[PATCH v2 2/2] crypto: scomp - add support for deflate rfc1950 (zlib)

[Giovanni Cabiddu]

Add scomp backend for zlib-deflate compression algorithm.
This backend outputs data using the format defined in rfc1950
(raw deflate surrounded by zlib header and footer).

Signed-off-by: Giovanni Cabiddu 
---
 crypto/deflate.c | 61 -
 crypto/testmgr.c | 10 
 crypto/testmgr.h | 75 
 3 files changed, 129 insertions(+), 17 deletions(-)

diff --git a/crypto/deflate.c b/crypto/deflate.c
index f942cb3..94ec3b3 100644
--- a/crypto/deflate.c
+++ b/crypto/deflate.c
@@ -43,20 +43,24 @@ struct deflate_ctx {
struct z_stream_s decomp_stream;
 };
 
-static int deflate_comp_init(struct deflate_ctx *ctx)
+static int deflate_comp_init(struct deflate_ctx *ctx, int format)
 {
int ret = 0;
struct z_stream_s *stream = >comp_stream;
 
stream->workspace = vzalloc(zlib_deflate_workspacesize(
-   -DEFLATE_DEF_WINBITS, DEFLATE_DEF_MEMLEVEL));
+   MAX_WBITS, MAX_MEM_LEVEL));
if (!stream->workspace) {
ret = -ENOMEM;
goto out;
}
-   ret = zlib_deflateInit2(stream, DEFLATE_DEF_LEVEL, Z_DEFLATED,
-   -DEFLATE_DEF_WINBITS, DEFLATE_DEF_MEMLEVEL,
-   Z_DEFAULT_STRATEGY);
+   if (format)
+   ret = zlib_deflateInit(stream, 3);
+   else
+   ret = zlib_deflateInit2(stream, DEFLATE_DEF_LEVEL, Z_DEFLATED,
+   -DEFLATE_DEF_WINBITS,
+   DEFLATE_DEF_MEMLEVEL,
+   Z_DEFAULT_STRATEGY);
if (ret != Z_OK) {
ret = -EINVAL;
goto out_free;
@@ -68,7 +72,7 @@ static int deflate_comp_init(struct deflate_ctx *ctx)
goto out;
 }
 
-static int deflate_decomp_init(struct deflate_ctx *ctx)
+static int deflate_decomp_init(struct deflate_ctx *ctx, int format)
 {
int ret = 0;
struct z_stream_s *stream = >decomp_stream;
@@ -78,7 +82,10 @@ static int deflate_decomp_init(struct deflate_ctx *ctx)
ret = -ENOMEM;
goto out;
}
-   ret = zlib_inflateInit2(stream, -DEFLATE_DEF_WINBITS);
+   if (format)
+   ret = zlib_inflateInit(stream);
+   else
+   ret = zlib_inflateInit2(stream, -DEFLATE_DEF_WINBITS);
if (ret != Z_OK) {
ret = -EINVAL;
goto out_free;
@@ -102,21 +109,21 @@ static void deflate_decomp_exit(struct deflate_ctx *ctx)
vfree(ctx->decomp_stream.workspace);
 }
 
-static int __deflate_init(void *ctx)
+static int __deflate_init(void *ctx, int format)
 {
int ret;
 
-   ret = deflate_comp_init(ctx);
+   ret = deflate_comp_init(ctx, format);
if (ret)
goto out;
-   ret = deflate_decomp_init(ctx);
+   ret = deflate_decomp_init(ctx, format);
if (ret)
deflate_comp_exit(ctx);
 out:
return ret;
 }
 
-static void *deflate_alloc_ctx(struct crypto_scomp *tfm)
+static void *gen_deflate_alloc_ctx(struct crypto_scomp *tfm, int format)
 {
struct deflate_ctx *ctx;
int ret;
@@ -125,7 +132,7 @@ static void *deflate_alloc_ctx(struct crypto_scomp *tfm)
if (!ctx)
return ERR_PTR(-ENOMEM);
 
-   ret = __deflate_init(ctx);
+   ret = __deflate_init(ctx, format);
if (ret) {
kfree(ctx);
return ERR_PTR(ret);
@@ -134,11 +141,21 @@ static void *deflate_alloc_ctx(struct crypto_scomp *tfm)
return ctx;
 }
 
+static void *deflate_alloc_ctx(struct crypto_scomp *tfm)
+{
+   return gen_deflate_alloc_ctx(tfm, 0);
+}
+
+static void *zlib_deflate_alloc_ctx(struct crypto_scomp *tfm)
+{
+   return gen_deflate_alloc_ctx(tfm, 1);
+}
+
 static int deflate_init(struct crypto_tfm *tfm)
 {
struct deflate_ctx *ctx = crypto_tfm_ctx(tfm);
 
-   return __deflate_init(ctx);
+   return __deflate_init(ctx, 0);
 }
 
 static void __deflate_exit(void *ctx)
@@ -272,7 +289,7 @@ static struct crypto_alg alg = {
.coa_decompress = deflate_decompress } }
 };
 
-static struct scomp_alg scomp = {
+static struct scomp_alg scomp[] = { {
.alloc_ctx  = deflate_alloc_ctx,
.free_ctx   = deflate_free_ctx,
.compress   = deflate_scompress,
@@ -282,7 +299,17 @@ static struct scomp_alg scomp = {
.cra_driver_name = "deflate-scomp",
.cra_module  = THIS_MODULE,
}
-};
+}, {
+   .alloc_ctx  = zlib_deflate_alloc_ctx,
+   .free_ctx   = deflate_free_ctx,
+   .compress   = deflate_scompress,
+   .decompress = deflate_sdecompress,
+   .base   = {
+   .cra_name   = "zlib-deflate",
+

[PATCH v2 1/2] crypto: scomp - allow registration of multiple scomps

[Giovanni Cabiddu]

Add crypto_register_scomps and crypto_unregister_scomps to allow
the registration of multiple implementations with one call.

Signed-off-by: Giovanni Cabiddu 
---
 crypto/scompress.c  | 29 +
 include/crypto/internal/scompress.h |  3 +++
 2 files changed, 32 insertions(+)

diff --git a/crypto/scompress.c b/crypto/scompress.c
index 6b048b3..ae1d3cf 100644
--- a/crypto/scompress.c
+++ b/crypto/scompress.c
@@ -353,5 +353,34 @@ int crypto_unregister_scomp(struct scomp_alg *alg)
 }
 EXPORT_SYMBOL_GPL(crypto_unregister_scomp);
 
+int crypto_register_scomps(struct scomp_alg *algs, int count)
+{
+   int i, ret;
+
+   for (i = 0; i < count; i++) {
+   ret = crypto_register_scomp([i]);
+   if (ret)
+   goto err;
+   }
+
+   return 0;
+
+err:
+   for (--i; i >= 0; --i)
+   crypto_unregister_scomp([i]);
+
+   return ret;
+}
+EXPORT_SYMBOL_GPL(crypto_register_scomps);
+
+void crypto_unregister_scomps(struct scomp_alg *algs, int count)
+{
+   int i;
+
+   for (i = count - 1; i >= 0; --i)
+   crypto_unregister_scomp([i]);
+}
+EXPORT_SYMBOL_GPL(crypto_unregister_scomps);
+
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("Synchronous compression type");
diff --git a/include/crypto/internal/scompress.h 
b/include/crypto/internal/scompress.h
index 3fda3c5..ccad9b2 100644
--- a/include/crypto/internal/scompress.h
+++ b/include/crypto/internal/scompress.h
@@ -133,4 +133,7 @@ int crypto_register_scomp(struct scomp_alg *alg);
  */
 int crypto_unregister_scomp(struct scomp_alg *alg);
 
+int crypto_register_scomps(struct scomp_alg *algs, int count);
+void crypto_unregister_scomps(struct scomp_alg *algs, int count);
+
 #endif
-- 
2.9.3

Re: [RFC PATCH v1 1/1] crypto: algif_compression - User-space interface for compression

[abed mohammad kamaluddin]

Hi Stephan,

On Tue, Apr 18, 2017 at 3:42 PM, Stephan Müller  wrote:
> Am Donnerstag, 13. April 2017, 20:34:54 CEST schrieb Abed Kamaluddin:
>
> May I propose that you look into the patches for skcipher and aead regarding
> memory handling updates that are currently discussed. There you will find the
> sendmsg code with two parts:
>
> 1. checking of the input data of cmsg and setting the ctx respectively.
>
> 2. the big while loop for getting all user space data
>
> I guess you have seen that I would like to consolidate the algif
> implementations once the memory handling patch is in and agreed on. My plan
> is: Bullet 1 will be private to the algif implementation, so leave your code.
> Bullet 2 will be moved into a common service function. Thus, may I propose
> that you simply copy the entire while loop with the same TX data structures
> into your sendmsg code. This way you do not have the mentioned limit.
>
> Also, simply copy the sendpage code from the patch set to support splice/
> vmsplice.
>

Thanks for the suggestions and helpful pointers, I will rework the
patch and incorporate these, hoping that the compression interface
will be exported. These changes would also remain unaffected by any
changes to the acomp interface.

Thanks
Abed (Cavium)
Regards,

Re: [RFC PATCH v1 1/1] crypto: algif_compression - User-space interface for compression

[Stephan Müller]

Am Freitag, 21. April 2017, 17:42:10 CEST schrieb abed mohammad kamaluddin:

Hi abed,

> Hi Stephan,
> 
> On Tue, Apr 18, 2017 at 3:42 PM, Stephan Müller  wrote:
> > Am Donnerstag, 13. April 2017, 20:34:54 CEST schrieb Abed Kamaluddin:
> > 
> > May I propose that you look into the patches for skcipher and aead
> > regarding memory handling updates that are currently discussed. There you
> > will find the sendmsg code with two parts:
> > 
> > 1. checking of the input data of cmsg and setting the ctx respectively.
> > 
> > 2. the big while loop for getting all user space data
> > 
> > I guess you have seen that I would like to consolidate the algif
> > implementations once the memory handling patch is in and agreed on. My
> > plan
> > is: Bullet 1 will be private to the algif implementation, so leave your
> > code. Bullet 2 will be moved into a common service function. Thus, may I
> > propose that you simply copy the entire while loop with the same TX data
> > structures into your sendmsg code. This way you do not have the mentioned
> > limit.
> > 
> > Also, simply copy the sendpage code from the patch set to support splice/
> > vmsplice.
> 
> Thanks for the suggestions and helpful pointers, I will rework the
> patch and incorporate these, hoping that the compression interface
> will be exported. These changes would also remain unaffected by any
> changes to the acomp interface.

Just diff the just RFCed algif_kpp with the proposed patch set for 
algif_skcipher and algif_aead. There you will see that 80% of all code is 
identical (if you disregard the different namespace). And that is the code I 
am referring to.
> 
> Thanks
> Abed (Cavium)
> Regards,



Ciao
Stephan

Re: [PATCH] crypto: Allow ecb(cipher_null) in FIPS mode

[Stephan Müller]

Am Freitag, 21. April 2017, 17:25:41 CEST schrieb Stephan Müller:

Hi,

> 
> Acked-by: Stephan Müller 

Just for the records: for FIPS 140-2 rules, cipher_null is to be interpreted 
as a memcpy on SGLs. Thus it is no cipher even though it sounds like one.

cipher_null is also needed for seqiv which is required for rfc4106(gcm(aes)), 
which is an approved cipher. Also, it is needed for authenc() which uses it 
for copying the AAD from src to dst.

That said, cipher_null must not be used for "encryption" operation but rather 
for handling data that is not subjected to FIPS 140-2 rules.

Ciao
Stephan

Re: [PATCH 2/2] n2rng: Combine substrings for two messages in n2rng_probe()

[Joe Perches]

On Fri, 2017-04-21 at 19:36 +0800, Herbert Xu wrote:
> On Wed, Apr 19, 2017 at 11:11:35AM +0200, SF Markus Elfring wrote:
> > From: Markus Elfring 
> > Date: Wed, 19 Apr 2017 10:50:04 +0200
> > 
> > The script "checkpatch.pl" pointed information out like the following.
> > 
> > WARNING: quoted string split across lines
> > 
> > Thus fix the affected source code places.
> > 
> > Signed-off-by: Markus Elfring 
> 
> This patch doesn't seem to add any value so I'm not taking it.

Your choice.

The general reason to merge strings is in CodingStyle

2) Breaking long lines and strings
[]
never break user-visible strings such as
printk messages, because that breaks the ability to grep for them.

Re: [PATCH] crypto: Allow ecb(cipher_null) in FIPS mode

[Stephan Müller]

Am Freitag, 21. April 2017, 14:18:20 CEST schrieb Herbert Xu:

Hi Herbert,

> Milan Broz  wrote:
> > The cipher_null is not a real cipher, FIPS mode should not restrict its
> > use.
> > 
> > It is used for several tests (for example in cryptsetup testsuite) and
> > also
> > temporarily for reencryption of not yet encrypted device in
> > cryptsetup-reencrypt tool.
> > 
> > Problem is easily reproducible with
> > 
> >  cryptsetup benchmark -c null
> > 
> > Signed-off-by: Milan Broz 
> 
> Stephan?

Acked-by: Stephan Müller 

Ciao
Stephan

Re: [PATCH 2/2] n2rng: Combine substrings for two messages in n2rng_probe()

[David Miller]

From: Herbert Xu 
Date: Fri, 21 Apr 2017 19:36:41 +0800

> On Wed, Apr 19, 2017 at 11:11:35AM +0200, SF Markus Elfring wrote:
>> From: Markus Elfring 
>> Date: Wed, 19 Apr 2017 10:50:04 +0200
>> 
>> The script "checkpatch.pl" pointed information out like the following.
>> 
>> WARNING: quoted string split across lines
>> 
>> Thus fix the affected source code places.
>> 
>> Signed-off-by: Markus Elfring 
> 
> This patch doesn't seem to add any value so I'm not taking it.
> 
> Please don't send patches based purely on a checkpatch complaint.

Thank you Herbert.

Re: [PATCH] crypto: algif_aead - Require setkey before accept(2)

[Stephan Müller]

Am Freitag, 21. April 2017, 13:11:27 CEST schrieb Herbert Xu:

Hi Herbert,

> Please don't mix unrelated cleanups like this with the real change.
>  It makes reviewing harder than necessary.

Apologies. I will resend it shortly.


Ciao
Stephan

Re: [RFC PATCH v1 1/1] crypto: algif_compression - User-space interface for compression

[abed mohammad kamaluddin]

On Fri, Apr 21, 2017 at 9:20 PM, Stephan Müller  wrote:
> Am Freitag, 21. April 2017, 17:42:10 CEST schrieb abed mohammad kamaluddin:
>
> Just diff the just RFCed algif_kpp with the proposed patch set for
> algif_skcipher and algif_aead. There you will see that 80% of all code is
> identical (if you disregard the different namespace). And that is the code I
> am referring to.
>
> Ciao
> Stephan

Thanks, I will use the pointer. Considering all the identical code,
the proposal to consolidate would definitely help!

Thanks,
Abed

Re: [PATCH] crypto: algif_aead - Require setkey before accept(2)

[Stephan Müller]

Am Freitag, 21. April 2017, 13:11:27 CEST schrieb Herbert Xu:

Hi Herbert,

> On Mon, Apr 10, 2017 at 01:59:21PM +0200, Stephan Müller wrote:
> > @@ -757,12 +887,14 @@ static void aead_sock_destruct(struct sock *sk)
> > 
> > af_alg_release_parent(sk);
> >  
> >  }
> > 
> > -static int aead_accept_parent(void *private, struct sock *sk)
> > +static int aead_accept_parent_nokey(void *private, struct sock *sk)
> > 
> >  {
> >  
> > struct aead_ctx *ctx;
> > struct alg_sock *ask = alg_sk(sk);
> > 
> > -   unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(private);
> > -   unsigned int ivlen = crypto_aead_ivsize(private);
> > +   struct aead_tfm *tfm = private;
> > +   struct crypto_aead *aead = tfm->aead;
> > +   unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(aead);
> > +   unsigned int ivlen = crypto_aead_ivsize(aead);
> > 
> > ctx = sock_kmalloc(sk, len, GFP_KERNEL);
> > if (!ctx)
> > 
> > @@ -789,7 +921,7 @@ static int aead_accept_parent(void *private, struct
> > sock *sk)> 
> > ask->private = ctx;
> > 
> > -   aead_request_set_tfm(>aead_req, private);
> > +   aead_request_set_tfm(>aead_req, aead);
> > 
> > aead_request_set_callback(>aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
> > 
> >   af_alg_complete, >completion);
> 
> Please don't mix unrelated cleanups like this with the real change.
>  It makes reviewing harder than necessary.
> 

After checking again, IMHO that is no unreleated cleanup or even a cleanup at 
all.

void *private used to be struct crypto_aead and is now struct aead_tfm. struct 
crypto_aead is found in private->aead. Hence, the patch assigned private to 
tfm and then obtained the struct crypto_aead pointer. As this was not 
necessary before, it is a required extension IMHO.

Ciao
Stephan

[PATCH 0/2] Change CCP ISR handler model

[Gary R Hook]

he CCP has the ability to perform several operations
simultaneously, but only one interrupt. The current design
exposes a window when using MSI/MSI-X interrupts wherein
state can change but no interrupt is generated; this can
lead to a hang in the engine.  Switch to a tasklet backend
which allows serializing state changes, handles processing
of the interrupts, and avoids the loss of task completion
status.

---

Gary R Hook (2):
  crypto: ccp - Change ISR handler method for a v3 CCP
  crypto: ccp - Change ISR handler method for a v5 CCP


 drivers/crypto/ccp/ccp-dev-v3.c |  120 +++
 drivers/crypto/ccp/ccp-dev-v5.c |  111 ++--
 drivers/crypto/ccp/ccp-dev.h|3 +
 drivers/crypto/ccp/ccp-pci.c|2 +
 4 files changed, 142 insertions(+), 94 deletions(-)

--

[PATCH 2/2] crypto: ccp - Change ISR handler method for a v5 CCP

[Gary R Hook]

The CCP has the ability to perform several operations simultaneously,
but only one interrupt.  When implemented as a PCI device and using
MSI-X/MSI interrupts, use a tasklet model to service interrupts. By
disabling and enabling interrupts from the CCP, coupled with the
queuing that tasklets provide, we can ensure that all events
(occurring on the device) are recognized and serviced.

This change fixes a problem wherein 2 or more busy queues can cause
notification bits to change state while a (CCP) interrupt is being
serviced, but after the queue state has been evaluated. This results
in the event being 'lost' and the queue hanging, waiting to be
serviced. Since the status bits are never fully de-asserted, the
CCP never generates another interrupt (all bits zero -> one or more
bits one), and no further CCP operations will be executed.


Cc:  # 4.9.x+

Signed-off-by: Gary R Hook 
---
 drivers/crypto/ccp/ccp-dev-v5.c |  111 ---
 1 file changed, 67 insertions(+), 44 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index 13b81a1c1184..ccbe32d5dd1c 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -705,6 +705,65 @@ static int ccp_assign_lsbs(struct ccp_device *ccp)
return rc;
 }
 
+static void ccp5_disable_queue_interrupts(struct ccp_device *ccp)
+{
+   unsigned int i;
+
+   for (i = 0; i < ccp->cmd_q_count; i++)
+   iowrite32(0x0, ccp->cmd_q[i].reg_int_enable);
+}
+
+static void ccp5_enable_queue_interrupts(struct ccp_device *ccp)
+{
+   unsigned int i;
+
+   for (i = 0; i < ccp->cmd_q_count; i++)
+   iowrite32(SUPPORTED_INTERRUPTS, ccp->cmd_q[i].reg_int_enable);
+}
+
+static void ccp5_irq_bh(unsigned long data)
+{
+   struct ccp_device *ccp = (struct ccp_device *)data;
+   u32 status;
+   unsigned int i;
+
+   for (i = 0; i < ccp->cmd_q_count; i++) {
+   struct ccp_cmd_queue *cmd_q = >cmd_q[i];
+
+   status = ioread32(cmd_q->reg_interrupt_status);
+
+   if (status) {
+   cmd_q->int_status = status;
+   cmd_q->q_status = ioread32(cmd_q->reg_status);
+   cmd_q->q_int_status = ioread32(cmd_q->reg_int_status);
+
+   /* On error, only save the first error value */
+   if ((status & INT_ERROR) && !cmd_q->cmd_error)
+   cmd_q->cmd_error = CMD_Q_ERROR(cmd_q->q_status);
+
+   cmd_q->int_rcvd = 1;
+
+   /* Acknowledge the interrupt and wake the kthread */
+   iowrite32(status, cmd_q->reg_interrupt_status);
+   wake_up_interruptible(_q->int_queue);
+   }
+   }
+   ccp5_enable_queue_interrupts(ccp);
+}
+
+static irqreturn_t ccp5_irq_handler(int irq, void *data)
+{
+   struct device *dev = data;
+   struct ccp_device *ccp = dev_get_drvdata(dev);
+
+   ccp5_disable_queue_interrupts(ccp);
+   if (ccp->use_tasklet)
+   tasklet_schedule(>irq_tasklet);
+   else
+   ccp5_irq_bh((unsigned long)ccp);
+   return IRQ_HANDLED;
+}
+
 static int ccp5_init(struct ccp_device *ccp)
 {
struct device *dev = ccp->dev;
@@ -789,18 +848,17 @@ static int ccp5_init(struct ccp_device *ccp)
}
 
/* Turn off the queues and disable interrupts until ready */
+   ccp5_disable_queue_interrupts(ccp);
for (i = 0; i < ccp->cmd_q_count; i++) {
cmd_q = >cmd_q[i];
 
cmd_q->qcontrol = 0; /* Start with nothing */
iowrite32(cmd_q->qcontrol, cmd_q->reg_control);
 
-   /* Disable the interrupts */
-   iowrite32(0x00, cmd_q->reg_int_enable);
ioread32(cmd_q->reg_int_status);
ioread32(cmd_q->reg_status);
 
-   /* Clear the interrupts */
+   /* Clear the interrupt status */
iowrite32(SUPPORTED_INTERRUPTS, cmd_q->reg_interrupt_status);
}
 
@@ -811,6 +869,10 @@ static int ccp5_init(struct ccp_device *ccp)
dev_err(dev, "unable to allocate an IRQ\n");
goto e_pool;
}
+   /* Initialize the ISR tasklet */
+   if (ccp->use_tasklet)
+   tasklet_init(>irq_tasklet, ccp5_irq_bh,
+(unsigned long)ccp);
 
dev_dbg(dev, "Loading LSB map...\n");
/* Copy the private LSB mask to the public registers */
@@ -879,11 +941,7 @@ static int ccp5_init(struct ccp_device *ccp)
}
 
dev_dbg(dev, "Enabling interrupts...\n");
-   /* Enable interrupts */
-   for (i = 0; i < ccp->cmd_q_count; i++) {
-   cmd_q = >cmd_q[i];
-   iowrite32(SUPPORTED_INTERRUPTS, cmd_q->reg_int_enable);
-   }
+   ccp5_enable_queue_interrupts(ccp);
 

[PATCH v3 13/29] x86: crypto, annotate local functions

[Jiri Slaby]

Use the newly added SYM_FUNC_START_LOCAL to annotate starts of all
functions which do not have ".globl" annotation, but their ends are
annotated by ENDPROC. This is needed to balance ENDPROC for tools that
are about to generate debuginfo.

We also convert their ENDPROCs to the new SYM_FUNC_END.

Signed-off-by: Jiri Slaby 
Cc: Herbert Xu 
Cc: "David S. Miller" 
Cc: Thomas Gleixner 
Cc: Ingo Molnar 
Cc: "H. Peter Anvin" 
Cc: 
Cc: 
---
 arch/x86/crypto/aesni-intel_asm.S| 49 
 arch/x86/crypto/camellia-aesni-avx-asm_64.S  | 20 ++--
 arch/x86/crypto/camellia-aesni-avx2-asm_64.S | 20 ++--
 arch/x86/crypto/cast5-avx-x86_64-asm_64.S|  8 ++---
 arch/x86/crypto/cast6-avx-x86_64-asm_64.S|  8 ++---
 arch/x86/crypto/ghash-clmulni-intel_asm.S|  4 +--
 arch/x86/crypto/serpent-avx-x86_64-asm_64.S  |  8 ++---
 arch/x86/crypto/serpent-avx2-asm_64.S|  8 ++---
 arch/x86/crypto/twofish-avx-x86_64-asm_64.S  |  8 ++---
 9 files changed, 62 insertions(+), 71 deletions(-)

diff --git a/arch/x86/crypto/aesni-intel_asm.S 
b/arch/x86/crypto/aesni-intel_asm.S
index 3c465184ff8a..da76ae01e791 100644
--- a/arch/x86/crypto/aesni-intel_asm.S
+++ b/arch/x86/crypto/aesni-intel_asm.S
@@ -1746,7 +1746,7 @@ ENDPROC(aesni_gcm_enc)
 
 .align 4
 _key_expansion_128:
-_key_expansion_256a:
+SYM_FUNC_START_LOCAL(_key_expansion_256a)
pshufd $0b, %xmm1, %xmm1
shufps $0b0001, %xmm0, %xmm4
pxor %xmm4, %xmm0
@@ -1757,10 +1757,9 @@ _key_expansion_256a:
add $0x10, TKEYP
ret
 ENDPROC(_key_expansion_128)
-ENDPROC(_key_expansion_256a)
+SYM_FUNC_END(_key_expansion_256a)
 
-.align 4
-_key_expansion_192a:
+SYM_FUNC_START_LOCAL(_key_expansion_192a)
pshufd $0b01010101, %xmm1, %xmm1
shufps $0b0001, %xmm0, %xmm4
pxor %xmm4, %xmm0
@@ -1782,10 +1781,9 @@ _key_expansion_192a:
movaps %xmm1, 0x10(TKEYP)
add $0x20, TKEYP
ret
-ENDPROC(_key_expansion_192a)
+SYM_FUNC_END(_key_expansion_192a)
 
-.align 4
-_key_expansion_192b:
+SYM_FUNC_START_LOCAL(_key_expansion_192b)
pshufd $0b01010101, %xmm1, %xmm1
shufps $0b0001, %xmm0, %xmm4
pxor %xmm4, %xmm0
@@ -1802,10 +1800,9 @@ _key_expansion_192b:
movaps %xmm0, (TKEYP)
add $0x10, TKEYP
ret
-ENDPROC(_key_expansion_192b)
+SYM_FUNC_END(_key_expansion_192b)
 
-.align 4
-_key_expansion_256b:
+SYM_FUNC_START_LOCAL(_key_expansion_256b)
pshufd $0b10101010, %xmm1, %xmm1
shufps $0b0001, %xmm2, %xmm4
pxor %xmm4, %xmm2
@@ -1815,7 +1812,7 @@ _key_expansion_256b:
movaps %xmm2, (TKEYP)
add $0x10, TKEYP
ret
-ENDPROC(_key_expansion_256b)
+SYM_FUNC_END(_key_expansion_256b)
 
 /*
  * int aesni_set_key(struct crypto_aes_ctx *ctx, const u8 *in_key,
@@ -1968,8 +1965,7 @@ ENDPROC(aesni_enc)
  * KEY
  * TKEYP (T1)
  */
-.align 4
-_aesni_enc1:
+SYM_FUNC_START_LOCAL(_aesni_enc1)
movaps (KEYP), KEY  # key
mov KEYP, TKEYP
pxor KEY, STATE # round 0
@@ -2012,7 +2008,7 @@ _aesni_enc1:
movaps 0x70(TKEYP), KEY
AESENCLAST KEY STATE
ret
-ENDPROC(_aesni_enc1)
+SYM_FUNC_END(_aesni_enc1)
 
 /*
  * _aesni_enc4:internal ABI
@@ -2032,8 +2028,7 @@ ENDPROC(_aesni_enc1)
  * KEY
  * TKEYP (T1)
  */
-.align 4
-_aesni_enc4:
+SYM_FUNC_START_LOCAL(_aesni_enc4)
movaps (KEYP), KEY  # key
mov KEYP, TKEYP
pxor KEY, STATE1# round 0
@@ -2121,7 +2116,7 @@ _aesni_enc4:
AESENCLAST KEY STATE3
AESENCLAST KEY STATE4
ret
-ENDPROC(_aesni_enc4)
+SYM_FUNC_END(_aesni_enc4)
 
 /*
  * void aesni_dec (struct crypto_aes_ctx *ctx, u8 *dst, const u8 *src)
@@ -2160,8 +2155,7 @@ ENDPROC(aesni_dec)
  * KEY
  * TKEYP (T1)
  */
-.align 4
-_aesni_dec1:
+SYM_FUNC_START_LOCAL(_aesni_dec1)
movaps (KEYP), KEY  # key
mov KEYP, TKEYP
pxor KEY, STATE # round 0
@@ -2204,7 +2198,7 @@ _aesni_dec1:
movaps 0x70(TKEYP), KEY
AESDECLAST KEY STATE
ret
-ENDPROC(_aesni_dec1)
+SYM_FUNC_END(_aesni_dec1)
 
 /*
  * _aesni_dec4:internal ABI
@@ -2224,8 +2218,7 @@ ENDPROC(_aesni_dec1)
  * KEY
  * TKEYP (T1)
  */
-.align 4
-_aesni_dec4:
+SYM_FUNC_START_LOCAL(_aesni_dec4)
movaps (KEYP), KEY  # key
mov KEYP, TKEYP
pxor KEY, STATE1# round 0
@@ -2313,7 +2306,7 @@ _aesni_dec4:
AESDECLAST KEY STATE3
AESDECLAST KEY STATE4
ret
-ENDPROC(_aesni_dec4)
+SYM_FUNC_END(_aesni_dec4)
 
 /*
  * void aesni_ecb_enc(struct crypto_aes_ctx *ctx, const u8 *dst, u8 *src,
@@ -2591,8 +2584,7 @@ ENDPROC(aesni_cbc_dec)
  * INC:== 1, in little endian
  * BSWAP_MASK == endian 

[PATCH v3 26/29] x86_64: assembly, change all ENTRY to SYM_FUNC_START

[Jiri Slaby]

These are all functions which are invoked from elsewhere, so we annotate
them as global using the new SYM_FUNC_START (and their ENDPROC's by
SYM_FUNC_END.)

And make sure ENTRY/ENDPROC is not defined on X86_64.

Signed-off-by: Jiri Slaby 
Cc: "H. Peter Anvin" 
Cc: Thomas Gleixner 
Cc: Ingo Molnar 
Cc: x...@kernel.org
Cc: Herbert Xu 
Cc: "David S. Miller" 
Cc: "Rafael J. Wysocki" 
Cc: Len Brown 
Cc: Pavel Machek 
Cc: Bill Metzenthen 
Cc: Matt Fleming 
Cc: Ard Biesheuvel 
Cc: Boris Ostrovsky 
Cc: Juergen Gross 
Cc: linux-crypto@vger.kernel.org
Cc: linux...@vger.kernel.org
Cc: linux-...@vger.kernel.org
Cc: xen-de...@lists.xenproject.org
Cc: "David S. Miller" 
Cc: Alexey Kuznetsov 
Cc: James Morris 
Cc: Hideaki YOSHIFUJI 
Cc: Patrick McHardy 
Cc: net...@vger.kernel.org
---
 arch/x86/boot/compressed/efi_thunk_64.S|  4 +-
 arch/x86/boot/compressed/head_64.S | 20 
 arch/x86/boot/copy.S   | 16 +++---
 arch/x86/boot/pmjump.S |  4 +-
 arch/x86/crypto/aes-i586-asm_32.S  |  8 +--
 arch/x86/crypto/aes-x86_64-asm_64.S|  4 +-
 arch/x86/crypto/aes_ctrby8_avx-x86_64.S| 12 ++---
 arch/x86/crypto/aesni-intel_asm.S  | 44 
 arch/x86/crypto/aesni-intel_avx-x86_64.S   | 24 -
 arch/x86/crypto/blowfish-x86_64-asm_64.S   | 16 +++---
 arch/x86/crypto/camellia-aesni-avx-asm_64.S| 24 -
 arch/x86/crypto/camellia-aesni-avx2-asm_64.S   | 24 -
 arch/x86/crypto/camellia-x86_64-asm_64.S   | 16 +++---
 arch/x86/crypto/cast5-avx-x86_64-asm_64.S  | 16 +++---
 arch/x86/crypto/cast6-avx-x86_64-asm_64.S  | 24 -
 arch/x86/crypto/chacha20-avx2-x86_64.S |  4 +-
 arch/x86/crypto/chacha20-ssse3-x86_64.S|  8 +--
 arch/x86/crypto/crc32-pclmul_asm.S |  4 +-
 arch/x86/crypto/crc32c-pcl-intel-asm_64.S  |  4 +-
 arch/x86/crypto/crct10dif-pcl-asm_64.S |  4 +-
 arch/x86/crypto/des3_ede-asm_64.S  |  8 +--
 arch/x86/crypto/ghash-clmulni-intel_asm.S  |  8 +--
 arch/x86/crypto/poly1305-avx2-x86_64.S |  4 +-
 arch/x86/crypto/poly1305-sse2-x86_64.S |  8 +--
 arch/x86/crypto/salsa20-x86_64-asm_64.S| 12 ++---
 arch/x86/crypto/serpent-avx-x86_64-asm_64.S| 24 -
 arch/x86/crypto/serpent-avx2-asm_64.S  | 24 -
 arch/x86/crypto/serpent-sse2-x86_64-asm_64.S   |  8 +--
 arch/x86/crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S   |  8 +--
 arch/x86/crypto/sha1-mb/sha1_mb_mgr_submit_avx2.S  |  4 +-
 arch/x86/crypto/sha1-mb/sha1_x8_avx2.S |  4 +-
 arch/x86/crypto/sha1_avx2_x86_64_asm.S |  4 +-
 arch/x86/crypto/sha1_ni_asm.S  |  4 +-
 arch/x86/crypto/sha1_ssse3_asm.S   |  4 +-
 arch/x86/crypto/sha256-avx-asm.S   |  4 +-
 arch/x86/crypto/sha256-avx2-asm.S  |  4 +-
 .../crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S|  8 +--
 .../crypto/sha256-mb/sha256_mb_mgr_submit_avx2.S   |  4 +-
 arch/x86/crypto/sha256-mb/sha256_x8_avx2.S |  4 +-
 arch/x86/crypto/sha256-ssse3-asm.S |  4 +-
 arch/x86/crypto/sha256_ni_asm.S|  4 +-
 arch/x86/crypto/sha512-avx-asm.S   |  4 +-
 arch/x86/crypto/sha512-avx2-asm.S  |  4 +-
 .../crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S|  8 +--
 .../crypto/sha512-mb/sha512_mb_mgr_submit_avx2.S   |  4 +-
 arch/x86/crypto/sha512-mb/sha512_x4_avx2.S |  4 +-
 arch/x86/crypto/sha512-ssse3-asm.S |  4 +-
 arch/x86/crypto/twofish-avx-x86_64-asm_64.S| 24 -
 arch/x86/crypto/twofish-x86_64-asm_64-3way.S   |  8 +--
 arch/x86/crypto/twofish-x86_64-asm_64.S|  8 +--
 arch/x86/entry/entry_64.S  | 58 +++---
 arch/x86/entry/entry_64_compat.S   | 16 +++---
 arch/x86/kernel/acpi/wakeup_64.S   |  8 +--
 arch/x86/kernel/ftrace_64.S| 24 -
 arch/x86/kernel/head_64.S  | 16 +++---
 arch/x86/lib/checksum_32.S |  8 +--
 arch/x86/lib/clear_page_64.S   | 12 ++---
 arch/x86/lib/cmpxchg16b_emu.S  |  4 +-
 arch/x86/lib/cmpxchg8b_emu.S   |  4 +-
 arch/x86/lib/copy_page_64.S|  4 +-
 arch/x86/lib/copy_user_64.S| 16 +++---
 

[PATCH v3 15/29] x86: assembly, annotate aliases

[Jiri Slaby]

_key_expansion_128 is an alias to _key_expansion_256a, __memcpy to
memcpy, xen_syscall32_target to xen_sysenter_target, and so on. Annotate
them all using the new SYM_FUNC_START_ALIAS, SYM_FUNC_START_LOCAL_ALIAS,
and SYM_FUNC_END_ALIAS. This will make the tools generating the
debuginfo happy.

Signed-off-by: Jiri Slaby 
Cc: Herbert Xu 
Cc: "David S. Miller" 
Cc: Thomas Gleixner 
Cc: Ingo Molnar 
Cc: "H. Peter Anvin" 
Cc: 
Cc: Boris Ostrovsky 
Cc: Juergen Gross 
Reviewed-by: Juergen Gross  [xen parts]
Cc: 
Cc: 
---
 arch/x86/crypto/aesni-intel_asm.S | 5 ++---
 arch/x86/lib/memcpy_64.S  | 4 ++--
 arch/x86/lib/memmove_64.S | 4 ++--
 arch/x86/lib/memset_64.S  | 4 ++--
 arch/x86/xen/xen-asm_64.S | 4 ++--
 5 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/arch/x86/crypto/aesni-intel_asm.S 
b/arch/x86/crypto/aesni-intel_asm.S
index da76ae01e791..3469670df832 100644
--- a/arch/x86/crypto/aesni-intel_asm.S
+++ b/arch/x86/crypto/aesni-intel_asm.S
@@ -1744,8 +1744,7 @@ ENDPROC(aesni_gcm_enc)
 #endif
 
 
-.align 4
-_key_expansion_128:
+SYM_FUNC_START_LOCAL_ALIAS(_key_expansion_128)
 SYM_FUNC_START_LOCAL(_key_expansion_256a)
pshufd $0b, %xmm1, %xmm1
shufps $0b0001, %xmm0, %xmm4
@@ -1756,8 +1755,8 @@ SYM_FUNC_START_LOCAL(_key_expansion_256a)
movaps %xmm0, (TKEYP)
add $0x10, TKEYP
ret
-ENDPROC(_key_expansion_128)
 SYM_FUNC_END(_key_expansion_256a)
+SYM_FUNC_END_ALIAS(_key_expansion_128)
 
 SYM_FUNC_START_LOCAL(_key_expansion_192a)
pshufd $0b01010101, %xmm1, %xmm1
diff --git a/arch/x86/lib/memcpy_64.S b/arch/x86/lib/memcpy_64.S
index 9a53a06e5a3e..4911b1c61aa8 100644
--- a/arch/x86/lib/memcpy_64.S
+++ b/arch/x86/lib/memcpy_64.S
@@ -26,7 +26,7 @@
  * Output:
  * rax original destination
  */
-ENTRY(__memcpy)
+SYM_FUNC_START_ALIAS(__memcpy)
 ENTRY(memcpy)
ALTERNATIVE_2 "jmp memcpy_orig", "", X86_FEATURE_REP_GOOD, \
  "jmp memcpy_erms", X86_FEATURE_ERMS
@@ -40,7 +40,7 @@ ENTRY(memcpy)
rep movsb
ret
 ENDPROC(memcpy)
-ENDPROC(__memcpy)
+SYM_FUNC_END_ALIAS(__memcpy)
 EXPORT_SYMBOL(memcpy)
 EXPORT_SYMBOL(__memcpy)
 
diff --git a/arch/x86/lib/memmove_64.S b/arch/x86/lib/memmove_64.S
index 15de86cd15b0..d22af97e5b27 100644
--- a/arch/x86/lib/memmove_64.S
+++ b/arch/x86/lib/memmove_64.S
@@ -25,7 +25,7 @@
  */
 .weak memmove
 
-ENTRY(memmove)
+SYM_FUNC_START_ALIAS(memmove)
 ENTRY(__memmove)
 
/* Handle more 32 bytes in loop */
@@ -207,6 +207,6 @@ ENTRY(__memmove)
 13:
retq
 ENDPROC(__memmove)
-ENDPROC(memmove)
+SYM_FUNC_END_ALIAS(memmove)
 EXPORT_SYMBOL(__memmove)
 EXPORT_SYMBOL(memmove)
diff --git a/arch/x86/lib/memset_64.S b/arch/x86/lib/memset_64.S
index 55b95db30a61..0d3a1d341e60 100644
--- a/arch/x86/lib/memset_64.S
+++ b/arch/x86/lib/memset_64.S
@@ -18,7 +18,7 @@
  *
  * rax   original destination
  */
-ENTRY(memset)
+SYM_FUNC_START_ALIAS(memset)
 ENTRY(__memset)
/*
 * Some CPUs support enhanced REP MOVSB/STOSB feature. It is recommended
@@ -42,8 +42,8 @@ ENTRY(__memset)
rep stosb
movq %r9,%rax
ret
-ENDPROC(memset)
 ENDPROC(__memset)
+SYM_FUNC_END_ALIAS(memset)
 EXPORT_SYMBOL(memset)
 EXPORT_SYMBOL(__memset)
 
diff --git a/arch/x86/xen/xen-asm_64.S b/arch/x86/xen/xen-asm_64.S
index d617bea76039..e1174171ab57 100644
--- a/arch/x86/xen/xen-asm_64.S
+++ b/arch/x86/xen/xen-asm_64.S
@@ -117,13 +117,13 @@ ENDPROC(xen_sysenter_target)
 
 #else /* !CONFIG_IA32_EMULATION */
 
-ENTRY(xen_syscall32_target)
+SYM_FUNC_START_ALIAS(xen_syscall32_target)
 ENTRY(xen_sysenter_target)
lea 16(%rsp), %rsp  /* strip %rcx, %r11 */
mov $-ENOSYS, %rax
pushq $0
jmp hypercall_iret
-ENDPROC(xen_syscall32_target)
 ENDPROC(xen_sysenter_target)
+SYM_FUNC_END_ALIAS(xen_syscall32_target)
 
 #endif /* CONFIG_IA32_EMULATION */
-- 
2.12.2

[PATCH v3 27/29] x86_32: assembly, change all ENTRY to SYM_FUNC_START

[Jiri Slaby]

These are all functions which are invoked from elsewhere, so we annotate
them as global using the new SYM_FUNC_START (and their ENDPROC's by
SYM_FUNC_END.)

Signed-off-by: Jiri Slaby 
Cc: "H. Peter Anvin" 
Cc: Thomas Gleixner 
Cc: Ingo Molnar 
Cc: x...@kernel.org
Cc: Herbert Xu 
Cc: "David S. Miller" 
Cc: "Rafael J. Wysocki" 
Cc: Len Brown 
Cc: Pavel Machek 
Cc: Rusty Russell 
Cc: Bill Metzenthen 
Cc: Matt Fleming 
Cc: Ard Biesheuvel 
Cc: Boris Ostrovsky 
Cc: Juergen Gross 
Cc: linux-crypto@vger.kernel.org
Cc: linux...@vger.kernel.org
Cc: lgu...@lists.ozlabs.org
Cc: linux-...@vger.kernel.org
Cc: xen-de...@lists.xenproject.org
---
 arch/x86/boot/compressed/efi_stub_32.S |   4 +-
 arch/x86/boot/compressed/head_32.S |  12 +--
 arch/x86/crypto/salsa20-i586-asm_32.S  |  12 +--
 arch/x86/crypto/serpent-sse2-i586-asm_32.S |   8 +-
 arch/x86/crypto/twofish-i586-asm_32.S  |   8 +-
 arch/x86/entry/entry_32.S  | 132 ++---
 arch/x86/kernel/acpi/wakeup_32.S   |   8 +-
 arch/x86/kernel/ftrace_32.S|  20 ++---
 arch/x86/kernel/head_32.S  |  16 ++--
 arch/x86/lguest/head_32.S  |  16 ++--
 arch/x86/lib/atomic64_386_32.S |   4 +-
 arch/x86/lib/atomic64_cx8_32.S |  32 +++
 arch/x86/lib/checksum_32.S |   8 +-
 arch/x86/math-emu/div_Xsig.S   |   4 +-
 arch/x86/math-emu/div_small.S  |   4 +-
 arch/x86/math-emu/mul_Xsig.S   |  12 +--
 arch/x86/math-emu/polynom_Xsig.S   |   4 +-
 arch/x86/math-emu/reg_norm.S   |   8 +-
 arch/x86/math-emu/reg_round.S  |   4 +-
 arch/x86/math-emu/reg_u_add.S  |   4 +-
 arch/x86/math-emu/reg_u_div.S  |   4 +-
 arch/x86/math-emu/reg_u_mul.S  |   4 +-
 arch/x86/math-emu/reg_u_sub.S  |   4 +-
 arch/x86/math-emu/round_Xsig.S |   8 +-
 arch/x86/math-emu/shr_Xsig.S   |   4 +-
 arch/x86/math-emu/wm_shrx.S|   8 +-
 arch/x86/math-emu/wm_sqrt.S|   4 +-
 arch/x86/platform/efi/efi_stub_32.S|   4 +-
 arch/x86/power/hibernate_asm_32.S  |   8 +-
 arch/x86/realmode/rm/trampoline_32.S   |   8 +-
 arch/x86/xen/xen-asm_32.S  |   8 +-
 drivers/lguest/x86/switcher_32.S   |   4 +-
 32 files changed, 194 insertions(+), 194 deletions(-)

diff --git a/arch/x86/boot/compressed/efi_stub_32.S 
b/arch/x86/boot/compressed/efi_stub_32.S
index a53440e81d52..4ceff75b0d2a 100644
--- a/arch/x86/boot/compressed/efi_stub_32.S
+++ b/arch/x86/boot/compressed/efi_stub_32.S
@@ -23,7 +23,7 @@
  */
 
 .text
-ENTRY(efi_call_phys)
+SYM_FUNC_START(efi_call_phys)
/*
 * 0. The function can only be called in Linux kernel. So CS has been
 * set to 0x0010, DS and SS have been set to 0x0018. In EFI, I found
@@ -76,7 +76,7 @@ ENTRY(efi_call_phys)
movlsaved_return_addr(%edx), %ecx
pushl   %ecx
ret
-ENDPROC(efi_call_phys)
+SYM_FUNC_END(efi_call_phys)
 .previous
 
 .data
diff --git a/arch/x86/boot/compressed/head_32.S 
b/arch/x86/boot/compressed/head_32.S
index d832ddb78ea2..86484c3788f8 100644
--- a/arch/x86/boot/compressed/head_32.S
+++ b/arch/x86/boot/compressed/head_32.S
@@ -60,7 +60,7 @@
.hidden _egot
 
__HEAD
-ENTRY(startup_32)
+SYM_FUNC_START(startup_32)
cld
/*
 * Test KEEP_SEGMENTS flag to see if the bootloader is asking
@@ -141,14 +141,14 @@ ENTRY(startup_32)
  */
lealrelocated(%ebx), %eax
jmp *%eax
-ENDPROC(startup_32)
+SYM_FUNC_END(startup_32)
 
 #ifdef CONFIG_EFI_STUB
 /*
  * We don't need the return address, so set up the stack so efi_main() can find
  * its arguments.
  */
-ENTRY(efi_pe_entry)
+SYM_FUNC_START(efi_pe_entry)
add $0x4, %esp
 
call1f
@@ -173,9 +173,9 @@ ENTRY(efi_pe_entry)
pushl   %eax
pushl   %ecx
jmp 2f  /* Skip efi_config initialization */
-ENDPROC(efi_pe_entry)
+SYM_FUNC_END(efi_pe_entry)
 
-ENTRY(efi32_stub_entry)
+SYM_FUNC_START(efi32_stub_entry)
add $0x4, %esp
popl%ecx
popl%edx
@@ -204,7 +204,7 @@ fail:
movlBP_code32_start(%esi), %eax
lealstartup_32(%eax), %eax
jmp *%eax
-ENDPROC(efi32_stub_entry)
+SYM_FUNC_END(efi32_stub_entry)
 #endif
 
.text
diff --git a/arch/x86/crypto/salsa20-i586-asm_32.S 
b/arch/x86/crypto/salsa20-i586-asm_32.S
index 329452b8f794..e9a6703056fc 100644
--- a/arch/x86/crypto/salsa20-i586-asm_32.S
+++ b/arch/x86/crypto/salsa20-i586-asm_32.S
@@ -7,7 +7,7 @@
 .text
 
 

Re: [PATCH 3/6] ima: Simplify policy_func_show.

[Mimi Zohar]

On Thu, 2017-04-20 at 17:40 -0300, Thiago Jung Bauermann wrote:
> Am Donnerstag, 20. April 2017, 08:13:23 BRT schrieb Mimi Zohar:
> > On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> > > If the func_tokens array uses the same indices as enum ima_hooks,
> > > policy_func_show can be a lot simpler, and the func_* enum becomes
> > > unnecessary.
> > 
> > My main concern with separating the enumeration from the string
> > definition is that they might become out of sync.  Perhaps using
> > macros, similar to those used for kernel_read_file_id_str(), would be
> > better?
> 
> I agree that it would be better. Is the patch below what you had in mind?

Yes, I haven't tested it yet, but it looks right.
> 
> I also noticed that policy_func_show can be even simpler if we stop using the 
> printf format string from the policy_tokens table. What do you think?
> 
> -- 
> Thiago Jung Bauermann
> IBM Linux Technology Center
> 
> 
> From 594628c94f5dd7c6d2624944a76b6a01f9668128 Mon Sep 17 00:00:00 2001
> From: Thiago Jung Bauermann 
> Date: Mon, 10 Apr 2017 14:59:44 -0300
> Subject: [PATCH 3/6] ima: Simplify policy_func_show.
> 
> If the func_tokens array uses the same indices as enum ima_hooks,
> policy_func_show can be a lot simpler, and the func_* enum becomes
> unnecessary.
> 
> Also, if we use the same macro trick used by kernel_read_file_id_str we can
> use one hooks list for both the enum and the string array, making sure they
> are always in sync (suggested by Mimi Zohar).

> Finally, by using the printf pattern for the function token directly
> instead of using the pt macro we can simplify policy_func_show even further
> and avoid the need of having a temporary buffer. Since the only use of
> Opt_func's printf pattern in policy_tokens was in policy_func_show, we
> don't need it at all anymore so remove it.
> 
> Signed-off-by: Thiago Jung Bauermann 
> ---
>  security/integrity/ima/ima.h| 25 +---
>  security/integrity/ima/ima_policy.c | 60 
> +
>  2 files changed, 22 insertions(+), 63 deletions(-)
> 
> diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
> index b563fbd4d122..51ef805cf7f3 100644
> --- a/security/integrity/ima/ima.h
> +++ b/security/integrity/ima/ima.h
> @@ -172,17 +172,22 @@ static inline unsigned long ima_hash_key(u8 *digest)
>   return hash_long(*digest, IMA_HASH_BITS);
>  }
> 
> +#define __ima_hooks(hook)\
> + hook(NONE)  \
> + hook(FILE_CHECK)\
> + hook(MMAP_CHECK)\
> + hook(BPRM_CHECK)\
> + hook(POST_SETATTR)  \
> + hook(MODULE_CHECK)  \
> + hook(FIRMWARE_CHECK)\
> + hook(KEXEC_KERNEL_CHECK)\
> + hook(KEXEC_INITRAMFS_CHECK) \
> + hook(POLICY_CHECK)  \
> + hook(MAX_CHECK)
> +#define __ima_hook_enumify(ENUM) ENUM,
> +
>  enum ima_hooks {
> - FILE_CHECK = 1,
> - MMAP_CHECK,
> - BPRM_CHECK,
> - POST_SETATTR,
> - MODULE_CHECK,
> - FIRMWARE_CHECK,
> - KEXEC_KERNEL_CHECK,
> - KEXEC_INITRAMFS_CHECK,
> - POLICY_CHECK,
> - MAX_CHECK
> + __ima_hooks(__ima_hook_enumify)
>  };
> 
>  /* LIM API function definitions */
> diff --git a/security/integrity/ima/ima_policy.c 
> b/security/integrity/ima/ima_policy.c
> index cfda5d7b17ec..39d43a5beb5a 100644
> --- a/security/integrity/ima/ima_policy.c
> +++ b/security/integrity/ima/ima_policy.c
> @@ -503,7 +503,7 @@ static match_table_t policy_tokens = {
>   {Opt_subj_user, "subj_user=%s"},
>   {Opt_subj_role, "subj_role=%s"},
>   {Opt_subj_type, "subj_type=%s"},
> - {Opt_func, "func=%s"},
> + {Opt_func, NULL},
>   {Opt_mask, "mask=%s"},
>   {Opt_fsmagic, "fsmagic=%s"},
>   {Opt_fsuuid, "fsuuid=%s"},
> @@ -896,23 +896,10 @@ static const char *const mask_tokens[] = {
>   "MAY_APPEND"
>  };
> 
> -enum {
> - func_file = 0, func_mmap, func_bprm,
> - func_module, func_firmware, func_post,
> - func_kexec_kernel, func_kexec_initramfs,
> - func_policy
> -};
> +#define __ima_hook_stringify(str)#str,
> 
>  static const char *const func_tokens[] = {
> - "FILE_CHECK",
> - "MMAP_CHECK",
> - "BPRM_CHECK",
> - "MODULE_CHECK",
> - "FIRMWARE_CHECK",
> - "POST_SETATTR",
> - "KEXEC_KERNEL_CHECK",
> - "KEXEC_INITRAMFS_CHECK",
> - "POLICY_CHECK"
> + __ima_hooks(__ima_hook_stringify)
>  };
> 
>  void *ima_policy_start(struct seq_file *m, loff_t *pos)
> @@ -949,49 +936,16 @@ void ima_policy_stop(struct seq_file *m, void *v)
> 
>  #define pt(token)policy_tokens[token + Opt_err].pattern
>  #define mt(token)mask_tokens[token]
> -#define ft(token)func_tokens[token]
> 
>  /*
>   * policy_func_show - display the ima_hooks policy rule
>   */
>  static void policy_func_show(struct seq_file *m, enum ima_hooks 

Re: [PATCH 1/2] n2rng: Use devm_kcalloc() in n2rng_probe()

[Herbert Xu]

On Wed, Apr 19, 2017 at 11:10:07AM +0200, SF Markus Elfring wrote:
> From: Markus Elfring 
> Date: Wed, 19 Apr 2017 10:30:47 +0200
> 
> * A multiplication for the size determination of a memory allocation
>   indicated that an array data structure should be processed.
>   Thus use the corresponding function "devm_kcalloc".
> 
> * Replace the specification of a data structure by a pointer dereference
>   to make the corresponding size determination a bit safer according to
>   the Linux coding style convention.
> 
> Signed-off-by: Markus Elfring 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v2 0/2] hwrng: mtk: add support for hardware random generator on MT7623 SoC

[Herbert Xu]

On Fri, Apr 21, 2017 at 12:24:24AM +0800, sean.w...@mediatek.com wrote:
> From: Sean Wang 
> 
> This patchset introduces support for Mediatek hardware random generator (RNG)
> Currently, the driver is already tested successfully with rng-tools on MT7623
> SoC. And it should also be workable on other similar Mediatek SoCs.
> 
> Changes since v1:

All applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH V3 0/2] Interrupt management fixes

[Herbert Xu]

On Thu, Apr 20, 2017 at 03:24:00PM -0500, Gary R Hook wrote:
> Correct the driver to attend to only relevant interrupt
> bits, and ensure that interrupts are managed properly
> at module unload.
> 
> Changes from V2:
> - Apply patches to relevant stable branches

All applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v5 0/2] crypto: hw_random - Add new Exynos RNG driver

[Herbert Xu]

On Tue, Apr 11, 2017 at 08:08:33PM +0200, Krzysztof Kozlowski wrote:
> Hi,
> 
> This is a follow up of my questions around exynos-rng [1].
> 
> Changes since v4:
> =
> 1. Patch 2/2: Use "stdrng" name, as suggested by Herbert.
> 2. Patch 2/2: Add Bartlomiej's reviewed-by.

All applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v2] powerpc/crypto/crct10dif-vpmsum: Fix missing preempt_disable()

[Herbert Xu]

On Thu, Apr 20, 2017 at 03:35:09PM +1000, Michael Ellerman wrote:
> In crct10dif_vpmsum() we call enable_kernel_altivec() without first
> disabling preemption, which is not allowed.
> 
> It used to be sufficient just to call pagefault_disable(), because that
> also disabled preemption. But the two were decoupled in commit 8222dbe21e79
> ("sched/preempt, mm/fault: Decouple preemption from the page fault
> logic") in mid 2015.
> 
> The crct10dif-vpmsum code inherited this bug from the crc32c-vpmsum code
> on which it was modelled.
> 
> So add the missing preempt_disable/enable(). We should also call
> disable_kernel_fp(), although it does nothing by default, there is a
> debug switch to make it active and all enables should be paired with
> disables.
> 
> Fixes: b01df1c16c9a ("crypto: powerpc - Add CRC-T10DIF acceleration")
> Acked-by: Daniel Axtens 
> Signed-off-by: Michael Ellerman 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: acomp - replace compression known answer test

[Herbert Xu]

On Wed, Apr 19, 2017 at 02:27:18PM +0100, Giovanni Cabiddu wrote:
> Compression implementations might return valid outputs that
> do not match what specified in the test vectors.
> For this reason, the testmgr might report that a compression
> implementation failed the test even if the data produced
> by the compressor is correct.
> This implements a decompress-and-verify test for acomp
> compression tests rather than a known answer test.
> 
> Signed-off-by: Giovanni Cabiddu 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: acomp - allow registration of multiple acomps

[Herbert Xu]

On Wed, Apr 19, 2017 at 02:23:05PM +0100, Giovanni Cabiddu wrote:
> Add crypto_register_acomps and crypto_unregister_acomps to allow
> the registration of multiple implementations with one call.
> 
> Signed-off-by: Giovanni Cabiddu 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v2] crypto: chcr - Fix error handling related to 'chcr_alloc_shash'

[Herbert Xu]

On Thu, Apr 13, 2017 at 08:25:15PM +0200, Christophe JAILLET wrote:
> Up to now, 'crypto_alloc_shash()' may return a valid pointer, an error
> pointer or NULL (in case of invalid parameter)
> Update it to always return an error pointer in case of error. It now
> returns ERR_PTR(-EINVAL) instead of NULL in case of invalid parameter.
> 
> This simplifies error handling.
> 
> Also fix a crash in 'chcr_authenc_setkey()' if 'chcr_alloc_shash()'
> returns an error pointer and the "goto out" path is taken.
> 
> Signed-off-by: Christophe JAILLET 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH 0/4] Bug fixes and fallback for AEAD

[Herbert Xu]

On Mon, Apr 10, 2017 at 06:23:57PM +0530, Harsh Jain wrote:
> This series based on Herbert cryptodev-2.6.
> It includes bug fixes and fallback for AEAD algos.
> 
> Harsh Jain (3):
>   chcr: Increase priority of AEAD algos.
>   chcr:Set hmac_ctrl bit to use HW register HMAC_CFG[456].
>   chcr: Add fallback for AEAD algos
> Atul Gupta (1):
>   chcr: Fix txq ids

All applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH -next] crypto: caam - fix error return code in caam_qi_init()

[Herbert Xu]

On Tue, Apr 11, 2017 at 04:04:09PM +, Wei Yongjun wrote:
> From: Wei Yongjun 
> 
> Fix to return error code -ENOMEM from the kmem_cache_create() error
> handling case instead of 0(err is 0 here), as done elsewhere in this
> function.
> 
> Fixes: 67c2315def06 ("crypto: caam - add Queue Interface (QI) backend 
> support")
> Signed-off-by: Wei Yongjun 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: Allow ecb(cipher_null) in FIPS mode

[Herbert Xu]

Milan Broz  wrote:
> The cipher_null is not a real cipher, FIPS mode should not restrict its use.
> 
> It is used for several tests (for example in cryptsetup testsuite) and also
> temporarily for reencryption of not yet encrypted device in 
> cryptsetup-reencrypt tool.
> 
> Problem is easily reproducible with
>  cryptsetup benchmark -c null
> 
> Signed-off-by: Milan Broz 

Stephan?
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v2 2/3] crypto: inside-secure: add SafeXcel EIP197 crypto engine driver

[Antoine Tenart]

On Fri, Apr 21, 2017 at 01:36:45PM +0200, Corentin Labbe wrote:
> > > > +   memset(ipad + keylen, 0, blocksize - keylen);
> > > > +   memcpy(opad, ipad, blocksize);
> > > > +
> > > > +   for (i = 0; i < blocksize; i++) {
> > > > +   ipad[i] ^= 0x36;
> > > > +   opad[i] ^= 0x5c;
> > > 
> > > What are these constant ?
> > 
> > They are defined in the HMAC RFC, as ipad and opad values. See
> > https://www.ietf.org/rfc/rfc2104.txt.
> > 
> 
> Since many driver use them, I think defining them in include/ should be done 
> (HMAC_IPAD/HMAC_OPAD)
> I will send a patch for it.

OK, I'll send a following up patch on this driver when your series is
merged.

Antoine

-- 
Antoine Ténart, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com


signature.asc
Description: PGP signature

Re: [PATCH 2/2] crypto: acomp - add support for deflate rfc1950 (zlib)

[Herbert Xu]

On Wed, Apr 19, 2017 at 03:11:42PM +0100, Giovanni Cabiddu wrote:
>
> +}, {
> + .alloc_ctx  = zlib_deflate_alloc_ctx,
> + .free_ctx   = deflate_free_ctx,
> + .compress   = deflate_scompress,
> + .decompress = deflate_sdecompress,
> + .base   = {
> + .cra_name   = "zlib(deflate)",

Please avoid using parentheses as they are used for templates.
Perhaps zlib-deflate or deflate-rfc1950.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: acomp - report scomp implementations

[Herbert Xu]

On Wed, Apr 19, 2017 at 02:26:14PM +0100, Giovanni Cabiddu wrote:
> Fix crypto_has_acomp to report scomp implementations.
> 
> Signed-off-by: Giovanni Cabiddu 
> ---
>  include/crypto/acompress.h | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/include/crypto/acompress.h b/include/crypto/acompress.h
> index e328b52..39871f9 100644
> --- a/include/crypto/acompress.h
> +++ b/include/crypto/acompress.h
> @@ -162,6 +162,7 @@ static inline int crypto_has_acomp(const char *alg_name, 
> u32 type, u32 mask)
>  {
>   type &= ~CRYPTO_ALG_TYPE_MASK;
>   type |= CRYPTO_ALG_TYPE_ACOMPRESS;
> + type |= CRYPTO_ALG_TYPE_SCOMPRESS;
>   mask |= CRYPTO_ALG_TYPE_MASK;
>  
>   return crypto_has_alg(alg_name, type, mask);

Are you sure this works? I think you should modify the mask instead.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH 2/2] n2rng: Combine substrings for two messages in n2rng_probe()

[Herbert Xu]

On Wed, Apr 19, 2017 at 11:11:35AM +0200, SF Markus Elfring wrote:
> From: Markus Elfring 
> Date: Wed, 19 Apr 2017 10:50:04 +0200
> 
> The script "checkpatch.pl" pointed information out like the following.
> 
> WARNING: quoted string split across lines
> 
> Thus fix the affected source code places.
> 
> Signed-off-by: Markus Elfring 

This patch doesn't seem to add any value so I'm not taking it.

Please don't send patches based purely on a checkpatch complaint.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v2 2/3] crypto: inside-secure: add SafeXcel EIP197 crypto engine driver

[Corentin Labbe]

> > > + memset(ipad + keylen, 0, blocksize - keylen);
> > > + memcpy(opad, ipad, blocksize);
> > > +
> > > + for (i = 0; i < blocksize; i++) {
> > > + ipad[i] ^= 0x36;
> > > + opad[i] ^= 0x5c;
> > 
> > What are these constant ?
> 
> They are defined in the HMAC RFC, as ipad and opad values. See
> https://www.ietf.org/rfc/rfc2104.txt.
> 

Since many driver use them, I think defining them in include/ should be done 
(HMAC_IPAD/HMAC_OPAD)
I will send a patch for it.

> > [...]
> > > +struct safexcel_alg_template safexcel_alg_sha256 = {
> > > + .type = SAFEXCEL_ALG_TYPE_AHASH,
> > > + .alg.ahash = {
> > > + .init = safexcel_sha256_init,
> > > + .update = safexcel_ahash_update,
> > > + .final = safexcel_ahash_final,
> > > + .finup = safexcel_ahash_finup,
> > > + .digest = safexcel_sha256_digest,
> > > + .export = safexcel_ahash_export,
> > > + .import = safexcel_ahash_import,
> > > + .halg = {
> > > + .digestsize = SHA256_DIGEST_SIZE,
> > > + .statesize = sizeof(struct safexcel_ahash_export_state),
> > > + .base = {
> > > + .cra_name = "sha256",
> > > + .cra_driver_name = "safexcel-sha256",
> > > + .cra_priority = 300,
> > > + .cra_flags = CRYPTO_ALG_ASYNC |
> > > +  CRYPTO_ALG_KERN_DRIVER_ONLY,
> > 
> > Why do use CRYPTO_ALG_KERN_DRIVER_ONLY ?
> 
> See http://lxr.free-electrons.com/source/include/linux/crypto.h#L97.
> 

Sorry, I had understood that flag as "do not let userspace use me".
Anyway, this flag is totally ignored by the cryptoAPI.

[PATCH] crypto: crypto4xx: rename ce_ring_contol to ce_ring_control

[Colin King]

From: Colin Ian King 

trivial spelling mistake, missing r, rename to ce_ring_control

Signed-off-by: Colin Ian King 
---
 drivers/crypto/amcc/crypto4xx_core.c| 2 +-
 drivers/crypto/amcc/crypto4xx_reg_def.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/amcc/crypto4xx_core.c 
b/drivers/crypto/amcc/crypto4xx_core.c
index d10b4ae5e0da..fdc83a2281ca 100644
--- a/drivers/crypto/amcc/crypto4xx_core.c
+++ b/drivers/crypto/amcc/crypto4xx_core.c
@@ -50,7 +50,7 @@
 static void crypto4xx_hw_init(struct crypto4xx_device *dev)
 {
union ce_ring_size ring_size;
-   union ce_ring_contol ring_ctrl;
+   union ce_ring_control ring_ctrl;
union ce_part_ring_size part_ring_size;
union ce_io_threshold io_threshold;
u32 rand_num;
diff --git a/drivers/crypto/amcc/crypto4xx_reg_def.h 
b/drivers/crypto/amcc/crypto4xx_reg_def.h
index 46fe57c8f6eb..279b8725559f 100644
--- a/drivers/crypto/amcc/crypto4xx_reg_def.h
+++ b/drivers/crypto/amcc/crypto4xx_reg_def.h
@@ -180,7 +180,7 @@ union ce_ring_size {
 } __attribute__((packed));
 
 #define CRYPTO4XX_RING_CONTROL_OFFSET  0x54
-union ce_ring_contol {
+union ce_ring_control {
struct {
u32 continuous:1;
u32 rsv:5;
-- 
2.11.0

Re: [PATCH] crypto: algif_aead - Require setkey before accept(2)

[Herbert Xu]

On Mon, Apr 10, 2017 at 01:59:21PM +0200, Stephan Müller wrote:
>
> @@ -757,12 +887,14 @@ static void aead_sock_destruct(struct sock *sk)
>   af_alg_release_parent(sk);
>  }
>  
> -static int aead_accept_parent(void *private, struct sock *sk)
> +static int aead_accept_parent_nokey(void *private, struct sock *sk)
>  {
>   struct aead_ctx *ctx;
>   struct alg_sock *ask = alg_sk(sk);
> - unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(private);
> - unsigned int ivlen = crypto_aead_ivsize(private);
> + struct aead_tfm *tfm = private;
> + struct crypto_aead *aead = tfm->aead;
> + unsigned int len = sizeof(*ctx) + crypto_aead_reqsize(aead);
> + unsigned int ivlen = crypto_aead_ivsize(aead);
>  
>   ctx = sock_kmalloc(sk, len, GFP_KERNEL);
>   if (!ctx)
> @@ -789,7 +921,7 @@ static int aead_accept_parent(void *private, struct sock 
> *sk)
>  
>   ask->private = ctx;
>  
> - aead_request_set_tfm(>aead_req, private);
> + aead_request_set_tfm(>aead_req, aead);
>   aead_request_set_callback(>aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
> af_alg_complete, >completion);
>  

Please don't mix unrelated cleanups like this with the real change.
 It makes reviewing harder than necessary.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

[PATCH] crypto: Allow ecb(cipher_null) in FIPS mode

[Milan Broz]

The cipher_null is not a real cipher, FIPS mode should not restrict its use.

It is used for several tests (for example in cryptsetup testsuite) and also
temporarily for reencryption of not yet encrypted device in 
cryptsetup-reencrypt tool.

Problem is easily reproducible with
  cryptsetup benchmark -c null

Signed-off-by: Milan Broz 
---
 crypto/testmgr.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index f9c378af3907..5075e4d982ee 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2875,6 +2875,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "ecb(cipher_null)",
.test = alg_test_null,
+   .fips_allowed = 1,
}, {
.alg = "ecb(des)",
.test = alg_test_skcipher,
-- 
2.11.0

[cpu/hotplug] d215aab82d: [ INFO: possible circular locking dependency detected ]

[kernel test robot]

Greetings,

0day kernel testing robot got the below dmesg and the first bad commit is

https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git smp/hotplug

commit d215aab82d81974f438bfbc80aa437132f3c37c3
Author: Thomas Gleixner 
AuthorDate: Tue Apr 18 19:05:06 2017 +0200
Commit: Thomas Gleixner 
CommitDate: Thu Apr 20 13:08:58 2017 +0200

cpu/hotplug: Convert hotplug locking to percpu rwsem

There are no more (known) nested calls to get_online_cpus() so it's
possible to remove the nested call magic and convert the mutex to a
percpu-rwsem, which speeds up get/put_online_cpus() significantly for the
uncontended case.

The contended case (write locked for hotplug operations) is slow anyway, so
the slightly more expensive down_write of the percpu rwsem does not matter.

[ peterz: Add lockdep assertions ]

Signed-off-by: Thomas Gleixner 
Cc: Peter Zijlstra 
Cc: Sebastian Siewior 
Cc: Steven Rostedt 
Link: http://lkml.kernel.org/r/20170418170554.382344...@linutronix.de

641693094e  perf: Avoid cpu_hotplug_lock r-r recursion
d215aab82d  cpu/hotplug: Convert hotplug locking to percpu rwsem
d215aab82d  cpu/hotplug: Convert hotplug locking to percpu rwsem
65ec919279  Merge branch 'x86/irq'
++++++
|| 641693094e | d215aab82d 
| d215aab82d | 65ec919279 |
++++++
| boot_successes | 33 | 1  
| 1  | 0  |
| boot_failures  | 0  | 12 
| 12 | 11 |
| INFO:possible_circular_locking_dependency_detected | 0  | 12 
| 12 | 11 |
++++++

[child1:349] uid changed! Was: 0, now 35957
[child0:342] child exiting.
Bailing main loop. Exit reason: UID changed.
[   69.250950] 
[   69.251227] ==
[   69.252022] [ INFO: possible circular locking dependency detected ]
[   69.252715] 4.11.0-rc6-00240-gd215aab #1 Not tainted
[   69.253273] ---
[   69.254061] kworker/1:1/24 is trying to acquire lock:
[   69.254699]  (cpu_hotplug_lock.rw_sem){++}, at: [] 
static_key_slow_dec+0x1e/0x80
[   69.255872] 
[   69.255872] but task is already holding lock:
[   69.256651]  (perf_sched_mutex){+.+...}, at: [] 
perf_sched_delayed+0x1a/0x70
[   69.258146] 
[   69.258146] which lock already depends on the new lock.
[   69.258146] 
[   69.259516] 
[   69.259516] the existing dependency chain (in reverse order) is:
[   69.260566] 
[   69.260566] -> #2 (perf_sched_mutex){+.+...}:

  # HH:MM RESULT GOOD 
BAD GOOD_BUT_DIRTY DIRTY_NOT_BAD
git bisect start 450dd7177bd6ac5e70d22c5375ef482e9436a748 
4f7d029b9bf009fbee76bb10c0c4351a1870d2f3 --
git bisect  bad 084d34b9fe3fa15fd649e66a7a8bcfc146c2863f  # 12:01  B  0 
1   12   0  Merge 'tip/smp/hotplug' into devel-catchup-201704210032
git bisect good b3c310c5863b9563bdd08f8778989d99a9c449c8  # 12:26  G 11 
00   0  Merge 
'linux-review/Sjoerd-Simons/RFC-serial-core-Dynamic-minor-support/20170420-210045'
 into devel-catchup-201704210032
git bisect good e4708292510f96868aeb8daefb259298e33bdbcb  # 12:42  G 11 
01   1  Merge 
'linux-review/Leon-Romanovsky/IB-mlx5-Set-correct-SL-in-completion-for-RoCE/20170420-191557'
 into devel-catchup-201704210032
git bisect good 650306edb95f2ab1fa07685aaec9c0f74ee534b8  # 13:00  G 11 
00   0  Merge 'pinchartl-media/omapdrm/fences' into 
devel-catchup-201704210032
git bisect good ab0d337bb7b090f67b1547a70b383f785c0bb9b1  # 13:35  G 10 
00   0  Merge 'pinchartl-media/omapdrm/cache-flush' into 
devel-catchup-201704210032
git bisect good 379c171f26e4acafb52a805afc8d2e2bcc30784e  # 13:57  G 11 
00   0  Merge 'tip/x86/boot' into devel-catchup-201704210032
git bisect good 8153f9ac43897f9f4786b30badc134fcc1a4fb11  # 14:28  G 10 
00   0  ACPI/processor: Replace racy task affinity logic
git bisect good 91e555edde960481085a8a69ac32726a9f6df0c9  # 14:45  G 11 
00   0  hwtracing/coresight-etm4x: Use 
cpuhp_setup_state_nocalls_cpuslocked()
git bisect good b4d1673371196dd9aebdd2f61d946165c777b931  # 15:03  G 11 
00   0  PCI: Use cpu_hotplug_disable() instead of get_online_cpus()
git bisect good 82947f31231157d8ab70fa8961f23fd3887a3327  # 15:37  G 10 
00   0  jump_label: Pull get_online_cpus() into generic code
git bisect 

Re: [PATCH v2 2/3] crypto: inside-secure: add SafeXcel EIP197 crypto engine driver

[Antoine Tenart]

Hi Corentin,

On Fri, Apr 21, 2017 at 09:30:56AM +0200, Corentin Labbe wrote:
> 
> I have some minor comment below

[…]

> > +   /*
> > +* Result Descriptor Ring prepare
> > +*/
> 
> This is not preferred comment format for one line

Sure.

> 
> [...]
> 
> > +static int safexcel_probe(struct platform_device *pdev)
> > +{
> > +   struct device *dev = >dev;
> > +   struct resource *res;
> > +   struct safexcel_crypto_priv *priv;
> > +   int i, ret;
> > +
> > +   priv = devm_kzalloc(dev, sizeof(struct safexcel_crypto_priv),
> > +   GFP_KERNEL);
> 
> sizeof(priv) is preferred as asked by checkpatch
> 
> [...]
> > +   ring_irq = devm_kzalloc(dev, sizeof(struct 
> > safexcel_ring_irq_data),
> > +   GFP_KERNEL);
> 
> same comment here

Sure.

> [...]
> > +#define EIP197_ALG_ARC4BIT(7)
> > +#define EIP197_ALG_AES_ECB BIT(8)
> > +#define EIP197_ALG_AES_CBC BIT(9)
> > +#define EIP197_ALG_AES_CTR_ICM BIT(10)
> > +#define EIP197_ALG_AES_OFB BIT(11)
> > +#define EIP197_ALG_AES_CFB BIT(12)
> > +#define EIP197_ALG_DES_ECB BIT(13)
> > +#define EIP197_ALG_DES_CBC BIT(14)
> > +#define EIP197_ALG_DES_OFB BIT(16)
> > +#define EIP197_ALG_DES_CFB BIT(17)
> > +#define EIP197_ALG_3DES_ECBBIT(18)
> > +#define EIP197_ALG_3DES_CBCBIT(19)
> > +#define EIP197_ALG_3DES_OFBBIT(21)
> > +#define EIP197_ALG_3DES_CFBBIT(22)
> > +#define EIP197_ALG_MD5 BIT(24)
> > +#define EIP197_ALG_HMAC_MD5BIT(25)
> 
> Does MD5, DES and 3DES will be added later ?

They might be added yes. And as these bits describe a register used to
configure the engine it's nice to have a proper definition of what all
combinations do.

> [...]
> > +static const u8 sha1_zero_digest[SHA1_DIGEST_SIZE] = {
> > +   0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d, 0x32, 0x55,
> > +   0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09,
> > +};
> > +
> > +static const u8 sha224_zero_digest[SHA224_DIGEST_SIZE] = {
> > +   0xd1, 0x4a, 0x02, 0x8c, 0x2a, 0x3a, 0x2b, 0xc9, 0x47, 0x61,
> > +   0x02, 0xbb, 0x28, 0x82, 0x34, 0xc4, 0x15, 0xa2, 0xb0, 0x1f,
> > +   0x82, 0x8e, 0xa6, 0x2a, 0xc5, 0xb3, 0xe4, 0x2f
> > +};
> > +
> > +static const u8 sha256_zero_digest[SHA256_DIGEST_SIZE] = {
> > +   0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb,
> > +   0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4,
> > +   0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52,
> > +   0xb8, 0x55
> > +};
> 
> Thoses structures are already defined in crypto (sha1_zero_message_hash, 
> etc...)
> You can use it since you select SHAxxx in Kconfig

That's right, I'll use these definitions instead.

> [...]
> > +static int safexcel_hmac_init_pad(struct ahash_request *areq,
> > + unsigned int blocksize, const u8 *key,
> > + unsigned int keylen, u8 *ipad, u8 *opad)
> > +{
> > +   struct safexcel_ahash_result result;
> > +   struct scatterlist sg;
> > +   int ret, i;
> > +   u8 *keydup;
> > +
> > +   if (keylen <= blocksize) {
> > +   memcpy(ipad, key, keylen);
> > +   } else {
> > +   keydup = kmemdup(key, keylen, GFP_KERNEL);
> > +   if (!keydup)
> > +   return -ENOMEM;
> > +
> > +   ahash_request_set_callback(areq, CRYPTO_TFM_REQ_MAY_BACKLOG,
> > +  safexcel_ahash_complete, );
> > +   sg_init_one(, keydup, keylen);
> > +   ahash_request_set_crypt(areq, , ipad, keylen);
> > +   init_completion();
> > +
> > +   ret = crypto_ahash_digest(areq);
> > +   if (ret == -EINPROGRESS) {
> > +   wait_for_completion_interruptible();
> > +   ret = result.error;
> > +   }
> > +
> > +   /* Avoid leaking */
> > +   memset(keydup, 0, keylen);
> 
> It is safer to use memzero_explicit

Good to know, I'll update.

> > +   kfree(keydup);
> > +
> > +   if (ret)
> > +   return ret;
> > +
> > +   keylen = crypto_ahash_digestsize(crypto_ahash_reqtfm(areq));
> > +   }
> > +
> > +   memset(ipad + keylen, 0, blocksize - keylen);
> > +   memcpy(opad, ipad, blocksize);
> > +
> > +   for (i = 0; i < blocksize; i++) {
> > +   ipad[i] ^= 0x36;
> > +   opad[i] ^= 0x5c;
> 
> What are these constant ?

They are defined in the HMAC RFC, as ipad and opad values. See
https://www.ietf.org/rfc/rfc2104.txt.

> [...]
> > +static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 
> > *key,
> > +unsigned int keylen)
> > +{
> > +   struct safexcel_ahash_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm));
> > 

Re: [PATCH 1/7] Makefile, LLVM: add -no-integrated-as to KBUILD_[AC]FLAGS

[Masahiro Yamada]

Hi Michael,


2017-03-17 9:15 GMT+09:00 Michael Davidson :
> Add -no-integrated-as to KBUILD_AFLAGS and KBUILD_CFLAGS
> for clang.

>From the code-diff, it is apparent that
you added -no-integrated-as.

Rather, I'd like to see "why" in the git-log.

Obviously, clang needs this patch to build the kernel,
but can you describe the reason why the integrated assembler is bad?

With git-log reworded, I will pick up this shortly.

Thanks!



> Signed-off-by: Michael Davidson 
> ---
>  Makefile | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/Makefile b/Makefile
> index b841fb36beb2..b21fd0ca2946 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -704,6 +704,8 @@ KBUILD_CFLAGS += $(call cc-disable-warning, 
> tautological-compare)
>  # See modpost pattern 2
>  KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,)
>  KBUILD_CFLAGS += $(call cc-option, -fcatch-undefined-behavior)
> +KBUILD_CFLAGS += $(call cc-option, -no-integrated-as)
> +KBUILD_AFLAGS += $(call cc-option, -no-integrated-as)
>  else
>
>  # These warnings generated too much noise in a regular build.







-- 
Best Regards
Masahiro Yamada

Re: [PATCH v2 2/3] crypto: inside-secure: add SafeXcel EIP197 crypto engine driver

[Corentin Labbe]

Hello

I have some minor comment below

On Wed, Apr 19, 2017 at 09:14:17AM +0200, Antoine Tenart wrote:
> Add support for Inside Secure SafeXcel EIP197 cryptographic engine,
> which can be found on Marvell Armada 7k and 8k boards. This driver
> currently implements: ecb(aes), cbc(aes), sha1, sha224, sha256 and
> hmac(sah1) algorithms.
> 
> Two firmwares are needed for this engine to work. Their are mostly used
> for more advanced operations than the ones supported (as of now), but we
> still need them to pass the data to the internal cryptographic engine.
> 
> Signed-off-by: Antoine Tenart 
> ---
>  drivers/crypto/Kconfig |   17 +
>  drivers/crypto/Makefile|1 +
>  drivers/crypto/inside-secure/Makefile  |2 +
>  drivers/crypto/inside-secure/safexcel.c|  940 +
>  drivers/crypto/inside-secure/safexcel.h|  579 +
>  drivers/crypto/inside-secure/safexcel_cipher.c |  555 +
>  drivers/crypto/inside-secure/safexcel_hash.c   | 1060 
> 
>  drivers/crypto/inside-secure/safexcel_ring.c   |  157 
>  8 files changed, 3311 insertions(+)
>  create mode 100644 drivers/crypto/inside-secure/Makefile
>  create mode 100644 drivers/crypto/inside-secure/safexcel.c
>  create mode 100644 drivers/crypto/inside-secure/safexcel.h
>  create mode 100644 drivers/crypto/inside-secure/safexcel_cipher.c
>  create mode 100644 drivers/crypto/inside-secure/safexcel_hash.c
>  create mode 100644 drivers/crypto/inside-secure/safexcel_ring.c
> 
> diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
> index 473d31288ad8..d12a40450858 100644
> --- a/drivers/crypto/Kconfig
> +++ b/drivers/crypto/Kconfig
> @@ -619,4 +619,21 @@ config CRYPTO_DEV_BCM_SPU
> Secure Processing Unit (SPU). The SPU driver registers ablkcipher,
> ahash, and aead algorithms with the kernel cryptographic API.
>  

[...]

> + /*
> +  * Result Descriptor Ring prepare
> +  */

This is not preferred comment format for one line

[...]

> +static int safexcel_probe(struct platform_device *pdev)
> +{
> + struct device *dev = >dev;
> + struct resource *res;
> + struct safexcel_crypto_priv *priv;
> + int i, ret;
> +
> + priv = devm_kzalloc(dev, sizeof(struct safexcel_crypto_priv),
> + GFP_KERNEL);

sizeof(priv) is preferred as asked by checkpatch

[...]
> + ring_irq = devm_kzalloc(dev, sizeof(struct 
> safexcel_ring_irq_data),
> + GFP_KERNEL);

same comment here

[...]
> +#define EIP197_ALG_ARC4  BIT(7)
> +#define EIP197_ALG_AES_ECB   BIT(8)
> +#define EIP197_ALG_AES_CBC   BIT(9)
> +#define EIP197_ALG_AES_CTR_ICM   BIT(10)
> +#define EIP197_ALG_AES_OFB   BIT(11)
> +#define EIP197_ALG_AES_CFB   BIT(12)
> +#define EIP197_ALG_DES_ECB   BIT(13)
> +#define EIP197_ALG_DES_CBC   BIT(14)
> +#define EIP197_ALG_DES_OFB   BIT(16)
> +#define EIP197_ALG_DES_CFB   BIT(17)
> +#define EIP197_ALG_3DES_ECB  BIT(18)
> +#define EIP197_ALG_3DES_CBC  BIT(19)
> +#define EIP197_ALG_3DES_OFB  BIT(21)
> +#define EIP197_ALG_3DES_CFB  BIT(22)
> +#define EIP197_ALG_MD5   BIT(24)
> +#define EIP197_ALG_HMAC_MD5  BIT(25)

Does MD5, DES and 3DES will be added later ?

[...]
> +static const u8 sha1_zero_digest[SHA1_DIGEST_SIZE] = {
> + 0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d, 0x32, 0x55,
> + 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09,
> +};
> +
> +static const u8 sha224_zero_digest[SHA224_DIGEST_SIZE] = {
> + 0xd1, 0x4a, 0x02, 0x8c, 0x2a, 0x3a, 0x2b, 0xc9, 0x47, 0x61,
> + 0x02, 0xbb, 0x28, 0x82, 0x34, 0xc4, 0x15, 0xa2, 0xb0, 0x1f,
> + 0x82, 0x8e, 0xa6, 0x2a, 0xc5, 0xb3, 0xe4, 0x2f
> +};
> +
> +static const u8 sha256_zero_digest[SHA256_DIGEST_SIZE] = {
> + 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb,
> + 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4,
> + 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52,
> + 0xb8, 0x55
> +};

Thoses structures are already defined in crypto (sha1_zero_message_hash, etc...)
You can use it since you select SHAxxx in Kconfig

[...]
> +static int safexcel_hmac_init_pad(struct ahash_request *areq,
> +   unsigned int blocksize, const u8 *key,
> +   unsigned int keylen, u8 *ipad, u8 *opad)
> +{
> + struct safexcel_ahash_result result;
> + struct scatterlist sg;
> + int ret, i;
> + u8 *keydup;
> +
> + if (keylen <= blocksize) {
> + memcpy(ipad, key, keylen);
> + } else {
> + keydup = kmemdup(key, keylen,