[PATCH 11/11] Fix ERROR: "foo* bar" should be "foo *bar"

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

Fixed 'ERROR: "foo* bar" should be "foo *bar"'.

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index c148d81..c70e450 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -1843,7 +1843,7 @@ static inline int ssi_aead_gcm(
 
 #ifdef CC_DEBUG
 static inline void ssi_aead_dump_gcm(
-   const char* title,
+   const char *title,
struct aead_request *req)
 {
struct crypto_aead *tfm = crypto_aead_reqtfm(req);
-- 
2.7.4

[PATCH 10/11] Fix ERROR: else should follow close brace '}'

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

Fixied "ERROR: else should follow close brace '}'".

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index d697244..c148d81 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -1919,8 +1919,7 @@ static int config_gcm_context(struct aead_request *req)
memcpy (_ctx->gcm_len_block.lenA, , sizeof(temp64));
temp64 = cpu_to_be64(cryptlen * 8);
memcpy (_ctx->gcm_len_block.lenC, , 8);
-   }
-   else { //rfc4543=>  all data(AAD,IV,Plain) are considered additional 
data that is nothing is encrypted.
+   } else { //rfc4543=>  all data(AAD,IV,Plain) are considered additional 
data that is nothing is encrypted.
__be64 temp64;
temp64 = 
cpu_to_be64((req->assoclen+GCM_BLOCK_RFC4_IV_SIZE+cryptlen) * 8);
memcpy (_ctx->gcm_len_block.lenA, , sizeof(temp64));
-- 
2.7.4

[PATCH 08/11] Fix ERROR: space prohibited before open square bracket '['

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

Fixied "ERROR: space prohibited before open square bracket '['".

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index 7bc1193..6d2c035 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -1588,7 +1588,7 @@ static int config_ccm_adata(struct aead_request *req)
req_ctx->ccm_hdr_size = format_ccm_a0 (a0, req->assoclen);
 
memset(req->iv + 15 - req->iv[0], 0, req->iv[0] + 1);
-   req->iv [15] = 1;
+   req->iv[15] = 1;
 
memcpy(ctr_count_0, req->iv, AES_BLOCK_SIZE) ;
ctr_count_0[15] = 0;
-- 
2.7.4

[PATCH 09/11] Fix ERROR: space prohibited before that ','

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

Fixed "ERROR: space prohibited before that ','".

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index 6d2c035..d697244 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -1916,16 +1916,16 @@ static int config_gcm_context(struct aead_request *req)
if (req_ctx->plaintext_authenticate_only == false) {
__be64 temp64;
temp64 = cpu_to_be64(req->assoclen * 8);
-   memcpy (_ctx->gcm_len_block.lenA , , sizeof(temp64));
+   memcpy (_ctx->gcm_len_block.lenA, , sizeof(temp64));
temp64 = cpu_to_be64(cryptlen * 8);
-   memcpy (_ctx->gcm_len_block.lenC , , 8);
+   memcpy (_ctx->gcm_len_block.lenC, , 8);
}
else { //rfc4543=>  all data(AAD,IV,Plain) are considered additional 
data that is nothing is encrypted.
__be64 temp64;
temp64 = 
cpu_to_be64((req->assoclen+GCM_BLOCK_RFC4_IV_SIZE+cryptlen) * 8);
-   memcpy (_ctx->gcm_len_block.lenA , , sizeof(temp64));
+   memcpy (_ctx->gcm_len_block.lenA, , sizeof(temp64));
temp64 = 0;
-   memcpy (_ctx->gcm_len_block.lenC , , 8);
+   memcpy (_ctx->gcm_len_block.lenC, , 8);
}
 
return 0;
-- 
2.7.4

[PATCH 07/11] Fix ERROR: open brace '{' following function declarations go on the next line

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

Fixed "ERROR: open brace '{' following function declarations go on the next 
line".

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index 32edebe..7bc1193 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -1542,7 +1542,8 @@ static inline int ssi_aead_ccm(
return 0;
 }
 
-static int config_ccm_adata(struct aead_request *req) {
+static int config_ccm_adata(struct aead_request *req)
+{
struct crypto_aead *tfm = crypto_aead_reqtfm(req);
struct ssi_aead_ctx *ctx = crypto_aead_ctx(tfm);
struct aead_req_ctx *req_ctx = aead_request_ctx(req);
@@ -1886,7 +1887,8 @@ static inline void ssi_aead_dump_gcm(
 }
 #endif
 
-static int config_gcm_context(struct aead_request *req) {
+static int config_gcm_context(struct aead_request *req)
+{
struct crypto_aead *tfm = crypto_aead_reqtfm(req);
struct ssi_aead_ctx *ctx = crypto_aead_ctx(tfm);
struct aead_req_ctx *req_ctx = aead_request_ctx(req);
-- 
2.7.4

[PATCH 06/11] Fix ERROR: space prohibited before that close parenthesis ')'

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

Fixed "ERROR: space prohibited before that close parenthesis ')'".

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 30 +++---
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index 5166874..32edebe 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -1375,10 +1375,10 @@ static int validate_data_size(struct ssi_aead_ctx *ctx,
 static unsigned int format_ccm_a0(u8 *pA0Buff, u32 headerSize)
 {
unsigned int len = 0;
-   if (headerSize == 0 ) {
+   if (headerSize == 0) {
return 0;
}
-   if (headerSize < ((1UL << 16) - (1UL << 8) )) {
+   if (headerSize < ((1UL << 16) - (1UL << 8))) {
len = 2;
 
pA0Buff[0] = (headerSize >> 8) & 0xFF;
@@ -1858,9 +1858,9 @@ static inline void ssi_aead_dump_gcm(
}
 
SSI_LOG_DEBUG("cipher_mode %d, authsize %d, enc_keylen %d, assoclen %d, 
cryptlen %d \n", \
-ctx->cipher_mode, ctx->authsize, 
ctx->enc_keylen, req->assoclen, req_ctx->cryptlen );
+ctx->cipher_mode, ctx->authsize, 
ctx->enc_keylen, req->assoclen, req_ctx->cryptlen);
 
-   if (ctx->enckey != NULL ) {
+   if (ctx->enckey != NULL) {
dump_byte_array("mac key", ctx->enckey, 16);
}
 
@@ -1914,16 +1914,16 @@ static int config_gcm_context(struct aead_request *req) 
{
if (req_ctx->plaintext_authenticate_only == false) {
__be64 temp64;
temp64 = cpu_to_be64(req->assoclen * 8);
-   memcpy (_ctx->gcm_len_block.lenA , , sizeof(temp64) 
);
+   memcpy (_ctx->gcm_len_block.lenA , , sizeof(temp64));
temp64 = cpu_to_be64(cryptlen * 8);
-   memcpy (_ctx->gcm_len_block.lenC , , 8 );
+   memcpy (_ctx->gcm_len_block.lenC , , 8);
}
else { //rfc4543=>  all data(AAD,IV,Plain) are considered additional 
data that is nothing is encrypted.
__be64 temp64;
temp64 = 
cpu_to_be64((req->assoclen+GCM_BLOCK_RFC4_IV_SIZE+cryptlen) * 8);
-   memcpy (_ctx->gcm_len_block.lenA , , sizeof(temp64) 
);
+   memcpy (_ctx->gcm_len_block.lenA , , sizeof(temp64));
temp64 = 0;
-   memcpy (_ctx->gcm_len_block.lenC , , 8 );
+   memcpy (_ctx->gcm_len_block.lenC , , 8);
}
 
return 0;
@@ -1999,7 +1999,7 @@ static int ssi_aead_process(struct aead_request *req, 
enum drv_crypto_direction
req->iv = areq_ctx->ctr_iv;
areq_ctx->hw_iv_size = CTR_RFC3686_BLOCK_SIZE;
} else if ((ctx->cipher_mode == DRV_CIPHER_CCM) ||
-  (ctx->cipher_mode == DRV_CIPHER_GCTR) ) {
+  (ctx->cipher_mode == DRV_CIPHER_GCTR)) {
areq_ctx->hw_iv_size = AES_BLOCK_SIZE;
if (areq_ctx->ctr_iv != req->iv) {
memcpy(areq_ctx->ctr_iv, req->iv, 
crypto_aead_ivsize(tfm));
@@ -2080,7 +2080,7 @@ static int ssi_aead_process(struct aead_request *req, 
enum drv_crypto_direction
case DRV_HASH_XCBC_MAC:
ssi_aead_xcbc_authenc(req, desc, _len);
break;
-#if (SSI_CC_HAS_AES_CCM || SSI_CC_HAS_AES_GCM )
+#if (SSI_CC_HAS_AES_CCM || SSI_CC_HAS_AES_GCM)
case DRV_HASH_NULL:
 #if SSI_CC_HAS_AES_CCM
if (ctx->cipher_mode == DRV_CIPHER_CCM) {
@@ -2144,7 +2144,7 @@ static int ssi_rfc4309_ccm_encrypt(struct aead_request 
*req)
int rc = -EINVAL;
 
if (!valid_assoclen(req)) {
-   SSI_LOG_ERR("invalid Assoclen:%u\n", req->assoclen );
+   SSI_LOG_ERR("invalid Assoclen:%u\n", req->assoclen);
goto out;
}
 
@@ -2219,7 +2219,7 @@ static int ssi_rfc4106_gcm_setkey(struct crypto_aead 
*tfm, const u8 *key, unsign
struct ssi_aead_ctx *ctx = crypto_aead_ctx(tfm);
int rc = 0;
 
-   SSI_LOG_DEBUG("ssi_rfc4106_gcm_setkey()  keylen %d, key %p \n", keylen, 
key );
+   SSI_LOG_DEBUG("ssi_rfc4106_gcm_setkey()  keylen %d, key %p \n", keylen, 
key);
 
if (keylen < 4)
return -EINVAL;
@@ -2237,7 +2237,7 @@ static int ssi_rfc4543_gcm_setkey(struct crypto_aead 
*tfm, const u8 *key, unsign
struct ssi_aead_ctx *ctx = crypto_aead_ctx(tfm);
int rc = 0;
 
-   SSI_LOG_DEBUG("ssi_rfc4543_gcm_setkey()  keylen %d, key %p \n", keylen, 
key );
+   SSI_LOG_DEBUG("ssi_rfc4543_gcm_setkey()  keylen %d, key %p \n", keylen, 
key);
 
if (keylen < 4)
return -EINVAL;
@@ -2272,7 +2272,7 @@ static int ssi_gcm_setauthsize(struct crypto_aead 
*authenc,
 static int ssi_rfc4106_gcm_setauthsize(struct crypto_aead *authenc,
  unsigned int authsize)
 {
-   

[PATCH 05/11] Fix ERROR: space prohibited after that open parenthesis '('

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

Fixed "ERROR: space prohibited after that open parenthesis '('".

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index 6bcab5a..5166874 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -1375,10 +1375,10 @@ static int validate_data_size(struct ssi_aead_ctx *ctx,
 static unsigned int format_ccm_a0(u8 *pA0Buff, u32 headerSize)
 {
unsigned int len = 0;
-   if ( headerSize == 0 ) {
+   if (headerSize == 0 ) {
return 0;
}
-   if ( headerSize < ((1UL << 16) - (1UL << 8) )) {
+   if (headerSize < ((1UL << 16) - (1UL << 8) )) {
len = 2;
 
pA0Buff[0] = (headerSize >> 8) & 0xFF;
@@ -1860,7 +1860,7 @@ static inline void ssi_aead_dump_gcm(
SSI_LOG_DEBUG("cipher_mode %d, authsize %d, enc_keylen %d, assoclen %d, 
cryptlen %d \n", \
 ctx->cipher_mode, ctx->authsize, 
ctx->enc_keylen, req->assoclen, req_ctx->cryptlen );
 
-   if ( ctx->enckey != NULL ) {
+   if (ctx->enckey != NULL ) {
dump_byte_array("mac key", ctx->enckey, 16);
}
 
@@ -1914,16 +1914,16 @@ static int config_gcm_context(struct aead_request *req) 
{
if (req_ctx->plaintext_authenticate_only == false) {
__be64 temp64;
temp64 = cpu_to_be64(req->assoclen * 8);
-   memcpy ( _ctx->gcm_len_block.lenA , , sizeof(temp64) 
);
+   memcpy (_ctx->gcm_len_block.lenA , , sizeof(temp64) 
);
temp64 = cpu_to_be64(cryptlen * 8);
-   memcpy ( _ctx->gcm_len_block.lenC , , 8 );
+   memcpy (_ctx->gcm_len_block.lenC , , 8 );
}
else { //rfc4543=>  all data(AAD,IV,Plain) are considered additional 
data that is nothing is encrypted.
__be64 temp64;
temp64 = 
cpu_to_be64((req->assoclen+GCM_BLOCK_RFC4_IV_SIZE+cryptlen) * 8);
-   memcpy ( _ctx->gcm_len_block.lenA , , sizeof(temp64) 
);
+   memcpy (_ctx->gcm_len_block.lenA , , sizeof(temp64) 
);
temp64 = 0;
-   memcpy ( _ctx->gcm_len_block.lenC , , 8 );
+   memcpy (_ctx->gcm_len_block.lenC , , 8 );
}
 
return 0;
@@ -2080,7 +2080,7 @@ static int ssi_aead_process(struct aead_request *req, 
enum drv_crypto_direction
case DRV_HASH_XCBC_MAC:
ssi_aead_xcbc_authenc(req, desc, _len);
break;
-#if ( SSI_CC_HAS_AES_CCM || SSI_CC_HAS_AES_GCM )
+#if (SSI_CC_HAS_AES_CCM || SSI_CC_HAS_AES_GCM )
case DRV_HASH_NULL:
 #if SSI_CC_HAS_AES_CCM
if (ctx->cipher_mode == DRV_CIPHER_CCM) {
-- 
2.7.4

[PATCH 04/11] Fix ERROR: that open brace { should be on the previous line

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

Fixed 'ERROR: that open brace { should be on the previous line'.

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index ca3f11f..6bcab5a 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -1340,8 +1340,7 @@ static int validate_data_size(struct ssi_aead_ctx *ctx,
goto data_size_err;
if (ctx->cipher_mode == DRV_CIPHER_CCM)
break;
-   if (ctx->cipher_mode == DRV_CIPHER_GCTR)
-   {
+   if (ctx->cipher_mode == DRV_CIPHER_GCTR) {
if (areq_ctx->plaintext_authenticate_only == true)
areq_ctx->is_single_pass = false;
break;
@@ -1912,8 +1911,7 @@ static int config_gcm_context(struct aead_request *req) {
memcpy(req_ctx->gcm_iv_inc1, req->iv, 16);
 
 
-   if (req_ctx->plaintext_authenticate_only == false)
-   {
+   if (req_ctx->plaintext_authenticate_only == false) {
__be64 temp64;
temp64 = cpu_to_be64(req->assoclen * 8);
memcpy ( _ctx->gcm_len_block.lenA , , sizeof(temp64) 
);
-- 
2.7.4

[PATCH 03/11] Fix ERROR: space required before the open brace

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

Fixed 'ERROR: space required before the open brace'.

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index 0f95a54..ca3f11f 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -791,7 +791,7 @@ ssi_aead_process_authenc_data_desc(
u32 mlli_nents = areq_ctx->assoc.mlli_nents;
 
if (likely(areq_ctx->is_single_pass == true)) {
-   if (direct == DRV_CRYPTO_DIRECTION_ENCRYPT){
+   if (direct == DRV_CRYPTO_DIRECTION_ENCRYPT) {
mlli_addr = areq_ctx->dst.sram_addr;
mlli_nents = areq_ctx->dst.mlli_nents;
} else {
@@ -1715,7 +1715,7 @@ static inline void ssi_aead_gcm_setup_gctr_desc(
set_flow_mode([idx], S_DIN_to_AES);
idx++;
 
-   if ((req_ctx->cryptlen != 0) && (req_ctx->plaintext_authenticate_only 
== false)){
+   if ((req_ctx->cryptlen != 0) && (req_ctx->plaintext_authenticate_only 
== false)) {
/* load AES/CTR initial CTR value inc by 2*/
hw_desc_init([idx]);
set_cipher_mode([idx], DRV_CIPHER_GCTR);
@@ -1815,7 +1815,7 @@ static inline int ssi_aead_gcm(
 
 
//in RFC4543 no data to encrypt. just copy data from src to dest.
-   if (req_ctx->plaintext_authenticate_only == true){
+   if (req_ctx->plaintext_authenticate_only == true) {
ssi_aead_process_cipher_data_desc(req, BYPASS, desc, seq_size);
ssi_aead_gcm_setup_ghash_desc(req, desc, seq_size);
/* process(ghash) assoc data */
-- 
2.7.4

[PATCH 02/11] Fix ERROR: spaces required around that

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

Fixed 'ERROR: spaces required around that'

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index 5bc3a53..0f95a54 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -663,7 +663,7 @@ static int ssi_aead_setauthsize(
CHECK_AND_RETURN_UPON_FIPS_ERROR();
/* Unsupported auth. sizes */
if ((authsize == 0) ||
-   (authsize >crypto_aead_maxauthsize(authenc))) {
+   (authsize > crypto_aead_maxauthsize(authenc))) {
return -ENOTSUPP;
}
 
@@ -1715,7 +1715,7 @@ static inline void ssi_aead_gcm_setup_gctr_desc(
set_flow_mode([idx], S_DIN_to_AES);
idx++;
 
-   if ((req_ctx->cryptlen != 0) && 
(req_ctx->plaintext_authenticate_only==false)){
+   if ((req_ctx->cryptlen != 0) && (req_ctx->plaintext_authenticate_only 
== false)){
/* load AES/CTR initial CTR value inc by 2*/
hw_desc_init([idx]);
set_cipher_mode([idx], DRV_CIPHER_GCTR);
@@ -1815,7 +1815,7 @@ static inline int ssi_aead_gcm(
 
 
//in RFC4543 no data to encrypt. just copy data from src to dest.
-   if (req_ctx->plaintext_authenticate_only==true){
+   if (req_ctx->plaintext_authenticate_only == true){
ssi_aead_process_cipher_data_desc(req, BYPASS, desc, seq_size);
ssi_aead_gcm_setup_ghash_desc(req, desc, seq_size);
/* process(ghash) assoc data */
@@ -1877,11 +1877,11 @@ static inline void ssi_aead_dump_gcm(
 
dump_byte_array("gcm_len_block", req_ctx->gcm_len_block.lenA, 
AES_BLOCK_SIZE);
 
-   if (req->src!=NULL && req->cryptlen) {
+   if (req->src != NULL && req->cryptlen) {
dump_byte_array("req->src", sg_virt(req->src), 
req->cryptlen+req->assoclen);
}
 
-   if (req->dst!=NULL) {
+   if (req->dst != NULL) {
dump_byte_array("req->dst", sg_virt(req->dst), 
req->cryptlen+ctx->authsize+req->assoclen);
 }
 }
@@ -1959,7 +1959,7 @@ static int ssi_aead_process(struct aead_request *req, 
enum drv_crypto_direction
 
 
SSI_LOG_DEBUG("%s context=%p req=%p iv=%p src=%p src_ofs=%d dst=%p 
dst_ofs=%d cryptolen=%d\n",
-   ((direct==DRV_CRYPTO_DIRECTION_ENCRYPT)?"Encrypt":"Decrypt"), 
ctx, req, req->iv,
+   ((direct == DRV_CRYPTO_DIRECTION_ENCRYPT) ? "Encrypt" : 
"Decrypt"), ctx, req, req->iv,
sg_virt(req->src), req->src->offset, sg_virt(req->dst), 
req->dst->offset, req->cryptlen);
CHECK_AND_RETURN_UPON_FIPS_ERROR();
 
-- 
2.7.4

[PATCH 01/11] Fix coding style of driver/staging/ccree/ssi_aead.c ERROR: space required after that

[Jhih-Ming Huang]

From: Jhih-Ming Hunag 

In this series patches, I fix all of the coding style error in 
driver/staging/ccree/ssi_aead.c from 54 errors to 0 error.

The first patch fixed 'ERROR: space required after that'.

Signed-off-by: Jhih-Ming Hunag 
---
 drivers/staging/ccree/ssi_aead.c | 22 +++---
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c
index e8936a3..5bc3a53 100644
--- a/drivers/staging/ccree/ssi_aead.c
+++ b/drivers/staging/ccree/ssi_aead.c
@@ -155,7 +155,7 @@ static int ssi_aead_init(struct crypto_aead *tfm)
ctx->auth_mode = ssi_alg->auth_mode;
ctx->drvdata = ssi_alg->drvdata;
dev = >drvdata->plat_dev->dev;
-   crypto_aead_set_reqsize(tfm,sizeof(struct aead_req_ctx));
+   crypto_aead_set_reqsize(tfm, sizeof(struct aead_req_ctx));
 
/* Allocate key buffer, cache line aligned */
ctx->enckey = dma_alloc_coherent(dev, AES_MAX_KEY_SIZE,
@@ -1566,7 +1566,7 @@ static int config_ccm_adata(struct aead_request *req) {
/* taken from crypto/ccm.c */
/* 2 <= L <= 8, so 1 <= L' <= 7. */
if (2 > l || l > 8) {
-   SSI_LOG_ERR("illegal iv value %X\n",req->iv[0]);
+   SSI_LOG_ERR("illegal iv value %X\n", req->iv[0]);
return -EINVAL;
}
memcpy(b0, req->iv, AES_BLOCK_SIZE);
@@ -1862,27 +1862,27 @@ static inline void ssi_aead_dump_gcm(
 ctx->cipher_mode, ctx->authsize, 
ctx->enc_keylen, req->assoclen, req_ctx->cryptlen );
 
if ( ctx->enckey != NULL ) {
-   dump_byte_array("mac key",ctx->enckey, 16);
+   dump_byte_array("mac key", ctx->enckey, 16);
}
 
-   dump_byte_array("req->iv",req->iv, AES_BLOCK_SIZE);
+   dump_byte_array("req->iv", req->iv, AES_BLOCK_SIZE);
 
-   dump_byte_array("gcm_iv_inc1",req_ctx->gcm_iv_inc1, AES_BLOCK_SIZE);
+   dump_byte_array("gcm_iv_inc1", req_ctx->gcm_iv_inc1, AES_BLOCK_SIZE);
 
-   dump_byte_array("gcm_iv_inc2",req_ctx->gcm_iv_inc2, AES_BLOCK_SIZE);
+   dump_byte_array("gcm_iv_inc2", req_ctx->gcm_iv_inc2, AES_BLOCK_SIZE);
 
-   dump_byte_array("hkey",req_ctx->hkey, AES_BLOCK_SIZE);
+   dump_byte_array("hkey", req_ctx->hkey, AES_BLOCK_SIZE);
 
-   dump_byte_array("mac_buf",req_ctx->mac_buf, AES_BLOCK_SIZE);
+   dump_byte_array("mac_buf", req_ctx->mac_buf, AES_BLOCK_SIZE);
 
-   dump_byte_array("gcm_len_block",req_ctx->gcm_len_block.lenA, 
AES_BLOCK_SIZE);
+   dump_byte_array("gcm_len_block", req_ctx->gcm_len_block.lenA, 
AES_BLOCK_SIZE);
 
if (req->src!=NULL && req->cryptlen) {
-   dump_byte_array("req->src",sg_virt(req->src), 
req->cryptlen+req->assoclen);
+   dump_byte_array("req->src", sg_virt(req->src), 
req->cryptlen+req->assoclen);
}
 
if (req->dst!=NULL) {
-   dump_byte_array("req->dst",sg_virt(req->dst), 
req->cryptlen+ctx->authsize+req->assoclen);
+   dump_byte_array("req->dst", sg_virt(req->dst), 
req->cryptlen+ctx->authsize+req->assoclen);
 }
 }
 #endif
-- 
2.7.4

Re: [PATCH] crypto: caam: make of_device_ids const.

[Herbert Xu]

On Fri, Jun 16, 2017 at 02:46:44PM +0530, Arvind Yadav wrote:
> of_device_ids are not supposed to change at runtime. All functions
> working with of_device_ids provided by  work with const
> of_device_ids. So mark the non-const structs as const.
> 
> File size before:
>text  data bss dec hex filename
>2376   808 1283312 cf0 drivers/crypto/caam/jr.o
> 
> File size after constify caam_jr_match:
>text  data bss dec hex filename
>2976   192 1283296 ce0 drivers/crypto/caam/jr.o
> 
> Signed-off-by: Arvind Yadav 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: vmx: remove unnecessary check

[Herbert Xu]

On Fri, Jun 16, 2017 at 11:39:48AM +0300, Tudor Ambarus wrote:
> You can't reach init() if parent alg_name is invalid. Moreover,
> cypto_alloc_base() will return ENOENT if alg_name is NULL.
> Found while grasping the fallback mechanism.
> 
> Signed-off-by: Tudor Ambarus 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH 00/13] crypto: inside-secure - various improvements

[Herbert Xu]

On Thu, Jun 15, 2017 at 09:56:16AM +0200, Antoine Tenart wrote:
> Hi Herbert,
> 
> This series improves the newly added inside-secure driver in various
> ways. There are also a few non-critical fixes.
> 
> The series is based on top of your cryptodev/master branch, as it
> depends on the inside-secure driver addition ("crypto: inside-secure -
> add SafeXcel EIP197 crypto engine driver").
> 
> I'd like to thank Ofer Heifetz and Igal Liberman who helped making
> these changes!
> 
> Thanks,
> Antoine
> 
> Antoine Tenart (10):

All applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH][crypto-next] crypto: cavium: fix spelling mistake "Revsion" -> "Revision"

[Herbert Xu]

On Tue, Jun 13, 2017 at 09:52:54AM +0100, Colin King wrote:
> From: Colin Ian King 
> 
> Trivial fix to spelling mistake in seq_printf message
> 
> Signed-off-by: Colin Ian King 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH 0/9] Bug fixes and ctr mode of operation

[Herbert Xu]

On Thu, Jun 15, 2017 at 12:43:38PM +0530, Harsh Jain wrote:
> This series is based on cryptodev2.6 tree and includes bug fix ,ctr(aes), 
> rfc3686(ctr(aes)) algo.
> 
> Harsh Jain (7):
>   crypto: chcr - Pass lcb bit setting to firmware
>   crypto: chcr - Set fallback key
>   crypto: chcr - Return correct error code
>   crypto: chcr - Avoid changing request structure
>   crypto:chcr - Add ctr mode and process large sg entries for cipher
>   MAINTAINERS:Add maintainer for chelsio crypto driver
>   crypto: chcr - Ensure Destination sg entry size less than  2k
> Atul Gupta (2):
>   chcr - Add debug counters
>   crypto: chcr - Select device in Round Robin fashion

All applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH][crypto-next] crypto: omap-aes: fix spelling mistake "Encryptio" -> "Encryption"

[Herbert Xu]

On Tue, Jun 13, 2017 at 09:46:47AM +0100, Colin King wrote:
> From: Colin Ian King 
> 
> Trivial fix to spelling mistake in pr_err message
> 
> Signed-off-by: Colin Ian King 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v2 0/3] add support of hardware random generator on MediaTek MT7622

[Herbert Xu]

On Mon, Jun 12, 2017 at 11:56:53PM +0800, sean.w...@mediatek.com wrote:
> From: Sean Wang 
> 
> Changes since v1:
> - update the bindings with the specific "mediatek,mt7622-rng"
>   instead of the generic one as "mediatek,generic-rng"
> 
> The series add support of hardware RNG on MediaTek MT7622 and
> , runtime PM support and add me as the maintainer for the existing
> and following chipset.
> 
> Sean Wang (3):
>   dt-bindings: rng: add MediaTek MT7622 Hardware Random Generator
> bindings
>   hwrng: mtk - add runtime PM support
>   MAINTAINERS: add entry for MediaTek Random Number Generator

All applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: testmgr - add testvector for pkcs1pad(rsa)

[Herbert Xu]

On Mon, Jun 12, 2017 at 11:27:51PM +0200, Stephan Müller wrote:
> The PKCS#1 RSA implementation is provided with a self test with RSA 2048
> and SHA-256. This self test implicitly covers other RSA keys and other
> hashes. Also, this self test implies that the pkcs1pad(rsa) is FIPS
> 140-2 compliant.
> 
> Signed-off-by: Stephan Mueller 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] rsa-pkcs1pad: use constant time memory comparison for MACs

[Herbert Xu]

On Sun, Jun 11, 2017 at 11:20:23PM +0200, Jason A. Donenfeld wrote:
> Otherwise, we enable all sorts of forgeries via timing attack.
> 
> Signed-off-by: Jason A. Donenfeld 
> Suggested-by: Stephan Müller 
> Cc: sta...@vger.kernel.org
> Cc: Herbert Xu 
> Cc: linux-crypto@vger.kernel.org

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v6 1/5] Documentation/bindings: Document the SafeXel cryptographic engine driver

[Herbert Xu]

On Sun, Jun 11, 2017 at 10:53:53AM +0200, Antoine Tenart wrote:
> Hi Herbert,
> 
> On Wed, May 24, 2017 at 04:10:31PM +0200, Antoine Tenart wrote:
> > The Inside Secure Safexcel cryptographic engine is found on some Marvell
> > SoCs (7k/8k). Document the bindings used by its driver.
> > 
> > Signed-off-by: Antoine Tenart 
> 
> Since you applied the Safexcel crypto driver patch, I think you should
> also apply this patch adding the corresponding bindings documentation.

OK I've restored it in the patch queue.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: crypto4xx - fix an error code

[Herbert Xu]

On Sat, Jun 10, 2017 at 02:54:33PM +0200, Christophe JAILLET wrote:
> If 'kzalloc' fails, we return 0 which means success.
> return -ENOMEM instead as already done a few lines above.
> 
> Signed-off-by: Christophe JAILLET 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v9 1/2] crypto: skcipher AF_ALG - overhaul memory management

[Herbert Xu]

On Sat, Jun 10, 2017 at 07:59:25PM +0200, Stephan Müller wrote:
>
> -static int skcipher_recvmsg_sync(struct socket *sock, struct msghdr *msg,
> -  int flags)
> +static int skcipher_recvmsg(struct socket *sock, struct msghdr *msg,
> + size_t ignored, int flags)
>  {
>   struct sock *sk = sock->sk;
> - struct alg_sock *ask = alg_sk(sk);
> - struct sock *psk = ask->parent;
> - struct alg_sock *pask = alg_sk(psk);
> - struct skcipher_ctx *ctx = ask->private;
> - struct skcipher_tfm *skc = pask->private;
> - struct crypto_skcipher *tfm = skc->skcipher;
> - unsigned bs = crypto_skcipher_blocksize(tfm);
> - struct skcipher_sg_list *sgl;
> - struct scatterlist *sg;
> - int err = -EAGAIN;
> - int used;
> - long copied = 0;
> + int ret = 0;
>  
>   lock_sock(sk);
>   while (msg_data_left(msg)) {
> - if (!ctx->used) {
> - err = skcipher_wait_for_data(sk, flags);
> - if (err)
> - goto unlock;
> + int err = _skcipher_recvmsg(sock, msg, ignored, flags);
> +
> + /*
> +  * This error covers -EIOCBQUEUED which implies that we can
> +  * only handle one AIO request. If the caller wants to have
> +  * multiple AIO requests in parallel, he must make multiple
> +  * separate AIO calls.
> +  */
> + if (err < 0) {
> + ret = err;
> + goto out;

This looks like a semantic change.  The previous code would return
the number of bytes already successfully processed in case of a
subsequent error.  With your new code you will always return the
error.

> @@ -724,10 +737,9 @@ static unsigned int skcipher_poll(struct file *file, 
> struct socket *sock,
>   struct sock *sk = sock->sk;
>   struct alg_sock *ask = alg_sk(sk);
>   struct skcipher_ctx *ctx = ask->private;
> - unsigned int mask;
> + unsigned int mask = 0;
>  
>   sock_poll_wait(file, sk_sleep(sk), wait);
> - mask = 0;
>  
>   if (ctx->used)
>   mask |= POLLIN | POLLRDNORM;

Please remove this hunk as it has nothing to do with this patch.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [RFC PATCH 1/2] crypto: caam - properly set IV after {en,de}crypt

[Herbert Xu]

On Mon, Jun 19, 2017 at 10:31:27AM +, Horia Geantă wrote:
>
> IIUC, IV update is required only in case of CBC.
> Since this callback is used also for CTR, we should avoid the copy:
> if ((ctx->cdata.algtype & OP_ALG_AAI_MASK) == OP_ALG_AAI_CBC) ...

No it is needed for CTR too.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: Reply Urgent

[INFO]

Hello,

How are you doing? I have been sent to inform you that, We have an  
inheritance of a deceased client with your surname. Contact Mr Andrew  
Bailey Reply Email To: myinf...@gmail.com with your "Full Names" for  
more info.  Thanks for your understanding.


Reply ASAP thank you.

Melissa.
--
Correo Corporativo Hospital Universitario del Valle E.S.E
***

"Estamos re-dimensionandonos para crecer!"

**

Re: [PATCH] random: silence compiler warnings and fix race

[Jason A. Donenfeld]

Hello Ted,

With rc6 already released and rc7 coming up, I'd really appreciate you
stepping in here and either ACKing the above commit, or giving your
two cents about it in case I need to roll something different.

Thanks,
Jason

On Thu, Jun 15, 2017 at 12:45 AM, Jason A. Donenfeld  wrote:
> Odd versions of gcc for the sh4 architecture will actually warn about
> flags being used while uninitialized, so we set them to zero. Non crazy
> gccs will optimize that out again, so it doesn't make a difference.
>
> Next, over aggressive gccs could inline the expression that defines
> use_lock, which could then introduce a race resulting in a lock
> imbalance. By using READ_ONCE, we prevent that fate. Finally, we make
> that assignment const, so that gcc can still optimize a nice amount.
>
> Finally, we fix a potential deadlock between primary_crng.lock and
> batched_entropy_reset_lock, where they could be called in opposite
> order. Moving the call to invalidate_batched_entropy to outside the lock
> rectifies this issue.
>
> Signed-off-by: Jason A. Donenfeld 
> ---
> Ted -- the first part of this is the fixup patch we discussed earlier.
> Then I added on top a fix for a potentially related race.
>
> I'm not totally convinced that moving this block to outside the spinlock
> is 100% okay, so please give this a close look before merging.
>
>
>  drivers/char/random.c | 12 ++--
>  1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/char/random.c b/drivers/char/random.c
> index e870f329db88..01a260f67437 100644
> --- a/drivers/char/random.c
> +++ b/drivers/char/random.c
> @@ -803,13 +803,13 @@ static int crng_fast_load(const char *cp, size_t len)
> p[crng_init_cnt % CHACHA20_KEY_SIZE] ^= *cp;
> cp++; crng_init_cnt++; len--;
> }
> +   spin_unlock_irqrestore(_crng.lock, flags);
> if (crng_init_cnt >= CRNG_INIT_CNT_THRESH) {
> invalidate_batched_entropy();
> crng_init = 1;
> wake_up_interruptible(_init_wait);
> pr_notice("random: fast init done\n");
> }
> -   spin_unlock_irqrestore(_crng.lock, flags);
> return 1;
>  }
>
> @@ -841,6 +841,7 @@ static void crng_reseed(struct crng_state *crng, struct 
> entropy_store *r)
> }
> memzero_explicit(, sizeof(buf));
> crng->init_time = jiffies;
> +   spin_unlock_irqrestore(_crng.lock, flags);
> if (crng == _crng && crng_init < 2) {
> invalidate_batched_entropy();
> crng_init = 2;
> @@ -848,7 +849,6 @@ static void crng_reseed(struct crng_state *crng, struct 
> entropy_store *r)
> wake_up_interruptible(_init_wait);
> pr_notice("random: crng init done\n");
> }
> -   spin_unlock_irqrestore(_crng.lock, flags);
>  }
>
>  static inline void crng_wait_ready(void)
> @@ -2041,8 +2041,8 @@ static DEFINE_PER_CPU(struct batched_entropy, 
> batched_entropy_u64);
>  u64 get_random_u64(void)
>  {
> u64 ret;
> -   bool use_lock = crng_init < 2;
> -   unsigned long flags;
> +   bool use_lock = READ_ONCE(crng_init) < 2;
> +   unsigned long flags = 0;
> struct batched_entropy *batch;
>
>  #if BITS_PER_LONG == 64
> @@ -2073,8 +2073,8 @@ static DEFINE_PER_CPU(struct batched_entropy, 
> batched_entropy_u32);
>  u32 get_random_u32(void)
>  {
> u32 ret;
> -   bool use_lock = crng_init < 2;
> -   unsigned long flags;
> +   bool use_lock = READ_ONCE(crng_init) < 2;
> +   unsigned long flags = 0;
> struct batched_entropy *batch;
>
> if (arch_get_random_int())
> --
> 2.13.1
>

Re: [PATCH] random: silence compiler warnings and fix race

[Jason A. Donenfeld]

On Mon, Jun 19, 2017 at 9:45 AM, Sebastian Andrzej Siewior
 wrote:
> ehm. You sure? I simply delayed the lock-dropping _after_ the state
> variable was been modified. So it was basically what your patch did
> except it was unlocked later…

Yes, I'm sure. You moved the call to invalidate_batched_entropy() to
be after the assignment of crng_init. However, the call to
invalidate_batched_entropy() must be made _before_ the assignment of
crng_init.

>> > Are use about that? I am not sure that the gcc will inline "crng_init"
>> > read twice. It is not a local variable. READ_ONCE() is usually used
>> > where gcc could cache a memory access but you do not want this. But hey!
>> > If someone knows better I am here to learn.
>>
>> The whole purpose is that I _want_ it to cache the memory access so
>> that it is _not_ inlined. So, based on your understanding, it does
>> exactly what I intended it to do. The reason is that I'd like to avoid
>> a lock imbalance, which could happen if the read is inlined.
>
> So it was good as it was which means you can drop that READ_ONCE().

Except READ_ONCE ensures that the compiler will never inline it, so it
actually needs to stay.

Re: [PATCH] hwrng: do not warn when there are no devices

[Mike Frysinger]

On Mon, Jun 19, 2017 at 2:43 AM, PrasannaKumar Muralidharan wrote:
> On 19 June 2017 at 11:51, Herbert Xu wrote:
>> On Sun, Jun 18, 2017 at 10:00:17PM -0700, Mike Frysinger wrote:
>>>
>>> in order to make tpm-rng react in the way you're implying, the TPM
>>> subsystem would need to add a notification chain for transitions from
>>> none<->some devices, then tpm-rng could subscribe to that, and during
>>> those transition points, it would call hwrng_register/hwrng_unregister
>>> to make itself visible accordingly to the hwrng subsystem.  maybe
>>> someone on the TPM side would be interested in writing all that logic,
>>> but it sounds excessive for this minor usage.  the current tpm-rng
>>> driver is *extremely* simple -- it's 3 funcs, each of which are 1
>>> line.
>>
>> It's simple and it's broken, as far as the way it hooks into the
>> hwrng is concerned.
>
> *
> diff --git a/drivers/char/hw_random/tpm-rng.c 
> b/drivers/char/hw_random/tpm-rng.c
> index d6d4482..4861b35 100644
> --- a/drivers/char/hw_random/tpm-rng.c
> +++ b/drivers/char/hw_random/tpm-rng.c
> @@ -22,6 +22,10 @@
>  #include 
>
>  #define MODULE_NAME "tpm-rng"
> +#define MAX_RETRIES 30
> +
> +static struct delayed_work check_tpm_work;
> +static int retry_count;
>
>  static int tpm_rng_read(struct hwrng *rng, void *data, size_t max, bool wait)
>  {
> @@ -33,9 +37,27 @@ static struct hwrng tpm_rng = {
> .read = tpm_rng_read,
>  };
>
> +static void check_tpm_presence(struct work_struct *work)
> +{
> +   u8 data = 0;
> +   if (tpm_get_random(TPM_ANY_NUM, , 1) > 0) {
> +   hwrng_register(_rng);
> +   } else {
> +   if (retry_count < MAX_RETRIES) {
> +   retry_count++;
> +   schedule_delayed_work(_tpm_work, HZ * 10);
> +   } else {
> +   pr_err("Could not find any TPM chip, not
> registering rng");
> +   }
> +   }
> +}
> +
>  static int __init rng_init(void)
>  {
> -   return hwrng_register(_rng);
> +   INIT_DELAYED_WORK(_tpm_work, check_tpm_presence);
> +   check_tpm_presence(NULL);
> +
> +   return 0;
>  }
>  module_init(rng_init);
> *
>
> Why not something like this? Patch is completely untested. If this
> idea seems useful I can clean the code but would require help in
> testing.

first, that's not how deferred device probing works in the kernel.
drivers shouldn't be doing their own sleeping.  but we can ignore that
because no amount of delay/retries will work -- TPMs can come & go at
anytime via hotplugging or module loading/unloading.  so the only way
to pull it off would be to do something like what i described --
extending the tpm framework so that it can signal children to come
up/go down.

imo, standing all of that up is over-engineering and not worth the
effort, so i'm not going to do it.  but maybe you can convince some of
the TPM maintainers it's worthwhile.
-mike

[PATCH] crypto: ccp - Release locks before returning

[Gary R Hook]

krobot warning: make sure that all error return paths release locks.

Signed-off-by: Gary R Hook 
---
 drivers/crypto/ccp/ccp-debugfs.c |7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-debugfs.c b/drivers/crypto/ccp/ccp-debugfs.c
index 6d86693b117f..3cd6c83754e0 100644
--- a/drivers/crypto/ccp/ccp-debugfs.c
+++ b/drivers/crypto/ccp/ccp-debugfs.c
@@ -297,12 +297,11 @@ void ccp5_debugfs_setup(struct ccp_device *ccp)
return;
 
write_lock_irqsave(_debugfs_lock, flags);
-   if (!ccp_debugfs_dir) {
+   if (!ccp_debugfs_dir)
ccp_debugfs_dir = debugfs_create_dir(KBUILD_MODNAME, NULL);
-   if (!ccp_debugfs_dir)
-   return;
-   }
write_unlock_irqrestore(_debugfs_lock, flags);
+   if (!ccp_debugfs_dir)
+   return;
 
ccp->debugfs_instance = debugfs_create_dir(ccp->name, ccp_debugfs_dir);
if (!ccp->debugfs_instance)

Re: [PATCH v2 0/6] crypto: aes - allow generic AES to be omitted

[Ard Biesheuvel]

On 19 June 2017 at 05:15, Eric Biggers  wrote:
> Hi Ard,
>
> On Fri, Jun 16, 2017 at 01:17:43PM +0200, Ard Biesheuvel wrote:
>> The generic AES driver uses 16 lookup tables of 1 KB each, and has
>> encryption and decryption routines that are fully unrolled. Given how
>> the dependencies between this code and other drivers are declared in
>> Kconfig files, this code is always pulled into the core kernel, even
>> if it is usually superseded at runtime by accelerated drivers that
>> exist for many architectures.
>>
>> This leaves us with 25 KB of dead code in the kernel, which is negligible
>> in typical environments, but which is actually a big deal for the IoT
>> domain, where every kilobyte counts.
>>
>> Also, the scalar, table based AES routines that exist for ARM, arm64, i586
>> and x86_64 share the lookup tables with AES generic, and may be invoked
>> occasionally when the time-invariant AES-NI or other special instruction
>> drivers are called in interrupt context, at which time the SIMD register
>> file cannot be used. Pulling 16 KB of code and 9 KB of instructions into
>> the L1s (and evicting what was already there) when a softirq happens to
>> be handled in the context of an interrupt taken from kernel mode (which
>> means no SIMD on x86) is also something that we may like to avoid, by
>> falling back to a much smaller and moderately less performant driver.
>> (Note that arm64 will be updated shortly to supply fallbacks for all
>> SIMD based AES implementations, which will be based on the core routines
>> [if they are accepted].)
>>
>> For the reasons above, this series refactors the way the various AES
>> implementations are wired up, to allow the generic version in
>> crypto/aes_generic.c to be omitted from the build entirely.
>>
>
> This looks better now.  I think the help text and prompts could still use some
> improvement.  For the prompts, on x86_64 now I see:
>
> -*- AES cipher algorithms
> [*] Fixed time AES cipher
> [*] AES cipher algorithms (x86_64)
> [*] AES cipher algorithms (AES-NI)
>
> The first is actually the generic table-based implementation now, and it can 
> be
> deselected if the generic fixed-time implementation is selected and the x86_64
> table-based implementation is deselected.  How about making the prompts be:
>
> AES cipher algorithm (generic, table-based)
> AES cipher algorithm (generic, time-invariant)
> AES cipher algorithm (x86_64, table-based)
> AES cipher algorithm (AES-NI)
>
> For the help text, removing the Wikipedia-style boilerplate is good, but IMO 
> the
> help text should at least spell out "AES (Advanced Encryption Standard)".  
> It's
> "obvious" to people familiar with crypto algorithms, but I always find it
> annoying when Kconfig options elsewhere in the kernel use unfamiliar acronyms
> which the developers didn't bother to spell out because it was "obvious" to
> them.
>
> The help text could also give a bit more information to help people decide 
> which
> options to enable.  For example, the help for CRYPTO_AES_X86_64 could say that
> it's only useful on older processors that do not have AES-NI instructions, and
> that the AES-NI implementation, if enabled, will take priority on newer
> processors.  Similarly for the generic implementations, though note that the
> user may still be required to enable at least one of them as a fallback.  
> Also,
> the AES-NI and ARMv8-CE implementations are not only time-invariant but also 
> the
> fastest --- and therefore strongly recommended to enable.
>

Thanks Eric, all good feedback. I will incorporate it into the next respin.

-- 
Ard.

[PATCH] crypto: cavium/nitrox - dma_mapping_error() returns bool

[Dan Carpenter]

We want to return negative error codes here, but we're accidentally
propogating the "true" return from dma_mapping_error().

Fixes: 14fa93cdcd9b ("crypto: cavium - Add support for CNN55XX adapters.")
Signed-off-by: Dan Carpenter 

diff --git a/drivers/crypto/cavium/nitrox/nitrox_reqmgr.c 
b/drivers/crypto/cavium/nitrox/nitrox_reqmgr.c
index b6bd2a870028..4bb4377c5ac0 100644
--- a/drivers/crypto/cavium/nitrox/nitrox_reqmgr.c
+++ b/drivers/crypto/cavium/nitrox/nitrox_reqmgr.c
@@ -199,9 +199,10 @@ static int dma_map_inbufs(struct nitrox_softreq *sr,
sr->in.sglist = glist;
/* map IV */
dma = dma_map_single(dev, >iv, req->ivsize, DMA_BIDIRECTIONAL);
-   ret = dma_mapping_error(dev, dma);
-   if (ret)
+   if (dma_mapping_error(dev, dma)) {
+   ret = -EINVAL;
goto iv_map_err;
+   }
 
sr->in.dir = (req->src == req->dst) ? DMA_BIDIRECTIONAL : DMA_TO_DEVICE;
/* map src entries */
@@ -268,16 +269,18 @@ static int dma_map_outbufs(struct nitrox_softreq *sr,
/* map ORH */
sr->resp.orh_dma = dma_map_single(dev, >resp.orh, ORH_HLEN,
  sr->out.dir);
-   ret = dma_mapping_error(dev, sr->resp.orh_dma);
-   if (ret)
+   if (dma_mapping_error(dev, sr->resp.orh_dma)) {
+   ret = -EINVAL;
goto orh_map_err;
+   }
 
/* map completion */
sr->resp.completion_dma = dma_map_single(dev, >resp.completion,
 COMP_HLEN, sr->out.dir);
-   ret = dma_mapping_error(dev, sr->resp.completion_dma);
-   if (ret)
+   if (dma_mapping_error(dev, sr->resp.completion_dma)) {
+   ret = -EINVAL;
goto compl_map_err;
+   }
 
sr->inplace = (req->src == req->dst) ? true : false;
/* out place */

Re: [RFC PATCH 1/2] crypto: caam - properly set IV after {en,de}crypt

[Horia Geantă]

On 6/2/2017 3:25 PM, David Gstir wrote:
> Certain cipher modes like CTS expect the IV (req->info) of
> ablkcipher_request (or equivalently req->iv of skcipher_request) to
> contain the last ciphertext block when the {en,de}crypt operation is done.
> This is currently not the case for the CAAM driver which in turn breaks
> e.g. cts(cbc(aes)) when the CAAM driver is enabled.
> 
> This patch fixes the CAAM driver to properly set the IV after the
> {en,de}crypt operation of ablkcipher finishes.
> 
> Signed-off-by: David Gstir 
> ---
>  drivers/crypto/caam/caamalg.c | 26 --
>  1 file changed, 24 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
> index 398807d1b77e..d13c1aee4427 100644
> --- a/drivers/crypto/caam/caamalg.c
> +++ b/drivers/crypto/caam/caamalg.c
> @@ -882,10 +882,11 @@ static void ablkcipher_encrypt_done(struct device 
> *jrdev, u32 *desc, u32 err,
>  {
>   struct ablkcipher_request *req = context;
>   struct ablkcipher_edesc *edesc;
> -#ifdef DEBUG
>   struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
>   int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
> + int nents;
>  
> +#ifdef DEBUG
>   dev_err(jrdev, "%s %d: err 0x%x\n", __func__, __LINE__, err);
>  #endif
>  
> @@ -904,6 +905,19 @@ static void ablkcipher_encrypt_done(struct device 
> *jrdev, u32 *desc, u32 err,
>  #endif
>  
>   ablkcipher_unmap(jrdev, edesc, req);
> +
> + if (req->src == req->dst)
> + nents = edesc->src_nents;
> + else
> + nents = edesc->dst_nents;
> +
> + /*
> +  * The crypto API expects us to set the IV (req->info) to the last
> +  * ciphertext block. This is used e.g. by the CTS mode.
> +  */

IIUC, IV update is required only in case of CBC.
Since this callback is used also for CTR, we should avoid the copy:
if ((ctx->cdata.algtype & OP_ALG_AAI_MASK) == OP_ALG_AAI_CBC) ...

> + sg_pcopy_to_buffer(req->dst, nents, req->info, ivsize,
> +req->nbytes - ivsize);

scatterwalk_map_and_copy() should be used instead.

> +
>   kfree(edesc);
>  
>   ablkcipher_request_complete(req, err);
> @@ -914,10 +928,10 @@ static void ablkcipher_decrypt_done(struct device 
> *jrdev, u32 *desc, u32 err,
>  {
>   struct ablkcipher_request *req = context;
>   struct ablkcipher_edesc *edesc;
> -#ifdef DEBUG
>   struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
>   int ivsize = crypto_ablkcipher_ivsize(ablkcipher);
>  
> +#ifdef DEBUG
>   dev_err(jrdev, "%s %d: err 0x%x\n", __func__, __LINE__, err);
>  #endif
>  
> @@ -935,6 +949,14 @@ static void ablkcipher_decrypt_done(struct device 
> *jrdev, u32 *desc, u32 err,
>  #endif
>  
>   ablkcipher_unmap(jrdev, edesc, req);
> +
> + /*
> +  * The crypto API expects us to set the IV (req->info) to the last
> +  * ciphertext block.
> +  */
> + sg_pcopy_to_buffer(req->src, edesc->src_nents, req->info, ivsize,
> +req->nbytes - ivsize);
> +
>   kfree(edesc);
>  
>   ablkcipher_request_complete(req, err);
>

Re: [PATCH] of: update ePAPR references to point to Devicetree Specification

[Frank Rowand]

On 06/18/17 07:05, Rob Herring wrote:
> On Tue, Jun 13, 2017 at 07:49:04PM -0700, frowand.l...@gmail.com wrote:
>> From: Frank Rowand 
>>
>> The Devicetree Specification has superseded the ePAPR as the
>> base specification for bindings.  Update files in Documentation
>> to reference the new document.
>>
>> Some files are not updated because there is no hypervisor chapter
>> in the Devicetree Specification:
>>Documentation/devicetree/bindings/powerpc/fsl/msi-pic.txt
>>Documenation/virtual/kvm/api.txt
>>Documenation/virtual/kvm/ppc-pv.txt
>>
>> Signed-off-by: Frank Rowand 
>> ---
>>  Documentation/devicetree/bindings/arm/cci.txt   | 12 
>> ++--
>>  Documentation/devicetree/bindings/arm/cpus.txt  | 13 
>> +++--
>>  Documentation/devicetree/bindings/arm/idle-states.txt   |  4 ++--
>>  Documentation/devicetree/bindings/arm/l2c2x0.txt|  4 ++--
>>  Documentation/devicetree/bindings/arm/topology.txt  |  4 ++--
>>  Documentation/devicetree/bindings/bus/simple-pm-bus.txt |  2 +-
>>  Documentation/devicetree/bindings/chosen.txt|  3 ++-
>>  Documentation/devicetree/bindings/common-properties.txt |  2 +-
>>  Documentation/devicetree/bindings/crypto/fsl-sec4.txt   |  4 ++--
>>  Documentation/devicetree/bindings/crypto/fsl-sec6.txt   |  4 ++--
>>  .../devicetree/bindings/interrupt-controller/open-pic.txt   |  5 ++---
>>  Documentation/devicetree/bindings/net/ethernet.txt  |  9 ++---
>>  Documentation/devicetree/bindings/powerpc/fsl/cpus.txt  |  6 +++---
>>  Documentation/devicetree/bindings/powerpc/fsl/l2cache.txt   |  2 +-
>>  Documentation/devicetree/bindings/powerpc/fsl/srio-rmu.txt  |  4 ++--
>>  Documentation/devicetree/bindings/powerpc/fsl/srio.txt  |  3 ++-
>>  Documentation/devicetree/booting-without-of.txt |  2 +-
>>  Documentation/devicetree/usage-model.txt|  2 +-
>>  Documentation/xtensa/mmu.txt|  6 +++---
>>  19 files changed, 48 insertions(+), 43 deletions(-)
>>
>> diff --git a/Documentation/devicetree/bindings/arm/cci.txt 
>> b/Documentation/devicetree/bindings/arm/cci.txt
>> index 0f2153e8fa7e..cc7621b204f4 100644
>> --- a/Documentation/devicetree/bindings/arm/cci.txt
>> +++ b/Documentation/devicetree/bindings/arm/cci.txt
>> @@ -11,9 +11,9 @@ clusters, through memory mapped interface, with a global 
>> control register
>>  space and multiple sets of interface control registers, one per slave
>>  interface.
>>  
>> -Bindings for the CCI node follow the ePAPR standard, available from:
>> +Bindings for the CCI node follow the Devicetree Specification, available 
>> from:
>>  
>> -www.power.org/documentation/epapr-version-1-1/
>> +https://www.devicetree.org/specifications/
> 
> Actually, I find this meaningless other than in the sense that *every* 
> binding follows the spec. This looks like cut-n-paste from the ARM cpus 
> binding which did follow the spec for cpus to some extent.

Good point.  I can remove the reference to the ePAPR from this file.


>>  
>>  with the addition of the bindings described in this document which are
>>  specific to ARM.
>> @@ -50,10 +50,10 @@ specific to ARM.
>>  as a tuple of cells, containing child address,
>>  parent address and the size of the region in the
>>  child address space.
>> -Definition: A standard property. Follow rules in the ePAPR for
>> -hierarchical bus addressing. CCI interfaces
>> -addresses refer to the parent node addressing
>> -scheme to declare their register bases.
>> +Definition: A standard property. Follow rules in the Devicetree
>> +Specification for hierarchical bus addressing. CCI
>> +interfaces addresses refer to the parent node
>> +addressing scheme to declare their register bases.
>>  
>>  CCI interconnect node can define the following child nodes:
>>  
>> diff --git a/Documentation/devicetree/bindings/arm/cpus.txt 
>> b/Documentation/devicetree/bindings/arm/cpus.txt
>> index 1030f5f50207..283c520a2224 100644
>> --- a/Documentation/devicetree/bindings/arm/cpus.txt
>> +++ b/Documentation/devicetree/bindings/arm/cpus.txt
>> @@ -6,9 +6,9 @@ The device tree allows to describe the layout of CPUs in a 
>> system through
>>  the "cpus" node, which in turn contains a number of subnodes (ie "cpu")
>>  defining properties for every cpu.
>>  
>> -Bindings for CPU nodes follow the ePAPR v1.1 standard, available from:
>> +Bindings for CPU nodes follow the Devicetree Specification, available from:
>>  
>> -https://www.power.org/documentation/epapr-version-1-1/
>> +https://www.devicetree.org/specifications/
>>  
>>  with updates for 32-bit and 64-bit ARM systems provided in this 

Re: [PATCH] hwrng: do not warn when there are no devices

[PrasannaKumar Muralidharan]

On 19 June 2017 at 11:51, Herbert Xu  wrote:
> On Sun, Jun 18, 2017 at 10:00:17PM -0700, Mike Frysinger wrote:
>>
>> in order to make tpm-rng react in the way you're implying, the TPM
>> subsystem would need to add a notification chain for transitions from
>> none<->some devices, then tpm-rng could subscribe to that, and during
>> those transition points, it would call hwrng_register/hwrng_unregister
>> to make itself visible accordingly to the hwrng subsystem.  maybe
>> someone on the TPM side would be interested in writing all that logic,
>> but it sounds excessive for this minor usage.  the current tpm-rng
>> driver is *extremely* simple -- it's 3 funcs, each of which are 1
>> line.
>
> It's simple and it's broken, as far as the way it hooks into the
> hwrng is concerned.

*
diff --git a/drivers/char/hw_random/tpm-rng.c b/drivers/char/hw_random/tpm-rng.c
index d6d4482..4861b35 100644
--- a/drivers/char/hw_random/tpm-rng.c
+++ b/drivers/char/hw_random/tpm-rng.c
@@ -22,6 +22,10 @@
 #include 

 #define MODULE_NAME "tpm-rng"
+#define MAX_RETRIES 30
+
+static struct delayed_work check_tpm_work;
+static int retry_count;

 static int tpm_rng_read(struct hwrng *rng, void *data, size_t max, bool wait)
 {
@@ -33,9 +37,27 @@ static struct hwrng tpm_rng = {
.read = tpm_rng_read,
 };

+static void check_tpm_presence(struct work_struct *work)
+{
+   u8 data = 0;
+   if (tpm_get_random(TPM_ANY_NUM, , 1) > 0) {
+   hwrng_register(_rng);
+   } else {
+   if (retry_count < MAX_RETRIES) {
+   retry_count++;
+   schedule_delayed_work(_tpm_work, HZ * 10);
+   } else {
+   pr_err("Could not find any TPM chip, not
registering rng");
+   }
+   }
+}
+
 static int __init rng_init(void)
 {
-   return hwrng_register(_rng);
+   INIT_DELAYED_WORK(_tpm_work, check_tpm_presence);
+   check_tpm_presence(NULL);
+
+   return 0;
 }
 module_init(rng_init);
*

Why not something like this? Patch is completely untested. If this
idea seems useful I can clean the code but would require help in
testing.

Regards,
PrasannaKumar

[cryptodev:master 77/100] drivers/crypto/ccp/ccp-debugfs.c:303:3-9: preceding lock on line 299 (fwd)

[Julia Lawall]

Please check whether a lock is needed before line 303.

julia

-- Forwarded message --
Date: Mon, 19 Jun 2017 17:34:11 +0800
From: kbuild test robot 
To: kbu...@01.org
Cc: Julia Lawall 
Subject: [cryptodev:master 77/100] drivers/crypto/ccp/ccp-debugfs.c:303:3-9:
preceding lock on line 299

CC: kbuild-...@01.org
CC: linux-crypto@vger.kernel.org
TO: Gary R Hook 
CC: Herbert Xu 

tree:   
https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
head:   88d58ef891d868303acd7951cb1282c911f736ac
commit: 3cdbe346ed3f380eae1cb3e9febfe703e7d8a7b0 [77/100] crypto: ccp - Add 
debugfs entries for CCP information
:: branch date: 3 hours ago
:: commit date: 3 hours ago

>> drivers/crypto/ccp/ccp-debugfs.c:303:3-9: preceding lock on line 299

git remote add cryptodev 
https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git
git remote update cryptodev
git checkout 3cdbe346ed3f380eae1cb3e9febfe703e7d8a7b0
vim +303 drivers/crypto/ccp/ccp-debugfs.c

3cdbe346 Gary R Hook 2017-05-02  293unsigned long flags;
3cdbe346 Gary R Hook 2017-05-02  294int i;
3cdbe346 Gary R Hook 2017-05-02  295
3cdbe346 Gary R Hook 2017-05-02  296if (!debugfs_initialized())
3cdbe346 Gary R Hook 2017-05-02  297return;
3cdbe346 Gary R Hook 2017-05-02  298
3cdbe346 Gary R Hook 2017-05-02 @299write_lock_irqsave(_debugfs_lock, 
flags);
3cdbe346 Gary R Hook 2017-05-02  300if (!ccp_debugfs_dir) {
3cdbe346 Gary R Hook 2017-05-02  301ccp_debugfs_dir = 
debugfs_create_dir(KBUILD_MODNAME, NULL);
3cdbe346 Gary R Hook 2017-05-02  302if (!ccp_debugfs_dir)
3cdbe346 Gary R Hook 2017-05-02 @303return;
3cdbe346 Gary R Hook 2017-05-02  304}
3cdbe346 Gary R Hook 2017-05-02  305
write_unlock_irqrestore(_debugfs_lock, flags);
3cdbe346 Gary R Hook 2017-05-02  306

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation

[PATCH 2/2] crypto: caam - fix gfp allocation flags (part II)

[Horia Geantă]

This is the 2nd part of fixing the usage of GFP_KERNEL for memory
allocations, taking care off all the places that haven't caused a real
problem / failure.
Again, the issue being fixed is that GFP_KERNEL should be used only when
MAY_SLEEP flag is set, i.e. MAY_BACKLOG flag usage is orthogonal.

Signed-off-by: Horia Geantă 
---
 drivers/crypto/caam/caamalg.c|  7 +++
 drivers/crypto/caam/caamalg_qi.c | 10 --
 drivers/crypto/caam/caamhash.c   | 32 
 drivers/crypto/caam/caampkc.c|  4 ++--
 4 files changed, 25 insertions(+), 28 deletions(-)

diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 4ecf92e3b404..fde399c88779 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -1187,8 +1187,8 @@ static struct aead_edesc *aead_edesc_alloc(struct 
aead_request *req,
struct crypto_aead *aead = crypto_aead_reqtfm(req);
struct caam_ctx *ctx = crypto_aead_ctx(aead);
struct device *jrdev = ctx->jrdev;
-   gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
-  CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
+   gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
+  GFP_KERNEL : GFP_ATOMIC;
int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0;
struct aead_edesc *edesc;
int sec4_sg_index, sec4_sg_len, sec4_sg_bytes;
@@ -1680,8 +1680,7 @@ static struct ablkcipher_edesc 
*ablkcipher_giv_edesc_alloc(
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
struct device *jrdev = ctx->jrdev;
-   gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
- CRYPTO_TFM_REQ_MAY_SLEEP)) ?
+   gfp_t flags = (req->base.flags &  CRYPTO_TFM_REQ_MAY_SLEEP) ?
   GFP_KERNEL : GFP_ATOMIC;
int src_nents, mapped_src_nents, dst_nents, mapped_dst_nents;
struct ablkcipher_edesc *edesc;
diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c
index ea0e5b8b9171..78c4c0485c58 100644
--- a/drivers/crypto/caam/caamalg_qi.c
+++ b/drivers/crypto/caam/caamalg_qi.c
@@ -555,8 +555,8 @@ static struct aead_edesc *aead_edesc_alloc(struct 
aead_request *req,
struct caam_aead_alg *alg = container_of(crypto_aead_alg(aead),
 typeof(*alg), aead);
struct device *qidev = ctx->qidev;
-   gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
-  CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
+   gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
+  GFP_KERNEL : GFP_ATOMIC;
int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0;
struct aead_edesc *edesc;
dma_addr_t qm_sg_dma, iv_dma = 0;
@@ -808,8 +808,7 @@ static struct ablkcipher_edesc 
*ablkcipher_edesc_alloc(struct ablkcipher_request
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
struct device *qidev = ctx->qidev;
-   gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
- CRYPTO_TFM_REQ_MAY_SLEEP)) ?
+   gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
   GFP_KERNEL : GFP_ATOMIC;
int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0;
struct ablkcipher_edesc *edesc;
@@ -953,8 +952,7 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc(
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
struct device *qidev = ctx->qidev;
-   gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
- CRYPTO_TFM_REQ_MAY_SLEEP)) ?
+   gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
   GFP_KERNEL : GFP_ATOMIC;
int src_nents, mapped_src_nents, dst_nents, mapped_dst_nents;
struct ablkcipher_edesc *edesc;
diff --git a/drivers/crypto/caam/caamhash.c b/drivers/crypto/caam/caamhash.c
index da4f94eab3da..7c44c90ad593 100644
--- a/drivers/crypto/caam/caamhash.c
+++ b/drivers/crypto/caam/caamhash.c
@@ -719,8 +719,8 @@ static int ahash_update_ctx(struct ahash_request *req)
struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
struct caam_hash_state *state = ahash_request_ctx(req);
struct device *jrdev = ctx->jrdev;
-   gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
-  CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
+   gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
+  

[PATCH 1/2] crypto: caam - fix gfp allocation flags (part I)

[Horia Geantă]

Changes in the SW cts (ciphertext stealing) code in
commit 0605c41cc53ca ("crypto: cts - Convert to skcipher")
revealed a problem in the CAAM driver:
when cts(cbc(aes)) is executed and cts runs in SW,
cbc(aes) is offloaded in CAAM; cts encrypts the last block
in atomic context and CAAM incorrectly decides to use GFP_KERNEL
for memory allocation.

Fix this by allowing GFP_KERNEL (sleeping) only when MAY_SLEEP flag is
set, i.e. remove MAY_BACKLOG flag.

We split the fix in two parts - first is sent to -stable, while the
second is not (since there is no known failure case).

Link: http://lkml.kernel.org/g/20170602122446.2427-1-da...@sigma-star.at
Cc:  # 4.8+
Reported-by: David Gstir 
Signed-off-by: Horia Geantă 
---
 drivers/crypto/caam/caamalg.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 398807d1b77e..4ecf92e3b404 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -1475,8 +1475,7 @@ static struct ablkcipher_edesc 
*ablkcipher_edesc_alloc(struct ablkcipher_request
struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req);
struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher);
struct device *jrdev = ctx->jrdev;
-   gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
- CRYPTO_TFM_REQ_MAY_SLEEP)) ?
+   gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
   GFP_KERNEL : GFP_ATOMIC;
int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0;
struct ablkcipher_edesc *edesc;
-- 
2.12.0.264.gd6db3f216544

Re: [PATCH v2 2/2] crypto: engine - Permit to enqueue skcipher request

[Corentin Labbe]

On Mon, Jun 19, 2017 at 01:27:08PM +0800, Herbert Xu wrote:
> On Tue, Jun 06, 2017 at 03:44:17PM +0200, Corentin Labbe wrote:
> > The crypto engine could actually only enqueue hash and ablkcipher request.
> > This patch permit it to enqueue skcipher requets by adding all necessary
> > functions.
> > The only problem is that ablkcipher and skcipher id are the same, so
> > only one cipher type is usable on the same crypto engine.
> > 
> > Signed-off-by: Corentin Labbe 
> 
> I think this should be done as part of the skcipher conversion rather
> than as a standalone patch.
> 

Since there are two different user of "crypto engine + ablkcipher", it will be 
not easy to convert them in one serie. (I could do it, but I simply could not 
test it for OMAP (lack of hw))
And any new user which want to use crypto engine+skcipher (like me with the 
sun8i-ce driver) are simply stuck.

Regards

Re: [PATCH] random: silence compiler warnings and fix race

[Sebastian Andrzej Siewior]

On 2017-06-17 02:39:40 [+0200], Jason A. Donenfeld wrote:
> On Fri, Jun 16, 2017 at 4:35 PM, Sebastian Andrzej Siewior
>  wrote:
> > I wouldn't just push the lock one up as is but move that write part to
> > crng_init to remain within the locked section. Like that:
> 
> We can't quite do that, because invalidate_batched_entropy() needs to
> be called _before_ crng_init. Otherwise a concurrent call to
> get_random_u32/u64() will have crng_init being the wrong value when
> the batched entropy is still old.

ehm. You sure? I simply delayed the lock-dropping _after_ the state
variable was been modified. So it was basically what your patch did
except it was unlocked later…

> 
> > Are use about that? I am not sure that the gcc will inline "crng_init"
> > read twice. It is not a local variable. READ_ONCE() is usually used
> > where gcc could cache a memory access but you do not want this. But hey!
> > If someone knows better I am here to learn.
> 
> The whole purpose is that I _want_ it to cache the memory access so
> that it is _not_ inlined. So, based on your understanding, it does
> exactly what I intended it to do. The reason is that I'd like to avoid
> a lock imbalance, which could happen if the read is inlined.

So it was good as it was which means you can drop that READ_ONCE().

> Jason

Sebastian

[PATCH] crypto: fix typo in docs

[Benjamin Peterson]

Signed-off-by: Benjamin Peterson 
---
 Documentation/crypto/userspace-if.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Documentation/crypto/userspace-if.rst 
b/Documentation/crypto/userspace-if.rst
index de5a72e32bc9..ff86befa61e0 100644
--- a/Documentation/crypto/userspace-if.rst
+++ b/Documentation/crypto/userspace-if.rst
@@ -327,7 +327,7 @@ boundary. Non-aligned data can be used as well, but may 
require more
 operations of the kernel which would defeat the speed gains obtained
 from the zero-copy interface.
 
-The system-interent limit for the size of one zero-copy operation is 16
+The system-inherent limit for the size of one zero-copy operation is 16
 pages. If more data is to be sent to AF_ALG, user space must slice the
 input into segments with a maximum size of 16 pages.
 
-- 
2.11.0

Re: [PATCH v2 1/2] crypto: engine - replace pr_xxx by dev_xxx

[Herbert Xu]

On Tue, Jun 06, 2017 at 03:44:16PM +0200, Corentin Labbe wrote:
> By adding a struct device *dev to struct engine, we could store the
> device used at register time and so use all dev_xxx functions instead of
> pr_xxx.
> 
> Signed-off-by: Corentin Labbe 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: brcm: fix spelling mistake: "fallbck" -> "fallback"

[Herbert Xu]

On Mon, Jun 05, 2017 at 10:10:48AM -0400, Steve Lin wrote:
> On Sun, Jun 4, 2017 at 2:29 PM, Colin King  wrote:
> > From: Colin Ian King 
> >
> > Trivial fix to spelling mistake in flow_log message
> >
> > Signed-off-by: Colin Ian King 
> 
> Good catch, thanks!
> Reviewed-by: Steve Lin 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: testmgr: use consistent format for errors

[Herbert Xu]

On Mon, Jun 05, 2017 at 08:33:43AM +0300, Gilad Ben-Yossef wrote:
> Fix inconsistent format and spelling in hash tests error messages.
> 
> Signed-off-by: Gilad Ben-Yossef 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v3 00/13] ARM: sun5i: cryptographic engine support

[Herbert Xu]

On Thu, Jun 01, 2017 at 09:38:52PM +0200, Antoine Tenart wrote:
> Hello,
> 
> This series adds the cryptographic engine support to sun5i SoCs. This is
> based on top of v4.12-rc1 and was tested on a CHIP. The series begins
> with fixes and improvements. The series is available at:
> https://github.com/atenart/linux v4.12-rc1/sun5i-crypto
> 
> The 8 first patches are reworks and cosmetic improvements.
> 
> Patch 9 moves the cipher part of the sun4i-ss driver from the ablkcipher
> API to the newer skcipher API.
> 
> Patch 10 adds the CRYPTO_ALG_KERN_DRIVER_ONLY flag for ciphers exposed
> by the sun4i-ss driver.
> 
> Patch 11 fixes the crypto framework selftests on the CHIP. It might fix
> other users too.

Patches 1-11 applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: algapi: Use pr_err common logging style.

[Herbert Xu]

Karim Eshapa  wrote:
> Use more common error logging style.
> 
> Signed-off-by: Karim Eshapa 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: algapi: Use pr_err common logging style.

[Herbert Xu]

Karim Eshapa  wrote:
> Use more common error logging style.
> 
> Signed-off-by: Karim Eshapa 

karim.esh...@gmail.com
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] Documentation: crypto: Fixed bugs, added example usage of calc_hash().

[Herbert Xu]

On Fri, May 12, 2017 at 05:38:02PM +0200, Kamil Konieczny wrote:
> - Fixed bugs in example for shash and rng (added missing "*" and " *").
> - Corrected pr_info() in calc_hash().
> - Added example usage of calc_hash().
> - No need for negate PTR_ERR to get error code, as crypto_alloc_rng
>   already returns negative values like ERR_PTR(-ENOMEM). Fixed.
> 
> Signed-off-by: Kamil Konieczny 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: glue_helper - Delete some dead code

[Herbert Xu]

On Wed, May 10, 2017 at 08:52:26AM +0300, Dan Carpenter wrote:
> We checked (nbytes < bsize) inside the loops so it's not possible to hit
> the "goto done;" here.  This code is cut and paste from other slightly
> different loops where we don't have the check inside the loop.
> 
> Signed-off-by: Dan Carpenter 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: mediatek - drop .owner field in mtk_crypto_driver

[Herbert Xu]

On Sat, May 06, 2017 at 11:35:29PM +0800, Geliang Tang wrote:
> Drop .owner field in mtk_crypto_driver, since platform_driver_register()
> will set it automatically.
> 
> Signed-off-by: Geliang Tang 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: aes_ti - fix comment for MixColumns step

[Herbert Xu]

On Tue, May 09, 2017 at 05:20:27PM -0700, Eric Biggers wrote:
> From: Eric Biggers 
> 
> mix_columns() contains a comment which shows the matrix used by the
> MixColumns step of AES, but the last entry in this matrix was incorrect
> --- and did not match the code, which is correct.  Fix the comment.
> 
> Signed-off-by: Eric Biggers 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v2 0/3] Add more algorithms and some misc cleanups

[Herbert Xu]

On Thu, May 04, 2017 at 11:34:43AM +, George Cherian wrote:
> This series adds more algorithem support for CPT.
> Add support for
> -ecb(aes)
> -cfb(aes)
> -ecb(des3_ede)
> 
> Some cleanups too.
> 
> George Cherian (3):
>   crypto: cavium: Downgrade the annoying misc interrupt print from
> dev_err to dev_dbg
>   crypto: cavium: Remove the individual encrypt/decrypt function for
> each algorithm
>   crypto: cavium: Add more algorithms

All applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] drivers/crypto/ccp: return NULL instead of 0

[Herbert Xu]

On Wed, May 03, 2017 at 09:32:09AM +0530, Pushkar Jambhlekar wrote:
> This change is to handle sparse warning. Return type of function is a pointer 
> to the structure and
> it returns 0. Instead it should return NULL.
> 
> Signed-off-by: Pushkar Jambhlekar 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH V2] crypto: ccp - Add debugfs entries for CCP information

[Herbert Xu]

On Tue, May 02, 2017 at 05:33:40PM -0500, Gary R Hook wrote:
> Expose some data about the configuration and operation of the CCP
> through debugfs entries: device name, capabilities, configuration,
> statistics.
> 
> Allow the user to reset the counters to zero by writing (any value)
> to the 'stats' file. This can be done per queue or per device.
> 
> Changes from V1:
>  - Correct polarity of test when destroying devices at module unload
> 
> Signed-off-by: Gary R Hook 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [-next] crypto: 842 propagate PTR_ERR value instead of -ENOMEM

[Herbert Xu]

Zhang Shengju  wrote:
> It is better to propagate PTR_ERR value instead of a hardcoded
> value(-ENOMEM here).
> 
> Signed-off-by: Zhang Shengju 

...

> -   return -ENOMEM;
> +   return PTR_ERR(ctx-wmem);

Please test your patches before submission.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] hwrng: do not warn when there are no devices

[Herbert Xu]

On Sun, Jun 18, 2017 at 10:00:17PM -0700, Mike Frysinger wrote:
> 
> in order to make tpm-rng react in the way you're implying, the TPM
> subsystem would need to add a notification chain for transitions from
> none<->some devices, then tpm-rng could subscribe to that, and during
> those transition points, it would call hwrng_register/hwrng_unregister
> to make itself visible accordingly to the hwrng subsystem.  maybe
> someone on the TPM side would be interested in writing all that logic,
> but it sounds excessive for this minor usage.  the current tpm-rng
> driver is *extremely* simple -- it's 3 funcs, each of which are 1
> line.

It's simple and it's broken, as far as the way it hooks into the
hwrng is concerned.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt