[PATCH v3 12/12] crypto: LLVMLinux: Remove VLAIS usage from crypto/testmgr.c
From: Jan-Simon Möller dl...@gmx.de Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Jan-Simon Möller dl...@gmx.de Signed-off-by: Behan Webster beh...@converseincode.com Cc: pagee...@freemail.hu --- crypto/testmgr.c | 14 ++ 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index ac2b631..b959c0c 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -1714,16 +1714,14 @@ static int alg_test_crc32c(const struct alg_test_desc *desc, } do { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } sdesc; + SHASH_DESC_ON_STACK(shash, tfm); + u32 *ctx = (u32 *)shash_desc_ctx(shash); - sdesc.shash.tfm = tfm; - sdesc.shash.flags = 0; + shash-tfm = tfm; + shash-flags = 0; - *(u32 *)sdesc.ctx = le32_to_cpu(420553207); - err = crypto_shash_final(sdesc.shash, (u8 *)val); + *ctx = le32_to_cpu(420553207); + err = crypto_shash_final(shash, (u8 *)val); if (err) { printk(KERN_ERR alg: crc32c: Operation failed for %s: %d\n, driver, err); -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 08/12] crypto, dm: LLVMLinux: Remove VLAIS usage from dm-crypt
From: Jan-Simon Möller dl...@gmx.de Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Jan-Simon Möller dl...@gmx.de Signed-off-by: Behan Webster beh...@converseincode.com Cc: pagee...@freemail.hu Cc: gmazyl...@gmail.com Cc: David S. Miller da...@davemloft.net Cc: Herbert Xu herb...@gondor.apana.org.au --- drivers/md/dm-crypt.c | 34 ++ 1 file changed, 14 insertions(+), 20 deletions(-) diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index cd15e08..fc93b93 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -526,29 +526,26 @@ static int crypt_iv_lmk_one(struct crypt_config *cc, u8 *iv, u8 *data) { struct iv_lmk_private *lmk = cc-iv_gen_private.lmk; - struct { - struct shash_desc desc; - char ctx[crypto_shash_descsize(lmk-hash_tfm)]; - } sdesc; + SHASH_DESC_ON_STACK(desc, lmk-hash_tfm); struct md5_state md5state; __le32 buf[4]; int i, r; - sdesc.desc.tfm = lmk-hash_tfm; - sdesc.desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; + desc-tfm = lmk-hash_tfm; + desc-flags = CRYPTO_TFM_REQ_MAY_SLEEP; - r = crypto_shash_init(sdesc.desc); + r = crypto_shash_init(desc); if (r) return r; if (lmk-seed) { - r = crypto_shash_update(sdesc.desc, lmk-seed, LMK_SEED_SIZE); + r = crypto_shash_update(desc, lmk-seed, LMK_SEED_SIZE); if (r) return r; } /* Sector is always 512B, block size 16, add data of blocks 1-31 */ - r = crypto_shash_update(sdesc.desc, data + 16, 16 * 31); + r = crypto_shash_update(desc, data + 16, 16 * 31); if (r) return r; @@ -557,12 +554,12 @@ static int crypt_iv_lmk_one(struct crypt_config *cc, u8 *iv, buf[1] = cpu_to_le32u64)dmreq-iv_sector 32) 0x00FF) | 0x8000); buf[2] = cpu_to_le32(4024); buf[3] = 0; - r = crypto_shash_update(sdesc.desc, (u8 *)buf, sizeof(buf)); + r = crypto_shash_update(desc, (u8 *)buf, sizeof(buf)); if (r) return r; /* No MD5 padding here */ - r = crypto_shash_export(sdesc.desc, md5state); + r = crypto_shash_export(desc, md5state); if (r) return r; @@ -679,10 +676,7 @@ static int crypt_iv_tcw_whitening(struct crypt_config *cc, struct iv_tcw_private *tcw = cc-iv_gen_private.tcw; u64 sector = cpu_to_le64((u64)dmreq-iv_sector); u8 buf[TCW_WHITENING_SIZE]; - struct { - struct shash_desc desc; - char ctx[crypto_shash_descsize(tcw-crc32_tfm)]; - } sdesc; + SHASH_DESC_ON_STACK(desc, tcw-crc32_tfm); int i, r; /* xor whitening with sector number */ @@ -691,16 +685,16 @@ static int crypt_iv_tcw_whitening(struct crypt_config *cc, crypto_xor(buf[8], (u8 *)sector, 8); /* calculate crc32 for every 32bit part and xor it */ - sdesc.desc.tfm = tcw-crc32_tfm; - sdesc.desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; + desc-tfm = tcw-crc32_tfm; + desc-flags = CRYPTO_TFM_REQ_MAY_SLEEP; for (i = 0; i 4; i++) { - r = crypto_shash_init(sdesc.desc); + r = crypto_shash_init(desc); if (r) goto out; - r = crypto_shash_update(sdesc.desc, buf[i * 4], 4); + r = crypto_shash_update(desc, buf[i * 4], 4); if (r) goto out; - r = crypto_shash_final(sdesc.desc, buf[i * 4]); + r = crypto_shash_final(desc, buf[i * 4]); if (r) goto out; } -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 05/12] crypto: LLVMLinux: Remove VLAIS from crypto/n2_core.c
From: Behan Webster beh...@converseincode.com Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Behan Webster beh...@converseincode.com Reviewed-by: Mark Charlebois charl...@gmail.com Reviewed-by: Jan-Simon Möller dl...@gmx.de --- drivers/crypto/n2_core.c | 11 --- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/drivers/crypto/n2_core.c b/drivers/crypto/n2_core.c index 7263c10..f8e3207 100644 --- a/drivers/crypto/n2_core.c +++ b/drivers/crypto/n2_core.c @@ -445,10 +445,7 @@ static int n2_hmac_async_setkey(struct crypto_ahash *tfm, const u8 *key, struct n2_hmac_ctx *ctx = crypto_ahash_ctx(tfm); struct crypto_shash *child_shash = ctx-child_shash; struct crypto_ahash *fallback_tfm; - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(child_shash)]; - } desc; + SHASH_DESC_ON_STACK(shash, child_shash); int err, bs, ds; fallback_tfm = ctx-base.fallback_tfm; @@ -456,15 +453,15 @@ static int n2_hmac_async_setkey(struct crypto_ahash *tfm, const u8 *key, if (err) return err; - desc.shash.tfm = child_shash; - desc.shash.flags = crypto_ahash_get_flags(tfm) + shash-tfm = child_shash; + shash-flags = crypto_ahash_get_flags(tfm) CRYPTO_TFM_REQ_MAY_SLEEP; bs = crypto_shash_blocksize(child_shash); ds = crypto_shash_digestsize(child_shash); BUG_ON(ds N2_HASH_KEY_MAX); if (keylen bs) { - err = crypto_shash_digest(desc.shash, key, keylen, + err = crypto_shash_digest(shash, key, keylen, ctx-hash_key); if (err) return err; -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 11/12] security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c
From: Behan Webster beh...@converseincode.com Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Behan Webster beh...@converseincode.com Reviewed-by: Mark Charlebois charl...@gmail.com Reviewed-by: Jan-Simon Möller dl...@gmx.de Cc: t...@linutronix.de --- security/integrity/ima/ima_crypto.c | 51 + 1 file changed, 23 insertions(+), 28 deletions(-) diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index 0bd7328..bb55737 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -380,17 +380,14 @@ static int ima_calc_file_hash_tfm(struct file *file, loff_t i_size, offset = 0; char *rbuf; int rc, read = 0; - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash-tfm = tfm; + shash-flags = 0; hash-length = crypto_shash_digestsize(tfm); - rc = crypto_shash_init(desc.shash); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -420,7 +417,7 @@ static int ima_calc_file_hash_tfm(struct file *file, break; offset += rbuf_len; - rc = crypto_shash_update(desc.shash, rbuf, rbuf_len); + rc = crypto_shash_update(shash, rbuf, rbuf_len); if (rc) break; } @@ -429,7 +426,7 @@ static int ima_calc_file_hash_tfm(struct file *file, kfree(rbuf); out: if (!rc) - rc = crypto_shash_final(desc.shash, hash-digest); + rc = crypto_shash_final(shash, hash-digest); return rc; } @@ -487,18 +484,17 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, struct ima_digest_data *hash, struct crypto_shash *tfm) { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + char desc[sizeof(struct shash_desc) + + crypto_shash_descsize(tfm)] CRYPTO_MINALIGN_ATTR; + struct shash_desc *shash = (struct shash_desc *)desc; int rc, i; - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash-tfm = tfm; + shash-flags = 0; hash-length = crypto_shash_digestsize(tfm); - rc = crypto_shash_init(desc.shash); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -508,7 +504,7 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, u32 datalen = field_data[i].len; if (strcmp(td-name, IMA_TEMPLATE_IMA_NAME) != 0) { - rc = crypto_shash_update(desc.shash, + rc = crypto_shash_update(shash, (const u8 *) field_data[i].len, sizeof(field_data[i].len)); if (rc) @@ -518,13 +514,13 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, data_to_hash = buffer; datalen = IMA_EVENT_NAME_LEN_MAX + 1; } - rc = crypto_shash_update(desc.shash, data_to_hash, datalen); + rc = crypto_shash_update(shash, data_to_hash, datalen); if (rc) break; } if (!rc) - rc = crypto_shash_final(desc.shash, hash-digest); + rc = crypto_shash_final(shash, hash-digest); return rc; } @@ -565,15 +561,14 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest, { u8 pcr_i[TPM_DIGEST_SIZE]; int rc, i; - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + char desc[sizeof(struct shash_desc) + + crypto_shash_descsize(tfm)] CRYPTO_MINALIGN_ATTR; + struct shash_desc *shash = (struct shash_desc *)desc; - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash-tfm = tfm; + shash-flags = 0; - rc = crypto_shash_init(desc.shash); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -581,10 +576,10 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest, for (i = TPM_PCR0; i TPM_PCR8; i++) { ima_pcrread(i, pcr_i); /* now accumulate with current aggregate */ - rc =
[PATCH v3 09/12] crypto: LLVMLinux: Remove VLAIS usage from crypto/hmac.c
From: Jan-Simon Möller dl...@gmx.de Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Jan-Simon Möller dl...@gmx.de Signed-off-by: Behan Webster beh...@converseincode.com Cc: pagee...@freemail.hu --- crypto/hmac.c | 25 +++-- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/crypto/hmac.c b/crypto/hmac.c index 8d9544c..e392219 100644 --- a/crypto/hmac.c +++ b/crypto/hmac.c @@ -52,20 +52,17 @@ static int hmac_setkey(struct crypto_shash *parent, struct hmac_ctx *ctx = align_ptr(opad + ss, crypto_tfm_ctx_alignment()); struct crypto_shash *hash = ctx-hash; - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(hash)]; - } desc; + SHASH_DESC_ON_STACK(shash, hash); unsigned int i; - desc.shash.tfm = hash; - desc.shash.flags = crypto_shash_get_flags(parent) - CRYPTO_TFM_REQ_MAY_SLEEP; + shash-tfm = hash; + shash-flags = crypto_shash_get_flags(parent) +CRYPTO_TFM_REQ_MAY_SLEEP; if (keylen bs) { int err; - err = crypto_shash_digest(desc.shash, inkey, keylen, ipad); + err = crypto_shash_digest(shash, inkey, keylen, ipad); if (err) return err; @@ -81,12 +78,12 @@ static int hmac_setkey(struct crypto_shash *parent, opad[i] ^= 0x5c; } - return crypto_shash_init(desc.shash) ?: - crypto_shash_update(desc.shash, ipad, bs) ?: - crypto_shash_export(desc.shash, ipad) ?: - crypto_shash_init(desc.shash) ?: - crypto_shash_update(desc.shash, opad, bs) ?: - crypto_shash_export(desc.shash, opad); + return crypto_shash_init(shash) ?: + crypto_shash_update(shash, ipad, bs) ?: + crypto_shash_export(shash, ipad) ?: + crypto_shash_init(shash) ?: + crypto_shash_update(shash, opad, bs) ?: + crypto_shash_export(shash, opad); } static int hmac_export(struct shash_desc *pdesc, void *out) -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 07/12] crypto: LLVMLinux: Remove VLAIS from crypto/.../qat_algs.c
From: Behan Webster beh...@converseincode.com Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Behan Webster beh...@converseincode.com Reviewed-by: Mark Charlebois charl...@gmail.com Reviewed-by: Jan-Simon Möller dl...@gmx.de --- drivers/crypto/qat/qat_common/qat_algs.c | 31 ++- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/drivers/crypto/qat/qat_common/qat_algs.c b/drivers/crypto/qat/qat_common/qat_algs.c index 59df488..9cabadd 100644 --- a/drivers/crypto/qat/qat_common/qat_algs.c +++ b/drivers/crypto/qat/qat_common/qat_algs.c @@ -152,10 +152,7 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash, const uint8_t *auth_key, unsigned int auth_keylen, uint8_t *auth_state) { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(ctx-hash_tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, ctx-hash_tfm); struct sha1_state sha1; struct sha256_state sha256; struct sha512_state sha512; @@ -167,12 +164,12 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash, __be64 *hash512_state_out; int i, offset; - desc.shash.tfm = ctx-hash_tfm; - desc.shash.flags = 0x0; + shash-tfm = ctx-hash_tfm; + shash-flags = 0x0; if (auth_keylen block_size) { char buff[SHA512_BLOCK_SIZE]; - int ret = crypto_shash_digest(desc.shash, auth_key, + int ret = crypto_shash_digest(shash, auth_key, auth_keylen, buff); if (ret) return ret; @@ -195,10 +192,10 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash, *opad_ptr ^= 0x5C; } - if (crypto_shash_init(desc.shash)) + if (crypto_shash_init(shash)) return -EFAULT; - if (crypto_shash_update(desc.shash, ipad, block_size)) + if (crypto_shash_update(shash, ipad, block_size)) return -EFAULT; hash_state_out = (__be32 *)hash-sha.state1; @@ -206,19 +203,19 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash, switch (ctx-qat_hash_alg) { case ICP_QAT_HW_AUTH_ALGO_SHA1: - if (crypto_shash_export(desc.shash, sha1)) + if (crypto_shash_export(shash, sha1)) return -EFAULT; for (i = 0; i digest_size 2; i++, hash_state_out++) *hash_state_out = cpu_to_be32(*(sha1.state + i)); break; case ICP_QAT_HW_AUTH_ALGO_SHA256: - if (crypto_shash_export(desc.shash, sha256)) + if (crypto_shash_export(shash, sha256)) return -EFAULT; for (i = 0; i digest_size 2; i++, hash_state_out++) *hash_state_out = cpu_to_be32(*(sha256.state + i)); break; case ICP_QAT_HW_AUTH_ALGO_SHA512: - if (crypto_shash_export(desc.shash, sha512)) + if (crypto_shash_export(shash, sha512)) return -EFAULT; for (i = 0; i digest_size 3; i++, hash512_state_out++) *hash512_state_out = cpu_to_be64(*(sha512.state + i)); @@ -227,10 +224,10 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash, return -EFAULT; } - if (crypto_shash_init(desc.shash)) + if (crypto_shash_init(shash)) return -EFAULT; - if (crypto_shash_update(desc.shash, opad, block_size)) + if (crypto_shash_update(shash, opad, block_size)) return -EFAULT; offset = round_up(qat_get_inter_state_size(ctx-qat_hash_alg), 8); @@ -239,19 +236,19 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash, switch (ctx-qat_hash_alg) { case ICP_QAT_HW_AUTH_ALGO_SHA1: - if (crypto_shash_export(desc.shash, sha1)) + if (crypto_shash_export(shash, sha1)) return -EFAULT; for (i = 0; i digest_size 2; i++, hash_state_out++) *hash_state_out = cpu_to_be32(*(sha1.state + i)); break; case ICP_QAT_HW_AUTH_ALGO_SHA256: - if (crypto_shash_export(desc.shash, sha256)) + if (crypto_shash_export(shash, sha256)) return -EFAULT; for (i = 0; i digest_size 2; i++, hash_state_out++) *hash_state_out = cpu_to_be32(*(sha256.state + i)); break;
[PATCH v3 10/12] crypto: LLVMLinux: Remove VLAIS usage from libcrc32c.c
From: Jan-Simon Möller dl...@gmx.de Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Jan-Simon Möller dl...@gmx.de Signed-off-by: Behan Webster beh...@converseincode.com Cc: pagee...@freemail.hu Cc: David S. Miller da...@davemloft.net Cc: Herbert Xu herb...@gondor.apana.org.au --- lib/libcrc32c.c | 16 +++- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/lib/libcrc32c.c b/lib/libcrc32c.c index b3131f5..6a08ce7 100644 --- a/lib/libcrc32c.c +++ b/lib/libcrc32c.c @@ -41,20 +41,18 @@ static struct crypto_shash *tfm; u32 crc32c(u32 crc, const void *address, unsigned int length) { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); + u32 *ctx = (u32 *)shash_desc_ctx(shash); int err; - desc.shash.tfm = tfm; - desc.shash.flags = 0; - *(u32 *)desc.ctx = crc; + shash-tfm = tfm; + shash-flags = 0; + *ctx = crc; - err = crypto_shash_update(desc.shash, address, length); + err = crypto_shash_update(shash, address, length); BUG_ON(err); - return *(u32 *)desc.ctx; + return *ctx; } EXPORT_SYMBOL(crc32c); -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 04/12] crypto: LLVMLinux: Remove VLAIS from crypto/mv_cesa.c
From: Behan Webster beh...@converseincode.com Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Behan Webster beh...@converseincode.com Reviewed-by: Mark Charlebois charl...@gmail.com Reviewed-by: Jan-Simon Möller dl...@gmx.de --- drivers/crypto/mv_cesa.c | 41 ++--- 1 file changed, 18 insertions(+), 23 deletions(-) diff --git a/drivers/crypto/mv_cesa.c b/drivers/crypto/mv_cesa.c index 29d0ee5..032c72c 100644 --- a/drivers/crypto/mv_cesa.c +++ b/drivers/crypto/mv_cesa.c @@ -402,26 +402,23 @@ static int mv_hash_final_fallback(struct ahash_request *req) { const struct mv_tfm_hash_ctx *tfm_ctx = crypto_tfm_ctx(req-base.tfm); struct mv_req_hash_ctx *req_ctx = ahash_request_ctx(req); - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm_ctx-fallback)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm_ctx-fallback); int rc; - desc.shash.tfm = tfm_ctx-fallback; - desc.shash.flags = CRYPTO_TFM_REQ_MAY_SLEEP; + shash-tfm = tfm_ctx-fallback; + shash-flags = CRYPTO_TFM_REQ_MAY_SLEEP; if (unlikely(req_ctx-first_hash)) { - crypto_shash_init(desc.shash); - crypto_shash_update(desc.shash, req_ctx-buffer, + crypto_shash_init(shash); + crypto_shash_update(shash, req_ctx-buffer, req_ctx-extra_bytes); } else { /* only SHA1 for now */ - rc = mv_hash_import_sha1_ctx(req_ctx, desc.shash); + rc = mv_hash_import_sha1_ctx(req_ctx, shash); if (rc) goto out; } - rc = crypto_shash_final(desc.shash, req-result); + rc = crypto_shash_final(shash, req-result); out: return rc; } @@ -794,23 +791,21 @@ static int mv_hash_setkey(struct crypto_ahash *tfm, const u8 * key, ss = crypto_shash_statesize(ctx-base_hash); { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(ctx-base_hash)]; - } desc; + SHASH_DESC_ON_STACK(shash, ctx-base_hash); + unsigned int i; char ipad[ss]; char opad[ss]; - desc.shash.tfm = ctx-base_hash; - desc.shash.flags = crypto_shash_get_flags(ctx-base_hash) + shash-tfm = ctx-base_hash; + shash-flags = crypto_shash_get_flags(ctx-base_hash) CRYPTO_TFM_REQ_MAY_SLEEP; if (keylen bs) { int err; err = - crypto_shash_digest(desc.shash, key, keylen, ipad); + crypto_shash_digest(shash, key, keylen, ipad); if (err) return err; @@ -826,12 +821,12 @@ static int mv_hash_setkey(struct crypto_ahash *tfm, const u8 * key, opad[i] ^= 0x5c; } - rc = crypto_shash_init(desc.shash) ? : - crypto_shash_update(desc.shash, ipad, bs) ? : - crypto_shash_export(desc.shash, ipad) ? : - crypto_shash_init(desc.shash) ? : - crypto_shash_update(desc.shash, opad, bs) ? : - crypto_shash_export(desc.shash, opad); + rc = crypto_shash_init(shash) ? : + crypto_shash_update(shash, ipad, bs) ? : + crypto_shash_export(shash, ipad) ? : + crypto_shash_init(shash) ? : + crypto_shash_update(shash, opad, bs) ? : + crypto_shash_export(shash, opad); if (rc == 0) mv_hash_init_ivs(ctx, ipad, opad); -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 03/12] crypto: LLVMLinux: Remove VLAIS from crypto/ccp/ccp-crypto-sha.c
From: Jan-Simon Möller dl...@gmx.de Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Jan-Simon Möller dl...@gmx.de Signed-off-by: Behan Webster beh...@converseincode.com --- drivers/crypto/ccp/ccp-crypto-sha.c | 13 ++--- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/drivers/crypto/ccp/ccp-crypto-sha.c b/drivers/crypto/ccp/ccp-crypto-sha.c index 873f234..9653157 100644 --- a/drivers/crypto/ccp/ccp-crypto-sha.c +++ b/drivers/crypto/ccp/ccp-crypto-sha.c @@ -198,10 +198,9 @@ static int ccp_sha_setkey(struct crypto_ahash *tfm, const u8 *key, { struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm)); struct crypto_shash *shash = ctx-u.sha.hmac_tfm; - struct { - struct shash_desc sdesc; - char ctx[crypto_shash_descsize(shash)]; - } desc; + + SHASH_DESC_ON_STACK(sdesc, shash); + unsigned int block_size = crypto_shash_blocksize(shash); unsigned int digest_size = crypto_shash_digestsize(shash); int i, ret; @@ -216,11 +215,11 @@ static int ccp_sha_setkey(struct crypto_ahash *tfm, const u8 *key, if (key_len block_size) { /* Must hash the input key */ - desc.sdesc.tfm = shash; - desc.sdesc.flags = crypto_ahash_get_flags(tfm) + sdesc-tfm = shash; + sdesc-flags = crypto_ahash_get_flags(tfm) CRYPTO_TFM_REQ_MAY_SLEEP; - ret = crypto_shash_digest(desc.sdesc, key, key_len, + ret = crypto_shash_digest(sdesc, key, key_len, ctx-u.sha.key); if (ret) { crypto_ahash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 06/12] crypto: LLVMLinux: Remove VLAIS from crypto/omap_sham.c
From: Behan Webster beh...@converseincode.com Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Behan Webster beh...@converseincode.com Reviewed-by: Mark Charlebois charl...@gmail.com Reviewed-by: Jan-Simon Möller dl...@gmx.de --- drivers/crypto/omap-sham.c | 28 +++- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c index 710d863..24ef489 100644 --- a/drivers/crypto/omap-sham.c +++ b/drivers/crypto/omap-sham.c @@ -949,17 +949,14 @@ static int omap_sham_finish_hmac(struct ahash_request *req) struct omap_sham_hmac_ctx *bctx = tctx-base; int bs = crypto_shash_blocksize(bctx-shash); int ds = crypto_shash_digestsize(bctx-shash); - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(bctx-shash)]; - } desc; + SHASH_DESC_ON_STACK(shash, bctx-shash); - desc.shash.tfm = bctx-shash; - desc.shash.flags = 0; /* not CRYPTO_TFM_REQ_MAY_SLEEP */ + shash-tfm = bctx-shash; + shash-flags = 0; /* not CRYPTO_TFM_REQ_MAY_SLEEP */ - return crypto_shash_init(desc.shash) ?: - crypto_shash_update(desc.shash, bctx-opad, bs) ?: - crypto_shash_finup(desc.shash, req-result, ds, req-result); + return crypto_shash_init(shash) ?: + crypto_shash_update(shash, bctx-opad, bs) ?: + crypto_shash_finup(shash, req-result, ds, req-result); } static int omap_sham_finish(struct ahash_request *req) @@ -1118,18 +1115,15 @@ static int omap_sham_update(struct ahash_request *req) return omap_sham_enqueue(req, OP_UPDATE); } -static int omap_sham_shash_digest(struct crypto_shash *shash, u32 flags, +static int omap_sham_shash_digest(struct crypto_shash *tfm, u32 flags, const u8 *data, unsigned int len, u8 *out) { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(shash)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); - desc.shash.tfm = shash; - desc.shash.flags = flags CRYPTO_TFM_REQ_MAY_SLEEP; + shash-tfm = tfm; + shash-flags = flags CRYPTO_TFM_REQ_MAY_SLEEP; - return crypto_shash_digest(desc.shash, data, len, out); + return crypto_shash_digest(shash, data, len, out); } static int omap_sham_final_shash(struct ahash_request *req) -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 02/12] btrfs: LLVMLinux: Remove VLAIS
From: Vinícius Tinti viniciusti...@gmail.com Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This is the original VLAIS struct. struct { struct shash_desc shash; char ctx[crypto_shash_descsize(tfm)]; } desc; This patch instead allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Vinícius Tinti viniciusti...@gmail.com Reviewed-by: Jan-Simon Möller dl...@gmx.de Reviewed-by: Mark Charlebois charl...@gmail.com Signed-off-by: Behan Webster beh...@converseincode.com Cc: David S. Miller da...@davemloft.net Cc: Herbert Xu herb...@gondor.apana.org.au --- fs/btrfs/hash.c | 16 +++- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/fs/btrfs/hash.c b/fs/btrfs/hash.c index 85889aa..4bf4d3a 100644 --- a/fs/btrfs/hash.c +++ b/fs/btrfs/hash.c @@ -33,18 +33,16 @@ void btrfs_hash_exit(void) u32 btrfs_crc32c(u32 crc, const void *address, unsigned int length) { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); + u32 *ctx = (u32 *)shash_desc_ctx(shash); int err; - desc.shash.tfm = tfm; - desc.shash.flags = 0; - *(u32 *)desc.ctx = crc; + shash-tfm = tfm; + shash-flags = 0; + *ctx = crc; - err = crypto_shash_update(desc.shash, address, length); + err = crypto_shash_update(shash, address, length); BUG_ON(err); - return *(u32 *)desc.ctx; + return *ctx; } -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 01/12] crypto: LLVMLinux: Add macro to remove use of VLAIS in crypto code
From: Behan Webster beh...@converseincode.com Add a macro which replaces the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This macro instead allocates the appropriate amount of memory using an char array. The new code can be compiled with both gcc and clang. struct shash_desc contains a flexible array member member ctx declared with CRYPTO_MINALIGN_ATTR, so sizeof(struct shash_desc) aligns the beginning of the array declared after struct shash_desc with long long. No trailing padding is required because it is not a struct type that can be used in an array. The CRYPTO_MINALIGN_ATTR is required so that desc is aligned with long long as would be the case for a struct containing a member with CRYPTO_MINALIGN_ATTR. Signed-off-by: Behan Webster beh...@converseincode.com --- include/crypto/hash.h | 5 + 1 file changed, 5 insertions(+) diff --git a/include/crypto/hash.h b/include/crypto/hash.h index a391955..541125b 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h @@ -58,6 +58,11 @@ struct shash_desc { void *__ctx[] CRYPTO_MINALIGN_ATTR; }; +#define SHASH_DESC_ON_STACK(shash, tfm) \ + char __desc[sizeof(struct shash_desc) + \ + crypto_shash_descsize(tfm)] CRYPTO_MINALIGN_ATTR; \ + struct shash_desc *shash = (struct shash_desc *)__desc + struct shash_alg { int (*init)(struct shash_desc *desc); int (*update)(struct shash_desc *desc, const u8 *data, -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 00/12] LLVMLinux: Patches to enable the kernel to be compiled with clang/LLVM
From: Behan Webster beh...@converseincode.com These patches replace the use of Variable Length Arrays In Structs (VLAIS) in crypto related code with C99 compliant equivalent code. A SHASH_DESC_ON_STACK() macro is added to hash.h which is then used to replace the use of VLAIS in all the other patches. The minimum size and alignment are maintained by the new code. The new code can be compiled with both gcc and clang. The LLVMLinux project aims to fully build the Linux kernel using both gcc and clang (the C front end for the LLVM compiler infrastructure project). Behan Webster (6): crypto: LLVMLinux: Add macro to remove use of VLAIS in crypto code crypto: LLVMLinux: Remove VLAIS from crypto/mv_cesa.c crypto: LLVMLinux: Remove VLAIS from crypto/n2_core.c crypto: LLVMLinux: Remove VLAIS from crypto/omap_sham.c crypto: LLVMLinux: Remove VLAIS from crypto/.../qat_algs.c security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c Jan-Simon Möller (5): crypto: LLVMLinux: Remove VLAIS from crypto/ccp/ccp-crypto-sha.c crypto, dm: LLVMLinux: Remove VLAIS usage from dm-crypt crypto: LLVMLinux: Remove VLAIS usage from crypto/hmac.c crypto: LLVMLinux: Remove VLAIS usage from libcrc32c.c crypto: LLVMLinux: Remove VLAIS usage from crypto/testmgr.c Vinícius Tinti (1): btrfs: LLVMLinux: Remove VLAIS crypto/hmac.c| 25 +++- crypto/testmgr.c | 14 - drivers/crypto/ccp/ccp-crypto-sha.c | 13 drivers/crypto/mv_cesa.c | 41 +++-- drivers/crypto/n2_core.c | 11 +++ drivers/crypto/omap-sham.c | 28 +++--- drivers/crypto/qat/qat_common/qat_algs.c | 31 +-- drivers/md/dm-crypt.c| 34 + fs/btrfs/hash.c | 16 +- include/crypto/hash.h| 5 lib/libcrc32c.c | 16 +- security/integrity/ima/ima_crypto.c | 51 ++-- 12 files changed, 126 insertions(+), 159 deletions(-) -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
RE: [PATCH] crypto: caam - Dynamic allocation of addresses for various memory blocks in CAAM.
Hi Herbert, Can you please pick this patch up. Regards Nitesh -Original Message- From: Nitesh Narayan Lal [mailto:b44...@freescale.com] Sent: Monday, September 01, 2014 3:01 PM To: linux-crypto@vger.kernel.org; herb...@gondor.apana.org.au; Garg Vakul-B16394; da...@davemloft.net; Porosanu Alexandru-B06830; Geanta Neag Horia Ioan-B05471; Phillips Kim-R1AAHA; dan.carpen...@oracle.com; linux-ker...@vger.kernel.org Cc: Lal Nitesh-B44382; Gupta Ruchika-R66431 Subject: [PATCH] crypto: caam - Dynamic allocation of addresses for various memory blocks in CAAM. CAAM's memory is broken into following address blocks: Block Included Registers 0 General Registers 1-4 Job ring registers 6 RTIC registers 7 QI registers 8 DECO and CCB Size of the above stated blocks varies in various platforms. The block size can be 4K or 64K. The block size can be dynamically determined by reading CTPR register in CAAM. This patch initializes the block addresses dynamically based on the value read from this register. Signed-off-by: Ruchika Gupta r66...@freescale.com Signed-off-by: Nitesh Narayan Lal b44...@freescale.com --- drivers/crypto/caam/ctrl.c | 114 ++- drivers/crypto/caam/intern.h | 9 ++-- drivers/crypto/caam/regs.h | 38 +++ 3 files changed, 81 insertions(+), 80 deletions(-) diff --git a/drivers/crypto/caam/ctrl.c b/drivers/crypto/caam/ctrl.c index 3cade79..cd7af27 100644 --- a/drivers/crypto/caam/ctrl.c +++ b/drivers/crypto/caam/ctrl.c @@ -1,5 +1,4 @@ -/* - * CAAM control-plane driver backend +/* * CAAM control-plane driver backend * Controller-level driver, kernel property detection, initialization * * Copyright 2008-2012 Freescale Semiconductor, Inc. @@ -81,38 +80,37 @@ static inline int run_descriptor_deco0(struct device *ctrldev, u32 *desc, u32 *status) { struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev); - struct caam_full __iomem *topregs; + struct caam_ctrl __iomem *ctrl = ctrlpriv-ctrl; + struct caam_deco __iomem *deco = ctrlpriv-deco; unsigned int timeout = 10; u32 deco_dbg_reg, flags; int i; - /* Set the bit to request direct access to DECO0 */ - topregs = (struct caam_full __iomem *)ctrlpriv-ctrl; if (ctrlpriv-virt_en == 1) { - setbits32(topregs-ctrl.deco_rsr, DECORSR_JR0); + setbits32(ctrl-deco_rsr, DECORSR_JR0); - while (!(rd_reg32(topregs-ctrl.deco_rsr) DECORSR_VALID) + while (!(rd_reg32(ctrl-deco_rsr) DECORSR_VALID) --timeout) cpu_relax(); timeout = 10; } - setbits32(topregs-ctrl.deco_rq, DECORR_RQD0ENABLE); + setbits32(ctrl-deco_rq, DECORR_RQD0ENABLE); - while (!(rd_reg32(topregs-ctrl.deco_rq) DECORR_DEN0) + while (!(rd_reg32(ctrl-deco_rq) DECORR_DEN0) --timeout) cpu_relax(); if (!timeout) { dev_err(ctrldev, failed to acquire DECO 0\n); - clrbits32(topregs-ctrl.deco_rq, DECORR_RQD0ENABLE); + clrbits32(ctrl-deco_rq, DECORR_RQD0ENABLE); return -ENODEV; } for (i = 0; i desc_len(desc); i++) - wr_reg32(topregs-deco.descbuf[i], *(desc + i)); + wr_reg32(deco-descbuf[i], *(desc + i)); flags = DECO_JQCR_WHL; /* @@ -123,11 +121,11 @@ static inline int run_descriptor_deco0(struct device *ctrldev, u32 *desc, flags |= DECO_JQCR_FOUR; /* Instruct the DECO to execute it */ - wr_reg32(topregs-deco.jr_ctl_hi, flags); + wr_reg32(deco-jr_ctl_hi, flags); timeout = 1000; do { - deco_dbg_reg = rd_reg32(topregs-deco.desc_dbg); + deco_dbg_reg = rd_reg32(deco-desc_dbg); /* * If an error occured in the descriptor, then * the DECO status field will be set to 0x0D @@ -138,14 +136,14 @@ static inline int run_descriptor_deco0(struct device *ctrldev, u32 *desc, cpu_relax(); } while ((deco_dbg_reg DESC_DBG_DECO_STAT_VALID) --timeout); - *status = rd_reg32(topregs-deco.op_status_hi) + *status = rd_reg32(deco-op_status_hi) DECO_OP_STATUS_HI_ERR_MASK; if (ctrlpriv-virt_en == 1) - clrbits32(topregs-ctrl.deco_rsr, DECORSR_JR0); + clrbits32(ctrl-deco_rsr, DECORSR_JR0); /* Mark the DECO as free */ - clrbits32(topregs-ctrl.deco_rq, DECORR_RQD0ENABLE); + clrbits32(ctrl-deco_rq, DECORR_RQD0ENABLE); if (!timeout) return -EAGAIN; @@ -176,13 +174,13 @@ static int instantiate_rng(struct device *ctrldev,
Re: [dm-devel] [PATCH v3 01/12] crypto: LLVMLinux: Add macro to remove use of VLAIS in crypto code
2014-09-15 9:30 GMT+02:00 beh...@converseincode.com: [...] +#define SHASH_DESC_ON_STACK(shash, tfm) \ + char __desc[sizeof(struct shash_desc) + \ + crypto_shash_descsize(tfm)] CRYPTO_MINALIGN_ATTR; \ + struct shash_desc *shash = (struct shash_desc *)__desc + char shash##__desc[] or similar? Otherwise it won't work if you use this macro twice in the same block. Best Regards, Michał Mirosław -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [dm-devel] [PATCH v3 01/12] crypto: LLVMLinux: Add macro to remove use of VLAIS in crypto code
On 09/15/14 01:06, Michał Mirosław wrote: 2014-09-15 9:30 GMT+02:00 beh...@converseincode.com: [...] +#define SHASH_DESC_ON_STACK(shash, tfm) \ + char __desc[sizeof(struct shash_desc) + \ + crypto_shash_descsize(tfm)] CRYPTO_MINALIGN_ATTR; \ + struct shash_desc *shash = (struct shash_desc *)__desc + char shash##__desc[] or similar? Otherwise it won't work if you use this macro twice in the same block. Best Regards, Michał Mirosław Good thinking. Will fix. Behan -- Behan Webster beh...@converseincode.com -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] crypto: talitos: Avoid excessive loops in softirq context
On Sat, Sep 13, 2014 at 1:21 AM, Kim Phillips kim.phill...@freescale.com wrote: [adding Sandeep, Horia and netdev] On Fri, 12 Sep 2014 09:39:12 +0200 Helmut Schaa helmut.sc...@googlemail.com wrote: On Fri, Sep 12, 2014 at 2:49 AM, Kim Phillips kim.phill...@freescale.com wrote: On Wed, 10 Sep 2014 10:34:47 +0200 Helmut Schaa helmut.sc...@googlemail.com wrote: The talitos driver can cause starvation of other softirqs and as such it can also cause rcu stalls like: ... Work around this by processing a maximum amount of 16 finished requests and rescheduling the done-tasklet if any work is left. This allows other softirqs to run. 16 sounds rather arbitrary, and application-dependent - talitos' FIFO size is 24. Yep, 16 is arbitrary, I can also do fifo_len if you prefer? IIRC, netdev's NAPI can be refactored out of just being able to work on network devices, and be made to apply to crypto devices, too. In fact, some old Freescale hacks of this nature have improved performance. Can we do something like refactor NAPI instead? That would indeed be nice but sounds like quite some more work and I won't have time to do so. Especially since my system was taken down completely by the talitos tasklet under some circumstances. If there is any work going on in that regard I'd be fine with just dropping that patch (and carrying it myself until the refactoring is done). I'm not aware of any, but to prove whether NAPI actually fixes the issue, can you try applying this patch: http://patchwork.ozlabs.org/patch/146094/ I guess this would fix it too. Will run some tests soon. Helmut -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
v3.17-rc5: alg: skcipher: Test 4 failed on encryption for ctr-aes-aesni
Hi, I upgraded from v3.16 to v3.17-rc5 and the ctr-aes-aesni encryption test fails, which makes my IPsec tunnels unhappy (see trace below). Before I start bisecting (2cddcc7df8fd3 is probably my first guess), is this already known? Sep 15 08:07:56 silenus kernel: [ 35.137145] alg: skcipher: Test 4 failed on encryption for ctr-aes-aesni Sep 15 08:07:56 silenus kernel: [ 35.137149] : 04 f3 d3 88 17 ef dc ef 8b 04 f8 3a 66 8d 1a 53 Sep 15 08:07:56 silenus kernel: [ 35.137150] 0010: 57 1f 4b 23 e4 a0 af f9 69 95 35 98 8d 4d 8c c1 Sep 15 08:07:56 silenus kernel: [ 35.137151] 0020: f0 b2 7f 80 bb 54 28 a2 7a 1b 9f 77 ec 0e 6e de Sep 15 08:07:56 silenus kernel: [ 35.137152] 0030: 57 1d d4 66 07 60 e1 80 08 24 3f 93 15 54 bb 2a Sep 15 08:07:56 silenus kernel: [ 35.137153] 0040: 9f 24 2b 17 92 60 05 68 21 74 a4 0a 28 eb 27 48 Sep 15 08:07:56 silenus kernel: [ 35.137153] 0050: 90 50 37 ca 5c 0b 67 52 27 d2 7c 39 4b 85 35 0a Sep 15 08:07:56 silenus kernel: [ 35.137154] 0060: 23 90 a1 a0 79 8b 33 c0 73 d6 a0 9b fc 83 c9 f0 Sep 15 08:07:56 silenus kernel: [ 35.137155] 0070: ef 23 22 19 16 6d e8 f4 b1 17 16 30 31 e8 a5 53 Sep 15 08:07:56 silenus kernel: [ 35.137155] 0080: db 04 d8 bf 2e 75 9e 06 68 39 96 ec 38 1c 66 74 Sep 15 08:07:56 silenus kernel: [ 35.137156] 0090: 7f e3 85 62 d5 1c da 83 86 63 07 41 f3 ce 2e c9 Sep 15 08:07:56 silenus kernel: [ 35.137157] 00a0: 3a 6e d8 be bd f3 d7 26 a1 a3 c6 ad 6d 65 32 7b Sep 15 08:07:56 silenus kernel: [ 35.137158] 00b0: 6a 84 9c 11 1a b2 bc 0f a9 88 1e 4c 6b 36 52 ee Sep 15 08:07:56 silenus kernel: [ 35.137158] 00c0: eb 4d 79 9d d2 f6 af a9 8c 79 09 16 80 a4 25 9d Sep 15 08:07:56 silenus kernel: [ 35.137159] 00d0: e1 c5 e5 8e bf 4e cd 3f dd 2d f5 33 b8 ad 3d 2c Sep 15 08:07:56 silenus kernel: [ 35.137160] 00e0: a1 ac 58 7c 45 3f f7 18 4d 02 93 a1 53 f4 07 f4 Sep 15 08:07:56 silenus kernel: [ 35.137161] 00f0: 4c 31 1e 3a 5b 7f 2d 0a d5 e1 6a eb 1d 55 47 29 Sep 15 08:07:56 silenus kernel: [ 35.137161] 0100: ce 7b 1a 08 c6 62 1a a3 f1 bd 8e 05 7a 86 75 cd Sep 15 08:07:56 silenus kernel: [ 35.137162] 0110: a7 8e ba 3e 1b 9a ce 2e 10 4b 06 ce ed 5e 6f 77 Sep 15 08:07:56 silenus kernel: [ 35.137163] 0120: 8e bc d0 08 40 2c 86 f2 6b 35 17 4d d7 b8 63 08 Sep 15 08:07:56 silenus kernel: [ 35.137163] 0130: af d9 ed ca ad 5e 0b a4 d9 8e ff 8a d7 9f ae 1b Sep 15 08:07:56 silenus kernel: [ 35.137164] 0140: 11 1e 51 8e 98 22 09 99 2d ff a3 df 8a 38 76 5c Sep 15 08:07:56 silenus kernel: [ 35.137165] 0150: df 1a b1 79 2f 00 dc 39 42 d2 fe 0f 66 2b 75 72 Sep 15 08:07:56 silenus kernel: [ 35.137166] 0160: 31 e0 59 34 2e 5a c6 51 3e 39 10 11 a6 42 48 34 Sep 15 08:07:56 silenus kernel: [ 35.137166] 0170: 72 5b 16 8d b4 f8 92 e1 9c 84 34 48 2c db 20 38 Sep 15 08:07:56 silenus kernel: [ 35.137167] 0180: ef 74 1b d1 71 f9 84 f7 17 0e df cc ec 13 80 a3 Sep 15 08:07:56 silenus kernel: [ 35.137168] 0190: 7c 66 7c 2c 1e a4 09 8e ff 4a 19 b6 5f 6d fb 84 Sep 15 08:07:56 silenus kernel: [ 35.137169] 01a0: 13 99 37 d1 b7 e6 36 06 a9 b8 40 39 46 25 56 eb Sep 15 08:07:56 silenus kernel: [ 35.137169] 01b0: 98 59 07 b2 80 95 fb 98 47 30 e1 8f be 7f c4 7e Sep 15 08:07:56 silenus kernel: [ 35.137170] 01c0: 77 8f 11 c9 b2 08 15 58 6c 57 20 c0 39 f8 5e f4 Sep 15 08:07:56 silenus kernel: [ 35.137171] 01d0: 0d 91 dc 86 0f b5 99 09 d4 e2 8f a0 bf 83 99 b3 Sep 15 08:07:56 silenus kernel: [ 35.137171] 01e0: c3 98 13 9c dc f7 ad 6a 1c 02 8e 45 43 da 3e c6 Sep 15 08:07:56 silenus kernel: [ 35.137195] alg: aead: setkey failed on test 1 for rfc4106-gcm-aesni: flags=0 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Crypto Fixes for 3.17
Hi Linus: This push fixes the newly added drbg generator so that it actually works on 32-bit machines. Previously the code was only tested on 64-bit and on 32-bit it overflowed and simply doesn't work. Please pull from git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git or master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6.git Herbert Xu (1): crypto: drbg - backport fix maximum value checks on 32 bit systems Stephan Mueller (1): crypto: drbg - remove check for uninitialized DRBG handle crypto/drbg.c |3 --- include/crypto/drbg.h | 13 + 2 files changed, 13 insertions(+), 3 deletions(-) Thanks, -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 0/3] crypto: qat: Qat driver fixes.
On Wed, Sep 10, 2014 at 02:07:20PM -0700, Tadeusz Struk wrote: Hi, Updates for the qat driver. First patch enables all 32 IRQs by default. Second fixes a typo of tasklet variable. Third removes extra buffers for HW state for partial requests. --- Tadeusz Struk (3): crypto: qat: Enable all 32 IRQs crypto: qat: Fix typo in name of tasklet_struct crypto: qat: Removed unneeded partial state All applied. -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] crypto: ccp - Check for CCP before registering crypto algs
On Fri, Sep 05, 2014 at 11:49:38PM +, Scot Doyle wrote: On Fri, 5 Sep 2014, Tom Lendacky wrote: If the ccp is built as a built-in module, then ccp-crypto (whether built as a module or a built-in module) will be able to load and it will register its crypto algorithms. If the system does not have a CCP this will result in -ENODEV being returned whenever a command is attempted to be queued by the registered crypto algorithms. Add an API, ccp_present(), that checks for the presence of a CCP on the system. The ccp-crypto module can use this to determine if it should register it's crypto alogorithms. Reported-by: Scot Doyle lkm...@scotdoyle.com Signed-off-by: Tom Lendacky thomas.lenda...@amd.com Tested-by: Scot Doyle lkm...@scotdoyle.com Patch applied. Thanks! -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] crypto: caam - Dynamic allocation of addresses for various memory blocks in CAAM.
On Mon, Sep 01, 2014 at 03:00:44PM +0530, Nitesh Narayan Lal wrote: CAAM's memory is broken into following address blocks: Block Included Registers 0 General Registers 1-4 Job ring registers 6 RTIC registers 7 QI registers 8 DECO and CCB Size of the above stated blocks varies in various platforms. The block size can be 4K or 64K. The block size can be dynamically determined by reading CTPR register in CAAM. This patch initializes the block addresses dynamically based on the value read from this register. Signed-off-by: Ruchika Gupta r66...@freescale.com Signed-off-by: Nitesh Narayan Lal b44...@freescale.com Patch applied. Thanks! -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v2] crypto: memzero_explicit - make sure to clear out sensitive data
On Sun, Sep 07, 2014 at 11:23:38PM +0200, Daniel Borkmann wrote: Recently, in commit 13aa93c70e71 (random: add and use memzero_explicit() for clearing data), we have found that GCC may optimize some memset() cases away when it detects a stack variable is not being used anymore and going out of scope. This can happen, for example, in cases when we are clearing out sensitive information such as keying material or any e.g. intermediate results from crypto computations, etc. With the help of Coccinelle, we can figure out and fix such occurences in the crypto subsytem as well. Julia Lawall provided the following Coccinelle program: @@ type T; identifier x; @@ T x; ... when exists when any -memset +memzero_explicit (x, -0, ...) ... when != x when strict @@ type T; identifier x; @@ T x[...]; ... when exists when any -memset +memzero_explicit (x, -0, ...) ... when != x when strict Therefore, make use of the drop-in replacement memzero_explicit() for exactly such cases instead of using memset(). Signed-off-by: Daniel Borkmann dbork...@redhat.com Cc: Julia Lawall julia.law...@lip6.fr Cc: Herbert Xu herb...@gondor.apana.org.au Cc: Theodore Ts'o ty...@mit.edu Cc: Hannes Frederic Sowa han...@stressinduktion.org Acked-by: Herbert Xu herb...@gondor.apana.org.au Thanks, -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v3 11/12] security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c
On Mon, Sep 15, 2014 at 12:30 AM, beh...@converseincode.com wrote: From: Behan Webster beh...@converseincode.com Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. You only made the first case use SHASH_DESC_ON_STACK, the two other cases you left in the ugly format. Was that just an oversight, or was there some reason for it? Linus -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v3 11/12] security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c
On 09/15/14 07:21, Linus Torvalds wrote: On Mon, Sep 15, 2014 at 12:30 AM, beh...@converseincode.com wrote: From: Behan Webster beh...@converseincode.com Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. You only made the first case use SHASH_DESC_ON_STACK, the two other cases you left in the ugly format. Was that just an oversight, or was there some reason for it? Oversight. Will Fix. Behan -- Behan Webster beh...@converseincode.com -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
H
Please Revert back, your assistance is needed. --- The Exhibitor at innoTrans, Berlin 2014 Hall : 15.1 / Stand no : 109 http://www.virtualmarket.innotrans.de/?Action=showCompanyid=346242 -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[3.13.y.z extended stable] Patch crypto: ux500 - make interrupt mode plausible has been added to staging queue
This is a note to let you know that I have just added a patch titled crypto: ux500 - make interrupt mode plausible to the linux-3.13.y-queue branch of the 3.13.y.z extended stable tree which can be found at: http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.13.y-queue This patch is scheduled to be released in version 3.13.11.7. If you, or anyone else, feels it should not be added to this tree, please reply to this email. For more information about the 3.13.y.z tree, see https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable Thanks. -Kamal -- From da0a425f527432abe5d2a6428bb47f96d596f376 Mon Sep 17 00:00:00 2001 From: Arnd Bergmann a...@arndb.de Date: Thu, 26 Jun 2014 13:43:02 +0200 Subject: crypto: ux500 - make interrupt mode plausible commit e1f8859ee265fc89bd21b4dca79e8e983a044892 upstream. The interrupt handler in the ux500 crypto driver has an obviously incorrect way to access the data buffer, which for a while has caused this build warning: ../ux500/cryp/cryp_core.c: In function 'cryp_interrupt_handler': ../ux500/cryp/cryp_core.c:234:5: warning: passing argument 1 of '__fswab32' makes integer from pointer without a cast [enabled by default] writel_relaxed(ctx-indata, ^ In file included from ../include/linux/swab.h:4:0, from ../include/uapi/linux/byteorder/big_endian.h:12, from ../include/linux/byteorder/big_endian.h:4, from ../arch/arm/include/uapi/asm/byteorder.h:19, from ../include/asm-generic/bitops/le.h:5, from ../arch/arm/include/asm/bitops.h:340, from ../include/linux/bitops.h:33, from ../include/linux/kernel.h:10, from ../include/linux/clk.h:16, from ../drivers/crypto/ux500/cryp/cryp_core.c:12: ../include/uapi/linux/swab.h:57:119: note: expected '__u32' but argument is of type 'const u8 *' static inline __attribute_const__ __u32 __fswab32(__u32 val) There are at least two, possibly three problems here: a) when writing into the FIFO, we copy the pointer rather than the actual data we want to give to the hardware b) the data pointer is an array of 8-bit values, while the FIFO is 32-bit wide, so both the read and write access fail to do a proper type conversion c) This seems incorrect for big-endian kernels, on which we need to byte-swap any register access, but not normally FIFO accesses, at least the DMA case doesn't do it either. This converts the bogus loop to use the same readsl/writesl pair that we use for the two other modes (DMA and polling). This is more efficient and consistent, and probably correct for endianess. The bug has existed since the driver was first merged, and was probably never detected because nobody tried to use interrupt mode. It might make sense to backport this fix to stable kernels, depending on how the crypto maintainers feel about that. Signed-off-by: Arnd Bergmann a...@arndb.de Cc: linux-crypto@vger.kernel.org Cc: Fabio Baltieri fabio.balti...@linaro.org Cc: Linus Walleij linus.wall...@linaro.org Cc: Herbert Xu herb...@gondor.apana.org.au Cc: David S. Miller da...@davemloft.net Signed-off-by: Herbert Xu herb...@gondor.apana.org.au Signed-off-by: Kamal Mostafa ka...@canonical.com --- drivers/crypto/ux500/cryp/cryp_core.c | 25 - 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/drivers/crypto/ux500/cryp/cryp_core.c b/drivers/crypto/ux500/cryp/cryp_core.c index a999f53..92105f3 100644 --- a/drivers/crypto/ux500/cryp/cryp_core.c +++ b/drivers/crypto/ux500/cryp/cryp_core.c @@ -190,7 +190,7 @@ static void add_session_id(struct cryp_ctx *ctx) static irqreturn_t cryp_interrupt_handler(int irq, void *param) { struct cryp_ctx *ctx; - int i; + int count; struct cryp_device_data *device_data; if (param == NULL) { @@ -215,12 +215,11 @@ static irqreturn_t cryp_interrupt_handler(int irq, void *param) if (cryp_pending_irq_src(device_data, CRYP_IRQ_SRC_OUTPUT_FIFO)) { if (ctx-outlen / ctx-blocksize 0) { - for (i = 0; i ctx-blocksize / 4; i++) { - *(ctx-outdata) = readl_relaxed( - device_data-base-dout); - ctx-outdata += 4; - ctx-outlen -= 4; - } + count = ctx-blocksize / 4; + + readsl(device_data-base-dout, ctx-outdata, count); + ctx-outdata += count; + ctx-outlen -= count; if (ctx-outlen == 0) { cryp_disable_irq_src(device_data, @@ -230,12 +229,12 @@ static irqreturn_t cryp_interrupt_handler(int irq, void *param) } else if (cryp_pending_irq_src(device_data,
[PATCH 3.13 056/187] crypto: ux500 - make interrupt mode plausible
3.13.11.7 -stable review patch. If anyone has any objections, please let me know. -- From: Arnd Bergmann a...@arndb.de commit e1f8859ee265fc89bd21b4dca79e8e983a044892 upstream. The interrupt handler in the ux500 crypto driver has an obviously incorrect way to access the data buffer, which for a while has caused this build warning: ../ux500/cryp/cryp_core.c: In function 'cryp_interrupt_handler': ../ux500/cryp/cryp_core.c:234:5: warning: passing argument 1 of '__fswab32' makes integer from pointer without a cast [enabled by default] writel_relaxed(ctx-indata, ^ In file included from ../include/linux/swab.h:4:0, from ../include/uapi/linux/byteorder/big_endian.h:12, from ../include/linux/byteorder/big_endian.h:4, from ../arch/arm/include/uapi/asm/byteorder.h:19, from ../include/asm-generic/bitops/le.h:5, from ../arch/arm/include/asm/bitops.h:340, from ../include/linux/bitops.h:33, from ../include/linux/kernel.h:10, from ../include/linux/clk.h:16, from ../drivers/crypto/ux500/cryp/cryp_core.c:12: ../include/uapi/linux/swab.h:57:119: note: expected '__u32' but argument is of type 'const u8 *' static inline __attribute_const__ __u32 __fswab32(__u32 val) There are at least two, possibly three problems here: a) when writing into the FIFO, we copy the pointer rather than the actual data we want to give to the hardware b) the data pointer is an array of 8-bit values, while the FIFO is 32-bit wide, so both the read and write access fail to do a proper type conversion c) This seems incorrect for big-endian kernels, on which we need to byte-swap any register access, but not normally FIFO accesses, at least the DMA case doesn't do it either. This converts the bogus loop to use the same readsl/writesl pair that we use for the two other modes (DMA and polling). This is more efficient and consistent, and probably correct for endianess. The bug has existed since the driver was first merged, and was probably never detected because nobody tried to use interrupt mode. It might make sense to backport this fix to stable kernels, depending on how the crypto maintainers feel about that. Signed-off-by: Arnd Bergmann a...@arndb.de Cc: linux-crypto@vger.kernel.org Cc: Fabio Baltieri fabio.balti...@linaro.org Cc: Linus Walleij linus.wall...@linaro.org Cc: Herbert Xu herb...@gondor.apana.org.au Cc: David S. Miller da...@davemloft.net Signed-off-by: Herbert Xu herb...@gondor.apana.org.au Signed-off-by: Kamal Mostafa ka...@canonical.com --- drivers/crypto/ux500/cryp/cryp_core.c | 25 - 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/drivers/crypto/ux500/cryp/cryp_core.c b/drivers/crypto/ux500/cryp/cryp_core.c index a999f53..92105f3 100644 --- a/drivers/crypto/ux500/cryp/cryp_core.c +++ b/drivers/crypto/ux500/cryp/cryp_core.c @@ -190,7 +190,7 @@ static void add_session_id(struct cryp_ctx *ctx) static irqreturn_t cryp_interrupt_handler(int irq, void *param) { struct cryp_ctx *ctx; - int i; + int count; struct cryp_device_data *device_data; if (param == NULL) { @@ -215,12 +215,11 @@ static irqreturn_t cryp_interrupt_handler(int irq, void *param) if (cryp_pending_irq_src(device_data, CRYP_IRQ_SRC_OUTPUT_FIFO)) { if (ctx-outlen / ctx-blocksize 0) { - for (i = 0; i ctx-blocksize / 4; i++) { - *(ctx-outdata) = readl_relaxed( - device_data-base-dout); - ctx-outdata += 4; - ctx-outlen -= 4; - } + count = ctx-blocksize / 4; + + readsl(device_data-base-dout, ctx-outdata, count); + ctx-outdata += count; + ctx-outlen -= count; if (ctx-outlen == 0) { cryp_disable_irq_src(device_data, @@ -230,12 +229,12 @@ static irqreturn_t cryp_interrupt_handler(int irq, void *param) } else if (cryp_pending_irq_src(device_data, CRYP_IRQ_SRC_INPUT_FIFO)) { if (ctx-datalen / ctx-blocksize 0) { - for (i = 0 ; i ctx-blocksize / 4; i++) { - writel_relaxed(ctx-indata, - device_data-base-din); - ctx-indata += 4; - ctx-datalen -= 4; - } + count = ctx-blocksize / 4; + + writesl(device_data-base-din, ctx-indata, count); + + ctx-indata += count; + ctx-datalen -= count;
RFC possible changes for Linux random device
I have started a thread with the above title on Perry's crypto list. Archive at: http://www.metzdowd.com/pipermail/cryptography/2014-September/022795.html First message was: I have some experimental code to replace parts of random.c It is not finished but far enough along to seek comment. It does compile with either gcc or clang, run and produce reasonable-looking results but is not well-tested. splint(1) complains about parts of it, but do not think it is indicating any real problems. Next two posts will be the main code and a support program it uses. I change nothing on the input side; the entropy collection and estimation parts of existing code are untouched. The hashing and output routines, though, are completely replaced, and much of the initialisation code is modified. It uses the 128-bit hash from AES-GCM instead of 160-bit SHA-1. Changing the hash allows other changes. One design goal was improved decoupling so that heavy use of /dev/urandom does not deplete the entropy pool for /dev/random. Another was simpler mixing in of additional data in various places. -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html