summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-05-09crypto: chelsio - Fix softlockup with heavy I/OAtul Gupta
removed un-necessary lock_chcr_dev to protect device state DETACH. lock is not required to protect I/O count Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-09crypto: chelsio - Fix NULL pointer dereferenceAtul Gupta
Do not request FW to generate cidx update if there is less space in tx queue to post new request. SGE DBP 1 pidx increment too large BUG: unable to handle kernel NULL pointer dereference at 0000000000000124 SGE error for queue 101 Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: ccree - use a proper le32 type for le32 valGilad Ben-Yossef
We build an explicit little endian value from the IDR register values. Use a proper le32 type to mark the var as such to satisfy Sparse. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Reported-by: kbuild test robot <lkp@intel.com> Fixes: dcf6285d18ea1 ("crypto: ccree - add CID and PID support") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: ccree - remove set but not used variable 'du_size'YueHaibing
Fixes gcc '-Wunused-but-set-variable' warning: drivers/crypto/ccree/cc_cipher.c: In function cc_setup_key_desc: drivers/crypto/ccree/cc_cipher.c:645:15: warning: variable du_size set but not used [-Wunused-but-set-variable] It is never used since introduction in commit dd8486c75085 ("crypto: ccree - move key load desc. before flow desc.") Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: ccree - Make cc_sec_disable staticYueHaibing
Fix sparse warning: drivers/crypto/ccree/cc_driver.c:37:6: warning: symbol 'cc_sec_disable' was not declared. Should it be static? Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: ccree - fix spelling mistake "protedcted" -> "protected"Colin Ian King
There is a spelling mistake in a dev_dbg message, fix it. Signed-off-by: Colin Ian King <colin.king@canonical.com> Acked-By: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: caam/qi2 - generate hash keys in-placeHoria Geantă
Commit 307244452d3d ("crypto: caam - generate hash keys in-place") fixed ahash implementation in caam/jr driver such that user-provided key buffer is not DMA mapped, since it's not guaranteed to be DMAable. Apply a similar fix for caam/qi2 driver. Cc: <stable@vger.kernel.org> # v4.20+ Fixes: 3f16f6c9d632 ("crypto: caam/qi2 - add support for ahash algorithms") Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: caam/qi2 - fix DMA mapping of stack memoryHoria Geantă
Commits c19650d6ea99 ("crypto: caam - fix DMA mapping of stack memory") and 65055e210884 ("crypto: caam - fix hash context DMA unmap size") fixed the ahash implementation in caam/jr driver such that req->result is not DMA-mapped (since it's not guaranteed to be DMA-able). Apply a similar fix for ahash implementation in caam/qi2 driver. Cc: <stable@vger.kernel.org> # v4.20+ Fixes: 3f16f6c9d632 ("crypto: caam/qi2 - add support for ahash algorithms") Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: caam/qi2 - fix zero-length buffer DMA mappingHoria Geantă
Commit 04e6d25c5bb2 ("crypto: caam - fix zero-length buffer DMA mapping") fixed an issue in caam/jr driver where ahash implementation was DMA mapping a zero-length buffer. Current commit applies a similar fix for caam/qi2 driver. Cc: <stable@vger.kernel.org> # v4.20+ Fixes: 3f16f6c9d632 ("crypto: caam/qi2 - add support for ahash algorithms") Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: stm32/cryp - update to return iv_outLionel Debieve
The kernel crypto API request output the next IV data to IV buffer for CBC implementation. Signed-off-by: Lionel Debieve <lionel.debieve@st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: stm32/cryp - remove request mutex protectionLionel Debieve
Mutex is badly used between threaded irq and driver. This mutex must be removed as the framework must ensure that requests must be serialized to avoid issue. Rework req to avoid crash during finalize by fixing the NULL pointer issue. Signed-off-by: Lionel Debieve <lionel.debieve@st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: stm32/cryp - add weak key check for DESLionel Debieve
Add weak key test for des functions calling the generic des_ekey. Signed-off-by: Lionel Debieve <lionel.debieve@st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: atmel - remove set but not used variable 'alg_name'YueHaibing
Fixes gcc '-Wunused-but-set-variable' warning: drivers/crypto/atmel-tdes.c: In function 'atmel_tdes_setkey': drivers/crypto/atmel-tdes.c:803:14: warning: variable 'alg_name' set but not used [-Wunused-but-set-variable] It is not used any more since commit 52ea3cd2917b ("crypto: atmel - Forbid 2-key 3DES in FIPS mode") Signed-off-by: YueHaibing <yuehaibing@huawei.com> Reviewed-by: Nicolas Ferre <nicolas.ferre@microchip.com> Reviewed-by: Tudor Ambarus <tudor.ambarus@microchip.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: picoxcell - Use dev_get_drvdata()Kefeng Wang
Using dev_get_drvdata directly. Cc: Jamie Iles <jamie@jamieiles.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: crypto4xx - get rid of redundant using_sd variableChristian Lamparter
using_sd is used as a stand-in for sa_command_0.bf.scatter that we need to set anyway, so we might as well just prevent double-accounting. Signed-off-by: Christian Lamparter <chunkeey@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: crypto4xx - use sync skcipher for fallbackChristian Lamparter
This replaces struct crypto_skcipher and the extra request size with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(), which uses a fixed stack size. Signed-off-by: Christian Lamparter <chunkeey@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issuesChristian Lamparter
Currently, crypto4xx CFB and OFB AES ciphers are failing testmgr's test vectors. |cfb-aes-ppc4xx encryption overran dst buffer on test vector 3, cfg="in-place" |ofb-aes-ppc4xx encryption overran dst buffer on test vector 1, cfg="in-place" This is because of a very subtile "bug" in the hardware that gets indirectly mentioned in 18.1.3.5 Encryption/Decryption of the hardware spec: the OFB and CFB modes for AES are listed there as operation modes for >>> "Block ciphers" <<<. Which kind of makes sense, but we would like them to be considered as stream ciphers just like the CTR mode. To workaround this issue and stop the hardware from causing "overran dst buffer" on crypttexts that are not a multiple of 16 (AES_BLOCK_SIZE), we force the driver to use the scatter buffers as the go-between. As a bonus this patch also kills redundant pd_uinfo->num_gd and pd_uinfo->num_sd setters since the value has already been set before. Cc: stable@vger.kernel.org Fixes: f2a13e7cba9e ("crypto: crypto4xx - enable AES RFC3686, ECB, CFB and OFB offloads") Signed-off-by: Christian Lamparter <chunkeey@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03crypto: crypto4xx - fix ctr-aes missing output IVChristian Lamparter
Commit 8efd972ef96a ("crypto: testmgr - support checking skcipher output IV") caused the crypto4xx driver to produce the following error: | ctr-aes-ppc4xx encryption test failed (wrong output IV) | on test vector 0, cfg="in-place" This patch fixes this by reworking the crypto4xx_setkey_aes() function to: - not save the iv for ECB (as per 18.2.38 CRYP0_SA_CMD_0: "This bit mut be cleared for DES ECB mode or AES ECB mode, when no IV is used.") - instruct the hardware to save the generated IV for all other modes of operations that have IV and then supply it back to the callee in pretty much the same way as we do it for cbc-aes already. - make it clear that the DIR_(IN|OUT)BOUND is the important bit that tells the hardware to encrypt or decrypt the data. (this is cosmetic - but it hopefully prevents me from getting confused again). - don't load any bogus hash when we don't use any hash operation to begin with. Cc: stable@vger.kernel.org Fixes: f2a13e7cba9e ("crypto: crypto4xx - enable AES RFC3686, ECB, CFB and OFB offloads") Signed-off-by: Christian Lamparter <chunkeey@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ecrdsa - select ASN1 and OID_REGISTRY for EC-RDSAVitaly Chikunov
Fix undefined symbol issue in ecrdsa_generic module when ASN1 or OID_REGISTRY aren't enabled in the config by selecting these options for CRYPTO_ECRDSA. ERROR: "asn1_ber_decoder" [crypto/ecrdsa_generic.ko] undefined! ERROR: "look_up_OID" [crypto/ecrdsa_generic.ko] undefined! Reported-by: Randy Dunlap <rdunlap@infradead.org> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Vitaly Chikunov <vt@altlinux.org> Acked-by: Randy Dunlap <rdunlap@infradead.org> # build-tested Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ux500 - use ccflags-y instead of CFLAGS_<basename>.oMasahiro Yamada
Instead of adding CFLAGS_<basename>.o to every file, let's use ccflags-y, which is effective for all C files in the directory. No behavior change. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - handle tee fips error during power management resumeOfir Drang
in order to support cryptocell tee fips error that may occurs while cryptocell ree is suspended, an cc_tee_handle_fips_error call added to the cc_pm_resume function. Signed-off-by: Ofir Drang <ofir.drang@arm.com> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - add function to handle cryptocell tee fips errorOfir Drang
Adds function that checks if cryptocell tee fips error occurred and in such case triggers system error through kernel panic. Change fips function to use this new routine. Signed-off-by: Ofir Drang <ofir.drang@arm.com> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - HOST_POWER_DOWN_EN should be the last CC access during suspendOfir Drang
During power management suspend the driver need to prepare the device for the power down operation and as a last indication write to the HOST_POWER_DOWN_EN register which signals to the hardware that The ccree is ready for power down. Signed-off-by: Ofir Drang <ofir.drang@arm.com> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - remove cc7x3 obsoleted AXIM configsOfir Drang
AXIM configuration register modified in cc7x3 and no longer includes AXI interrupt masking fields. Signed-off-by: Ofir Drang <ofir.drang@arm.com> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - pm resume first enable the source clkOfir Drang
On power management resume function first enable the device clk source to allow access to the device registers. Signed-off-by: Ofir Drang <ofir.drang@arm.com> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - don't map AEAD key and IV on stackGilad Ben-Yossef
The AEAD authenc key and IVs might be passed to us on stack. Copy it to a slab buffer before mapping to gurantee proper DMA mapping. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - don't map MAC key on stackGilad Ben-Yossef
The MAC hash key might be passed to us on stack. Copy it to a slab buffer before mapping to gurantee proper DMA mapping. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - allow more AEAD assoc data fragmentsGilad Ben-Yossef
Increase the maximum supported AEAD associated data fragments. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - use correct internal state sizes for exportGilad Ben-Yossef
We were computing the size of the import buffer based on the digest size but the 318 and 224 byte variants use 512 and 256 bytes internal state sizes respectfully, thus causing the import buffer to overrun. Fix it by using the right sizes. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - zap entire sg on aead request unmapGilad Ben-Yossef
We were trying to be clever zapping out of the cache only the required length out of scatter list on AEAD request completion and getting it wrong. As Knuth said: "when in douby, use brute force". Zap the whole length of the scatter list. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - make AEAD sgl iterator well behavedGilad Ben-Yossef
Fix some scatter list interation code was not handling scatter lists being shorter than expected in a graceful manner. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - don't mangle the request assoclenGilad Ben-Yossef
We were mangling the request struct assoclen field. Fix it by keeping an internal version and working on it. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - simplify AEAD ICV addr calculationGilad Ben-Yossef
The function cc_prepare_aead_data_dlli() which calculates ICV addresses was needlessly complicate it. This patch simplifies it without altering its functionality. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - simplify fragment ICV detectionGilad Ben-Yossef
The code detecting whether the ICV is fragmented was overly complex and limited the number of fragments an ICV may be comprised of with no reason in the current code, casuing the new testmgr tests to fail. This patch removes this legacy limitation and greatly simplifies the code. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - remove unused definesGilad Ben-Yossef
Remove unused definitions from AEAD driver code. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - do not copy zero size MLLI tableGilad Ben-Yossef
When we are given a 0 sized cryptlen and assoclen in a scatterlist with two entries we were falsely trying to create a zero length MLLI table, causing the HW to choke. Don't try to copy a zero sized MLLI table. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - zero out internal struct before useGilad Ben-Yossef
We did not zero out the internal struct before use causing problem in some rare error code paths. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - copyright header updateGilad Ben-Yossef
This sacrificial copyright header update is offered to the legal department as atonement for any changes made in this driver files in the course of the current year which have not been duly recorded as such. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - use std api when possibleGilad Ben-Yossef
Move to use the std api sg_nents_for_len() when we do not in fact require the extra information about the number of bytes in the last entry provided by the in-driver variant cc_get_sgl_nents(). This also resolves a Coverity warning cause by us not using the output value. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - use devm_kzalloc for device dataGilad Ben-Yossef
Move some remaining device data allocation to the safer devm_* interface. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - fix mem leak on error pathGilad Ben-Yossef
Fix a memory leak on the error path of IV generation code. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - fix typo in debugfs error pathGilad Ben-Yossef
Fix a typo in debugfs interface error path which can result in a panic following a memory allocation failure. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - remove special handling of chained sgGilad Ben-Yossef
We were handling chained scattergather lists with specialized code needlessly as the regular sg APIs handle them just fine. The code handling this also had an (unused) code path with a use-before-init error, flagged by Coverity. Remove all special handling of chained sg and leave their handling to the regular sg APIs. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - use proper callback completion apiGilad Ben-Yossef
Use proper hash callback completion API instead of open coding it. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - fix backlog notificationsGilad Ben-Yossef
We were doing backlog notification callbacks via a cipher/hash/aead request structure cast to the base structure, which may or may not work based on how the structure is laid in memory and is not safe. Fix it by delegating the backlog notification to the appropriate internal callbacks which are type aware. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - add CID and PID supportGilad Ben-Yossef
The new HW uses a new standard product and component ID registers replacing the old ad-hoc version and signature gister schemes. Update the driver to support the new HW ID registers. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - read next IV from HWGilad Ben-Yossef
We were computing the next IV in software instead of reading it from HW on the premise that this can be quicker due to the small size of IVs but this proved to be much more hassle and bug ridden than expected. Move to reading the next IV as computed by the HW. This fixes a number of issue with next IV being wrong for OFB, CTS-CBC and probably most of the other ciphers as well. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - adapt CPP descriptor to new HWGilad Ben-Yossef
Adapt the CPP descriptor to new HW interface. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - add SM4 protected keys supportGilad Ben-Yossef
Add the registration for the SM4 based policy protected keys ciphers. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-25crypto: ccree - add remaining logic for CPPGilad Ben-Yossef
Add the missing logic to set usage policy protections for keys. This enables key policy protection for AES. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>