Re: [PATCH v2 0/6] Appended signatures support for IMA appraisal

2017-06-09 Thread Thiago Jung Bauermann
Michael Ellerman writes: > Thiago Jung Bauermann writes: > >> On the OpenPOWER platform, secure boot and trusted boot are being >> implemented using IMA for taking measurements and verifying signatures. > > I still want you to implement

[PATCH] Drivers: ccree - style fix

2017-06-09 Thread Derek Robson
Align block comments Found using checkpatch Signed-off-by: Derek Robson --- drivers/staging/ccree/cc_hw_queue_defs.h | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/staging/ccree/cc_hw_queue_defs.h

Re: [PATCH v2 0/6] Appended signatures support for IMA appraisal

2017-06-09 Thread Michael Ellerman
Thiago Jung Bauermann writes: > On the OpenPOWER platform, secure boot and trusted boot are being > implemented using IMA for taking measurements and verifying signatures. I still want you to implement arch_kexec_kernel_verify_sig() as well :) cheers

Re: Can someone check linux kernel 4.4, and 4.9 rfc4309 test vectors?

2017-06-09 Thread Harsh Jain
On Wed, Jun 7, 2017 at 7:27 PM, Che-Min Hsieh wrote: > Rfc4309 test vectors in testmgr.h have gone through major changes from linux3 > to linux4. > In linux 4.4, linux4.9, there are vectors as such > > 23194 static struct aead_testvec aes_ccm_rfc4309_enc_tv_template[]

RE: Can someone check linux kernel 4.4, and 4.9 rfc4309 test vectors?

2017-06-09 Thread Che-Min Hsieh
Thanks. Yes, in the new kernel, the association data passing in to the driver, the last 8 bytes of data should be excluded in the driver. The conversion from rfc4309 test vectors defined in the testmgr.h should drop the last 8 bytes of data before passing to the openSSL API as association data.

Re: [PATCH v2 01/11] crypto: introduce crypto wait for async op

2017-06-09 Thread Herbert Xu
On Mon, May 29, 2017 at 11:22:48AM +0300, Gilad Ben-Yossef wrote: > > +static inline int crypto_wait_req(int err, struct crypto_wait *wait) > +{ > + switch (err) { > + case -EINPROGRESS: > + case -EBUSY: > + wait_for_completion(>completion); > +

Re: [PATCH v3 0/2] crypto: ecdh - add privkey generation support

2017-06-09 Thread Herbert Xu
On Tue, May 30, 2017 at 05:52:47PM +0300, Tudor Ambarus wrote: > Hi, > > This patch set adds support for generating ecc private keys. > ecc private keys are generated using the method of extra random bits, > equivalent to that described in FIPS 186-4, Appendix B.4.1. > > Generation of ecc

Re: [PATCH v4 00/14] fixes for kpp and akcipher

2017-06-09 Thread Herbert Xu
On Thu, May 25, 2017 at 10:18:02AM +0300, Tudor Ambarus wrote: > Hi, > > These are various fixes that I made while reading kpp and akcipher > implementations. > > Changes in v4: > - assume key is already set when calling crypto_akcipher/kpp_maxsize() All applied, with patch 4/14 taken from v5.

Re: [PATCH 00/13] crypto: omap fixes / changes for 4.13

2017-06-09 Thread Herbert Xu
On Wed, May 24, 2017 at 10:35:21AM +0300, Tero Kristo wrote: > Hi, > > This series has a number of fixes towards 4.13 merge window (I don't > think we need to rush these as nobody has complained of any of the > issues so far), and the addition of AES GCM mode. Lokesh posted > the support patch

Re: [PATCH v1 0/2] remove mediatek ethif clock in crypto driver

2017-06-09 Thread Herbert Xu
On Thu, Jun 01, 2017 at 10:30:20AM +0800, Ryder Lee wrote: > This patch series only remove redundant clock setting in mediatek crypto > driver. > > Changes since v1: > -rework the commit message. All applied. Thanks. -- Email: Herbert Xu Home Page:

Re: [PATCH v6 4/5] crypto: inside-secure: add SafeXcel EIP197 crypto engine driver

2017-06-09 Thread Herbert Xu
On Wed, May 24, 2017 at 04:10:34PM +0200, Antoine Tenart wrote: > Add support for Inside Secure SafeXcel EIP197 cryptographic engine, > which can be found on Marvell Armada 7k and 8k boards. This driver > currently implements: ecb(aes), cbc(aes), sha1, sha224, sha256 and > hmac(sah1) algorithms. >

Re: [PATCH v2 0/3] Add support for Cavium CNN55XX crypto adapters.

2017-06-09 Thread Herbert Xu
On Tue, May 30, 2017 at 05:28:00PM +0530, Srikanth Jampala wrote: > This series adds support for Cavium CNN55XX crypto adapters. > > CNN55XX crypto adapters belongs to Cavium NITROX family series, > able to accelerates both Symmetric and Asymmetric crypto workloads. > These adapters have

Re: [PATCH] crypto: rng: Remove unused function __crypto_rng_cast()

2017-06-09 Thread Herbert Xu
On Mon, May 22, 2017 at 03:49:43PM -0700, Matthias Kaehlcke wrote: > This fixes the following warning when building with clang: > > crypto/rng.c:35:34: error: unused function '__crypto_rng_cast' > [-Werror,-Wunused-function] > > Signed-off-by: Matthias Kaehlcke Patch

Re: [PATCH 1/1] crypto:drbg- Fixes panic in wait_for_completion call.

2017-06-09 Thread Herbert Xu
On Fri, May 26, 2017 at 12:12:51PM +0200, Stephan Müller wrote: > Am Donnerstag, 25. Mai 2017, 17:23:47 CEST schrieb Harsh Jain: > > Hi Harsh, > > > Initialise ctr_completion variable before use. > > Thank you very much for catching this. > > But I think the chosen function is wrong. When we

Re: [PATCH v6 5/5] MAINTAINERS: add a maintainer for the Inside Secure crypto driver

2017-06-09 Thread Herbert Xu
On Wed, May 24, 2017 at 04:10:35PM +0200, Antoine Tenart wrote: > A new cryptographic engine driver was added in > drivers/crypto/inside-secure. Add myself as a maintainer for this > driver. > > Signed-off-by: Antoine Tenart Patch applied. Thanks. -- Email:

Re: [PATCH v2] X.509: Fix error code in x509_cert_parse()

2017-06-09 Thread Herbert Xu
On Mon, May 29, 2017 at 04:26:22PM +0300, Dan Carpenter wrote: > We forgot to set the error code on this path so it could result in > returning NULL which leads to a NULL dereference. > > Fixes: db6c43bd2132 ("crypto: KEYS: convert public key and digsig asym to the > akcipher api") >

Re: [PATCH v8 1/2] crypto: skcipher AF_ALG - overhaul memory management

2017-06-09 Thread Herbert Xu
On Tue, May 23, 2017 at 04:31:59PM +0200, Stephan Müller wrote: > > static void skcipher_sock_destruct(struct sock *sk) > { > struct alg_sock *ask = alg_sk(sk); > struct skcipher_ctx *ctx = ask->private; > - struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(>req); > +

Re: [PATCH] crypto: rng - move __crypto_rng_cast to the rng header

2017-06-09 Thread Herbert Xu
On Tue, May 09, 2017 at 10:32:22AM +0200, Corentin Labbe wrote: > This patch move __crypto_rng_cast() to the right header like other > __algo_cast functions. > > Signed-off-by: Corentin Labbe As there is another patch which will remove thie function altogether, I

Alg errors with Intel QAT Card

2017-06-09 Thread Raj Ammanur
Hi I am seeing the below errors after installing an Intel QAT card and loading the upstreamed qat_dh895xcc and intel_qat modules. Have others seen similar errors and know if this is a known issue and a fix exists or know whats going on ? This is with 4.12.0-rc4+ version of the kernel. Any help