linux-dev/drivers/crypto/qat, branch master

crypto: qat - add limit to linked list parsing

2022-09-30T05:57:50Z

adf_copy_key_value_data() copies data from userland to kernel, based on a linked link provided by userland. If userland provides a circular list (or just a very long one) then it would drive a long loop where allocation occurs in every loop. This could lead to low memory conditions. Adding a limit to stop endless loop. Signed-off-by: Adam Guerin Co-developed-by: Ciunas Bennett Signed-off-by: Ciunas Bennett Reviewed-by: Giovanni Cabiddu Signed-off-by: Herbert Xu

crypto: qat - use reference to structure in dma_map_single()

2022-09-16T10:29:46Z

When mapping the input and output parameters, the implementations of RSA and DH pass to the function dma_map_single() a pointer to the first member of the structure they want to map instead of a pointer to the actual structure. This results in set of warnings reported by the static analyser Smatch: drivers/crypto/qat/qat_common/qat_asym_algs.c:335 qat_dh_compute_value() error: dma_map_single_attrs() '&qat_req->in.dh.in.b' too small (8 vs 64) drivers/crypto/qat/qat_common/qat_asym_algs.c:341 qat_dh_compute_value() error: dma_map_single_attrs() '&qat_req->out.dh.r' too small (8 vs 64) drivers/crypto/qat/qat_common/qat_asym_algs.c:732 qat_rsa_enc() error: dma_map_single_attrs() '&qat_req->in.rsa.enc.m' too small (8 vs 64) drivers/crypto/qat/qat_common/qat_asym_algs.c:738 qat_rsa_enc() error: dma_map_single_attrs() '&qat_req->out.rsa.enc.c' too small (8 vs 64) drivers/crypto/qat/qat_common/qat_asym_algs.c:878 qat_rsa_dec() error: dma_map_single_attrs() '&qat_req->in.rsa.dec.c' too small (8 vs 64) drivers/crypto/qat/qat_common/qat_asym_algs.c:884 qat_rsa_dec() error: dma_map_single_attrs() '&qat_req->out.rsa.dec.m' too small (8 vs 64) Where the address of the first element of a structure is used as an input for the function dma_map_single(), replace it with the address of the structure. This fix does not introduce any functional change as the addresses are the same. Signed-off-by: Damian Muszynski Signed-off-by: Giovanni Cabiddu Reviewed-by: Adam Guerin Signed-off-by: Herbert Xu

Revert "crypto: qat - reduce size of mapped region"

2022-09-16T10:29:46Z

This reverts commit e48767c17718067ba21fb2ef461779ec2506f845. In an attempt to resolve a set of warnings reported by the static analyzer Smatch, the reverted commit improperly reduced the sizes of the DMA mappings used for the input and output parameters for both RSA and DH creating a mismatch (map size=8 bytes, unmap size=64 bytes). This issue is reported when CONFIG_DMA_API_DEBUG is selected, when the crypto self test is run. The function dma_unmap_single() reports a warning similar to the one below, saying that the `device driver frees DMA memory with different size`. DMA-API: 4xxx 0000:06:00.0: device driver frees DMA memory with different size [device address=0x0000000123206c80] [map size=8 bytes] [unmap size=64 bytes] WARNING: CPU: 0 PID: 0 at kernel/dma/debug.c:973 check_unmap+0x3d0/0x8c0\ ... Call Trace: debug_dma_unmap_page+0x5c/0x60 qat_dh_cb+0xd7/0x110 [intel_qat] qat_alg_asym_callback+0x1a/0x30 [intel_qat] adf_response_handler+0xbd/0x1a0 [intel_qat] tasklet_action_common.constprop.0+0xcd/0xe0 __do_softirq+0xf8/0x30c __irq_exit_rcu+0xbf/0x140 common_interrupt+0xb9/0xd0 The original commit was correct. Cc: Reported-by: Herbert Xu Signed-off-by: Giovanni Cabiddu Signed-off-by: Herbert Xu

crypto: qat - fix DMA transfer direction

2022-09-16T10:29:46Z

When CONFIG_DMA_API_DEBUG is selected, while running the crypto self test on the QAT crypto algorithms, the function add_dma_entry() reports a warning similar to the one below, saying that overlapping mappings are not supported. This occurs in tests where the input and the output scatter list point to the same buffers (i.e. two different scatter lists which point to the same chunks of memory). The logic that implements the mapping uses the flag DMA_BIDIRECTIONAL for both the input and the output scatter lists which leads to overlapped write mappings. These are not supported by the DMA layer. Fix by specifying the correct DMA transfer directions when mapping buffers. For in-place operations where the input scatter list matches the output scatter list, buffers are mapped once with DMA_BIDIRECTIONAL, otherwise input buffers are mapped using the flag DMA_TO_DEVICE and output buffers are mapped with DMA_FROM_DEVICE. Overlapping a read mapping with a write mapping is a valid case in dma-coherent devices like QAT. The function that frees and unmaps the buffers, qat_alg_free_bufl() has been changed accordingly to the changes to the mapping function. DMA-API: 4xxx 0000:06:00.0: cacheline tracking EEXIST, overlapping mappings aren't supported WARNING: CPU: 53 PID: 4362 at kernel/dma/debug.c:570 add_dma_entry+0x1e9/0x270 ... Call Trace: dma_map_page_attrs+0x82/0x2d0 ? preempt_count_add+0x6a/0xa0 qat_alg_sgl_to_bufl+0x45b/0x990 [intel_qat] qat_alg_aead_dec+0x71/0x250 [intel_qat] crypto_aead_decrypt+0x3d/0x70 test_aead_vec_cfg+0x649/0x810 ? number+0x310/0x3a0 ? vsnprintf+0x2a3/0x550 ? scnprintf+0x42/0x70 ? valid_sg_divisions.constprop.0+0x86/0xa0 ? test_aead_vec+0xdf/0x120 test_aead_vec+0xdf/0x120 alg_test_aead+0x185/0x400 alg_test+0x3d8/0x500 ? crypto_acomp_scomp_free_ctx+0x30/0x30 ? __schedule+0x32a/0x12a0 ? ttwu_queue_wakelist+0xbf/0x110 ? _raw_spin_unlock_irqrestore+0x23/0x40 ? try_to_wake_up+0x83/0x570 ? _raw_spin_unlock_irqrestore+0x23/0x40 ? __set_cpus_allowed_ptr_locked+0xea/0x1b0 ? crypto_acomp_scomp_free_ctx+0x30/0x30 cryptomgr_test+0x27/0x50 kthread+0xe6/0x110 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x1f/0x30 Fixes: d370cec ("crypto: qat - Intel(R) QAT crypto interface") Link: https://lore.kernel.org/linux-crypto/20220223080400.139367-1-gilad@benyossef.com/ Signed-off-by: Damian Muszynski Signed-off-by: Giovanni Cabiddu Signed-off-by: Herbert Xu

crypto: qat - fix default value of WDT timer

2022-09-02T10:38:06Z

The QAT HW supports an hardware mechanism to detect an accelerator hang. The reporting of a hang occurs after a watchdog timer (WDT) expires. The value of the WDT set previously was too small and was causing false positives. Change the default value of the WDT to 0x7000000ULL to avoid this. Fixes: 1c4d9d5bbb5a ("crypto: qat - enable detection of accelerators hang") Reviewed-by: Giovanni Cabiddu Signed-off-by: Lucas Segarra Fernandez Signed-off-by: Herbert Xu

crypto: drivers - move from strlcpy with unused retval to strscpy

2022-08-26T10:50:39Z

Follow the advice of the below link and prefer 'strscpy' in this subsystem. Conversion is 1:1 because the return value is not used. Generated by a coccinelle script. Link: https://lore.kernel.org/r/CAHk-=wgfRnXz0W3D37d01q3JFkr_i_uTL=V6A6G1oUZcprmknw@mail.gmail.com/ Signed-off-by: Wolfram Sang Acked-by: Giovanni Cabiddu Signed-off-by: Herbert Xu

crypto: qat - add check to validate firmware images

2022-08-19T10:39:33Z

The function qat_uclo_check_image() validates the MMP and AE firmware images. If the QAT device supports firmware authentication (indicated by the handle to firmware loader), the input signed binary MMP and AE images are validated by parsing the following information: - Header length - Full size of the binary - Type of binary image (MMP or AE Firmware) Firmware binaries use RSA3K for signing and verification. The header length for the RSA3k is 0x384 bytes. All the size field values in the binary are quantified as DWORDS (1 DWORD = 4bytes). On an invalid value the function prints an error message and returns with an error code "EINVAL". Signed-off-by: Srinivas Kerekare Reviewed-by: Giovanni Cabiddu Reviewed-by: Wojciech Ziemba Signed-off-by: Herbert Xu

crypto: qat - expose device config through sysfs for 4xxx

2022-07-08T07:15:59Z

qat_4xxx devices can be configured to allow either crypto or compression operations. At the moment, devices are configured statically according to the following rule: - odd numbered devices assigned to compression services - even numbered devices assigned to crypto services Expose the sysfs attribute /sys/bus/pci/devices//qat/cfg_services to allow to detect the configuration of a device and to change it. The `cfg_service` attribute is only exposed for qat_4xxx devices and it is limited to two configurations: (1) "sym;asym" for crypto services and "dc" for compression services. Signed-off-by: Giovanni Cabiddu Co-developed-by: Tomasz Kowallik Signed-off-by: Tomasz Kowallik Reviewed-by: Adam Guerin Reviewed-by: Fiona Trahe Reviewed-by: Wojciech Ziemba Reviewed-by: Vladis Dronov Signed-off-by: Herbert Xu

crypto: qat - relocate and rename adf_sriov_prepare_restart()

2022-07-08T07:15:59Z

The function adf_sriov_prepare_restart() is used in adf_sriov.c to stop and shutdown a device preserving its configuration. Since this function will be re-used by the logic that allows to reconfigure the device through sysfs, move it to adf_init.c and rename it as adf_dev_shutdown_cache_cfg(); Signed-off-by: Giovanni Cabiddu Reviewed-by: Adam Guerin Reviewed-by: Fiona Trahe Reviewed-by: Wojciech Ziemba Reviewed-by: Vladis Dronov Signed-off-by: Herbert Xu

crypto: qat - change behaviour of adf_cfg_add_key_value_param()

2022-07-08T07:15:59Z

The function adf_cfg_add_key_value_param() allows to insert duplicates entries in the key value store of the driver. Change the behaviour of that function to the following policy: - if the key doesn't exist, add it; - if the key already exists with a different value, then delete it and replace it with a new one containing the new value; - if the key exists with the same value, then return without doing anything. The behaviour of this function has been changed in order to easily update key-values in the driver database. In particular this is required to update the value of the ServiceEnables key used to change the service loaded on a device. Signed-off-by: Giovanni Cabiddu Reviewed-by: Adam Guerin Reviewed-by: Fiona Trahe Reviewed-by: Wojciech Ziemba Reviewed-by: Vladis Dronov Signed-off-by: Herbert Xu