[PATCH] staging: ccree: Convert to platform_{get,set}_drvdata()

[sunil . m]

From: Suniel Mahesh <suni...@techveda.org>

Platform devices are expected to use wrapper functions,
platform_{get,set}_drvdata() with platform_device as argument,
for getting and setting the driver data. dev_{get,set}_drvdata()
are using _dev->dev.
For wrapper functions we can directly pass a struct platform_device.

dev_set_drvdata() is redundant and therefore removed. The driver core
clears the driver data to NULL after device_release or on probe failure.

Signed-off-by: Suniel Mahesh <suni...@techveda.org>
---
Note:
- Patch was tested and built(ARCH=arm) on next-20170921.
  No build issues reported, however it was not tested on
  real hardware.
---
 drivers/staging/ccree/ssi_driver.c | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/drivers/staging/ccree/ssi_driver.c 
b/drivers/staging/ccree/ssi_driver.c
index 6d16220..53b4a8c 100644
--- a/drivers/staging/ccree/ssi_driver.c
+++ b/drivers/staging/ccree/ssi_driver.c
@@ -236,7 +236,7 @@ static int init_cc_resources(struct platform_device 
*plat_dev)
rc = -ENOMEM;
goto post_drvdata_err;
}
-   dev_set_drvdata(_dev->dev, new_drvdata);
+   platform_set_drvdata(plat_dev, new_drvdata);
new_drvdata->plat_dev = plat_dev;
 
new_drvdata->clk = of_clk_get(np, 0);
@@ -415,7 +415,6 @@ static int init_cc_resources(struct platform_device 
*plat_dev)
cc_clk_off(new_drvdata);
 post_drvdata_err:
SSI_LOG_ERR("ccree init error occurred!\n");
-   dev_set_drvdata(_dev->dev, NULL);
return rc;
 }
 
@@ -429,7 +428,7 @@ void fini_cc_regs(struct ssi_drvdata *drvdata)
 static void cleanup_cc_resources(struct platform_device *plat_dev)
 {
struct ssi_drvdata *drvdata =
-   (struct ssi_drvdata *)dev_get_drvdata(_dev->dev);
+   (struct ssi_drvdata *)platform_get_drvdata(plat_dev);
 
ssi_aead_free(drvdata);
ssi_hash_free(drvdata);
@@ -445,7 +444,6 @@ static void cleanup_cc_resources(struct platform_device 
*plat_dev)
 #endif
fini_cc_regs(drvdata);
cc_clk_off(drvdata);
-   dev_set_drvdata(_dev->dev, NULL);
 }
 
 int cc_clk_on(struct ssi_drvdata *drvdata)
-- 
1.9.1

[PATCH v2] staging: ccree: Convert to platform_{get,set}_drvdata()

[sunil . m]

From: Suniel Mahesh <suni...@techveda.org>

Platform devices are expected to use wrapper functions,
platform_{get,set}_drvdata() with platform_device as argument,
for getting and setting the driver data. dev_{get,set}_drvdata()
are using _dev->dev.
For wrapper functions we can directly pass a struct platform_device.

dev_set_drvdata() is redundant and therefore removed. The driver core
clears the driver data to NULL after device_release or on probe failure.

Signed-off-by: Suniel Mahesh <suni...@techveda.org>
---
Changes for v2:
- Rebased on top of staging-testing.
---
Note:
- Patch was tested and built(ARCH=arm) on next-20170921.
  No build issues reported, however it was not tested on
  real hardware.
---
 drivers/staging/ccree/ssi_driver.c | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/drivers/staging/ccree/ssi_driver.c 
b/drivers/staging/ccree/ssi_driver.c
index 6d16220..53b4a8c 100644
--- a/drivers/staging/ccree/ssi_driver.c
+++ b/drivers/staging/ccree/ssi_driver.c
@@ -236,7 +236,7 @@ static int init_cc_resources(struct platform_device 
*plat_dev)
rc = -ENOMEM;
goto post_drvdata_err;
}
-   dev_set_drvdata(_dev->dev, new_drvdata);
+   platform_set_drvdata(plat_dev, new_drvdata);
new_drvdata->plat_dev = plat_dev;
 
new_drvdata->clk = of_clk_get(np, 0);
@@ -415,7 +415,6 @@ static int init_cc_resources(struct platform_device 
*plat_dev)
cc_clk_off(new_drvdata);
 post_drvdata_err:
SSI_LOG_ERR("ccree init error occurred!\n");
-   dev_set_drvdata(_dev->dev, NULL);
return rc;
 }
 
@@ -429,7 +428,7 @@ void fini_cc_regs(struct ssi_drvdata *drvdata)
 static void cleanup_cc_resources(struct platform_device *plat_dev)
 {
struct ssi_drvdata *drvdata =
-   (struct ssi_drvdata *)dev_get_drvdata(_dev->dev);
+   (struct ssi_drvdata *)platform_get_drvdata(plat_dev);
 
ssi_aead_free(drvdata);
ssi_hash_free(drvdata);
@@ -445,7 +444,6 @@ static void cleanup_cc_resources(struct platform_device 
*plat_dev)
 #endif
fini_cc_regs(drvdata);
cc_clk_off(drvdata);
-   dev_set_drvdata(_dev->dev, NULL);
 }
 
 int cc_clk_on(struct ssi_drvdata *drvdata)
-- 
1.9.1

Re: KPP questions and confusion

[Tudor Ambarus]

Hi, Marcel,

On 08/03/2017 11:40 AM, Marcel Holtmann wrote:

Essentially we do what all other key exchange procedure do. Generate a 
private/public key pair, give the public key to the other side, run DH with the 
value from the other side. That Bluetooth SMP knows about the private key is 
really pointless. Since the detection of debug key usage is actually via the 
public key portion.


I'm working on letting the bluetooth smp benefit of the ecc private key
generation from the crypto subsystem. I will send some patches soon.

Cheers,
ta

[RFC PATCH 0/2] let the crypto subsystem generate the ecc privkey

[Tudor Ambarus]

That Bluetooth SMP knows about the private key is pointless, since the
detection of debug key usage is actually via the public key portion.
With this patch set, the Bluetooth SMP will stop keeping a copy of the
ecdh private key, except when using debug keys. This way we let the
crypto subsystem to generate and handle the ecdh private key,
potentially benefiting of hardware ecc private key generation and
retention.

Tested with selftest and with btmon and smp-tester on top of hci_vhci,
with ecdh done in both software and hardware (through atmel-ecc driver).
All tests passed.

Tudor Ambarus (2):
  Bluetooth: move ecdh allocation outside of ecdh_helper
  Bluetooth: let the crypto subsystem generate the ecc privkey

 net/bluetooth/ecdh_helper.c | 138 ++--
 net/bluetooth/ecdh_helper.h |   8 ++-
 net/bluetooth/selftest.c|  29 +++---
 net/bluetooth/smp.c | 120 --
 4 files changed, 159 insertions(+), 136 deletions(-)

-- 
2.9.4

[PATCH] staging:ccree Fix char * array declaration

[Janani Sankara Babu]

This patch solves the following warning shown by the checkpatch script
Warning: char * array declaration might be better as static const

Signed-off-by: Janani Sankara Babu 
---
 drivers/staging/ccree/ssi_sysfs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/staging/ccree/ssi_sysfs.c 
b/drivers/staging/ccree/ssi_sysfs.c
index dbcd163..87cef46 100644
--- a/drivers/staging/ccree/ssi_sysfs.c
+++ b/drivers/staging/ccree/ssi_sysfs.c
@@ -300,7 +300,7 @@ static ssize_t ssi_sys_regdump_show(struct kobject *kobj,
 static ssize_t ssi_sys_help_show(struct kobject *kobj,
struct kobj_attribute *attr, char *buf)
 {
-   char *help_str[] = {
+   static const char *help_str[] = {
"cat reg_dump  ", "Print several of 
CC register values",
#if defined CC_CYCLE_COUNT
"cat stats_host", "Print host 
statistics",
-- 
1.9.1

[PATCH] staging:ccree Fix dont use assignment in if condition

[Janani Sankara Babu]

This patch solves the following error shown by checkpatch script
ERROR: do not use assignment in if condition

Signed-off-by: Janani Sankara Babu 
---
 drivers/staging/ccree/ssi_hash.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/drivers/staging/ccree/ssi_hash.c b/drivers/staging/ccree/ssi_hash.c
index ae8f36a..08eaa56 100644
--- a/drivers/staging/ccree/ssi_hash.c
+++ b/drivers/staging/ccree/ssi_hash.c
@@ -601,8 +601,8 @@ static int ssi_hash_update(struct ahash_req_ctx *state,
/* no real updates required */
return 0;
}
-
-   if (unlikely(rc = ssi_buffer_mgr_map_hash_request_update(ctx->drvdata, 
state, src, nbytes, block_size))) {
+   rc = ssi_buffer_mgr_map_hash_request_update(ctx->drvdata, state, src, 
nbytes, block_size);
+   if (unlikely(rc)) {
if (rc == 1) {
SSI_LOG_DEBUG(" data size not require HW update %x\n",
 nbytes);
@@ -1403,8 +1403,8 @@ static int ssi_mac_update(struct ahash_request *req)
}
 
state->xcbc_count++;
-
-   if (unlikely(rc = ssi_buffer_mgr_map_hash_request_update(ctx->drvdata, 
state, req->src, req->nbytes, block_size))) {
+   rc = ssi_buffer_mgr_map_hash_request_update(ctx->drvdata, state, 
req->src, req->nbytes, block_size);
+   if (unlikely(rc)) {
if (rc == 1) {
SSI_LOG_DEBUG(" data size not require HW update %x\n",
 req->nbytes);
-- 
1.9.1

[PATCH] staging:ccree Fix use BIT macro

[Janani Sankara Babu]

This patch is created to solve the following warning shown by the checkpatch
script Warning: Replace all occurences of (1<
---
 drivers/staging/ccree/ssi_cipher.h | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/drivers/staging/ccree/ssi_cipher.h 
b/drivers/staging/ccree/ssi_cipher.h
index 296b375..6fbcf9d 100644
--- a/drivers/staging/ccree/ssi_cipher.h
+++ b/drivers/staging/ccree/ssi_cipher.h
@@ -27,11 +27,11 @@
 #include "ssi_buffer_mgr.h"
 
 /* Crypto cipher flags */
-#define CC_CRYPTO_CIPHER_KEY_KFDE0(1 << 0)
-#define CC_CRYPTO_CIPHER_KEY_KFDE1(1 << 1)
-#define CC_CRYPTO_CIPHER_KEY_KFDE2(1 << 2)
-#define CC_CRYPTO_CIPHER_KEY_KFDE3(1 << 3)
-#define CC_CRYPTO_CIPHER_DU_SIZE_512B (1 << 4)
+#define CC_CRYPTO_CIPHER_KEY_KFDE0BIT(0)
+#define CC_CRYPTO_CIPHER_KEY_KFDE1BIT(1)
+#define CC_CRYPTO_CIPHER_KEY_KFDE2BIT(2)
+#define CC_CRYPTO_CIPHER_KEY_KFDE3BIT(3)
+#define CC_CRYPTO_CIPHER_DU_SIZE_512B BIT(4)
 
 #define CC_CRYPTO_CIPHER_KEY_KFDE_MASK (CC_CRYPTO_CIPHER_KEY_KFDE0 | 
CC_CRYPTO_CIPHER_KEY_KFDE1 | CC_CRYPTO_CIPHER_KEY_KFDE2 | 
CC_CRYPTO_CIPHER_KEY_KFDE3)
 
-- 
1.9.1

[PATCH 2/6] crypto: talitos - fix hashing

[Christophe Leroy]

md5sum on some files gives wrong result

Exemple:

With the md5sum from libkcapi:
c15115c05bad51113f81bdaee735dd09  test

With the original md5sum:
bbdf41d80ba7e8b2b7be3a0772be76cb  test

This patch fixes this issue

Signed-off-by: Christophe Leroy 
---
 drivers/crypto/talitos.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 5cc160078286..49f1561fa694 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1769,7 +1769,7 @@ static int common_nonsnoop_hash(struct talitos_edesc 
*edesc,
 
sg_count = edesc->src_nents ?: 1;
if (is_sec1 && sg_count > 1)
-   sg_copy_to_buffer(areq->src, sg_count, edesc->buf, length);
+   sg_copy_to_buffer(req_ctx->psrc, sg_count, edesc->buf, length);
else
sg_count = dma_map_sg(dev, req_ctx->psrc, sg_count,
  DMA_TO_DEVICE);
-- 
2.13.3

[PATCH 0/6] crypto: talitos - various fixes

[Christophe Leroy]

This serie provide various fixes on the talitos driver.

Christophe Leroy (6):
  crypto: talitos - Don't provide setkey for non hmac hashing algs.
  crypto: talitos - fix hashing
  crypto: talitos - fix sha224
  crypto: talitos - fix AEAD test failures
  crypto: talitos - use kzalloc instead of kmalloc
  crypto: talitos - fix memory corruption on SEC2

 drivers/crypto/talitos.c | 81 +---
 drivers/crypto/talitos.h |  2 --
 2 files changed, 36 insertions(+), 47 deletions(-)

-- 
2.13.3

[PATCH 1/6] crypto: talitos - Don't provide setkey for non hmac hashing algs.

[Christophe Leroy]

Today, md5sum fails with error -ENOKEY because a setkey
function is set for non hmac hashing algs, see strace output below:

mmap(NULL, 378880, PROT_READ, MAP_SHARED, 6, 0) = 0x77f5
accept(3, 0, NULL)  = 7
vmsplice(5, 
[{"bin/\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 378880}], 
1, SPLICE_F_MORE|SPLICE_F_GIFT) = 262144
splice(4, NULL, 7, NULL, 262144, SPLICE_F_MORE) = -1 ENOKEY (Required key not 
available)
write(2, "Generation of hash for file kcap"..., 50) = 50
munmap(0x77f5, 378880)  = 0

This patch ensures that setkey() function is set only
for hmac hashing.

Signed-off-by: Christophe Leroy 
---
 drivers/crypto/talitos.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 79791c690858..5cc160078286 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -3057,7 +3057,8 @@ static struct talitos_crypto_alg 
*talitos_alg_alloc(struct device *dev,
t_alg->algt.alg.hash.final = ahash_final;
t_alg->algt.alg.hash.finup = ahash_finup;
t_alg->algt.alg.hash.digest = ahash_digest;
-   t_alg->algt.alg.hash.setkey = ahash_setkey;
+   if (!strncmp(alg->cra_name, "hmac", 4))
+   t_alg->algt.alg.hash.setkey = ahash_setkey;
t_alg->algt.alg.hash.import = ahash_import;
t_alg->algt.alg.hash.export = ahash_export;
 
-- 
2.13.3

[PATCH 3/6] crypto: talitos - fix sha224

[Christophe Leroy]

Kernel crypto tests report the following error at startup

[2.752626] alg: hash: Test 4 failed for sha224-talitos
[2.757907] : 30 e2 86 e2 e7 8a dd 0d d7 eb 9f d5 83 fe f1 b0
0010: 2d 5a 6c a5 f9 55 ea fd 0e 72 05 22

This patch fixes it

Signed-off-by: Christophe Leroy 
---
 drivers/crypto/talitos.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 49f1561fa694..dff88838dce7 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1756,9 +1756,9 @@ static int common_nonsnoop_hash(struct talitos_edesc 
*edesc,
req_ctx->swinit = 0;
} else {
desc->ptr[1] = zero_entry;
-   /* Indicate next op is not the first. */
-   req_ctx->first = 0;
}
+   /* Indicate next op is not the first. */
+   req_ctx->first = 0;
 
/* HMAC key */
if (ctx->keylen)
-- 
2.13.3

[PATCH 5/6] crypto: talitos - use kzalloc instead of kmalloc

[Christophe Leroy]

Use kzalloc() to zeroize the extended descriptor at allocation and
further zeorising

Signed-off-by: Christophe Leroy 
---
 drivers/crypto/talitos.c | 23 +--
 drivers/crypto/talitos.h |  2 --
 2 files changed, 1 insertion(+), 24 deletions(-)

diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index cd8a37e60259..a5b608b54c74 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -75,7 +75,6 @@ static void to_talitos_ptr_len(struct talitos_ptr *ptr, 
unsigned int len,
   bool is_sec1)
 {
if (is_sec1) {
-   ptr->res = 0;
ptr->len1 = cpu_to_be16(len);
} else {
ptr->len = cpu_to_be16(len);
@@ -118,7 +117,6 @@ static void map_single_talitos_ptr(struct device *dev,
 
to_talitos_ptr_len(ptr, len, is_sec1);
to_talitos_ptr(ptr, dma_addr, is_sec1);
-   to_talitos_ptr_ext_set(ptr, 0, is_sec1);
 }
 
 /*
@@ -287,7 +285,6 @@ int talitos_submit(struct device *dev, int ch, struct 
talitos_desc *desc,
/* map descriptor and save caller data */
if (is_sec1) {
desc->hdr1 = desc->hdr;
-   desc->next_desc = 0;
request->dma_desc = dma_map_single(dev, >hdr1,
   TALITOS_DESC_SIZE,
   DMA_BIDIRECTIONAL);
@@ -1099,7 +1096,6 @@ static int sg_to_link_tbl_offset(struct scatterlist *sg, 
int sg_count,
to_talitos_ptr(link_tbl_ptr + count,
   sg_dma_address(sg) + offset, 0);
to_talitos_ptr_len(link_tbl_ptr + count, len, 0);
-   to_talitos_ptr_ext_set(link_tbl_ptr + count, 0, 0);
count++;
cryptlen -= len;
offset = 0;
@@ -1125,7 +1121,6 @@ int talitos_sg_map(struct device *dev, struct scatterlist 
*src,
bool is_sec1 = has_ftr_sec1(priv);
 
to_talitos_ptr_len(ptr, len, is_sec1);
-   to_talitos_ptr_ext_set(ptr, 0, is_sec1);
 
if (sg_count == 1) {
to_talitos_ptr(ptr, sg_dma_address(src) + offset, is_sec1);
@@ -1197,11 +1192,9 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct 
aead_request *areq,
if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP) {
to_talitos_ptr(>ptr[2], edesc->iv_dma, is_sec1);
to_talitos_ptr_len(>ptr[2], ivsize, is_sec1);
-   to_talitos_ptr_ext_set(>ptr[2], 0, is_sec1);
} else {
to_talitos_ptr(>ptr[3], edesc->iv_dma, is_sec1);
to_talitos_ptr_len(>ptr[3], ivsize, is_sec1);
-   to_talitos_ptr_ext_set(>ptr[3], 0, is_sec1);
}
 
/* cipher key */
@@ -1221,7 +1214,6 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct 
aead_request *areq,
 * typically 12 for ipsec
 */
to_talitos_ptr_len(>ptr[4], cryptlen, is_sec1);
-   to_talitos_ptr_ext_set(>ptr[4], 0, is_sec1);
 
sg_link_tbl_len = cryptlen;
 
@@ -1275,8 +1267,6 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct 
aead_request *areq,
to_talitos_ptr(tbl_ptr, edesc->dma_link_tbl + offset,
   is_sec1);
}
-   } else {
-   edesc->icv_ool = false;
}
 
/* ICV data */
@@ -1386,7 +1376,7 @@ static struct talitos_edesc *talitos_edesc_alloc(struct 
device *dev,
alloc_len += icv_stashing ? authsize : 0;
}
 
-   edesc = kmalloc(alloc_len, GFP_DMA | flags);
+   edesc = kzalloc(alloc_len, GFP_DMA | flags);
if (!edesc) {
dev_err(dev, "could not allocate edescriptor\n");
err = ERR_PTR(-ENOMEM);
@@ -1467,7 +1457,6 @@ static int aead_decrypt(struct aead_request *req)
  DESC_HDR_MODE1_MDEU_CICV;
 
/* reset integrity check result bits */
-   edesc->desc.hdr_lo = 0;
 
return ipsec_esp(edesc, req, ipsec_esp_decrypt_hwauth_done);
}
@@ -1554,12 +1543,10 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
bool is_sec1 = has_ftr_sec1(priv);
 
/* first DWORD empty */
-   desc->ptr[0] = zero_entry;
 
/* cipher iv */
to_talitos_ptr(>ptr[1], edesc->iv_dma, is_sec1);
to_talitos_ptr_len(>ptr[1], ivsize, is_sec1);
-   to_talitos_ptr_ext_set(>ptr[1], 0, is_sec1);
 
/* cipher key */
map_single_talitos_ptr(dev, >ptr[2], ctx->keylen,
@@ -1598,7 +1585,6 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
   DMA_FROM_DEVICE);
 
/* last DWORD empty */
-   desc->ptr[6] = zero_entry;
 
if (sync_needed)
dma_sync_single_for_device(dev, edesc->dma_link_tbl,
@@ -1744,7 +1730,6 @@ static int common_nonsnoop_hash(struct talitos_edesc 
*edesc,
int sg_count;
 
  

Re: [PATCH] crypto: AF_ALG - remove SGL end indicator when chaining

[Stephan Mueller]

Am Mittwoch, 20. September 2017, 19:31:33 CEST schrieb Greg KH:

Hi Herbert,

> On Wed, Sep 20, 2017 at 03:47:46PM +0200, Stephan Mueller wrote:
> > Am Mittwoch, 20. September 2017, 10:32:09 CEST schrieb Herbert Xu:
> > 
> > Hi Herbert,
> > 
> > > Hmm, this patch does not apply against the current tree.  Is this
> > > a stable-only patch?
> > 
> > This would be a stable-only patch. With the overhauling of the AF_ALG
> > memory handling, this is a no-issue any more.
> 
> If you want this as a stable-only patch, you need to resend it and
> justify it a bunch as to why it isn't in Linus's tree as well.

Would you push it or shall I send it?

Thanks

Ciao
Stephan

[PATCH] staging:ccree Fix avoid externs in .c files

[Janani Sankara Babu]

This patch solves the warning shown by the checkpatch script
WARNING: externs should be avoided in .c files

Signed-off-by: Janani Sankara Babu 
---
 drivers/staging/ccree/ssi_fips_local.c | 14 --
 drivers/staging/ccree/ssi_fips_local.h | 13 +
 2 files changed, 13 insertions(+), 14 deletions(-)

diff --git a/drivers/staging/ccree/ssi_fips_local.c 
b/drivers/staging/ccree/ssi_fips_local.c
index aefb71d..f019041 100644
--- a/drivers/staging/ccree/ssi_fips_local.c
+++ b/drivers/staging/ccree/ssi_fips_local.c
@@ -48,20 +48,6 @@ struct ssi_fips_handle {
 #endif
 };
 
-extern int ssi_fips_get_state(enum cc_fips_state_t *p_state);
-extern int ssi_fips_get_error(enum cc_fips_error *p_err);
-extern int ssi_fips_ext_set_state(enum cc_fips_state_t state);
-extern int ssi_fips_ext_set_error(enum cc_fips_error err);
-
-/* FIPS power-up tests */
-extern enum cc_fips_error ssi_cipher_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
-extern enum cc_fips_error ssi_cmac_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
-extern enum cc_fips_error ssi_hash_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
-extern enum cc_fips_error ssi_hmac_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
-extern enum cc_fips_error ssi_ccm_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
-extern enum cc_fips_error ssi_gcm_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
-extern size_t ssi_fips_max_mem_alloc_size(void);
-
 /* The function called once at driver entry point to check whether TEE FIPS 
error occured.*/
 static enum ssi_fips_error ssi_fips_get_tee_error(struct ssi_drvdata *drvdata)
 {
diff --git a/drivers/staging/ccree/ssi_fips_local.h 
b/drivers/staging/ccree/ssi_fips_local.h
index 8c7994f..b906190 100644
--- a/drivers/staging/ccree/ssi_fips_local.h
+++ b/drivers/staging/ccree/ssi_fips_local.h
@@ -65,3 +65,16 @@ static inline void ssi_fips_fini(struct ssi_drvdata 
*drvdata) {}
 
 #endif  /*__SSI_FIPS_LOCAL_H__*/
 
+extern int ssi_fips_get_state(enum cc_fips_state_t *p_state);
+extern int ssi_fips_get_error(enum cc_fips_error *p_err);
+extern int ssi_fips_ext_set_state(enum cc_fips_state_t state);
+extern int ssi_fips_ext_set_error(enum cc_fips_error err);
+
+/* FIPS power-up tests */
+extern enum cc_fips_error ssi_cipher_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
+extern enum cc_fips_error ssi_cmac_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
+extern enum cc_fips_error ssi_hash_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
+extern enum cc_fips_error ssi_hmac_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
+extern enum cc_fips_error ssi_ccm_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
+extern enum cc_fips_error ssi_gcm_fips_power_up_tests(struct ssi_drvdata 
*drvdata, void *cpu_addr_buffer, dma_addr_t dma_coherent_buffer);
+extern size_t ssi_fips_max_mem_alloc_size(void);
-- 
1.9.1

[PATCH 6/6] crypto: talitos - fix memory corruption on SEC2

[Christophe Leroy]

On SEC2, when using the old descriptors type (hmac snoop no afeu)
for doing IPsec, the CICV out pointeur points out of the allocated
memory.

[2.502554] 
=
[2.510740] BUG dma-kmalloc-256 (Not tainted): Redzone overwritten
[2.516907] 
-
[2.516907]
[2.526535] Disabling lock debugging due to kernel taint
[2.531845] INFO: 0xde858108-0xde85810b. First byte 0xf8 instead of 0xcc
[2.538549] INFO: Allocated in 0x806181a9 age=0 cpu=0 pid=58
[2.544229]  __kmalloc+0x374/0x564
[2.547649]  talitos_edesc_alloc+0x17c/0x48c
[2.551929]  aead_edesc_alloc+0x80/0x154
[2.555863]  aead_encrypt+0x30/0xe0
[2.559368]  __test_aead+0x5a0/0x1f3c
[2.563042]  test_aead+0x2c/0x110
[2.566371]  alg_test_aead+0x5c/0xf4
[2.569958]  alg_test+0x1dc/0x5a0
[2.573305]  cryptomgr_test+0x50/0x70
[2.576984]  kthread+0xd8/0x134
[2.580155]  ret_from_kernel_thread+0x5c/0x64
[2.584534] INFO: Freed in ipsec_esp_encrypt_done+0x130/0x240 age=6 cpu=0 
pid=0
[2.591839]  ipsec_esp_encrypt_done+0x130/0x240
[2.596395]  flush_channel+0x1dc/0x488
[2.600161]  talitos2_done_4ch+0x30/0x200
[2.604185]  tasklet_action+0xa0/0x13c
[2.607948]  __do_softirq+0x148/0x6cc
[2.611623]  irq_exit+0xc0/0x124
[2.614869]  call_do_irq+0x24/0x3c
[2.618292]  do_IRQ+0x78/0x108
[2.621369]  ret_from_except+0x0/0x14
[2.625055]  finish_task_switch+0x58/0x350
[2.629165]  schedule+0x80/0x134
[2.632409]  schedule_preempt_disabled+0x38/0xc8
[2.637042]  cpu_startup_entry+0xe4/0x190
[2.641074]  start_kernel+0x3f4/0x408
[2.644741]  0x3438
[2.646857] INFO: Slab 0xdffbdb00 objects=9 used=1 fp=0xde8581c0 flags=0x0080
[2.653978] INFO: Object 0xde858008 @offset=8 fp=0xca4395df
[2.653978]
[2.661032] Redzone de858000: cc cc cc cc cc cc cc cc
  
[2.669029] Object de858008: 00 00 00 02 00 00 00 02 00 6b 6b 6b 1e 83 ea 28 
 .kkk...(
[2.677628] Object de858018: 00 00 00 70 1e 85 80 64 ff 73 1d 21 6b 6b 6b 6b 
 ...p...d.s.!
[2.686228] Object de858028: 00 20 00 00 1e 84 17 24 00 10 00 00 1e 85 70 00 
 . .$..p.
[2.694829] Object de858038: 00 18 00 00 1e 84 17 44 00 08 00 00 1e 83 ea 28 
 ...D...(
[2.703430] Object de858048: 00 80 00 00 1e 84 f0 00 00 80 00 00 1e 85 70 10 
 ..p.
[2.712030] Object de858058: 00 20 6b 00 1e 85 80 f4 6b 6b 6b 6b 00 80 02 00 
 . k.
[2.720629] Object de858068: 1e 84 f0 00 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 
 
[2.729230] Object de858078: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 
 
[2.737830] Object de858088: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 
 
[2.746429] Object de858098: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 
 
[2.755029] Object de8580a8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 
 
[2.763628] Object de8580b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 
 
[2.772229] Object de8580c8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 
 
[2.780829] Object de8580d8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 
 
[2.789430] Object de8580e8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 73 b0 ea 9f 
 s...
[2.798030] Object de8580f8: e8 18 80 d6 56 38 44 c0 db e3 4f 71 f7 ce d1 d3 
 V8D...Oq
[2.806629] Redzone de858108: f8 bd 3e 4f
  ..>O
[2.814279] Padding de8581b0: 5a 5a 5a 5a 5a 5a 5a 5a
  
[2.822283] CPU: 0 PID: 0 Comm: swapper Tainted: GB   
4.9.50-g995be12679 #179
[2.831819] Call Trace:
[2.834301] [dffefd20] [c01aa9a8] check_bytes_and_report+0x100/0x194 
(unreliable)
[2.841801] [dffefd50] [c01aac3c] check_object+0x200/0x530
[2.847306] [dffefd80] [c01ae584] free_debug_processing+0x290/0x690
[2.853585] [dffefde0] [c01aec8c] __slab_free+0x308/0x628
[2.859000] [dffefe80] [c05057f4] ipsec_esp_encrypt_done+0x130/0x240
[2.865378] [dffefeb0] [c05002c4] flush_channel+0x1dc/0x488
[2.870968] [dffeff10] [c05007a8] talitos2_done_4ch+0x30/0x200
[2.876814] [dffeff30] [c002fe38] tasklet_action+0xa0/0x13c
[2.882399] [dffeff60] [c002f118] __do_softirq+0x148/0x6cc
[2.887896] [dffeffd0] [c002f954] irq_exit+0xc0/0x124
[2.892968] [dffefff0] [c0013adc] call_do_irq+0x24/0x3c
[2.898213] [c0d4be00] [c000757c] do_IRQ+0x78/0x108
[2.903113] [c0d4be30] [c0015c08] ret_from_except+0x0/0x14
[2.908634] --- interrupt: 501 at finish_task_switch+0x70/0x350
[2.908634] LR = finish_task_switch+0x58/0x350
[2.919327] [c0d4bf20] [c085e1d4] schedule+0x80/0x134
[2.924398] [c0d4bf50] [c085e2c0] schedule_preempt_disabled+0x38/0xc8
[

[PATCH] staging: ccree: else is not generally useful after a break or return

[sunil . m]

From: Suniel Mahesh <suni...@techveda.org>

Fixes checkpatch warnings:

WARNING: else is not generally useful after a break or return

Signed-off-by: Suniel Mahesh <suni...@techveda.org>
---
Note:
- Patch was tested and built(ARCH=arm) on next-20170921.
  No build issues reported.
---
 drivers/staging/ccree/ssi_request_mgr.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/drivers/staging/ccree/ssi_request_mgr.c 
b/drivers/staging/ccree/ssi_request_mgr.c
index daa5432..25eecbb 100644
--- a/drivers/staging/ccree/ssi_request_mgr.c
+++ b/drivers/staging/ccree/ssi_request_mgr.c
@@ -387,10 +387,9 @@ int send_request(
 */
wait_for_completion(_req->seq_compl);
return 0;
-   } else {
-   /* Operation still in process */
-   return -EINPROGRESS;
}
+   /* Operation still in process */
+   return -EINPROGRESS;
 }
 
 /*!
-- 
1.9.1

Re: [PATCH] crypto: talitos - fix hashing

[Herbert Xu]

On Wed, Sep 13, 2017 at 12:44:57PM +0200, Christophe Leroy wrote:
> md5sum on some files gives wrong result
> 
> Exemple:
> 
> With the md5sum from libkcapi:
> c15115c05bad51113f81bdaee735dd09  test
> 
> With the original md5sum:
> bbdf41d80ba7e8b2b7be3a0772be76cb  test
> 
> This patch fixes this issue
> 
> Signed-off-by: Christophe Leroy 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH v2 00/12] x86/crypto: Fix RBP usage in several crypto .S files

[Herbert Xu]

On Mon, Sep 18, 2017 at 02:41:59PM -0500, Josh Poimboeuf wrote:
> v2:
> - fix performance issues in sha256-avx2-asm.S and sha512-avx2-asm.S
>   (Eric)
> 
> Many of the x86 crypto functions use RBP as a temporary register.  This
> breaks frame pointer convention, and breaks stack traces when unwinding
> from an interrupt in the crypto code.
> 
> Convert most* of them to leave RBP alone.
> 
> These pass the crypto boot tests for me.  Any further testing would be
> appreciated!
> 
> [*] There are still a few crypto files left that need fixing, but the
> fixes weren't trivial and nobody reported unwinder warnings about
> them yet, so I'm skipping them for now.
> 
> Josh Poimboeuf (12):

All applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: talitos - fix sha224

[Herbert Xu]

On Wed, Sep 13, 2017 at 12:44:51PM +0200, Christophe Leroy wrote:
> Kernel crypto tests report the following error at startup
> 
> [2.752626] alg: hash: Test 4 failed for sha224-talitos
> [2.757907] : 30 e2 86 e2 e7 8a dd 0d d7 eb 9f d5 83 fe f1 b0
> 0010: 2d 5a 6c a5 f9 55 ea fd 0e 72 05 22
> 
> This patch fixes it
> 
> Signed-off-by: Christophe Leroy 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: caam - fix LS1021A support on ARMv7 multiplatform kernel

[Herbert Xu]

On Fri, Sep 01, 2017 at 05:12:59PM +0300, Horia Geantă wrote:
> When built using multi_v7_defconfig, driver does not work on LS1021A:
> [...]
> caam 170.crypto: can't identify CAAM ipg clk: -2
> caam: probe of 170.crypto failed with error -2
> [...]
> 
> It turns out we have to detect at runtime whether driver is running
> on an i.MX platform or not.
> 
> Cc: 
> Fixes: 6c3af9559352 ("crypto: caam - add support for LS1021A")
> Signed-off-by: Horia Geantă 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH - RESEND] crypto: AF_ALG - remove SGL terminator indicator when chaining

[Herbert Xu]

On Thu, Sep 21, 2017 at 10:16:53AM +0200, Stephan Mueller wrote:
> The SGL is MAX_SGL_ENTS + 1 in size. The last SG entry is used for the
> chaining and is properly updated with the sg_chain invocation. During
> the filling-in of the initial SG entries, sg_mark_end is called for each
> SG entry. This is appropriate as long as no additional SGL is chained
> with the current SGL. However, when a new SGL is chained and the last
> SG entry is updated with sg_chain, the last but one entry still contains
> the end marker from the sg_mark_end. This end marker must be removed as
> otherwise a walk of the chained SGLs will cause a NULL pointer
> dereference at the last but one SG entry, because sg_next will return
> NULL.
> 
> The patch only applies to all kernels up to and including 4.13. The
> patch 2d97591ef43d0587be22ad1b0d758d6df4999a0b added to 4.14-rc1
> introduced a complete new code base which addresses this bug in
> a different way. Yet, that patch is too invasive for stable kernels
> and was therefore not marked for stable.
> 
> Fixes: 8ff590903d5fc ("crypto: algif_skcipher - User-space interface
> for skcipher operations")
> CC: 
> CC: Herbert Xu 
> Signed-off-by: Stephan Mueller 

Acked-by: Herbert Xu 

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: AF_ALG - remove SGL end indicator when chaining

[Herbert Xu]

On Thu, Sep 21, 2017 at 08:43:28AM +0200, Stephan Mueller wrote:
> Am Mittwoch, 20. September 2017, 19:31:33 CEST schrieb Greg KH:
> 
> Hi Herbert,
> 
> > On Wed, Sep 20, 2017 at 03:47:46PM +0200, Stephan Mueller wrote:
> > > Am Mittwoch, 20. September 2017, 10:32:09 CEST schrieb Herbert Xu:
> > > 
> > > Hi Herbert,
> > > 
> > > > Hmm, this patch does not apply against the current tree.  Is this
> > > > a stable-only patch?
> > > 
> > > This would be a stable-only patch. With the overhauling of the AF_ALG
> > > memory handling, this is a no-issue any more.
> > 
> > If you want this as a stable-only patch, you need to resend it and
> > justify it a bunch as to why it isn't in Linus's tree as well.
> 
> Would you push it or shall I send it?

Please resend it with details as to why this isn't needed on the
mainline kernel, i.e., due to the new code-base which has addressed
the bug in a different way but is too invasive for stable.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: DRBG - fix freeing of resources

[Herbert Xu]

On Thu, Sep 14, 2017 at 05:10:28PM +0200, Stephan Müller wrote:
> During the change to use aligned buffers, the deallocation code path was
> not updated correctly. The current code tries to free the aligned buffer
> pointer and not the original buffer pointer as it is supposed to.
> 
> Thus, the code is updated to free the original buffer pointer and set
> the aligned buffer pointer that is used throughout the code to NULL.
> 
> Fixes: 3cfc3b9721123 ("crypto: drbg - use aligned buffers")
> CC: 
> CC: Herbert Xu 
> Signed-off-by: Stephan Mueller 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: talitos - Don't provide setkey for non hmac hashing algs.

[Herbert Xu]

On Tue, Sep 12, 2017 at 11:03:39AM +0200, Christophe Leroy wrote:
> Today, md5sum fails with error -ENOKEY because a setkey
> function is set for non hmac hashing algs, see strace output below:
> 
> mmap(NULL, 378880, PROT_READ, MAP_SHARED, 6, 0) = 0x77f5
> accept(3, 0, NULL)  = 7
> vmsplice(5, 
> [{"bin/\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 
> 378880}], 1, SPLICE_F_MORE|SPLICE_F_GIFT) = 262144
> splice(4, NULL, 7, NULL, 262144, SPLICE_F_MORE) = -1 ENOKEY (Required key not 
> available)
> write(2, "Generation of hash for file kcap"..., 50) = 50
> munmap(0x77f5, 378880)  = 0
> 
> This patch ensures that setkey() function is set only
> for hmac hashing.
> 
> Signed-off-by: Christophe Leroy 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

[PATCH - RESEND] crypto: AF_ALG - remove SGL terminator indicator when chaining

[Stephan Mueller]

The SGL is MAX_SGL_ENTS + 1 in size. The last SG entry is used for the
chaining and is properly updated with the sg_chain invocation. During
the filling-in of the initial SG entries, sg_mark_end is called for each
SG entry. This is appropriate as long as no additional SGL is chained
with the current SGL. However, when a new SGL is chained and the last
SG entry is updated with sg_chain, the last but one entry still contains
the end marker from the sg_mark_end. This end marker must be removed as
otherwise a walk of the chained SGLs will cause a NULL pointer
dereference at the last but one SG entry, because sg_next will return
NULL.

The patch only applies to all kernels up to and including 4.13. The
patch 2d97591ef43d0587be22ad1b0d758d6df4999a0b added to 4.14-rc1
introduced a complete new code base which addresses this bug in
a different way. Yet, that patch is too invasive for stable kernels
and was therefore not marked for stable.

Fixes: 8ff590903d5fc ("crypto: algif_skcipher - User-space interface
for skcipher operations")
CC: 
CC: Herbert Xu 
Signed-off-by: Stephan Mueller 
---
 crypto/algif_skcipher.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
index 43839b00fe6c..62449a8f14ce 100644
--- a/crypto/algif_skcipher.c
+++ b/crypto/algif_skcipher.c
@@ -139,8 +139,10 @@ static int skcipher_alloc_sgl(struct sock *sk)
sg_init_table(sgl->sg, MAX_SGL_ENTS + 1);
sgl->cur = 0;
 
-   if (sg)
+   if (sg) {
sg_chain(sg, MAX_SGL_ENTS + 1, sgl->sg);
+   sg_unmark_end(sg + (MAX_SGL_ENTS - 1));
+   }
 
list_add_tail(>list, >tsgl);
}
-- 
2.13.5