Re: [PATCH] crypto: ecc : Wipe memory for p on errors.

Am Samstag, 22. April 2017, 13:31:34 CEST schrieb Loganaden Velvindron: Hi Loganaden, > - kfree(p); > + kzfree(p); Why do you think this is necessary? p is not filled in this function as this function only allocates the memory. Ciao Stephan

Re: [PATCH] crypto: tcrypt: Zero iv before freeing it

Am Sonntag, 23. April 2017, 18:12:04 CEST schrieb Codarren Velvindron: Hi Codarren, > Signed-off-by: Codarren Velvindron > --- > crypto/tcrypt.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c > index

Re: [PATCH] crypto: testmgr: clean up memory for sensitive information

Am Sonntag, 23. April 2017, 01:40:56 CEST schrieb Pirabarlen-Cheenaramen: Hi Pirabarlen, > Signed-off-by: Pirabarlen-Cheenaramen > --- > crypto/testmgr.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/crypto/testmgr.c b/crypto/testmgr.c > index

Re: [PATCH] crypto: Allow ecb(cipher_null) in FIPS mode

Am Samstag, 22. April 2017, 09:54:08 CEST schrieb Sandy Harris: Hi Sandy, > In the FreeS/WAN project, back around the turn of the century, > we refused to implement several things required by the RFCs > because we thought they were insecure: null cipher, single > DES & 768-bit DH Group 1. > >

Re: [PATCH v2 6/9] staging: ccree: add FIPS support

Am Sonntag, 23. April 2017, 11:48:58 CEST schrieb Gilad Ben-Yossef: Hi Gilad, > I do wonder if there is value in alternate behavior of stopping crypto > API on FIPS error rather than a panic though. I will try to get an > explanation why we do it this way. In FIPS, all crypto function must

[PATCH] crypto: tcrypt: Zero iv before freeing it

Signed-off-by: Codarren Velvindron --- crypto/tcrypt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index 9a11f3c..48a721c 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c @@ -384,7 +384,7 @@ static void

[PATCH]crypto:asymmetric_keys:verify_pefile:zero memory content before freeing

Signed-off-by: Yasir Auleear --- crypto/asymmetric_keys/verify_pefile.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/asymmetric_keys/verify_pefile.c b/crypto/asymmetric_keys/verify_pefile.c index 672a94c..d178650 100644 ---

Re: [PATCH v2 6/9] staging: ccree: add FIPS support

Hi, Thank you for the review. On Thu, Apr 20, 2017 at 4:39 PM, Stephan Müller wrote: >> +/* The function verifies that tdes keys are not weak.*/ >> +static int ssi_fips_verify_3des_keys(const u8 *key, unsigned int keylen) >> +{ >> +#ifdef CCREE_FIPS_SUPPORT >> +

Re: [PATCH v2 1/9] staging: ccree: introduce CryptoCell HW driver

Hi, [ Re sending with all recipients this time ... ] On Thu, Apr 20, 2017 at 5:01 PM, Greg Kroah-Hartman wrote: >> > Oh, I have to ask, do you really mean "any later version" here and >> > elsewhere? >> > >> > If so, then your MODULE_LICENSE() marking is wrong,

[PATCH v3 09/15] MAINTAINERS: add Gilad BY as ccree maintainer

I work for Arm on maintaining the TrustZone CryptoCell driver. Signed-off-by: Gilad Ben-Yossef --- MAINTAINERS | 7 +++ 1 file changed, 7 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index 676c139..f21caa1 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -3066,6

[PATCH v3 12/15] staging: ccree: fix semicolon.cocci warnings

From: kbuild test robot drivers/staging/ccree/ssi_request_mgr.c:623:3-4: Unneeded semicolon Remove unneeded semicolon. Generated by: scripts/coccinelle/misc/semicolon.cocci Signed-off-by: Gilad Ben-Yossef Signed-off-by: Fengguang Wu

[PATCH v3 10/15] staging: ccree: remove useless NULL test of field

Remove kbuild test robot reported NULL check for a struct field address. Signed-off-by: Gilad Ben-Yossef Reported-by: kbuild test robot --- drivers/staging/ccree/ssi_buffer_mgr.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git

[PATCH v3 11/15] staging: ccree: fix platform_no_drv_owner.cocci warnings

From: kbuild test robot drivers/staging/ccree/ssi_driver.c:484:6-11: No need to set .owner here. The core will do it. Remove .owner field if calls are used which set it automatically Generated by: scripts/coccinelle/api/platform_no_drv_owner.cocci Signed-off-by: Gilad

[PATCH v3 13/15] staging: ccree: fix array_size.cocci warnings

From: kbuild test robot drivers/staging/ccree/ssi_sysfs.c:319:34-35: WARNING: Use ARRAY_SIZE drivers/staging/ccree/ssi_sysfs.c:429:34-35: WARNING: Use ARRAY_SIZE Use ARRAY_SIZE instead of dividing sizeof array with sizeof an element Semantic patch information: This makes an

[PATCH v3 14/15] staging: ccree: fix ifnullfree.cocci warnings

From: kbuild test robot drivers/staging/ccree/ssi_buffer_mgr.c:530:3-19: WARNING: NULL check before freeing functions like kfree, debugfs_remove, debugfs_remove_recursive or usb_free_urb is not needed. Maybe consider reorganizing relevant code to avoid passing NULL values.

[PATCH v3 15/15] staging: ccree: fix ifnullfree.cocci warnings

From: kbuild test robot drivers/staging/ccree/ssi_hash.c:317:2-7: WARNING: NULL check before freeing functions like kfree, debugfs_remove, debugfs_remove_recursive or usb_free_urb is not needed. Maybe consider reorganizing relevant code to avoid passing NULL values.

[PATCH v3 08/15] staging: ccree: add DT bindings for Arm CryptoCell

This adds DT bindings for the Arm TrustZone CryptoCell cryptographic accelerator IP. Signed-off-by: Gilad Ben-Yossef --- .../devicetree/bindings/crypto/arm-cryptocell.txt | 27 ++ 1 file changed, 27 insertions(+) create mode 100644

[PATCH v3 07/15] staging: ccree: add TODO list

Add TODO list for moving out of staging tree for ccree crypto driver Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/TODO | 30 ++ 1 file changed, 30 insertions(+) create mode 100644 drivers/staging/ccree/TODO diff --git

[PATCH v3 06/15] staging: ccree: add FIPS support

Add FIPS mode support to CryptoCell driver Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/Kconfig |9 + drivers/staging/ccree/Makefile |1 + drivers/staging/ccree/ssi_aead.c|6 + drivers/staging/ccree/ssi_cipher.c |

[PATCH v3 04/15] staging: ccree: add IV generation support

Add CryptoCell IV hardware generation support. This patch adds the needed support to drive the HW but does not expose the ability via the kernel crypto API yet. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/Makefile | 2 +-

[PATCH v3 05/15] staging: ccree: add AEAD support

Add CryptoCell AEAD support Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/Kconfig |1 + drivers/staging/ccree/Makefile |2 +- drivers/staging/ccree/cc_crypto_ctx.h | 21 + drivers/staging/ccree/ssi_aead.c | 2826

[PATCH v3 03/15] staging: ccree: add skcipher support

Add CryptoCell skcipher support Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/Kconfig |8 + drivers/staging/ccree/Makefile |2 +- drivers/staging/ccree/cc_crypto_ctx.h | 21 + drivers/staging/ccree/ssi_buffer_mgr.c | 147

[PATCH v3 02/15] staging: ccree: add ahash support

Add CryptoCell async. hash and HMAC support. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/Kconfig |6 + drivers/staging/ccree/Makefile |2 +- drivers/staging/ccree/cc_crypto_ctx.h | 22 + drivers/staging/ccree/hash_defs.h | 78

[PATCH v3 00/15] staging: ccree: add Arm TrustZone CryptoCell REE driver

Arm TrustZone CryptoCell 700 is a family of cryptographic hardware accelerators. It is supported by a long lived series of out of tree drivers, which I am now in the process of unifying and upstreaming. This is the first drop, supporting the new CryptoCell 712 REE. The code still needs some