Linux kernel development work - see feature branches https://git.zx2c4.com/linux-dev/atom/drivers/crypto/stm32?h=master 2022-03-25T04:21:05Z 2022-03-25T04:21:05Z Zheng Yongjun zhengyongjun3@huawei.com 2022-03-17T13:16:13Z urn:sha1:e9a36feecee0ee5845f2e0656f50f9942dd0bed3 pm_runtime_get_sync() will increment pm usage counter even it failed. Forgetting to call pm_runtime_put_noidle will result in reference leak in stm32_crc_remove, so we should fix it. Signed-off-by: Zheng Yongjun <zhengyongjun3@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-12-31T07:10:55Z Marek Vasut marex@denx.de 2021-12-20T19:50:22Z urn:sha1:29009604ad4e3ef784fd9b9fef6f23610ddf633d The include/linux/crypto.h struct crypto_alg field cra_driver_name description states "Unique name of the transformation provider. " ... " this contains the name of the chip or provider and the name of the transformation algorithm." In case of the stm32-crc driver, field cra_driver_name is identical for all registered transformation providers and set to the name of the driver itself, which is incorrect. This patch fixes it by assigning a unique cra_driver_name to each registered transformation provider. The kernel crash is triggered when the driver calls crypto_register_shashes() which calls crypto_register_shash(), which calls crypto_register_alg(), which calls __crypto_register_alg(), which returns -EEXIST, which is propagated back through this call chain. Upon -EEXIST from crypto_register_shash(), the crypto_register_shashes() starts unregistering the providers back, and calls crypto_unregister_shash(), which calls crypto_unregister_alg(), and this is where the BUG() triggers due to incorrect cra_refcnt. Fixes: b51dbe90912a ("crypto: stm32 - Support for STM32 CRC32 crypto module") Signed-off-by: Marek Vasut <marex@denx.de> Cc: <stable@vger.kernel.org> # 4.12+ Cc: Alexandre Torgue <alexandre.torgue@foss.st.com> Cc: Fabien Dessenne <fabien.dessenne@st.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Lionel Debieve <lionel.debieve@st.com> Cc: Nicolas Toromanoff <nicolas.toromanoff@st.com> Cc: linux-arm-kernel@lists.infradead.org Cc: linux-stm32@st-md-mailman.stormreply.com To: linux-crypto@vger.kernel.org Acked-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-12-11T05:49:17Z Herbert Xu herbert@gondor.apana.org.au 2021-12-01T06:30:41Z urn:sha1:3d6b661330a7954d8136df98160d525eb04dcd6a We should not call pm_runtime_resume_and_get where the reference count is expected to be incremented unconditionally. This patch reverts these calls to the original unconditional get_sync call. Reported-by: Heiner Kallweit <hkallweit1@gmail.com> Fixes: 747bf30fd944 ("crypto: stm32/cryp - Fix PM reference leak...") Fixes: 1cb3ad701970 ("crypto: stm32/hash - Fix PM reference leak...") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-12-11T05:48:06Z Nicolas Toromanoff nicolas.toromanoff@foss.st.com 2021-11-30T07:55:01Z urn:sha1:95fe2253cc1ad65d7f140d1944fa1b5d3c67abc0 The CRYP IP checks the written key depending of the configuration, it's safer to write the whole configuration to hardware then the key to avoid unexpected key rejection. Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-12-11T05:48:06Z Nicolas Toromanoff nicolas.toromanoff@foss.st.com 2021-11-30T07:55:00Z urn:sha1:4b898d5cfa4d9a0ad5bc82cb5eafdc092394c6a9 Extra crypto manager auto test were crashing or failling due to 2 reasons: - block in a dead loop (dues to issues in cipher end process management) - crash due to read/write unmapped memory (this crash was also reported when using openssl afalg engine) Rework interrupt management, interrupts are masked as soon as they are no more used: if input buffer is fully consumed, "Input FIFO not full" interrupt is masked and if output buffer is full, "Output FIFO not empty" interrupt is masked. And crypto request finish when input *and* outpout buffer are fully read/write. About the crash due to unmapped memory, using scatterwalk_copychunks() that will map and copy each block fix the issue. Using this api and copying full block will also fix unaligned data access, avoid early copy of in/out buffer, and make useless the extra alignment constraint. Fixes: 9e054ec21ef8 ("crypto: stm32 - Support for STM32 CRYP crypto module") Reported-by: Marek Vasut <marex@denx.de> Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-12-11T05:48:06Z Nicolas Toromanoff nicolas.toromanoff@foss.st.com 2021-11-30T07:54:59Z urn:sha1:fa97dc2d48b476ea98199d808d3248d285987e99 This fixes the lrw autotest if lrw uses the CRYP as the AES block cipher provider (as ecb(aes)). At end of request, CRYP should not update the IV in case of ECB chaining mode. Indeed the ECB chaining mode never uses the IV, but the software LRW chaining mode uses the IV field as a counter and due to the (unexpected) update done by CRYP while the AES block process, the counter get a wrong value when the IV overflow. Fixes: 5f49f18d27cd ("crypto: stm32/cryp - update to return iv_out") Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-12-11T05:48:06Z Nicolas Toromanoff nicolas.toromanoff@foss.st.com 2021-11-30T07:54:58Z urn:sha1:6c12e742785bf9333faf60bfb96575bdd763448e Delete extraneous lines in probe error handling code: pm was disabled twice. Fixes: 65f9aa36ee47 ("crypto: stm32/cryp - Add power management support") Reported-by: Marek Vasut <marex@denx.de> Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-12-11T05:48:06Z Nicolas Toromanoff nicolas.toromanoff@foss.st.com 2021-11-30T07:54:57Z urn:sha1:39e6e699c7fb92bdb2617b596ca4a4ea35c5d2a7 Some auto tests failed because driver wasn't returning the expected error with some input size/iv value/tag size. Now: Return 0 early for empty buffer. (We don't need to start the engine for an empty input buffer). Accept any valid authsize for gcm(aes). Return -EINVAL if iv for ccm(aes) is invalid. Return -EINVAL if buffer size is a not a multiple of algorithm block size. Fixes: 9e054ec21ef8 ("crypto: stm32 - Support for STM32 CRYP crypto module") Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-12-11T05:48:05Z Nicolas Toromanoff nicolas.toromanoff@foss.st.com 2021-11-30T07:54:56Z urn:sha1:d703c7a994ee34b7fa89baf21631fca0aa9f17fc Don't erase key: If key is erased before the crypto_finalize_.*_request() call, some pending process will run with a key={ 0 }. Moreover if the key is reset at end of request, it breaks xts chaining mode, as for last xts block (in case input len is not a multiple of block) a new AES request is started without calling again set_key(). Fixes: 9e054ec21ef8 ("crypto: stm32 - Support for STM32 CRYP crypto module") Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-12-11T05:48:05Z Nicolas Toromanoff nicolas.toromanoff@foss.st.com 2021-11-30T07:54:55Z urn:sha1:41c76690b0990efacd15d35cfb4e77318cd80ebb STM32 CRYP hardware doesn't manage CTR counter bigger than max U32, as a workaround, at each block the current IV is saved, if the saved IV lower u32 is 0xFFFFFFFF, the full IV is manually incremented, and set in hardware. Fixes: bbb2832620ac ("crypto: stm32 - Fix sparse warnings") Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>