Re: [PATCH 3/6] fscrypt: use HKDF-SHA512 to derive the per-inode encryption keys

On Thu, Jul 13, 2017 at 04:54:55PM +0200, Stephan Müller wrote: > Am Mittwoch, 12. Juli 2017, 23:00:32 CEST schrieb Eric Biggers: > > Hi Herbert, > > This patch adds a second KDF to the kernel -- the first is found in the keys > subsystem. > > The next KDF that may come in is in the TLS scope.

Re: [PATCH 3/6] fscrypt: use HKDF-SHA512 to derive the per-inode encryption keys

Am Donnerstag, 13. Juli 2017, 18:07:54 CEST schrieb Herbert Xu: Hi Herbert, > Sure. Though I'd like to see what it looks like before I commit :) Naturally. :-) The patches would create an RNG template support. KDFs are not more than special-purpose RNGs. Ciao Stephan

[PATCH] Crypto_user: Make crypto user API available for all net ns

With this patch it's possible to use crypto user API form all network namespaces, not only form the initial net ns. Signed-off-by: Christian Langrock --- crypto/crypto_user.c| 39 ++- include/net/net_namespace.h | 1 +

[PATCH 0/2] STM32 HASH crypto driver

This set of patches adds a new crypto driver for STMicroelectronics stm32 HW. This drivers uses the crypto API and provides with HW-enabled md5, sha1, sha224, sha256 hash based algorithms. It makes use of the crypto engine to support ahash requests. This driver was successfully tested with tcrypt

[PATCH 1/2] dt-bindings: Document STM32 HASH bindings

This adds documentation of device tree bindings for the STM32 HASH controller. Signed-off-by: Lionel Debieve --- .../devicetree/bindings/crypto/st,stm32-hash.txt | 30 ++ 1 file changed, 30 insertions(+) create mode 100644

[PATCH 2/2] crypto: stm32 - Support for STM32 HASH module

This module register a HASH module that support multiples algorithms: MD5, SHA1, SHA224, SHA256. It includes the support of HMAC hardware processing corresponding to the supported algorithms. DMA or IRQ mode are used depending on data length. Signed-off-by: Lionel Debieve

Re: [PATCH 3/6] fscrypt: use HKDF-SHA512 to derive the per-inode encryption keys

Am Mittwoch, 12. Juli 2017, 23:00:32 CEST schrieb Eric Biggers: Hi Herbert, This patch adds a second KDF to the kernel -- the first is found in the keys subsystem. The next KDF that may come in is in the TLS scope. Would it make sense to warm up the KDF patches adding generic KDF support to

[PATCH 0/3] STM32 CRC update

This set of patches update the STM32 CRC driver. It contains two corrections and one global Kconfig rework. First correction is about the relaxed usage in scope of arm platform usage, second about a unbind driver issue. Last patch is about a Kconfig rework that make configuration generic for STM32

[PATCH 1/3] crypto: stm32 - CRC use relaxed function

In case of arm soc support, readl and writel will be optimized using relaxed functions Signed-off-by: Lionel Debieve Reviewed-by: Fabien Dessenne --- drivers/crypto/stm32/stm32_crc32.c | 15 --- 1 file changed, 8 insertions(+), 7

[PATCH 3/3] crypto: stm32 - Rename module to use generic crypto

The complete stm32 module is rename as crypto in order to use generic naming Signed-off-by: Lionel Debieve Reviewed-by: Fabien Dessenne --- drivers/crypto/Makefile | 2 +- drivers/crypto/stm32/Kconfig | 6 +++---

[PATCH 2/3] crypto: stm32 - solve crc issue during unbind

Use the correct unregister_shashes function to to remove the registered algo Signed-off-by: Lionel Debieve Reviewed-by: Fabien Dessenne --- drivers/crypto/stm32/stm32_crc32.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git

Re: [PATCH] Crypto_user: Make crypto user API available for all net ns

Am Donnerstag, 13. Juli 2017, 16:22:32 CEST schrieb Christian Langrock: Hi Christian, > With this patch it's possible to use crypto user API form all > network namespaces, not only form the initial net ns. Is this wise? The crypto_user interface allows root users to change settings in the

Re: [PATCH 3/6] fscrypt: use HKDF-SHA512 to derive the per-inode encryption keys

Hi Stephan, On Thu, Jul 13, 2017 at 04:54:55PM +0200, Stephan Müller wrote: > Am Mittwoch, 12. Juli 2017, 23:00:32 CEST schrieb Eric Biggers: > > Hi Herbert, > > This patch adds a second KDF to the kernel -- the first is found in the keys > subsystem. > > The next KDF that may come in is in

Re: Decreasing time for `rsa_init`

Dear Stephan, Am Mittwoch, den 12.07.2017, 19:38 +0200 schrieb Paul Menzel: > On 07/12/17 19:28, Stephan Müller wrote: > > Am Mittwoch, 12. Juli 2017, 12:59:58 CEST schrieb Paul Menzel: > > > Building CRYPTO_RSA not as module, but into the Linux kernel, > > > `rsa_init()` takes 130 ms on an

Re: [PATCH 1/6] fscrypt: add v2 encryption context and policy

On Wed, Jul 12, 2017 at 02:00:30PM -0700, Eric Biggers wrote: > From: Eric Biggers > > Currently, the fscrypt_context (i.e. the encryption xattr) does not > contain a cryptographically secure identifier for the master key's > payload. Therefore it's not possible to verify

Re: [PATCH 1/6] fscrypt: add v2 encryption context and policy

Hi Michael, On Thu, Jul 13, 2017 at 03:29:44PM -0700, Michael Halcrow wrote: > On Wed, Jul 12, 2017 at 02:00:30PM -0700, Eric Biggers wrote: > > From: Eric Biggers > > > > Currently, the fscrypt_context (i.e. the encryption xattr) does not > > contain a cryptographically

Re: [PATCH] Crypto_user: Make crypto user API available for all net ns

On Thu, Jul 13, 2017 at 04:51:10PM +0200, Stephan Müller wrote: > Am Donnerstag, 13. Juli 2017, 16:22:32 CEST schrieb Christian Langrock: > > Hi Christian, > > > With this patch it's possible to use crypto user API form all > > network namespaces, not only form the initial net ns. > > Is this

Re: [PATCH] crypto: caam - free qman_fq after kill_fq

On 7/11/2017 9:21 AM, Xulin Sun wrote: > kill_fq removes a complete frame queue, it needs to free the qman_fq > in the last. Else kmemleak will report the below warning: > > unreferenced object 0x800073085c80 (size 128): > comm "cryptomgr_test", pid 199, jiffies 4294937850 (age 67.840s) >

Re: [PATCH] crypto: change hwrng device default permissions to 0444

On 07/12/2017 12:13 PM, Herbert Xu wrote: > On Mon, Jul 03, 2017 at 12:37:59PM +0200, Harald Freudenberger wrote: >> Currently /dev/hwrng uses default device node permissions >> which is 0600. So by default the device node is not accessible >> by an ordinary user. Some distros do rewrite the

[PATCH 00/12] staging: ccree: coding style fixes

Another batch of ccree coding style fixes. These goes on top of commit a8c4ae12 ("staging: ccree: Fix alignment issues in ssi_sysfs.c") in staging-testing. Gilad Ben-Yossef (12): staging: ccree remove unnecessary parentheses staging: ccree: clean up struct ssi_aead_ctx staging: ccree: use

[PATCH 01/12] staging: ccree remove unnecessary parentheses

Remove unnecessary parentheses from ccree driver code. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_aead.c| 4 ++-- drivers/staging/ccree/ssi_buffer_mgr.c | 8 drivers/staging/ccree/ssi_driver.c | 2 +-

Re: [PATCH] crypto: change hwrng device default permissions to 0444

Hi Herbert, On 12 July 2017 at 15:43, Herbert Xu wrote: > Hmm, one usage scenario for /dev/hwrng is to feed rngd which then > feeds into /dev/random. In that case it may not be desirable to > allow arbitrary access to hwrgn since it may cause the rate of > entropy

[PATCH 10/12] staging: ccree: remove func name from log messages

The SSI_LOG macros already add __func__ to log messages, so remove log message that add them a second time in the log message itself. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_aead.c | 4 ++-- drivers/staging/ccree/ssi_cipher.c | 14 +++---

[PATCH 09/12] staging: ccree: avoid unnecessary line continuation

Avoid unnecessary line continuation in log function call. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_aead.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c index

[PATCH 11/12] staging: ccree: kmalloc by sizeof var not type

Change places where we alloc memory by sizeof type to sizeof var. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_aead.c| 4 ++-- drivers/staging/ccree/ssi_cipher.c | 4 ++-- drivers/staging/ccree/ssi_driver.c | 2 +-

[PATCH] crypto: brcm - Support more FlexRM rings than SPU engines.

Enhance code to generically support cases where DMA rings are greater than or equal to number of SPU engines. New hardware has underlying DMA engine-FlexRM with 32 rings which can be used to communicate to any of the available 10 SPU engines. Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU

[PATCH v2] crypto: caam - free qman_fq after kill_fq

kill_fq removes a complete frame queue, it needs to free the qman_fq in the last. Else kmemleak will report the below warning: unreferenced object 0x800073085c80 (size 128): comm "cryptomgr_test", pid 199, jiffies 4294937850 (age 67.840s) hex dump (first 32 bytes): 00 00 00 00 00 00

[PATCH 02/12] staging: ccree: clean up struct ssi_aead_ctx

struct ssi_aead_ctx has some nested structure defined, resulting in code accessing them to be very unreadable. Move out the nested structure definitions out of the struct and use the change to make the code accessing it more readable and better coding style compliant by shortening lines and

[PATCH 03/12] staging: ccree: use proper printk format for dma_addr_t

Fix needless casting to unsigned long long in printk for DMA addresses by using proper %pad format. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_aead.c| 16 drivers/staging/ccree/ssi_buffer_mgr.c | 48

[PATCH 07/12] staging: ccree: CamelCase to snake_case in aead struct

Rename aead_req_struct fields from CamelCase to snake_case. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_aead.c | 26 ++-- drivers/staging/ccree/ssi_aead.h | 12 +++--- drivers/staging/ccree/ssi_buffer_mgr.c | 78

[PATCH 08/12] staging: ccree: avoid constant comparison

Re-write predicate to avoid constant comparison. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_aead.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/ccree/ssi_aead.c b/drivers/staging/ccree/ssi_aead.c index

[PATCH 06/12] staging: ccree: CamelCase to snake_case in func vars

Turn local vars and function parameters names in CamelCase to snake_case. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_aead.c | 26 +- drivers/staging/ccree/ssi_buffer_mgr.c | 15 ---

[PATCH 04/12] staging: ccree: fix parenthesis alignment

Fix various remaining parenthesis alignment issues. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_aead.c| 46 + drivers/staging/ccree/ssi_buffer_mgr.c | 30 ++- drivers/staging/ccree/ssi_cipher.c | 2 +-

[PATCH 12/12] staging: ccree: remove whitespace before a quoted newline

Remove unnecessary whitespace before a quoted newline in strings. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_cipher.c | 6 +++--- drivers/staging/ccree/ssi_hash.c | 2 +- drivers/staging/ccree/ssi_sysfs.c | 10 +- 3 files changed, 9

[PATCH 05/12] staging: ccree: fix split strings

Fix strings in log messages being split across lines and the resulting alignment issues when being fixed. Signed-off-by: Gilad Ben-Yossef --- drivers/staging/ccree/ssi_aead.c| 9 ++-- drivers/staging/ccree/ssi_buffer_mgr.c | 86 ++---

Re: [PATCH v2] crypto: caam - free qman_fq after kill_fq

On 7/13/2017 12:21 PM, Xulin Sun wrote: > kill_fq removes a complete frame queue, it needs to free the qman_fq > in the last. Else kmemleak will report the below warning: > > unreferenced object 0x800073085c80 (size 128): > comm "cryptomgr_test", pid 199, jiffies 4294937850 (age 67.840s) >

[PATCH 2/3] dt-bindings: Document STM32 CRYP bindings

Document device tree bindings for the STM32 CRYP. Signed-off-by: Fabien Dessenne --- .../devicetree/bindings/crypto/st,stm32-cryp.txt | 20 1 file changed, 20 insertions(+) create mode 100644

[PATCH 3/3] crypto: stm32 - Support for STM32 CRYP crypto module

This module registers block and AEAD cipher algorithms that make use of the STMicroelectronics STM32 crypto "CRYP1" hardware. The following algorithms are supported: - aes: ecb, cbc, ctr, gcm, ccm - des: ecb, cbc - tdes: ecb, cbc Signed-off-by: Fabien Dessenne ---

[PATCH 0/3] STM32 CRYP crypto driver

This set of patches adds a new crypto driver for STMicroelectronics stm32 HW. This drivers uses the crypto API and provides with HW-enabled AEAD and block cipher algorithms. It makes use of the crypto engine which is upgraded in order to support AEAD requests. This driver was successfully tested

[PATCH 1/3] crypto: engine - permit to enqueue aead_request

The current crypto engine allows ablkcipher_request and ahash_request to be enqueued. Extend this to aead_request. Signed-off-by: Fabien Dessenne --- crypto/crypto_engine.c | 101 include/crypto/engine.h | 16 2