Linux kernel development work - see feature branches https://git.zx2c4.com/linux-dev/atom/drivers/crypto/amlogic?h=master 2022-08-26T10:50:40Z 2022-08-26T10:50:40Z Jack Wang jinpu.wang@ionos.com 2022-08-19T06:07:52Z urn:sha1:45fa321e7de604146603e24ee5bf3c0b766efe46 dma_map_sg return 0 on error. Cc: Corentin Labbe <clabbe@baylibre.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-amlogic@lists.infradead.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Jack Wang <jinpu.wang@ionos.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2022-03-02T22:47:49Z Corentin Labbe clabbe@baylibre.com 2022-02-21T12:08:31Z urn:sha1:dba633342994ce47d347bcf5522ba28301247b79 Doing ipsec produces a spinlock recursion warning. This is due to not disabling BH during crypto completion function. Fixes: 48fe583fe541 ("crypto: amlogic - Add crypto accelerator for amlogic GXL") Signed-off-by: Corentin Labbe <clabbe@baylibre.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-03-26T09:02:34Z Xiang Chen chenxiang66@hisilicon.com 2021-03-16T01:55:23Z urn:sha1:5595d0dc1d33b36843166644bb33d94c0e34942e For function dma_unmap_sg(), the <nents> parameter should be number of elements in the scatterlist prior to the mapping, not after the mapping. So fix this usage. Signed-off-by: Xiang Chen <chenxiang66@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-03-07T04:13:14Z Tang Bin tangbin@cmss.chinamobile.com 2021-02-10T03:16:37Z urn:sha1:9ae219b199314790180da30fce231317142770dc The function meson_crypto_probe() is only called with an openfirmware platform device. Therefore there is no need to check that the passed in device is NULL. Signed-off-by: Tang Bin <tangbin@cmss.chinamobile.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2020-09-25T07:48:16Z Qinglang Miao miaoqinglang@huawei.com 2020-09-18T01:31:10Z urn:sha1:b11d90639aa7d37a7133887db76b7fd697072343 Use DEFINE_SHOW_ATTRIBUTE macro to simplify the code. Signed-off-by: Qinglang Miao <miaoqinglang@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2020-09-04T07:57:17Z Herbert Xu herbert@gondor.apana.org.au 2020-08-28T07:18:33Z urn:sha1:c68e418c603f011ff0e7f4e1fb0f7edc48a04f7e The endianness marking on the variable v in meson_cipher is wrong. It is actually in CPU-order, not little-endian. This patch fixes it. Fixes: 3d04158814e7 ("crypto: amlogic - enable working on big...") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Corentin Labbe <clabbe@baylibre.com> Tested-by: Corentin Labbe <clabbe@baylibre.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2020-09-04T07:57:16Z Denis Efremov efremov@linux.com 2020-08-27T06:44:00Z urn:sha1:ba42fa77efa1248eb44407bb212793548e2e32ec Use kfree_sensitive() instead of open-coding it. Signed-off-by: Denis Efremov <efremov@linux.com> Tested-by: Corentin Labbe <clabbe@baylibre.com> Acked-by: Corentin Labbe <clabbe@baylibre.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2020-08-07T18:33:22Z Waiman Long longman@redhat.com 2020-08-07T06:18:13Z urn:sha1:453431a54934d917153c65211b2dabf45562ca88 As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or something. The "zero" part of the interface isn't even _relevant_. The main reason that kzfree() exists is to clear sensitive information that should not be leaked to other future users of the same memory objects. Rename kzfree() to kfree_sensitive() to follow the example of the recently added kvfree_sensitive() and make the intention of the API more explicit. In addition, memzero_explicit() is used to clear the memory to make sure that it won't get optimized away by the compiler. The renaming is done by using the command sequence: git grep -w --name-only kzfree |\ xargs sed -i 's/kzfree/kfree_sensitive/' followed by some editing of the kfree_sensitive() kerneldoc and adding a kzfree backward compatibility macro in slab.h. [akpm@linux-foundation.org: fs/crypto/inline_crypt.c needs linux/slab.h] [akpm@linux-foundation.org: fix fs/crypto/inline_crypt.c some more] Suggested-by: Joe Perches <joe@perches.com> Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: David Howells <dhowells@redhat.com> Acked-by: Michal Hocko <mhocko@suse.com> Acked-by: Johannes Weiner <hannes@cmpxchg.org> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Joe Perches <joe@perches.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: David Rientjes <rientjes@google.com> Cc: Dan Carpenter <dan.carpenter@oracle.com> Cc: "Jason A . Donenfeld" <Jason@zx2c4.com> Link: http://lkml.kernel.org/r/20200616154311.12314-3-longman@redhat.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2020-07-16T11:49:10Z Mikulas Patocka mpatocka@redhat.com 2020-07-10T06:20:41Z urn:sha1:b8aa7dc5c7535f9abfca4bceb0ade9ee10cf5f54 Set the flag CRYPTO_ALG_ALLOCATES_MEMORY in the crypto drivers that allocate memory. drivers/crypto/allwinner/sun8i-ce/sun8i-ce-core.c: sun8i_ce_cipher drivers/crypto/allwinner/sun8i-ss/sun8i-ss-core.c: sun8i_ss_cipher drivers/crypto/amlogic/amlogic-gxl-core.c: meson_cipher drivers/crypto/axis/artpec6_crypto.c: artpec6_crypto_common_init drivers/crypto/bcm/cipher.c: spu_skcipher_rx_sg_create drivers/crypto/caam/caamalg.c: aead_edesc_alloc drivers/crypto/caam/caamalg_qi.c: aead_edesc_alloc drivers/crypto/caam/caamalg_qi2.c: aead_edesc_alloc drivers/crypto/caam/caamhash.c: hash_digest_key drivers/crypto/cavium/cpt/cptvf_algs.c: process_request drivers/crypto/cavium/nitrox/nitrox_aead.c: nitrox_process_se_request drivers/crypto/cavium/nitrox/nitrox_skcipher.c: nitrox_process_se_request drivers/crypto/ccp/ccp-crypto-aes-cmac.c: ccp_do_cmac_update drivers/crypto/ccp/ccp-crypto-aes-galois.c: ccp_crypto_enqueue_request drivers/crypto/ccp/ccp-crypto-aes-xts.c: ccp_crypto_enqueue_request drivers/crypto/ccp/ccp-crypto-aes.c: ccp_crypto_enqueue_request drivers/crypto/ccp/ccp-crypto-des3.c: ccp_crypto_enqueue_request drivers/crypto/ccp/ccp-crypto-sha.c: ccp_crypto_enqueue_request drivers/crypto/chelsio/chcr_algo.c: create_cipher_wr drivers/crypto/hisilicon/sec/sec_algs.c: sec_alloc_and_fill_hw_sgl drivers/crypto/hisilicon/sec2/sec_crypto.c: sec_alloc_req_id drivers/crypto/inside-secure/safexcel_cipher.c: safexcel_queue_req drivers/crypto/inside-secure/safexcel_hash.c: safexcel_ahash_enqueue drivers/crypto/ixp4xx_crypto.c: ablk_perform drivers/crypto/marvell/cesa/cipher.c: mv_cesa_skcipher_dma_req_init drivers/crypto/marvell/cesa/hash.c: mv_cesa_ahash_dma_req_init drivers/crypto/marvell/octeontx/otx_cptvf_algs.c: create_ctx_hdr drivers/crypto/n2_core.c: n2_compute_chunks drivers/crypto/picoxcell_crypto.c: spacc_sg_to_ddt drivers/crypto/qat/qat_common/qat_algs.c: qat_alg_skcipher_encrypt drivers/crypto/qce/skcipher.c: qce_skcipher_async_req_handle drivers/crypto/talitos.c : talitos_edesc_alloc drivers/crypto/virtio/virtio_crypto_algs.c: __virtio_crypto_skcipher_do_req drivers/crypto/xilinx/zynqmp-aes-gcm.c: zynqmp_aes_aead_cipher Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> [EB: avoid overly-long lines] Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2020-07-16T11:49:02Z Ard Biesheuvel ardb@kernel.org 2020-07-07T06:31:52Z urn:sha1:1d63e4557f0d11fd795c7acd50a241da2d8bf89f Even though the amlogic-gxl driver implements asynchronous versions of ecb(aes) and cbc(aes), the fallbacks it allocates are required to be synchronous. Given that SIMD based software implementations are usually asynchronous as well, even though they rarely complete asynchronously (this typically only happens in cases where the request was made from softirq context, while SIMD was already in use in the task context that it interrupted), these implementations are disregarded, and either the generic C version or another table based version implemented in assembler is selected instead. Since falling back to synchronous AES is not only a performance issue, but potentially a security issue as well (due to the fact that table based AES is not time invariant), let's fix this, by allocating an ordinary skcipher as the fallback, and invoke it with the completion routine that was given to the outer request. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Tested-by: Corentin Labbe <clabbe@baylibre.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>