Re: [Part2 PATCH v5.1 12.7/31] crypto: ccp: Implement SEV_PEK_CSR ioctl command

On 10/12/17 9:24 PM, Brijesh Singh wrote: > > On 10/12/17 2:53 PM, Borislav Petkov wrote: > ... > >> Ok, a couple of things here: >> >> * Move the checks first and the allocations second so that you allocate >> memory only after all checks have been passed and you don't allocate >> pointlessly.

Re: [Part2 PATCH v5.1 12.7/31] crypto: ccp: Implement SEV_PEK_CSR ioctl command

On 10/12/17 2:53 PM, Borislav Petkov wrote: ... > Ok, a couple of things here: > > * Move the checks first and the allocations second so that you allocate > memory only after all checks have been passed and you don't allocate > pointlessly. I assume you mean performing the SEV state check

[PATCH] crypto: qat: qat_common: qat_uclo - mark expected switch fall-throughs

In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. Signed-off-by: Gustavo A. R. Silva --- drivers/crypto/qat/qat_common/qat_uclo.c | 3 +++ 1 file changed, 3 insertions(+) diff --git

Re: [Part2 PATCH v5.2 12.2/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

On Thu, Oct 12, 2017 at 04:52:32PM -0500, Brijesh Singh wrote: > See my above comment, I think the simplest solution is remove psp->sev_misc Ok, so far so good. But now you still need to track which is the last psp device and to call misc_deregister() only when the last device exits. Because if

Re: [Part2 PATCH v5.2 12.2/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

On 10/12/17 4:41 PM, Borislav Petkov wrote: > On Thu, Oct 12, 2017 at 04:11:18PM -0500, Brijesh Singh wrote: >> The sev_exit() will be called for all the psp_device instance. we need >> to set psp_misc_dev = NULL after deregistering the device. >> >> if (psp_misc_dev) { >>  

Re: [Part2 PATCH v5.2 12.2/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

On Thu, Oct 12, 2017 at 04:11:18PM -0500, Brijesh Singh wrote: > The sev_exit() will be called for all the psp_device instance. we need > to set psp_misc_dev = NULL after deregistering the device. > > if (psp_misc_dev) { >   misc_deregister(psp_misc_dev); >    psp_misc_dev = NULL; Right, except

Re: [Part2 PATCH v5.2 12.2/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

On 10/12/17 9:08 AM, Borislav Petkov wrote: ... > Well, if you're going to have a global var, why not pull up the misc > device instead? > > And mind you, I've moved out this assignments: > > + psp->sev_misc = psp_misc_dev; > + init_waitqueue_head(>sev_int_queue); > +

Re: [Part2 PATCH v5.1 12.5/31] crypto: ccp: Implement SEV_PEK_GEN ioctl command

On 10/12/17 3:21 PM, Borislav Petkov wrote: > On Thu, Oct 12, 2017 at 03:11:07PM -0500, Brijesh Singh wrote: >> Lets  consider this scenario >> 1- platform is in uninit state, we transition it to INIT >> 2- PEK_GEN command failed >> 3- since we have transitioned the platform in INIT state hence

Re: [Part2 PATCH v5.1 12.6/31] crypto: ccp: Implement SEV_PDH_GEN ioctl command

On Thu, Oct 12, 2017 at 03:21:04PM -0500, Brijesh Singh wrote: > We need to follow the platform state machine logic defined in SEV spec > section 5.1.2. The PEK_GEN can not be issued when platform is in WORKING > state because the command actually re-generate the identity of the > platform itself

Re: [Part2 PATCH v5.1 12.5/31] crypto: ccp: Implement SEV_PEK_GEN ioctl command

On Thu, Oct 12, 2017 at 03:11:07PM -0500, Brijesh Singh wrote: > Lets  consider this scenario > 1- platform is in uninit state, we transition it to INIT > 2- PEK_GEN command failed > 3- since we have transitioned the platform in INIT state hence we must > call the shutdown otherwise we will leave

Re: [Part2 PATCH v5.1 12.6/31] crypto: ccp: Implement SEV_PDH_GEN ioctl command

On 10/12/17 1:48 PM, Borislav Petkov wrote: ... > On Fri, Oct 06, 2017 at 08:06:04PM -0500, Brijesh Singh wrote: >> The SEV_PDH_GEN command is used to re-generate the Platform >> Diffie-Hellman (PDH) key. The command is defined in SEV spec section >> 5.9. >> >> Cc: Paolo Bonzini

Re: [Part2 PATCH v5.1 12.7/31] crypto: ccp: Implement SEV_PEK_CSR ioctl command

On Fri, Oct 06, 2017 at 08:06:05PM -0500, Brijesh Singh wrote: > The SEV_PEK_CSR command can be used to generate a PEK certificate > signing request. The command is defined in SEV spec section 5.7. > > Cc: Paolo Bonzini > Cc: "Radim Krčmář" > Cc:

Re: [Part2 PATCH v5.1 12.6/31] crypto: ccp: Implement SEV_PDH_GEN ioctl command

On Fri, Oct 06, 2017 at 08:06:04PM -0500, Brijesh Singh wrote: > The SEV_PDH_GEN command is used to re-generate the Platform > Diffie-Hellman (PDH) key. The command is defined in SEV spec section > 5.9. > > Cc: Paolo Bonzini > Cc: "Radim Krčmář" > Cc:

Re: [Part2 PATCH v5.1 12.5/31] crypto: ccp: Implement SEV_PEK_GEN ioctl command

On Fri, Oct 06, 2017 at 08:06:03PM -0500, Brijesh Singh wrote: > The SEV_PEK_GEN command is used to generate a new Platform Endorsement > Key (PEK). The command is defined in SEV spec section 5.6. > > Cc: Paolo Bonzini > Cc: "Radim Krčmář" > Cc: Borislav

Re: [Nouveau] [PATCH 03/10] driver:gpu: return -ENOMEM on allocation failure.

On Wed, Sep 13, 2017 at 01:02:12PM +0530, Allen Pais wrote: > Signed-off-by: Allen Pais Applied to drm-misc-next, thanks. -Daniel > --- > drivers/gpu/drm/gma500/mid_bios.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git

Re: [PATCH v3 0/4] crypto: Add driver for JZ4780 PRNG

Hi Herbert, On 12 October 2017 at 20:00, Herbert Xu wrote: > On Mon, Sep 18, 2017 at 07:32:37PM +0530, PrasannaKumar Muralidharan wrote: >> This patch series adds support of pseudo random number generator found >> in Ingenic's JZ4780 and X1000 SoC. >> >> Create

Re: Fostering linux community collaboration on hardware accelerators

On 10/12/2017 10:48 AM, Francois Ozog wrote: On 12 October 2017 at 16:57, Jonathan Cameron wrote: On Thu, 12 Oct 2017 08:31:36 -0500 Douglas Miller wrote: Not sure if you're already plugged-in to this, but the OpenMP group is (has

[PATCH] crypto: qat: remove unused and redundant pointer vf_info

From: Colin Ian King The pointer vf_info is being assigned but never read, it is redundant and therefore can be removed. Cleans up clang warning: Value stored to 'vf_info' is never read Fixes: ed8ccaef52fa ("crypto: qat - Add support for SRIOV") Signed-off-by: Colin

[PATCH] crypto: ccp: remove unused variable qim

From: Colin Ian King Variable qim is assigned but never read, it is redundant and can be removed. Cleans up clang warning: Value stored to 'qim' is never read Fixes: 4b394a232df7 ("crypto: ccp - Let a v5 CCP provide the same function as v3") Signed-off-by: Colin Ian

[PATCH] crypto: cavium: clean up clang warning on unread variable offset

From: Colin Ian King The variable offset is being assigned and not being used; it should be passed as the 2nd argument to call to function nitrox_write_csr but has been omitted. Fix this. Cleans up clang warning: Value stored to 'offset' is never read Fixes:

Re: Fostering linux community collaboration on hardware accelerators

On 12 October 2017 at 16:57, Jonathan Cameron wrote: > On Thu, 12 Oct 2017 08:31:36 -0500 > Douglas Miller wrote: > >> Not sure if you're already plugged-in to this, but the OpenMP group is >> (has been) working on Accelerator support. >>

Re: [PATCH 00/18] crypto: talitos - fixes and performance improvement

On Fri, Oct 06, 2017 at 03:04:31PM +0200, Christophe Leroy wrote: > This serie fixes and improves the talitos crypto driver. > > First 6 patchs are fixes of failures reported by the new tests in the > kernel crypto test manager. > > The 8 following patches are cleanups and simplifications. > >

Re: [PATCH 1/3] crypto: dh_helper - return unsigned int for dh_data_size()

On Fri, Sep 29, 2017 at 12:21:04PM +0300, Tudor Ambarus wrote: > p->key_size, p->p_size, p->g_size are all of unsigned int type. > > Signed-off-by: Tudor Ambarus Patch applied. Thanks. -- Email: Herbert Xu Home Page:

Re: [PATCH] crypto: ecdh_helper - return unsigned value for crypto_ecdh_key_len()

On Fri, Sep 29, 2017 at 12:13:08PM +0300, Tudor Ambarus wrote: > ECDH_KPP_SECRET_MIN_SIZE and params->key_size are both returning > unsigned values. > > Signed-off-by: Tudor Ambarus Patch applied. Thanks. -- Email: Herbert Xu Home

Re: [PATCH 01/13] crypto: crypto4xx: wire up hmac_mc to hmac_muting

On Wed, Oct 04, 2017 at 01:00:05AM +0200, Christian Lamparter wrote: > The hmac_mc parameter of set_dynamic_sa_command_1() > was defined but not used. On closer inspection it > turns out, it was never wired up. > > Signed-off-by: Christian Lamparter All applied. Thanks. --

Re: [PATCH] chacha20-ssse3/avx2: satisfy stack validation 2.0

On Sun, Oct 08, 2017 at 10:50:53PM +0200, Jason A. Donenfeld wrote: > The new stack validator in objdump doesn't like directly assigning r11 > to rsp, warning with something like: > > warning: objtool: chacha20_4block_xor_ssse3()+0xa: unsupported stack pointer > realignment > warning: objtool:

Re: [PATCH 0/3] crypto: marvell - Remove the old CESA driver

Hi Boris, On mer., oct. 11 2017, Boris Brezillon wrote: > Hello, > > It's been several releases since we added a new driver to support the > CESA IP (the new driver was introduced in 4.2). It seems most major > bugs have been discovered and fixed and now

Re: [Part2 PATCH v5.2 12.1/31] crypto: ccp: Define SEV userspace ioctl and command id

On 10/12/2017 08:27 AM, Borislav Petkov wrote: ... +/** + * struct sev_user_data_status - PLATFORM_STATUS command parameters + * + * @major: major API version + * @minor: minor API version + * @state: platform state + * @owner: self-owned or externally owned + * @config: platform config

Re: [Part2 PATCH v5.2 12.3/31] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command

On Wed, Oct 11, 2017 at 11:55:21AM -0500, Brijesh Singh wrote: > The SEV_FACTORY_RESET command can be used by the platform owner to > reset the non-volatile SEV related data. The command is defined in > SEV spec section 5.4 > > Cc: Paolo Bonzini > Cc: "Radim Krčmář"

Re: [Part2 PATCH v5.2 12.2/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

On Wed, Oct 11, 2017 at 11:50:30AM -0500, Brijesh Singh wrote: > AMD's new Secure Encrypted Virtualization (SEV) feature allows the > memory contents of virtual machines to be transparently encrypted with a > key unique to the VM. The programming and management of the encryption > keys are handled

Re: Fostering linux community collaboration on hardware accelerators

Not sure if you're already plugged-in to this, but the OpenMP group is (has been) working on Accelerator support. http://www.openmp.org/updates/openmp-accelerator-support-gpus/ Maybe you are talking about a different aspect of accelerator support, but it seems prudent to involve OpenMP as

[PATCH] staging/ccree: Declare compiled out functions static inline

Sparse was giving out a warning for symbols 'cc_set_ree_fips_status' and 'fips_handler' that they were not declared and need to be made static. This patch makes both the symbols static inline, to remove the warnings. Signed-off-by: Rishabh Hardas ---

Re: [PATCH v5] crypto: s5p-sss: Add HASH support for Exynos

Hello Kamil, thank you for the change, please find below a number of minor review comments. On 10/09/2017 02:12 PM, Kamil Konieczny wrote: > Add support for MD5, SHA1, SHA256 hash algorithms for Exynos HW. > It uses the crypto framework asynchronous hash api. > It is based on omap-sham.c driver.

Crypto Fixes for 4.14

Hi Linus: This push fixes the following issues: - Crashes in skcipher/shash from zero-length input. - Fix softirq GFP_KERNEL allocation in shash_setkey_unaligned. - Error path bug in xts create function. - Compiler warning regressions in axis and stm32. Please pull from

Re: crypto API - async semantics

On 10/12/2017 12:49 PM, Herbert Xu wrote: > On Thu, Oct 12, 2017 at 09:39:34AM +, Horia Geantă wrote: >> >> Taking ascii art from crypto API docs: >> >> DATA ---. >> v >> .init() -> .update() -> .final() ! .update() might not be called >> ^|

Re: crypto API - async semantics

On Thu, Oct 12, 2017 at 09:39:34AM +, Horia Geantă wrote: > > Taking ascii art from crypto API docs: > > DATA ---. > v > .init() -> .update() -> .final() ! .update() might not be called > ^| |at all in this scenario. >

Re: crypto API - async semantics

On 10/12/2017 9:44 AM, Herbert Xu wrote: > On Wed, Oct 11, 2017 at 12:36:11PM +, Horia Geantă wrote: >> Hi Herbert, >> >> I am evaluating whether ahash implementation in caam crypto driver >> behaves correctly. >> One thing I've noticed is that for each ahash tfm there is support for >> at

Re: crypto API - async semantics

On Wed, Oct 11, 2017 at 12:36:11PM +, Horia Geantă wrote: > Hi Herbert, > > I am evaluating whether ahash implementation in caam crypto driver > behaves correctly. > One thing I've noticed is that for each ahash tfm there is support for > at most two in-flight requests, and I would like to