Reviewed-by:
Longfang Liu <liulongfang@huawei.com> Signed-off-by:
-
Yang Shen authored
Add the deflate algorithm support for hisilicon zip hardware. Signed-off-by:
-
Herbert Xu authored
Replace the existing skcipher CBC template with an lskcipher version. Signed-off-by: -
Herbert Xu authored
This patch adds two different implementations of ECB. First of all an lskcipher wrapper around existing ciphers is introduced as a temporary transition aid. Secondly a permanent lskcipher template is also added. It's simply a wrapper around the underlying lskcipher algorithm. Signed-off-by: -
Herbert Xu authored
Test lskcipher algorithms using the same logic as cipher algorithms. Signed-off-by: -
Herbert Xu authored
As an aid to the transition from cipher algorithm implementations to lskcipher, add a temporary wrapper when creating simple lskcipher templates by using ecb(X) instead of X if an lskcipher implementation of X cannot be found. This can be reverted once all cipher implementations have switched over to lskcipher. Signed-off-by: -
Herbert Xu authored
Add a new API type lskcipher designed for taking straight kernel pointers instead of SG lists. Its relationship to skcipher will be analogous to that between shash and ahash. Signed-off-by: -
Herbert Xu authored
Move the macro CRYPTO_ALG_TYPE_AHASH_MASK out of linux/crypto.h and into crypto/ahash.c so that it's not visible to users of the Crypto API. Also remove the unused CRYPTO_ALG_TYPE_HASH_MASK macro. Signed-off-by: -
Herbert Xu authored
Stop using the obsolete crypto_has_alg helper that is type-agnostic. Instead use the type-specific helpers such as the newly added crypto_has_aead. This means that changes in the underlying type/mask values won't affect IPsec. Signed-off-by: -
Herbert Xu authored
Add the helper crypto_has_aead. This is meant to replace the existing use of crypto_has_alg to locate AEAD algorithms. Signed-off-by: -
Bo Liu authored
Remove the repeated word "if" in comments. Signed-off-by:
Bo Liu <liubo03@inspur.com> Signed-off-by:
-
Li zeming authored
tfm is assigned first, so it does not need to initialize the assignment. Signed-off-by:
Li zeming <zeming@nfschina.com> Signed-off-by:
-
Justin Stitt authored
`strncpy` is deprecated for use on NUL-terminated destination strings [1]. We should prefer more robust and less ambiguous string interfaces. `buf` is expected to be NUL-terminated for its eventual use in `kstrtoul()` and NUL-padding is not required. Due to the above, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by:
Justin Stitt <justinstitt@google.com> Acked-by:
Kees Cook <keescook@chromium.org> Signed-off-by:
-
Justin Stitt authored
`strncpy` is deprecated for use on NUL-terminated destination strings [1]. We know `hw.partname` is supposed to be NUL-terminated by its later use with seq_printf: | nitrox_debugfs.c +25 | seq_printf(s, " Part Name: %s\n", ndev->hw.partname); Let's prefer a more robust and less ambiguous string interface. A suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by:
-
Martin Kaiser authored
Set a more reasonable timeout for calculating the initial seed. The reference manuals says that "The initial seed takes approximately 2,000,000 clock cycles." The rngc peripheral clock runs at >= 33.25MHz, so seeding takes at most 60ms. A timeout of 200ms is more appropriate than the current value of 3 seconds. Signed-off-by:
Martin Kaiser <martin@kaiser.cx> Signed-off-by:
-
Martin Kaiser authored
Set a more reasonable timeout for the rngc selftest. According to the reference manual, "The self test takes approximately 29,000 cycles to complete." The lowest possible frequency of the rngc peripheral clock is 33.25MHz, the selftest would then take about 872us. 2.5ms should be enough for the selftest timeout. Signed-off-by:
-
- 15 Sep, 2023 18 commits
-
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Signed-off-by: -
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
Mimi Zohar <zohar@linux.ibm.com> Signed-off-by:
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
Chuck Lever <chuck.lever@oracle.com> Signed-off-by:
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
Matthieu Baerts <matthieu.baerts@tessares.net> Signed-off-by:
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Signed-off-by: -
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Signed-off-by:
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Signed-off-by: -
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by:
Eric Biggers <ebiggers@google.com> Signed-off-by:
-
Jonas Gorski authored
When the membase and pci_dev pointer were moved to a new struct in priv, the actual membase users were left untouched, and they started reading out arbitrary memory behind the struct instead of registers. This unfortunately turned the RNG into a constant number generator, depending on the content of what was at that offset. To fix this, update geode_rng_data_{read,present}() to also get the membase via amd_geode_priv, and properly read from the right addresses again. Fixes: 9f6ec8dc ("hwrng: geode - Fix PCI device refcount leak") Reported-by:Timur I. Davletshin <timur.davletshin@gmail.com> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=217882Tested-by:
Jo-Philipp Wich <jo@mein.io> Signed-off-by:
Jonas Gorski <jonas.gorski@gmail.com> Signed-off-by:
-
Herbert Xu authored
Use unsigned long instead of u64 to silence compile warnings on 32-bit platforms. Also remove the __force bit which seems no longer needed with a current sparse. Signed-off-by: -
Mario Limonciello authored
On some SOCs DBC is supported through the PSP mailbox instead of the platform mailbox. This capability is advertised in the PSP capabilities register. Allow using this communication path if supported. Signed-off-by:
Mario Limonciello <mario.limonciello@amd.com> Signed-off-by:
-
Mario Limonciello authored
Offsets are checked by the capabilities register in multiple places. To make the code more readable add a macro. Signed-off-by:
-
Mario Limonciello authored
DBC is currently accessed only from the platform access mailbox and a lot of that implementation's communication path is intertwined with DBC. Add an abstraction layer for pointers into the mailbox. No intended functional changes. Signed-off-by:
-
Mario Limonciello authored
The PSP mailbox supports a number of extended sub-commands. These subcommands are placed in the header of the buffer sent to the mailbox. Signed-off-by:
-
Tom Lendacky authored
With the PSP mailbox registers supporting more than just TEE, access to them must be maintained and serialized by the PSP device support. Remove TEE support direct access and create an interface in the PSP support where the register access can be controlled/serialized. Signed-off-by:
Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by:
Rijo Thomas <Rijo-john.Thomas@amd.com> Tested-by:
-
Stefan Wahren authored
The last RCU stall fix caused a massive throughput regression of the hwrng on Raspberry Pi 0 - 3. hwrng_msleep doesn't sleep precisely enough and usleep_range doesn't allow scheduling. So try to restore the best possible throughput by introducing hwrng_yield which interruptable sleeps for one jiffy. Some performance measurements on Raspberry Pi 3B+ (arm64/defconfig): sudo dd if=/dev/hwrng of=/dev/null count=1 bs=10000 cpu_relax ~138025 Bytes / sec hwrng_msleep(1000) ~13 Bytes / sec hwrng_yield ~2510 Bytes / sec Fixes: 96cb9d05 ("hwrng: bcm2835 - use hwrng_msleep() instead of cpu_relax()") Link: https://lore.kernel.org/linux-arm-kernel/bc97ece5-44a3-4c4e-77da-2db3eb66b128@gmx.net/Signed-off-by:
Stefan Wahren <wahrenst@gmx.net> Reviewed-by:
Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by:
-
Christophe JAILLET authored
This error handling looks really strange. Check if the string has been truncated instead. Fixes: 02ab9946 ("crypto: hisilicon - Fixed some tiny bugs of HPRE") Signed-off-by:
Christophe JAILLET <christophe.jaillet@wanadoo.fr> Signed-off-by:
-
