[bug report] crypto: hisilicon - SEC security accelerator driver
Hello Jonathan Cameron, The patch 915e4e8413da: "crypto: hisilicon - SEC security accelerator driver" from Jul 23, 2018, leads to the following static checker warning: drivers/crypto/hisilicon/sec/sec_algs.c:865 sec_alg_skcipher_crypto() error: double free of 'split_sizes' drivers/crypto/hisilicon/sec/sec_algs.c 808 809 /* Cleanup - all elements in pointer arrays have been coppied */ 810 kfree(splits_in_nents); 811 kfree(splits_in); 812 kfree(splits_out_nents); 813 kfree(splits_out); 814 kfree(split_sizes); ^^^ Free 815 816 /* Grab a big lock for a long time to avoid concurrency issues */ 817 mutex_lock(>queuelock); 818 819 /* 820 * Can go on to queue if we have space in either: 821 * 1) The hardware queue and no software queue 822 * 2) The software queue 823 * AND there is nothing in the backlog. If there is backlog we 824 * have to only queue to the backlog queue and return busy. 825 */ 826 if ((!sec_queue_can_enqueue(queue, steps) && 827 (!queue->havesoftqueue || 828kfifo_avail(>softqueue) > steps)) || 829 !list_empty(>backlog)) { 830 if ((skreq->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) { 831 list_add_tail(_req->backlog_head, >backlog); 832 mutex_unlock(>queuelock); 833 return -EBUSY; 834 } 835 836 ret = -EBUSY; 837 mutex_unlock(>queuelock); 838 goto err_free_elements; ^^ 839 } 840 ret = sec_send_request(sec_req, queue); 841 mutex_unlock(>queuelock); 842 if (ret) 843 goto err_free_elements; ^^ 844 845 return -EINPROGRESS; 846 847 err_free_elements: 848 list_for_each_entry_safe(el, temp, _req->elements, head) { 849 list_del(>head); 850 sec_alg_free_el(el, info); 851 } 852 if (crypto_skcipher_ivsize(atfm)) 853 dma_unmap_single(info->dev, sec_req->dma_iv, 854 crypto_skcipher_ivsize(atfm), 855 DMA_BIDIRECTIONAL); 856 err_unmap_out_sg: 857 if (skreq->src != skreq->dst) 858 sec_unmap_sg_on_err(skreq->dst, steps, splits_out, 859 splits_out_nents, sec_req->len_out, 860 info->dev); 861 err_unmap_in_sg: 862 sec_unmap_sg_on_err(skreq->src, steps, splits_in, splits_in_nents, 863 sec_req->len_in, info->dev); 864 err_free_split_sizes: 865 kfree(split_sizes); ^^^ Double free. 866 867 return ret; 868 } regards, dan carpenter
Hello,Your Response Is Needed Urgently
-- Hello I am Craig Donaldson, the personal account office to our late customer with our Bank Name Withheld for security reasons, a national of your country, who used to work with Shell Oil - development company in here in UK as a contractor. On the 21st of April 2016, my client, his wife and their three children were involved in a car accident which all occupants of the vehicle unfortunately lost their lives including his wife and two children. Since then I have made several inquiries to your embassy to locate any of my customer's extended relatives. After these several unsuccessful attempts, I decided to track his last name over the Internet, to locate any member of his family or who can stand a chance to claim the funds as his next of kind with me as a deal hence I have all the documents that may be require to prove you as his relative by our bank management, hence I contacted you. Kindly get back to me with your details to enable me give you more details in this regard. Regards Craig Donaldson
[PATCH 1/4] crypto: caam/jr - remove ablkcipher IV generation
IV generation is done only at AEAD level. Support in ablkcipher is not needed, thus remove the dead code. Link: https://www.mail-archive.com/search?l=mid=20160901101257.ga3...@gondor.apana.org.au Signed-off-by: Horia Geantă --- drivers/crypto/caam/caamalg.c | 275 ++ 1 file changed, 11 insertions(+), 264 deletions(-) diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index d67667970f7e..b23730c07fda 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -102,11 +102,9 @@ struct caam_aead_alg { struct caam_ctx { u32 sh_desc_enc[DESC_MAX_USED_LEN]; u32 sh_desc_dec[DESC_MAX_USED_LEN]; - u32 sh_desc_givenc[DESC_MAX_USED_LEN]; u8 key[CAAM_MAX_KEY_SIZE]; dma_addr_t sh_desc_enc_dma; dma_addr_t sh_desc_dec_dma; - dma_addr_t sh_desc_givenc_dma; dma_addr_t key_dma; enum dma_data_direction dir; struct device *jrdev; @@ -703,13 +701,6 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher, dma_sync_single_for_device(jrdev, ctx->sh_desc_dec_dma, desc_bytes(desc), ctx->dir); - /* ablkcipher_givencrypt shared descriptor */ - desc = ctx->sh_desc_givenc; - cnstr_shdsc_ablkcipher_givencap(desc, >cdata, ivsize, is_rfc3686, - ctx1_iv_off); - dma_sync_single_for_device(jrdev, ctx->sh_desc_givenc_dma, - desc_bytes(desc), ctx->dir); - return 0; } @@ -769,7 +760,6 @@ struct aead_edesc { * @src_nents: number of segments in input s/w scatterlist * @dst_nents: number of segments in output s/w scatterlist * @iv_dma: dma address of iv for checking continuity and link table - * @iv_dir: DMA mapping direction for IV * @sec4_sg_bytes: length of dma mapped sec4_sg space * @sec4_sg_dma: bus physical mapped address of h/w link table * @sec4_sg: pointer to h/w link table @@ -780,7 +770,6 @@ struct ablkcipher_edesc { int src_nents; int dst_nents; dma_addr_t iv_dma; - enum dma_data_direction iv_dir; int sec4_sg_bytes; dma_addr_t sec4_sg_dma; struct sec4_sg_entry *sec4_sg; @@ -790,8 +779,7 @@ struct ablkcipher_edesc { static void caam_unmap(struct device *dev, struct scatterlist *src, struct scatterlist *dst, int src_nents, int dst_nents, - dma_addr_t iv_dma, int ivsize, - enum dma_data_direction iv_dir, dma_addr_t sec4_sg_dma, + dma_addr_t iv_dma, int ivsize, dma_addr_t sec4_sg_dma, int sec4_sg_bytes) { if (dst != src) { @@ -803,7 +791,7 @@ static void caam_unmap(struct device *dev, struct scatterlist *src, } if (iv_dma) - dma_unmap_single(dev, iv_dma, ivsize, iv_dir); + dma_unmap_single(dev, iv_dma, ivsize, DMA_TO_DEVICE); if (sec4_sg_bytes) dma_unmap_single(dev, sec4_sg_dma, sec4_sg_bytes, DMA_TO_DEVICE); @@ -814,7 +802,7 @@ static void aead_unmap(struct device *dev, struct aead_request *req) { caam_unmap(dev, req->src, req->dst, - edesc->src_nents, edesc->dst_nents, 0, 0, DMA_NONE, + edesc->src_nents, edesc->dst_nents, 0, 0, edesc->sec4_sg_dma, edesc->sec4_sg_bytes); } @@ -827,7 +815,7 @@ static void ablkcipher_unmap(struct device *dev, caam_unmap(dev, req->src, req->dst, edesc->src_nents, edesc->dst_nents, - edesc->iv_dma, ivsize, edesc->iv_dir, + edesc->iv_dma, ivsize, edesc->sec4_sg_dma, edesc->sec4_sg_bytes); } @@ -916,18 +904,6 @@ static void ablkcipher_encrypt_done(struct device *jrdev, u32 *desc, u32 err, scatterwalk_map_and_copy(req->info, req->dst, req->nbytes - ivsize, ivsize, 0); - /* In case initial IV was generated, copy it in GIVCIPHER request */ - if (edesc->iv_dir == DMA_FROM_DEVICE) { - u8 *iv; - struct skcipher_givcrypt_request *greq; - - greq = container_of(req, struct skcipher_givcrypt_request, - creq); - iv = (u8 *)edesc->hw_desc + desc_bytes(edesc->hw_desc) + -edesc->sec4_sg_bytes; - memcpy(greq->giv, iv, ivsize); - } - kfree(edesc); ablkcipher_request_complete(req, err); @@ -1148,47 +1124,6 @@ static void init_ablkcipher_job(u32 *sh_desc, dma_addr_t ptr, append_seq_out_ptr(desc, dst_dma, req->nbytes, out_options); } -/* - * Fill in ablkcipher givencrypt job descriptor - */ -static void init_ablkcipher_giv_job(u32 *sh_desc, dma_addr_t ptr, - struct ablkcipher_edesc
[PATCH 4/4] crypto: caam/qi - ablkcipher -> skcipher conversion
Convert driver from deprecated ablkcipher API to skcipher. Link: https://www.mail-archive.com/search?l=mid=20170728085622.gc19...@gondor.apana.org.au Signed-off-by: Horia Geantă --- drivers/crypto/caam/caamalg.c | 12 +- drivers/crypto/caam/caamalg_desc.c | 61 +++--- drivers/crypto/caam/caamalg_desc.h | 24 +-- drivers/crypto/caam/caamalg_qi.c | 373 + 4 files changed, 217 insertions(+), 253 deletions(-) diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index c6e3c8ad6d2d..8152c6319c57 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -693,15 +693,15 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, /* skcipher_encrypt shared descriptor */ desc = ctx->sh_desc_enc; - cnstr_shdsc_ablkcipher_encap(desc, >cdata, ivsize, is_rfc3686, -ctx1_iv_off); + cnstr_shdsc_skcipher_encap(desc, >cdata, ivsize, is_rfc3686, + ctx1_iv_off); dma_sync_single_for_device(jrdev, ctx->sh_desc_enc_dma, desc_bytes(desc), ctx->dir); /* skcipher_decrypt shared descriptor */ desc = ctx->sh_desc_dec; - cnstr_shdsc_ablkcipher_decap(desc, >cdata, ivsize, is_rfc3686, -ctx1_iv_off); + cnstr_shdsc_skcipher_decap(desc, >cdata, ivsize, is_rfc3686, + ctx1_iv_off); dma_sync_single_for_device(jrdev, ctx->sh_desc_dec_dma, desc_bytes(desc), ctx->dir); @@ -727,13 +727,13 @@ static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, /* xts_skcipher_encrypt shared descriptor */ desc = ctx->sh_desc_enc; - cnstr_shdsc_xts_ablkcipher_encap(desc, >cdata); + cnstr_shdsc_xts_skcipher_encap(desc, >cdata); dma_sync_single_for_device(jrdev, ctx->sh_desc_enc_dma, desc_bytes(desc), ctx->dir); /* xts_skcipher_decrypt shared descriptor */ desc = ctx->sh_desc_dec; - cnstr_shdsc_xts_ablkcipher_decap(desc, >cdata); + cnstr_shdsc_xts_skcipher_decap(desc, >cdata); dma_sync_single_for_device(jrdev, ctx->sh_desc_dec_dma, desc_bytes(desc), ctx->dir); diff --git a/drivers/crypto/caam/caamalg_desc.c b/drivers/crypto/caam/caamalg_desc.c index f70b0877274c..3f217093a219 100644 --- a/drivers/crypto/caam/caamalg_desc.c +++ b/drivers/crypto/caam/caamalg_desc.c @@ -1,7 +1,7 @@ /* - * Shared descriptors for aead, ablkcipher algorithms + * Shared descriptors for aead, skcipher algorithms * - * Copyright 2016 NXP + * Copyright 2016-2018 NXP */ #include "compat.h" @@ -1212,11 +1212,8 @@ void cnstr_shdsc_rfc4543_decap(u32 * const desc, struct alginfo *cdata, } EXPORT_SYMBOL(cnstr_shdsc_rfc4543_decap); -/* - * For ablkcipher encrypt and decrypt, read from req->src and - * write to req->dst - */ -static inline void ablkcipher_append_src_dst(u32 *desc) +/* For skcipher encrypt and decrypt, read from req->src and write to req->dst */ +static inline void skcipher_append_src_dst(u32 *desc) { append_math_add(desc, VARSEQOUTLEN, SEQINLEN, REG0, CAAM_CMD_SZ); append_math_add(desc, VARSEQINLEN, SEQINLEN, REG0, CAAM_CMD_SZ); @@ -1226,7 +1223,7 @@ static inline void ablkcipher_append_src_dst(u32 *desc) } /** - * cnstr_shdsc_ablkcipher_encap - ablkcipher encapsulation shared descriptor + * cnstr_shdsc_skcipher_encap - skcipher encapsulation shared descriptor * @desc: pointer to buffer used for descriptor construction * @cdata: pointer to block cipher transform definitions * Valid algorithm values - one of OP_ALG_ALGSEL_{AES, DES, 3DES} ANDed @@ -1235,9 +1232,9 @@ static inline void ablkcipher_append_src_dst(u32 *desc) * @is_rfc3686: true when ctr(aes) is wrapped by rfc3686 template * @ctx1_iv_off: IV offset in CONTEXT1 register */ -void cnstr_shdsc_ablkcipher_encap(u32 * const desc, struct alginfo *cdata, - unsigned int ivsize, const bool is_rfc3686, - const u32 ctx1_iv_off) +void cnstr_shdsc_skcipher_encap(u32 * const desc, struct alginfo *cdata, + unsigned int ivsize, const bool is_rfc3686, + const u32 ctx1_iv_off) { u32 *key_jump_cmd; @@ -1280,18 +1277,18 @@ void cnstr_shdsc_ablkcipher_encap(u32 * const desc, struct alginfo *cdata, OP_ALG_ENCRYPT); /* Perform operation */ - ablkcipher_append_src_dst(desc); + skcipher_append_src_dst(desc); #ifdef DEBUG print_hex_dump(KERN_ERR, - "ablkcipher enc shdesc@" __stringify(__LINE__)": ", + "skcipher enc shdesc@" __stringify(__LINE__)": ", DUMP_PREFIX_ADDRESS,
[PATCH 3/4] crypto: caam/jr - ablkcipher -> skcipher conversion
Convert driver from deprecated ablkcipher API to skcipher. Link: https://www.mail-archive.com/search?l=mid=20170728085622.gc19...@gondor.apana.org.au Signed-off-by: Horia Geantă --- drivers/crypto/caam/caamalg.c | 448 +++--- drivers/crypto/caam/compat.h | 1 + 2 files changed, 208 insertions(+), 241 deletions(-) diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index b23730c07fda..c6e3c8ad6d2d 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -2,7 +2,7 @@ * caam - Freescale FSL CAAM support for crypto API * * Copyright 2008-2011 Freescale Semiconductor, Inc. - * Copyright 2016 NXP + * Copyright 2016-2018 NXP * * Based on talitos crypto API driver. * @@ -81,8 +81,6 @@ #define debug(format, arg...) #endif -static struct list_head alg_list; - struct caam_alg_entry { int class1_alg_type; int class2_alg_type; @@ -96,6 +94,12 @@ struct caam_aead_alg { bool registered; }; +struct caam_skcipher_alg { + struct skcipher_alg skcipher; + struct caam_alg_entry caam; + bool registered; +}; + /* * per-session context */ @@ -646,20 +650,20 @@ static int rfc4543_setkey(struct crypto_aead *aead, return rfc4543_set_sh_desc(aead); } -static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher, -const u8 *key, unsigned int keylen) +static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, + unsigned int keylen) { - struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher); - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(ablkcipher); - const char *alg_name = crypto_tfm_alg_name(tfm); + struct caam_ctx *ctx = crypto_skcipher_ctx(skcipher); + struct caam_skcipher_alg *alg = + container_of(crypto_skcipher_alg(skcipher), typeof(*alg), +skcipher); struct device *jrdev = ctx->jrdev; - unsigned int ivsize = crypto_ablkcipher_ivsize(ablkcipher); + unsigned int ivsize = crypto_skcipher_ivsize(skcipher); u32 *desc; u32 ctx1_iv_off = 0; const bool ctr_mode = ((ctx->cdata.algtype & OP_ALG_AAI_MASK) == OP_ALG_AAI_CTR_MOD128); - const bool is_rfc3686 = (ctr_mode && -(strstr(alg_name, "rfc3686") != NULL)); + const bool is_rfc3686 = alg->caam.rfc3686; #ifdef DEBUG print_hex_dump(KERN_ERR, "key in @"__stringify(__LINE__)": ", @@ -687,14 +691,14 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher, ctx->cdata.key_virt = key; ctx->cdata.key_inline = true; - /* ablkcipher_encrypt shared descriptor */ + /* skcipher_encrypt shared descriptor */ desc = ctx->sh_desc_enc; cnstr_shdsc_ablkcipher_encap(desc, >cdata, ivsize, is_rfc3686, ctx1_iv_off); dma_sync_single_for_device(jrdev, ctx->sh_desc_enc_dma, desc_bytes(desc), ctx->dir); - /* ablkcipher_decrypt shared descriptor */ + /* skcipher_decrypt shared descriptor */ desc = ctx->sh_desc_dec; cnstr_shdsc_ablkcipher_decap(desc, >cdata, ivsize, is_rfc3686, ctx1_iv_off); @@ -704,16 +708,15 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher, return 0; } -static int xts_ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher, -const u8 *key, unsigned int keylen) +static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, + unsigned int keylen) { - struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher); + struct caam_ctx *ctx = crypto_skcipher_ctx(skcipher); struct device *jrdev = ctx->jrdev; u32 *desc; if (keylen != 2 * AES_MIN_KEY_SIZE && keylen != 2 * AES_MAX_KEY_SIZE) { - crypto_ablkcipher_set_flags(ablkcipher, - CRYPTO_TFM_RES_BAD_KEY_LEN); + crypto_skcipher_set_flags(skcipher, CRYPTO_TFM_RES_BAD_KEY_LEN); dev_err(jrdev, "key size mismatch\n"); return -EINVAL; } @@ -722,13 +725,13 @@ static int xts_ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher, ctx->cdata.key_virt = key; ctx->cdata.key_inline = true; - /* xts_ablkcipher_encrypt shared descriptor */ + /* xts_skcipher_encrypt shared descriptor */ desc = ctx->sh_desc_enc; cnstr_shdsc_xts_ablkcipher_encap(desc, >cdata); dma_sync_single_for_device(jrdev, ctx->sh_desc_enc_dma, desc_bytes(desc), ctx->dir); - /* xts_ablkcipher_decrypt shared descriptor */ + /* xts_skcipher_decrypt shared descriptor */ desc = ctx->sh_desc_dec;
[PATCH 2/4] crypto: caam/qi - remove ablkcipher IV generation
IV generation is done only at AEAD level. Support in ablkcipher is not needed, thus remove the dead code. Link: https://www.mail-archive.com/search?l=mid=20160901101257.ga3...@gondor.apana.org.a Signed-off-by: Horia Geantă --- drivers/crypto/caam/caamalg_desc.c | 81 drivers/crypto/caam/caamalg_desc.h | 4 - drivers/crypto/caam/caamalg_qi.c | 261 +++-- drivers/crypto/caam/qi.h | 1 - 4 files changed, 20 insertions(+), 327 deletions(-) diff --git a/drivers/crypto/caam/caamalg_desc.c b/drivers/crypto/caam/caamalg_desc.c index a408edd84f34..f70b0877274c 100644 --- a/drivers/crypto/caam/caamalg_desc.c +++ b/drivers/crypto/caam/caamalg_desc.c @@ -1358,87 +1358,6 @@ void cnstr_shdsc_ablkcipher_decap(u32 * const desc, struct alginfo *cdata, } EXPORT_SYMBOL(cnstr_shdsc_ablkcipher_decap); -/** - * cnstr_shdsc_ablkcipher_givencap - ablkcipher encapsulation shared descriptor - * with HW-generated initialization vector. - * @desc: pointer to buffer used for descriptor construction - * @cdata: pointer to block cipher transform definitions - * Valid algorithm values - one of OP_ALG_ALGSEL_{AES, DES, 3DES} ANDed - * with OP_ALG_AAI_CBC. - * @ivsize: initialization vector size - * @is_rfc3686: true when ctr(aes) is wrapped by rfc3686 template - * @ctx1_iv_off: IV offset in CONTEXT1 register - */ -void cnstr_shdsc_ablkcipher_givencap(u32 * const desc, struct alginfo *cdata, -unsigned int ivsize, const bool is_rfc3686, -const u32 ctx1_iv_off) -{ - u32 *key_jump_cmd, geniv; - - init_sh_desc(desc, HDR_SHARE_SERIAL | HDR_SAVECTX); - /* Skip if already shared */ - key_jump_cmd = append_jump(desc, JUMP_JSL | JUMP_TEST_ALL | - JUMP_COND_SHRD); - - /* Load class1 key only */ - append_key_as_imm(desc, cdata->key_virt, cdata->keylen, - cdata->keylen, CLASS_1 | KEY_DEST_CLASS_REG); - - /* Load Nonce into CONTEXT1 reg */ - if (is_rfc3686) { - const u8 *nonce = cdata->key_virt + cdata->keylen; - - append_load_as_imm(desc, nonce, CTR_RFC3686_NONCE_SIZE, - LDST_CLASS_IND_CCB | - LDST_SRCDST_BYTE_OUTFIFO | LDST_IMM); - append_move(desc, MOVE_WAITCOMP | MOVE_SRC_OUTFIFO | - MOVE_DEST_CLASS1CTX | (16 << MOVE_OFFSET_SHIFT) | - (CTR_RFC3686_NONCE_SIZE << MOVE_LEN_SHIFT)); - } - set_jump_tgt_here(desc, key_jump_cmd); - - /* Generate IV */ - geniv = NFIFOENTRY_STYPE_PAD | NFIFOENTRY_DEST_DECO | - NFIFOENTRY_DTYPE_MSG | NFIFOENTRY_LC1 | NFIFOENTRY_PTYPE_RND | - (ivsize << NFIFOENTRY_DLEN_SHIFT); - append_load_imm_u32(desc, geniv, LDST_CLASS_IND_CCB | - LDST_SRCDST_WORD_INFO_FIFO | LDST_IMM); - append_cmd(desc, CMD_LOAD | DISABLE_AUTO_INFO_FIFO); - append_move(desc, MOVE_WAITCOMP | MOVE_SRC_INFIFO | - MOVE_DEST_CLASS1CTX | (ivsize << MOVE_LEN_SHIFT) | - (ctx1_iv_off << MOVE_OFFSET_SHIFT)); - append_cmd(desc, CMD_LOAD | ENABLE_AUTO_INFO_FIFO); - - /* Copy generated IV to memory */ - append_seq_store(desc, ivsize, LDST_SRCDST_BYTE_CONTEXT | -LDST_CLASS_1_CCB | (ctx1_iv_off << LDST_OFFSET_SHIFT)); - - /* Load Counter into CONTEXT1 reg */ - if (is_rfc3686) - append_load_imm_be32(desc, 1, LDST_IMM | LDST_CLASS_1_CCB | -LDST_SRCDST_BYTE_CONTEXT | -((ctx1_iv_off + CTR_RFC3686_IV_SIZE) << - LDST_OFFSET_SHIFT)); - - if (ctx1_iv_off) - append_jump(desc, JUMP_JSL | JUMP_TEST_ALL | JUMP_COND_NCP | - (1 << JUMP_OFFSET_SHIFT)); - - /* Load operation */ - append_operation(desc, cdata->algtype | OP_ALG_AS_INITFINAL | -OP_ALG_ENCRYPT); - - /* Perform operation */ - ablkcipher_append_src_dst(desc); - -#ifdef DEBUG - print_hex_dump(KERN_ERR, - "ablkcipher givenc shdesc@" __stringify(__LINE__) ": ", - DUMP_PREFIX_ADDRESS, 16, 4, desc, desc_bytes(desc), 1); -#endif -} -EXPORT_SYMBOL(cnstr_shdsc_ablkcipher_givencap); - /** * cnstr_shdsc_xts_ablkcipher_encap - xts ablkcipher encapsulation shared *descriptor diff --git a/drivers/crypto/caam/caamalg_desc.h b/drivers/crypto/caam/caamalg_desc.h index a917af5776ce..f726f54a05b8 100644 --- a/drivers/crypto/caam/caamalg_desc.h +++ b/drivers/crypto/caam/caamalg_desc.h @@ -104,10 +104,6 @@ void cnstr_shdsc_ablkcipher_decap(u32 * const desc, struct alginfo *cdata,
[PATCH 0/4] crypto: caam - ablkcipher -> skcipher conversion
This patch set converts caam/jr and caam/qi top level drivers from ablkcipher API to skcipher. First two patches remove the unused ablkcipher algorithms with support for IV generation. The following two patches deal with the conversion. Note: There is a dependency for the patch set - a fix sent separately: "crypto: caam/qi - fix error path in xts setkey" https://patchwork.kernel.org/patch/10557015 Horia Geantă (4): crypto: caam/jr - remove ablkcipher IV generation crypto: caam/qi - remove ablkcipher IV generation crypto: caam/jr - ablkcipher -> skcipher conversion crypto: caam/qi - ablkcipher -> skcipher conversion drivers/crypto/caam/caamalg.c | 729 +++-- drivers/crypto/caam/caamalg_desc.c | 142 ++-- drivers/crypto/caam/caamalg_desc.h | 28 +- drivers/crypto/caam/caamalg_qi.c | 626 ++- drivers/crypto/caam/compat.h | 1 + drivers/crypto/caam/qi.h | 1 - 6 files changed, 449 insertions(+), 1078 deletions(-) -- 2.16.2
[PATCH] crypto: caam - fix DMA mapping direction for RSA forms 2 & 3
Crypto engine needs some temporary locations in external memory for running RSA decrypt forms 2 and 3 (CRT). These are named "tmp1" and "tmp2" in the PDB. Update DMA mapping direction of tmp1 and tmp2 from TO_DEVICE to BIDIRECTIONAL, since engine needs r/w access. Cc: # 4.13+ Fixes: 52e26d77b8b3 ("crypto: caam - add support for RSA key form 2") Fixes: 4a651b122adb ("crypto: caam - add support for RSA key form 3") Signed-off-by: Horia Geantă --- drivers/crypto/caam/caampkc.c | 20 ++-- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c index 578ea63a3109..f26d62e5533a 100644 --- a/drivers/crypto/caam/caampkc.c +++ b/drivers/crypto/caam/caampkc.c @@ -71,8 +71,8 @@ static void rsa_priv_f2_unmap(struct device *dev, struct rsa_edesc *edesc, dma_unmap_single(dev, pdb->d_dma, key->d_sz, DMA_TO_DEVICE); dma_unmap_single(dev, pdb->p_dma, p_sz, DMA_TO_DEVICE); dma_unmap_single(dev, pdb->q_dma, q_sz, DMA_TO_DEVICE); - dma_unmap_single(dev, pdb->tmp1_dma, p_sz, DMA_TO_DEVICE); - dma_unmap_single(dev, pdb->tmp2_dma, q_sz, DMA_TO_DEVICE); + dma_unmap_single(dev, pdb->tmp1_dma, p_sz, DMA_BIDIRECTIONAL); + dma_unmap_single(dev, pdb->tmp2_dma, q_sz, DMA_BIDIRECTIONAL); } static void rsa_priv_f3_unmap(struct device *dev, struct rsa_edesc *edesc, @@ -90,8 +90,8 @@ static void rsa_priv_f3_unmap(struct device *dev, struct rsa_edesc *edesc, dma_unmap_single(dev, pdb->dp_dma, p_sz, DMA_TO_DEVICE); dma_unmap_single(dev, pdb->dq_dma, q_sz, DMA_TO_DEVICE); dma_unmap_single(dev, pdb->c_dma, p_sz, DMA_TO_DEVICE); - dma_unmap_single(dev, pdb->tmp1_dma, p_sz, DMA_TO_DEVICE); - dma_unmap_single(dev, pdb->tmp2_dma, q_sz, DMA_TO_DEVICE); + dma_unmap_single(dev, pdb->tmp1_dma, p_sz, DMA_BIDIRECTIONAL); + dma_unmap_single(dev, pdb->tmp2_dma, q_sz, DMA_BIDIRECTIONAL); } /* RSA Job Completion handler */ @@ -417,13 +417,13 @@ static int set_rsa_priv_f2_pdb(struct akcipher_request *req, goto unmap_p; } - pdb->tmp1_dma = dma_map_single(dev, key->tmp1, p_sz, DMA_TO_DEVICE); + pdb->tmp1_dma = dma_map_single(dev, key->tmp1, p_sz, DMA_BIDIRECTIONAL); if (dma_mapping_error(dev, pdb->tmp1_dma)) { dev_err(dev, "Unable to map RSA tmp1 memory\n"); goto unmap_q; } - pdb->tmp2_dma = dma_map_single(dev, key->tmp2, q_sz, DMA_TO_DEVICE); + pdb->tmp2_dma = dma_map_single(dev, key->tmp2, q_sz, DMA_BIDIRECTIONAL); if (dma_mapping_error(dev, pdb->tmp2_dma)) { dev_err(dev, "Unable to map RSA tmp2 memory\n"); goto unmap_tmp1; @@ -451,7 +451,7 @@ static int set_rsa_priv_f2_pdb(struct akcipher_request *req, return 0; unmap_tmp1: - dma_unmap_single(dev, pdb->tmp1_dma, p_sz, DMA_TO_DEVICE); + dma_unmap_single(dev, pdb->tmp1_dma, p_sz, DMA_BIDIRECTIONAL); unmap_q: dma_unmap_single(dev, pdb->q_dma, q_sz, DMA_TO_DEVICE); unmap_p: @@ -504,13 +504,13 @@ static int set_rsa_priv_f3_pdb(struct akcipher_request *req, goto unmap_dq; } - pdb->tmp1_dma = dma_map_single(dev, key->tmp1, p_sz, DMA_TO_DEVICE); + pdb->tmp1_dma = dma_map_single(dev, key->tmp1, p_sz, DMA_BIDIRECTIONAL); if (dma_mapping_error(dev, pdb->tmp1_dma)) { dev_err(dev, "Unable to map RSA tmp1 memory\n"); goto unmap_qinv; } - pdb->tmp2_dma = dma_map_single(dev, key->tmp2, q_sz, DMA_TO_DEVICE); + pdb->tmp2_dma = dma_map_single(dev, key->tmp2, q_sz, DMA_BIDIRECTIONAL); if (dma_mapping_error(dev, pdb->tmp2_dma)) { dev_err(dev, "Unable to map RSA tmp2 memory\n"); goto unmap_tmp1; @@ -538,7 +538,7 @@ static int set_rsa_priv_f3_pdb(struct akcipher_request *req, return 0; unmap_tmp1: - dma_unmap_single(dev, pdb->tmp1_dma, p_sz, DMA_TO_DEVICE); + dma_unmap_single(dev, pdb->tmp1_dma, p_sz, DMA_BIDIRECTIONAL); unmap_qinv: dma_unmap_single(dev, pdb->c_dma, p_sz, DMA_TO_DEVICE); unmap_dq: -- 2.16.2
[PATCH] crypto: caam/qi - fix error path in xts setkey
xts setkey callback returns 0 on some error paths. Fix this by returning -EINVAL. Cc: # 4.12+ Fixes: b189817cf789 ("crypto: caam/qi - add ablkcipher and authenc algorithms") Signed-off-by: Horia Geantă --- drivers/crypto/caam/caamalg_qi.c | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c index 6e61cc93c2b0..d7aa7d7ff102 100644 --- a/drivers/crypto/caam/caamalg_qi.c +++ b/drivers/crypto/caam/caamalg_qi.c @@ -679,10 +679,8 @@ static int xts_ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher, int ret = 0; if (keylen != 2 * AES_MIN_KEY_SIZE && keylen != 2 * AES_MAX_KEY_SIZE) { - crypto_ablkcipher_set_flags(ablkcipher, - CRYPTO_TFM_RES_BAD_KEY_LEN); dev_err(jrdev, "key size mismatch\n"); - return -EINVAL; + goto badkey; } ctx->cdata.keylen = keylen; @@ -715,7 +713,7 @@ static int xts_ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher, return ret; badkey: crypto_ablkcipher_set_flags(ablkcipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return 0; + return -EINVAL; } /* -- 2.16.2
[PATCH] crypto: caam/jr - fix descriptor DMA unmapping
Descriptor address needs to be swapped to CPU endianness before being DMA unmapped. Cc: # 4.8+ Fixes: 261ea058f016 ("crypto: caam - handle core endianness != caam endianness") Reported-by: Laurentiu Tudor Signed-off-by: Horia Geantă --- drivers/crypto/caam/jr.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/caam/jr.c b/drivers/crypto/caam/jr.c index f4f258075b89..acdd72016ffe 100644 --- a/drivers/crypto/caam/jr.c +++ b/drivers/crypto/caam/jr.c @@ -190,7 +190,8 @@ static void caam_jr_dequeue(unsigned long devarg) BUG_ON(CIRC_CNT(head, tail + i, JOBR_DEPTH) <= 0); /* Unmap just-run descriptor so we can post-process */ - dma_unmap_single(dev, jrp->outring[hw_idx].desc, + dma_unmap_single(dev, +caam_dma_to_cpu(jrp->outring[hw_idx].desc), jrp->entinfo[sw_idx].desc_size, DMA_TO_DEVICE); -- 2.16.2
[PATCH] crypto: correct obvious misspelling "cypto-controller"
Signed-off-by: Robert P. J. Day --- diff --git a/Documentation/devicetree/bindings/crypto/rockchip-crypto.txt b/Documentation/devicetree/bindings/crypto/rockchip-crypto.txt index 5e2ba385b8c9..53e39d5f94e7 100644 --- a/Documentation/devicetree/bindings/crypto/rockchip-crypto.txt +++ b/Documentation/devicetree/bindings/crypto/rockchip-crypto.txt @@ -16,7 +16,7 @@ Required properties: Examples: - crypto: cypto-controller@ff8a { + crypto: crypto-controller@ff8a { compatible = "rockchip,rk3288-crypto"; reg = <0xff8a 0x4000>; interrupts = ; diff --git a/arch/arm/boot/dts/rk3288.dtsi b/arch/arm/boot/dts/rk3288.dtsi index d7e49d29ace5..dcfdb2c0d206 100644 --- a/arch/arm/boot/dts/rk3288.dtsi +++ b/arch/arm/boot/dts/rk3288.dtsi @@ -942,7 +942,7 @@ status = "disabled"; }; - crypto: cypto-controller@ff8a { + crypto: crypto-controller@ff8a { compatible = "rockchip,rk3288-crypto"; reg = <0x0 0xff8a 0x0 0x4000>; interrupts = ; rday -- Robert P. J. Day Ottawa, Ontario, CANADA http://crashcourse.ca/dokuwiki Twitter: http://twitter.com/rpjday LinkedIn: http://ca.linkedin.com/in/rpjday
Re: [PATCH v2] crypto: x86/aegis,morus - Fix and simplify CPUID checks
On 03/08/18 13:37, Ondrej Mosnacek wrote: > It turns out I had misunderstood how the x86_match_cpu() function works. > It evaluates a logical OR of the matching conditions, not logical AND. > This caused the CPU feature checks for AEGIS to pass even if only SSE2 > (but not AES-NI) was supported (or vice versa), leading to potential > crashes if something tried to use the registered algs. > > This patch switches the checks to a simpler method that is used e.g. in > the Camellia x86 code. > > The patch also removes the MODULE_DEVICE_TABLE declarations which > actually seem to cause the modules to be auto-loaded at boot, which is > not desired. The crypto API on-demand module loading is sufficient. > > Fixes: 1d373d4e8e15 ("crypto: x86 - Add optimized AEGIS implementations") > Fixes: 6ecc9d9ff91f ("crypto: x86 - Add optimized MORUS implementations") > Signed-off-by: Ondrej Mosnacek I tried this patch on x86_64 with AES-NI and also on system with SSE but without AES-NI and it works as expected now (module is loaded only on demand and optimized one is used if available). If it is worth it, add Tested-by: Milan Broz Any chance it could still reach 4.18? Without this patch it actually crashes kernel on x86_64 without AES-NI but with SSE flags, see https://bugzilla.redhat.com/show_bug.cgi?id=1610180#c4 Thanks, Milan