- 20 Sep, 2023 9 commits
-
-
Herbert Xu authored
Move the macro CRYPTO_ALG_TYPE_AHASH_MASK out of linux/crypto.h and into crypto/ahash.c so that it's not visible to users of the Crypto API. Also remove the unused CRYPTO_ALG_TYPE_HASH_MASK macro. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Stop using the obsolete crypto_has_alg helper that is type-agnostic. Instead use the type-specific helpers such as the newly added crypto_has_aead. This means that changes in the underlying type/mask values won't affect IPsec. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Add the helper crypto_has_aead. This is meant to replace the existing use of crypto_has_alg to locate AEAD algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Bo Liu authored
Remove the repeated word "if" in comments. Signed-off-by: Bo Liu <liubo03@inspur.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Li zeming authored
tfm is assigned first, so it does not need to initialize the assignment. Signed-off-by: Li zeming <zeming@nfschina.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Justin Stitt authored
`strncpy` is deprecated for use on NUL-terminated destination strings [1]. We should prefer more robust and less ambiguous string interfaces. `buf` is expected to be NUL-terminated for its eventual use in `kstrtoul()` and NUL-padding is not required. Due to the above, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> Acked-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Justin Stitt authored
`strncpy` is deprecated for use on NUL-terminated destination strings [1]. We know `hw.partname` is supposed to be NUL-terminated by its later use with seq_printf: | nitrox_debugfs.c +25 | seq_printf(s, " Part Name: %s\n", ndev->hw.partname); Let's prefer a more robust and less ambiguous string interface. A suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Martin Kaiser authored
Set a more reasonable timeout for calculating the initial seed. The reference manuals says that "The initial seed takes approximately 2,000,000 clock cycles." The rngc peripheral clock runs at >= 33.25MHz, so seeding takes at most 60ms. A timeout of 200ms is more appropriate than the current value of 3 seconds. Signed-off-by: Martin Kaiser <martin@kaiser.cx> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Martin Kaiser authored
Set a more reasonable timeout for the rngc selftest. According to the reference manual, "The self test takes approximately 29,000 cycles to complete." The lowest possible frequency of the rngc peripheral clock is 33.25MHz, the selftest would then take about 872us. 2.5ms should be enough for the selftest timeout. Signed-off-by: Martin Kaiser <martin@kaiser.cx> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 15 Sep, 2023 31 commits
-
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by: Matthieu Baerts <matthieu.baerts@tessares.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The header file crypto/algapi.h is for internal use only. Use the header file crypto/utils.h instead. Acked-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Jonas Gorski authored
When the membase and pci_dev pointer were moved to a new struct in priv, the actual membase users were left untouched, and they started reading out arbitrary memory behind the struct instead of registers. This unfortunately turned the RNG into a constant number generator, depending on the content of what was at that offset. To fix this, update geode_rng_data_{read,present}() to also get the membase via amd_geode_priv, and properly read from the right addresses again. Fixes: 9f6ec8dc ("hwrng: geode - Fix PCI device refcount leak") Reported-by: Timur I. Davletshin <timur.davletshin@gmail.com> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=217882Tested-by: Timur I. Davletshin <timur.davletshin@gmail.com> Suggested-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Use unsigned long instead of u64 to silence compile warnings on 32-bit platforms. Also remove the __force bit which seems no longer needed with a current sparse. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Mario Limonciello authored
On some SOCs DBC is supported through the PSP mailbox instead of the platform mailbox. This capability is advertised in the PSP capabilities register. Allow using this communication path if supported. Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Mario Limonciello authored
Offsets are checked by the capabilities register in multiple places. To make the code more readable add a macro. Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Mario Limonciello authored
DBC is currently accessed only from the platform access mailbox and a lot of that implementation's communication path is intertwined with DBC. Add an abstraction layer for pointers into the mailbox. No intended functional changes. Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Mario Limonciello authored
The PSP mailbox supports a number of extended sub-commands. These subcommands are placed in the header of the buffer sent to the mailbox. Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tom Lendacky authored
With the PSP mailbox registers supporting more than just TEE, access to them must be maintained and serialized by the PSP device support. Remove TEE support direct access and create an interface in the PSP support where the register access can be controlled/serialized. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Reviewed-by: Rijo Thomas <Rijo-john.Thomas@amd.com> Tested-by: Rijo Thomas <Rijo-john.Thomas@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Stefan Wahren authored
The last RCU stall fix caused a massive throughput regression of the hwrng on Raspberry Pi 0 - 3. hwrng_msleep doesn't sleep precisely enough and usleep_range doesn't allow scheduling. So try to restore the best possible throughput by introducing hwrng_yield which interruptable sleeps for one jiffy. Some performance measurements on Raspberry Pi 3B+ (arm64/defconfig): sudo dd if=/dev/hwrng of=/dev/null count=1 bs=10000 cpu_relax ~138025 Bytes / sec hwrng_msleep(1000) ~13 Bytes / sec hwrng_yield ~2510 Bytes / sec Fixes: 96cb9d05 ("hwrng: bcm2835 - use hwrng_msleep() instead of cpu_relax()") Link: https://lore.kernel.org/linux-arm-kernel/bc97ece5-44a3-4c4e-77da-2db3eb66b128@gmx.net/Signed-off-by: Stefan Wahren <wahrenst@gmx.net> Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Christophe JAILLET authored
This error handling looks really strange. Check if the string has been truncated instead. Fixes: 02ab9946 ("crypto: hisilicon - Fixed some tiny bugs of HPRE") Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Lu Jialin authored
We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_test:391009 blocked for more than 120 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Call trace: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 schedule+0xd8/0x1b4 schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_vec_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 Kernel panic - not syncing: hung_task: blocked tasks For padata_do_parallel, when the return err is 0 or -EBUSY, it will call wait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal case, aead_request_complete() will be called in pcrypt_aead_serial and the return err is 0 for padata_do_parallel. But, when pinst->flags is PADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it won't call aead_request_complete(). Therefore, test_aead_vec_cfg will hung at wait_for_completion(&wait->completion), which will cause hungtask. The problem comes as following: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst->flags |= PADATA_RESET; err = -EBUSY | if (pinst->flags & PADATA_RESET) | rcu_read_unlock_bh() | return err In order to resolve the problem, we replace the return err -EBUSY with -EAGAIN, which means parallel_data is changing, and the caller should call it again. v3: remove retry and just change the return err. v2: introduce padata_try_do_parallel() in pcrypt_aead_encrypt and pcrypt_aead_decrypt to solve the hungtask. Signed-off-by: Lu Jialin <lujialin4@huawei.com> Signed-off-by: Guo Zihua <guozihua@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Danny Tsen authored
Improve AES/XTS performance of 6-way unrolling for PowerPC up to 17% with tcrypt. This is done by using one instruction, vpermxor, to replace xor and vsldoi. The same changes were applied to OpenSSL code and a pull request was submitted. This patch has been tested with the kernel crypto module tcrypt.ko and has passed the selftest. The patch is also tested with CONFIG_CRYPTO_MANAGER_EXTRA_TESTS enabled. Signed-off-by: Danny Tsen <dtsen@linux.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Jinjie Ruan authored
Convert list_for_each() to list_for_each_entry() so that the list_itr list_head pointer and list_entry() call are no longer needed, which can reduce a few lines of code. No functional changed. Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Acked-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Mario Limonciello authored
Some of the tests for unfused parts referenced a named member parameter, but when the test suite was switched to call a python ctypes library they weren't updated. Adjust them to refer to the first argument of the process_param() call and set the data type of the signature appropriately. Fixes: 15f8aa7b ("crypto: ccp - Add unit tests for dynamic boost control") Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Mario Limonciello authored
When parameters are sent the PSP returns back it's own signature for the application to verify the authenticity of the result. Display this signature to the caller instead of the one the caller sent. Fixes: f40d42f1 ("crypto: ccp - Add a sample python script for Dynamic Boost Control") Fixes: febe3ed3 ("crypto: ccp - Add a sample library for ioctl use") Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Mario Limonciello authored
The sample application was taking values from ioctl() and treating those as the error codes to present to a user. This is incorrect when ret is non-zero, the error is stored to `errno`. Use this value instead. Fixes: f40d42f1 ("crypto: ccp - Add a sample python script for Dynamic Boost Control") Fixes: febe3ed3 ("crypto: ccp - Add a sample library for ioctl use") Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Mario Limonciello authored
A local environment change was importing ioctl_opt which is required for ioctl tests to pass. Add the missing import for it. Fixes: 15f8aa7b ("crypto: ccp - Add unit tests for dynamic boost control") Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Mario Limonciello authored
dbc_dev_init() gets a free page from `GFP_KERNEL`, but if that page has any data in it the first nonce request will fail. This prevents dynamic boost control from probing. To fix this, explicitly request a zeroed page with `__GFP_ZERO` to ensure first nonce fetch works. Fixes: c04cf9e1 ("crypto: ccp - Add support for fetching a nonce for dynamic boost control") Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Giovanni Cabiddu authored
The debugfs description for fw_counters reports an incorrect path indicating a qat folder that does not exist. Fix it. Fixes: 865b50fe ("crypto: qat - add fw_counters debugfs file") Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Andrei Coardos authored
This function call was found to be unnecessary as there is no equivalent platform_get_drvdata() call to access the private data of the driver. Also, the private data is defined in this driver, so there is no risk of it being accessed outside of this driver file. Signed-off-by: Andrei Coardos <aboutphysycs@gmail.com> Reviewed-by: Alexandru Ardelean <alex@shruggie.ro> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Andrei Coardos authored
This function call was found to be unnecessary as there is no equivalent platform_get_drvdata() call to access the private data of the driver. Also, the private data is defined in this driver, so there is no risk of it being accessed outside of this driver file. Signed-off-by: Andrei Coardos <aboutphysycs@gmail.com> Reviewed-by: Martin Kaiser <martin@kaiser.cx> Reviewed-by: Alexandru Ardelean <alex@shruggie.ro> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Andrei Coardos authored
This function call was found to be unnecessary as there is no equivalent platform_get_drvdata() call to access the private data of the driver. Also, the private data is defined in this driver, so there is no risk of it being accessed outside of this driver file. Signed-off-by: Andrei Coardos <aboutphysycs@gmail.com> Acked-by: Conor Dooley <conor.dooley@microchip.com> Reviewed-by: Alexandru Ardelean <alex@shruggie.ro> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Add inclusion of linux/errno.h as otherwise the reference to EINVAL may be invalid. Fixes: f3cf4134 ("bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs") Reported-by: kernel test robot <lkp@intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202308261414.HKw1Mrip-lkp@intel.com/Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-