- 21 Sep, 2015 3 commits
-
-
Andrzej Hajda authored
The function can return negative value. The problem has been detected using proposed semantic patch scripts/coccinelle/tests/unsigned_lesser_than_zero.cocci [1]. [1]: http://permalink.gmane.org/gmane.linux.kernel/2038576Signed-off-by: Andrzej Hajda <a.hajda@samsung.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Conor McLoughlin authored
Don't allow to trigger SBR from a VF running in VMM context. Cc: stable@vger.kernel.org Signed-off-by: Conor McLoughlin <conor.mcloughlin@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Thomas Petazzoni authored
The mv_cesa_queue_req() function calls crypto_enqueue_request() to enqueue a request. In the normal case (i.e the queue isn't full), this function returns -EINPROGRESS. The current Marvell CESA crypto driver takes this into account and cleans up the request only if an error occured, i.e if the return value is not -EINPROGRESS. Unfortunately this causes problems with CRYPTO_TFM_REQ_MAY_BACKLOG-flagged requests. When such a request is passed to crypto_enqueue_request() and the queue is full, crypto_enqueue_request() will return -EBUSY, but will keep the request enqueued nonetheless. This situation was not properly handled by the Marvell CESA driver, which was anyway cleaning up the request in such a situation. When later on the request was taken out of the backlog and actually processed, a kernel crash occured due to the internal driver data structures for this structure having been cleaned up. To avoid this situation, this commit adds a mv_cesa_req_needs_cleanup() helper function which indicates if the request needs to be cleaned up or not after a call to crypto_enqueue_request(). This helper allows to do the cleanup only in the appropriate cases, and all call sites of mv_cesa_queue_req() are fixed to use this new helper function. Reported-by: Vincent Donnefort <vdonnefort@gmail.com> Fixes: db509a45 ("crypto: marvell/cesa - add TDMA support") Cc: <stable@vger.kernel.org> # v4.2+ Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com> Tested-by: Vincent Donnefort <vdonnefort@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 11 Sep, 2015 1 commit
-
-
Andrey Ryabinin authored
While the destination buffer 'iv' is MAX_IVLEN size, the source 'template[i].iv' could be smaller, thus memcpy may read read invalid memory. Use crypto_skcipher_ivsize() to get real ivsize and pass it to memcpy. Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 10 Sep, 2015 2 commits
-
-
LABBE Corentin authored
The sun4i_ss_opti_poll function cipher data until the output miter have a length of 0. If the crypto API client, give more SGs than necessary this could result in an infinite loop. Fix it by checking for remaining bytes, just like sun4i_ss_cipher_poll(). Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Michael Ellerman authored
This code uses FP (floating point), Altivec and VSX (Vector-Scalar Extension). It can just depend on CONFIG_VSX though, because that already depends on FP and Altivec. Otherwise we get lots of link errors such as: drivers/built-in.o: In function `.p8_aes_setkey': aes.c:(.text+0x2d325c): undefined reference to `.enable_kernel_altivec' aes.c:(.text+0x2d326c): undefined reference to `.enable_kernel_vsx' Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 04 Sep, 2015 1 commit
-
-
Andrey Ryabinin authored
Currently context size (cra_ctxsize) doesn't specified for ghash_async_alg. Which means it's zero. Thus crypto_create_tfm() doesn't allocate needed space for ghash_async_ctx, so any read/write to ctx (e.g. in ghash_async_init_tfm()) is not valid. Cc: stable@vger.kernel.org Signed-off-by: Andrey Ryabinin <aryabinin@odin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 25 Aug, 2015 3 commits
-
-
Lars Persson authored
The tsgl scatterlist must be re-initialized after each operation. Otherwise the sticky bits in the page_link will corrupt the list with pre-mature termination or false chaining. Signed-off-by: Lars Persson <larper@axis.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tadeusz Struk authored
We need to support legacy VFs as well as VFs running on different OSes. To do so the compatibility check need needs to be relaxed. This patch moves the logic responsible for VF to PF version and compatibility checking from adfsriov.c to adf_pf2vf_msg.c, where it belongs, and changes the logic enable legacy VFs. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tadeusz Struk authored
Change mpi_read_buffer to return a number without leading zeros so that mpi_read_buffer and mpi_get_buffer return the same thing. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 24 Aug, 2015 6 commits
-
-
Tadeusz Struk authored
Add range check for ring number. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Leonidas Da Silva Barbosa authored
In build time vadduqm opcode is not being mapped correctly. Adding a new map in ppc-xlate to do this. Signed-off-by: Leonidas S Barbosa <leosilva@linux.vnet.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Fabio Estevam authored
"The preferred form for passing a size of a struct is the following: p = kmalloc(sizeof(*p), ...); .... The preferred form for allocating a zeroed array is the following: p = kcalloc(n, sizeof(...), ...); " ,so do as suggested. Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com> Reviewed-by: Horia Geant? <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Fabio Estevam authored
Instead of propagating a 'fake' error code, just propagate the real one in the case of caam_drv_identify_clk() failure. Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com> Reviewed-by: Horia Geant? <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Fabio Estevam authored
In the error path we should disable the resources that were previously acquired, so fix the error handling accordingly. Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com> Reviewed-by: Horia Geant? <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Horia Geant? authored
Most significant part of JQCR (Job Queue Control Register) contains bits that control endianness: ILE - Immediate Little Endian, DWS - Double Word Swap. The bits are automatically set by the Job Queue Controller HW. Unfortunately these bits are cleared in SW when submitting descriptors via the register-based service interface. >From LS1021A: JQCR_MS = 08080100 - before writing: ILE | DWS | SRC (JR0) JQCR_MS = 30000100 - after writing: WHL | FOUR | SRC (JR0) This would cause problems on little endian caam for descriptors containing immediata data or double-word pointers. Currently there is no problem since the only descriptors ran through this interface are the ones that (un)instantiate RNG. Signed-off-by: Horia Geant? <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 21 Aug, 2015 3 commits
-
-
Herbert Xu authored
This patch adds the helper AHASH_REQUEST_ON_STACK for those users of ahash that are synchronous only. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
This patch replaces uses of blkcipher and ablkcipher with the new skcipher interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
This patch introduces the crypto skcipher interface which aims to replace both blkcipher and ablkcipher. It's very similar to the existing ablkcipher interface. The main difference is the removal of the givcrypt interface. In order to make the transition easier for blkcipher users, there is a helper SKCIPHER_REQUEST_ON_STACK which can be used to place a request on the stack for synchronous transforms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 19 Aug, 2015 2 commits
-
-
Stephan Mueller authored
CMAC is an approved cipher in FIPS 140-2. The patch allows the use of CMAC with TDES and AES in FIPS mode. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Vaishali Thakkar authored
This patch moves the data allocated using dma_alloc_coherent to the corresponding managed interface. To be compatible with the change, various gotos are replaced with direct returns and unneeded labels are dropped. Signed-off-by: Vaishali Thakkar <vthakkar1994@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 18 Aug, 2015 4 commits
-
-
Horia Geant? authored
LS1021A is a QorIQ SoC having little endian CAAM. There are a few differences b/w QorIQ and i.MX from CAAM perspective: 1. i.MX platforms are somewhat special wrt. 64-bit registers: -big endian format at 64-bit level: MSW at address+0 and LSW at address+4 -little endian format at 32-bit level (within MSW and LSW) and thus need special handling. 2. No CCM (clock controller module) for QorIQ. No CAAM clocks to enable / disable. A new Kconfig option - CRYPTO_DEV_FSL_CAAM_LE - is added to indicate CAAM is little endian (*). It is hidden from the user (to avoid misconfiguration); when adding support for a new platform with LE CAAM, either the Kconfig needs to be updated or the corresponding defconfig needs to indicate that CAAM is LE. (*) Using a DT property to provide CAAM endianness would not allow for the ifdeffery. In order to keep changes to a minimum, the following changes are postponed: -endianness fix of the last word in the S/G (rsvd2, bpid, offset), fields are always 0 anyway; -S/G format fix for i.MX7 (yes, i.MX7 support was not added yet, but still...) Signed-off-by: Horia Geant? <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Tadeusz Struk authored
Change memcpy to memmove because the copy is done within the same buffer. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Leonidas Da Silva Barbosa authored
GHASH table algorithm is using a big endian key. In little endian machines key will be LE ordered. After a lxvd2x instruction key is loaded as it is, LE/BE order, in first case it'll generate a wrong table resulting in wrong hashes from the algorithm. Bug affects only LE machines. In order to fix it we do a swap for loaded key. Cc: stable@vger.kernel.org Signed-off-by: Leonidas S Barbosa <leosilva@linux.vnet.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Leonidas Da Silva Barbosa authored
AES-CTR is using a counter 8bytes-8bytes what miss match with kernel specs. In the previous code a vadduwm was done to increment counter. Replacing this for a vadduqm now considering both cases counter 8-8 bytes and full 16bytes. Cc: stable@vger.kernel.org Signed-off-by: Leonidas S Barbosa <leosilva@linux.vnet.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
- 17 Aug, 2015 15 commits
-
-
Herbert Xu authored
This patch adds a missing tristate statement to Kconfig for the new CRYPTO_NULL2 option. Fixes: 149a3971 ("crypto: aead - Add type-safe geniv init/exit helpers") Reported-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The file nx.h has function prototypes that use struct crypto_aead. However, as crypto/aead.h is not included we don't have a definition for it. This patch adds a forward declaration to fix this. Reported-by: kbuild test robot <fengguang.wu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The Kconfig option NULL2 has been added as CRYPTO_MANAGER now depends indirectly on NULL2. However, the Makefile was not updated to use the new option, resulting in potential build failures when only NULL2 is enabled. Fixes: 149a3971 ("crypto: aead - Add type-safe geniv init/exit helpers") Reported-by: kbuild test robot <fengguang.wu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Fabio Estevam authored
Compare pointer-typed values to NULL rather than 0. The semantic patch that makes this change is available in scripts/coccinelle/null/badzero.cocci Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
This patch removes the CRYPTO_ALG_AEAD_NEW flag now that everyone has been converted. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Now that the AEAD conversion is complete we can rip out the old AEAD interafce and associated code. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
The qat driver uses crypto_aead_crt in order to get the authsize. This patch replaces it with the crypto_aead_authsize helper instead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Pretty soon the crypto_aead encrypt/decrypt hooks will disappear as they are now always identical to those in struct aead_alg. This patch replaces the references to these hooks with the ones from aead_alg instead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
This patch replaces the echainiv init/exit handlers with the generic geniv helpers. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
This patch replaces the seqiv init/exit handlers with the generic geniv helpers. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
This patch adds the helpers aead_init_geniv and aead_exit_geniv which are type-safe and intended the replace the existing geniv init/exit helpers. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Now that we no longer have any legacy AEAD implementations the compatibility code path can no longer be triggered. This patch removes it. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Now that we no longer have any legacy AEAD implementations the compatibility code path can no longer be triggered. This patch removes it. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Now that IPsec no longer uses seqniv we can remove it. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Now that seqniv is identical with seqiv we no longer need it. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
-