1. 09 Aug, 2019 13 commits
    • Horia Geantă's avatar
      crypto: caam - fix return code in completion callbacks · 1984aaee
      Horia Geantă authored
      Modify drive to provide a valid errno (and not the HW error ID)
      to the user, via completion callbacks.
      
      A "valid errno" is currently not explicitly mentioned in the docs,
      however the error code is expected to match the one returned by the
      generic SW implementation.
      
      Note: in most error cases caam/qi and caam/qi2 returned -EIO; align all
      caam drivers to return -EINVAL.
      
      While here, ratelimit prints triggered by fuzz testing, such that
      console is not flooded.
      Signed-off-by: default avatarHoria Geantă <horia.geanta@nxp.com>
      Signed-off-by: default avatarIuliana Prodan <iuliana.prodan@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      1984aaee
    • Horia Geantă's avatar
      crypto: caam/qi - fix error handling in ERN handler · 51fab3d7
      Horia Geantă authored
      ERN handler calls the caam/qi frontend "done" callback with a status
      of -EIO. This is incorrect, since the callback expects a status value
      meaningful for the crypto engine - hence the cryptic messages
      like the one below:
      platform caam_qi: 15: unknown error source
      
      Fix this by providing the callback with:
      -the status returned by the crypto engine (fd[status]) in case
      it contains an error, OR
      -a QI "No error" code otherwise; this will trigger the message:
      platform caam_qi: 50000000: Queue Manager Interface: No error
      which is fine, since QMan driver provides details about the cause of
      failure
      
      Cc: <stable@vger.kernel.org> # v5.1+
      Fixes: 67c2315d ("crypto: caam - add Queue Interface (QI) backend support")
      Signed-off-by: default avatarHoria Geantă <horia.geanta@nxp.com>
      Reviewed-by: default avatarIuliana Prodan <iuliana.prodan@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      51fab3d7
    • Iuliana Prodan's avatar
      crypto: aes - helper function to validate key length for AES algorithms · bc67d04e
      Iuliana Prodan authored
      Add inline helper function to check key length for AES algorithms.
      The key can be 128, 192 or 256 bits size.
      This function is used in the generic aes implementation.
      Signed-off-by: default avatarIuliana Prodan <iuliana.prodan@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      bc67d04e
    • Iuliana Prodan's avatar
      crypto: gcm - helper functions for assoclen/authsize check · 65526f63
      Iuliana Prodan authored
      Added inline helper functions to check authsize and assoclen for
      gcm, rfc4106 and rfc4543.
      These are used in the generic implementation of gcm, rfc4106 and
      rfc4543.
      Signed-off-by: default avatarIuliana Prodan <iuliana.prodan@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      65526f63
    • Pascal van Leeuwen's avatar
      crypto: inside-secure - Remove redundant DES ECB & CBC keysize check · 1bfaac7c
      Pascal van Leeuwen authored
      This patch removes a DES key size check that is redundant as it is already
      performed by the crypto API itself due to min_keysize = max_keysize.
      Signed-off-by: default avatarPascal van Leeuwen <pvanleeuwen@verimatrix.com>
      Acked-by: default avatarAntoine Tenart <antoine.tenart@bootlin.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      1bfaac7c
    • Gary R Hook's avatar
      crypto: ccp - Clean up and exit correctly on allocation failure · 114e2ccd
      Gary R Hook authored
      Return and fail driver initialization if a DMA pool or coherent memory
      can't be allocated. Be sure to clean up allocated memory.
      
      Fixes: 4b394a23 ("crypto: ccp - Let a v5 CCP provide the same function as v3")
      Signed-off-by: default avatarGary R Hook <gary.hook@amd.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      114e2ccd
    • Stephen Boyd's avatar
      crypto: drivers - Remove dev_err() usage after platform_get_irq() · 514838e9
      Stephen Boyd authored
      We don't need dev_err() messages when platform_get_irq() fails now that
      platform_get_irq() prints an error message itself when something goes
      wrong. Let's remove these prints with a simple semantic patch.
      
      // <smpl>
      @@
      expression ret;
      struct platform_device *E;
      @@
      
      ret =
      (
      platform_get_irq(E, ...)
      |
      platform_get_irq_byname(E, ...)
      );
      
      if ( \( ret < 0 \| ret <= 0 \) )
      {
      (
      -if (ret != -EPROBE_DEFER)
      -{ ...
      -dev_err(...);
      -... }
      |
      ...
      -dev_err(...);
      )
      ...
      }
      // </smpl>
      
      While we're here, remove braces on if statements that only have one
      statement (manually).
      
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: <linux-crypto@vger.kernel.org>
      Signed-off-by: default avatarStephen Boyd <swboyd@chromium.org>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      514838e9
    • Pascal van Leeuwen's avatar
      crypto: inside-secure - Use defines instead of some constants (cosmetic) · f26882a3
      Pascal van Leeuwen authored
      This patch replaces some hard constants regarding key, IV and nonce sizes
      with appropriate defines from the crypto header files.
      Signed-off-by: default avatarPascal van Leeuwen <pvanleeuwen@verimatrix.com>
      Acked-by: default avatarAntoine Tenart <antoine.tenart@bootlin.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      f26882a3
    • Horia Geantă's avatar
      crypto: caam - fix concurrency issue in givencrypt descriptor · 48f89d2a
      Horia Geantă authored
      IV transfer from ofifo to class2 (set up at [29][30]) is not guaranteed
      to be scheduled before the data transfer from ofifo to external memory
      (set up at [38]:
      
      [29] 10FA0004           ld: ind-nfifo (len=4) imm
      [30] 81F00010               <nfifo_entry: ofifo->class2 type=msg len=16>
      [31] 14820004           ld: ccb2-datasz len=4 offs=0 imm
      [32] 00000010               data:0x00000010
      [33] 8210010D    operation: cls1-op aes cbc init-final enc
      [34] A8080B04         math: (seqin + math0)->vseqout len=4
      [35] 28000010    seqfifold: skip len=16
      [36] A8080A04         math: (seqin + math0)->vseqin len=4
      [37] 2F1E0000    seqfifold: both msg1->2-last2-last1 len=vseqinsz
      [38] 69300000   seqfifostr: msg len=vseqoutsz
      [39] 5C20000C      seqstr: ccb2 ctx len=12 offs=0
      
      If ofifo -> external memory transfer happens first, DECO will hang
      (issuing a Watchdog Timeout error, if WDOG is enabled) waiting for
      data availability in ofifo for the ofifo -> c2 ififo transfer.
      
      Make sure IV transfer happens first by waiting for all CAAM internal
      transfers to end before starting payload transfer.
      
      New descriptor with jump command inserted at [37]:
      
      [..]
      [36] A8080A04         math: (seqin + math0)->vseqin len=4
      [37] A1000401         jump: jsl1 all-match[!nfifopend] offset=[01] local->[38]
      [38] 2F1E0000    seqfifold: both msg1->2-last2-last1 len=vseqinsz
      [39] 69300000   seqfifostr: msg len=vseqoutsz
      [40] 5C20000C      seqstr: ccb2 ctx len=12 offs=0
      
      [Note: the issue is present in the descriptor from the very beginning
      (cf. Fixes tag). However I've marked it v4.19+ since it's the oldest
      maintained kernel that the patch applies clean against.]
      
      Cc: <stable@vger.kernel.org> # v4.19+
      Fixes: 1acebad3 ("crypto: caam - faster aead implementation")
      Signed-off-by: default avatarHoria Geantă <horia.geanta@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      48f89d2a
    • Gustavo A. R. Silva's avatar
      crypto: ux500/crypt - Mark expected switch fall-throughs · 15b2455a
      Gustavo A. R. Silva authored
      Mark switch cases where we are expecting to fall through.
      
      This patch fixes the following warning (Building: arm):
      
      drivers/crypto/ux500/cryp/cryp.c: In function ‘cryp_save_device_context’:
      drivers/crypto/ux500/cryp/cryp.c:316:16: warning: this statement may fall through [-Wimplicit-fallthrough=]
         ctx->key_4_r = readl_relaxed(&src_reg->key_4_r);
      drivers/crypto/ux500/cryp/cryp.c:318:2: note: here
        case CRYP_KEY_SIZE_192:
        ^~~~
      drivers/crypto/ux500/cryp/cryp.c:320:16: warning: this statement may fall through [-Wimplicit-fallthrough=]
         ctx->key_3_r = readl_relaxed(&src_reg->key_3_r);
      drivers/crypto/ux500/cryp/cryp.c:322:2: note: here
        case CRYP_KEY_SIZE_128:
        ^~~~
      drivers/crypto/ux500/cryp/cryp.c:324:16: warning: this statement may fall through [-Wimplicit-fallthrough=]
         ctx->key_2_r = readl_relaxed(&src_reg->key_2_r);
      drivers/crypto/ux500/cryp/cryp.c:326:2: note: here
        default:
        ^~~~~~~
      In file included from ./include/linux/io.h:13:0,
                       from drivers/crypto/ux500/cryp/cryp_p.h:14,
                       from drivers/crypto/ux500/cryp/cryp.c:15:
      drivers/crypto/ux500/cryp/cryp.c: In function ‘cryp_restore_device_context’:
      ./arch/arm/include/asm/io.h:92:22: warning: this statement may fall through [-Wimplicit-fallthrough=]
       #define __raw_writel __raw_writel
                            ^
      ./arch/arm/include/asm/io.h:299:29: note: in expansion of macro ‘__raw_writel’
       #define writel_relaxed(v,c) __raw_writel((__force u32) cpu_to_le32(v),c)
                                   ^~~~~~~~~~~~
      drivers/crypto/ux500/cryp/cryp.c:363:3: note: in expansion of macro ‘writel_relaxed’
         writel_relaxed(ctx->key_4_r, &reg->key_4_r);
         ^~~~~~~~~~~~~~
      drivers/crypto/ux500/cryp/cryp.c:365:2: note: here
        case CRYP_KEY_SIZE_192:
        ^~~~
      In file included from ./include/linux/io.h:13:0,
                       from drivers/crypto/ux500/cryp/cryp_p.h:14,
                       from drivers/crypto/ux500/cryp/cryp.c:15:
      ./arch/arm/include/asm/io.h:92:22: warning: this statement may fall through [-Wimplicit-fallthrough=]
       #define __raw_writel __raw_writel
                            ^
      ./arch/arm/include/asm/io.h:299:29: note: in expansion of macro ‘__raw_writel’
       #define writel_relaxed(v,c) __raw_writel((__force u32) cpu_to_le32(v),c)
                                   ^~~~~~~~~~~~
      drivers/crypto/ux500/cryp/cryp.c:367:3: note: in expansion of macro ‘writel_relaxed’
         writel_relaxed(ctx->key_3_r, &reg->key_3_r);
         ^~~~~~~~~~~~~~
      drivers/crypto/ux500/cryp/cryp.c:369:2: note: here
        case CRYP_KEY_SIZE_128:
        ^~~~
      In file included from ./include/linux/io.h:13:0,
                       from drivers/crypto/ux500/cryp/cryp_p.h:14,
                       from drivers/crypto/ux500/cryp/cryp.c:15:
      ./arch/arm/include/asm/io.h:92:22: warning: this statement may fall through [-Wimplicit-fallthrough=]
       #define __raw_writel __raw_writel
                            ^
      ./arch/arm/include/asm/io.h:299:29: note: in expansion of macro ‘__raw_writel’
       #define writel_relaxed(v,c) __raw_writel((__force u32) cpu_to_le32(v),c)
                                   ^~~~~~~~~~~~
      drivers/crypto/ux500/cryp/cryp.c:371:3: note: in expansion of macro ‘writel_relaxed’
         writel_relaxed(ctx->key_2_r, &reg->key_2_r);
         ^~~~~~~~~~~~~~
      drivers/crypto/ux500/cryp/cryp.c:373:2: note: here
        default:
        ^~~~~~~
      Signed-off-by: default avatarGustavo A. R. Silva <gustavo@embeddedor.com>
      Reviewed-by: default avatarKees Cook <keescook@chromium.org>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      15b2455a
    • Gary R Hook's avatar
      crypto: ccp - Log an error message when ccp-crypto fails to load · f6ebfd78
      Gary R Hook authored
      If there are no CCP devices on the system, ccp-crypto will not load.
      Write a message to the system log clarifying the reason for the failure
      of the modprobe operation
      Signed-off-by: default avatarGary R Hook <gary.hook@amd.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      f6ebfd78
    • Gilad Ben-Yossef's avatar
      crypto: ccree - use std api sg_zero_buffer · e88b27c8
      Gilad Ben-Yossef authored
      Replace internal cc_zero_sgl() with kernel API of the same function
      sg_zero_buffer().
      Signed-off-by: default avatarGilad Ben-Yossef <gilad@benyossef.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      e88b27c8
    • Gilad Ben-Yossef's avatar
      crypto: ccree - use the full crypt length value · 7a4be6c1
      Gilad Ben-Yossef authored
      In case of AEAD decryption verifcation error we were using the
      wrong value to zero out the plaintext buffer leaving the end of
      the buffer with the false plaintext.
      Signed-off-by: default avatarGilad Ben-Yossef <gilad@benyossef.com>
      Fixes: ff27e85a ("crypto: ccree - add AEAD support")
      CC: stable@vger.kernel.org # v4.17+
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      7a4be6c1
  2. 08 Aug, 2019 1 commit
  3. 02 Aug, 2019 13 commits
  4. 31 Jul, 2019 2 commits
  5. 27 Jul, 2019 11 commits