Re: [PATCH 11/12] hwrng: bcm2835-rng: Enable BCM2835 RNG to work on BCM63xx platforms

> Florian Fainelli hat am 6. November 2017 um 21:16 > geschrieben: > > > On 11/04/2017 11:27 AM, Stefan Wahren wrote: > > Hi Florian > > > >> Florian Fainelli hat am 2. November 2017 um 02:04 > >> geschrieben: > >> > >> > >> We have now

Re: [PATCH] crypto: AF_ALG - remove locking in async callback

On Tue, Nov 07, 2017 at 07:19:32AM +0100, Stephan Müller wrote: > > Where I am not fully sure is whether af_alg_async_cb is called in any case. > I.e. when we invoke an AIO operation with a cipher that completes > synchronously (e.g. AES-NI), is this callback triggered? It's the same with any

[PATCH] lib/mpi: call cond_resched() from mpi_powm() loop

From: Eric Biggers On a non-preemptible kernel, if KEYCTL_DH_COMPUTE is called with the largest permitted inputs (16384 bits), the kernel spends 10+ seconds doing modular exponentiation in mpi_powm() without rescheduling. If all threads do it, it locks up the system.

Re: [PATCH] crypto: AF_ALG - remove locking in async callback

On Mon, Nov 06, 2017 at 05:06:09PM +0100, Stephan Mueller wrote: > Am Freitag, 3. November 2017, 14:20:16 CET schrieb Herbert Xu: > > > Are you sure about that? In particular is the callback function still > > sane without the socket lock if a concurrent recvmsg/sendmsg call is > > made? > > I

Re: [PATCH v2] tpm: Move Linux RNG connection to hwrng

Hi Jason, On 6 November 2017 at 07:57, Jason Gunthorpe wrote: > On Sun, Nov 05, 2017 at 01:05:06PM +0200, Jarkko Sakkinen wrote: > >> I asked to create a series for a reason. Now this doesn't apply because I >> don't have an ancestor in my git history. > > It would be unusual for

Re: virtio:rng: Virtio RNG devices need to be re-registered after suspend/resume

Hi Herbert, On 6 November 2017 at 12:39, Herbert Xu wrote: > On Fri, Nov 03, 2017 at 09:57:21AM +, Jim Quigley wrote: >> moved the call to hwrng_register() out of the probe routine into the scan >> routine. We need to call hwrng_register() after a suspend/restore

[PATCH v2 1/1] crypto: stm32/hash - Fix return issue on update

From: Lionel Debieve When data append reached the threshold for processing, we must inform that processing is on going to wait before managing the next request. Signed-off-by: Lionel Debieve --- drivers/crypto/stm32/stm32-hash.c | 8 +--- 1

Re: general protection fault in asn1_ber_decoder

On Mon, Nov 06, 2017 at 10:05:45PM +, David Howells wrote: > diff --git a/lib/asn1_decoder.c b/lib/asn1_decoder.c > index fef5d2e114be..048de2c20ae9 100644 > --- a/lib/asn1_decoder.c > +++ b/lib/asn1_decoder.c > @@ -201,6 +201,13 @@ int asn1_ber_decoder(const struct asn1_decoder *decoder, >

Re: general protection fault in asn1_ber_decoder

syzbot wrote: > syzkaller hit the following crash on 5a3517e009e979f21977d362212b7729c5165d92 > git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/master > compiler: gcc (GCC) 7.1.1 20170620 > .config is

Re: [PATCH 10/12] dt-bindings: rng: Incorporate brcm,bcm6368.txt binding

On Wed, Nov 01, 2017 at 06:04:06PM -0700, Florian Fainelli wrote: > Since the same block is used on BCM2835 and BCM6368, merge the bindings > and remove the brcm,bcm6368.txt binding document. > > Signed-off-by: Florian Fainelli > --- >

Re: [PATCH 1/2] dt-bindings: rng: Document BCM7278 RNG200 compatible

On Wed, Nov 01, 2017 at 04:20:05PM -0700, Florian Fainelli wrote: > BCM7278 includes a RGN200 hardware random number generator, document the > compatible string for that version of the IP. > > Signed-off-by: Florian Fainelli > --- >

Re: [PATCH 3/3] staging: ccree: simplify ioread/iowrite

On Mon, Nov 06, 2017 at 04:46:54PM +0100, Greg Kroah-Hartman wrote: > On Mon, Nov 06, 2017 at 10:59:47AM +0200, Gilad Ben-Yossef wrote: > > On Mon, Nov 6, 2017 at 10:37 AM, Tobin C. Harding wrote: > > > On Mon, Nov 06, 2017 at 06:55:52AM +, Gilad Ben-Yossef wrote: > > >>

Re: [PATCH 11/12] hwrng: bcm2835-rng: Enable BCM2835 RNG to work on BCM63xx platforms

On 11/04/2017 11:27 AM, Stefan Wahren wrote: > Hi Florian > >> Florian Fainelli hat am 2. November 2017 um 02:04 >> geschrieben: >> >> >> We have now incorporated all necessary functionality for the BCM63xx >> platforms to successfully migrate over bcm2835-rng, so add the

Re: [PATCH] iommu/vt-d: Fix scatterlist offset handling

On Fri, 6 Oct 2017 16:43:09 +0200 Joerg Roedel wrote: > On Tue, Oct 03, 2017 at 07:05:17PM +0100, Robin Murphy wrote: > > Now, there are indeed plenty of drivers and subsystems which do > > work on lists of explicitly single pages - anything doing some > > variant of "addr =

Re: general protection fault in asn1_ber_decoder

On Mon, Nov 06, 2017 at 10:36:00AM -0800, syzbot wrote: > kasan: GPF could be caused by NULL-ptr deref or user memory access > general protection fault: [#1] SMP KASAN > Dumping ftrace buffer: >(ftrace buffer empty) > Modules linked in: > CPU: 3 PID: 2984 Comm: syzkaller229187 Not tainted

[Part2 PATCH v8 10/38] crypto: ccp: Define SEV userspace ioctl and command id

Add a include file which defines the ioctl and command id used for issuing SEV platform management specific commands. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc: Gary Hook

[Part2 PATCH v8 09/38] crypto: ccp: Build the AMD secure processor driver only with AMD CPU support

From: Borislav Petkov This is AMD-specific hardware so present it in Kconfig only when AMD CPU support is enabled or on ARM64 where it is also used. Signed-off-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Gary R Hook

[Part2 PATCH v8 14/38] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command

The SEV_FACTORY_RESET command can be used by the platform owner to reset the non-volatile SEV related data. The command is defined in SEV spec section 5.4 Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu

[Part2 PATCH v8 11/38] crypto: ccp: Define SEV key management command id

Define Secure Encrypted Virtualization (SEV) key management command id and structure. The command definition is available in SEV KM spec 0.14 (http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf) Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc:

[Part2 PATCH v8 13/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

AMD's new Secure Encrypted Virtualization (SEV) feature allows the memory contents of virtual machines to be transparently encrypted with a key unique to the VM. The programming and management of the encryption keys are handled by the AMD Secure Processor (AMD-SP) which exposes the commands for

[Part2 PATCH v8 15/38] crypto: ccp: Implement SEV_PLATFORM_STATUS ioctl command

The SEV_PLATFORM_STATUS command can be used by the platform owner to get the current status of the platform. The command is defined in SEV spec section 5.5. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu

[Part2 PATCH v8 12/38] crypto: ccp: Add Platform Security Processor (PSP) device support

The Platform Security Processor (PSP) is part of the AMD Secure Processor (AMD-SP) functionality. The PSP is a dedicated processor that provides support for key management commands in Secure Encrypted Virtualization (SEV) mode, along with software-based Trusted Execution Environment (TEE) to

[Part2 PATCH v8 19/38] crypto: ccp: Implement SEV_PEK_CERT_IMPORT ioctl command

The SEV_PEK_CERT_IMPORT command can be used to import the signed PEK certificate. The command is defined in SEV spec section 5.8. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc:

[Part2 PATCH v8 20/38] crypto: ccp: Implement SEV_PDH_CERT_EXPORT ioctl command

The SEV_PDH_CERT_EXPORT command can be used to export the PDH and its certificate chain. The command is defined in SEV spec section 5.10. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu

[Part2 PATCH v8 16/38] crypto: ccp: Implement SEV_PEK_GEN ioctl command

The SEV_PEK_GEN command is used to generate a new Platform Endorsement Key (PEK). The command is defined in SEV spec section 5.6. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc:

[Part2 PATCH v8 17/38] crypto: ccp: Implement SEV_PDH_GEN ioctl command

The SEV_PDH_GEN command is used to re-generate the Platform Diffie-Hellman (PDH) key. The command is defined in SEV spec section 5.6. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc:

[Part2 PATCH v8 18/38] crypto: ccp: Implement SEV_PEK_CSR ioctl command

The SEV_PEK_CSR command can be used to generate a PEK certificate signing request. The command is defined in SEV spec section 5.7. Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Borislav Petkov Cc: Herbert Xu Cc:

[Part2 PATCH v8 00/38] x86: Secure Encrypted Virtualization (AMD)

This part of Secure Encrypted Virtualization (SEV) patch series focuses on KVM changes required to create and manage SEV guests. SEV is an extension to the AMD-V architecture which supports running encrypted virtual machine (VMs) under the control of a hypervisor. Encrypted VMs have their pages

Re: [Part2 PATCH v7 20/38] crypto: ccp: Implement SEV_PDH_CERT_EXPORT ioctl command

On 11/05/2017 05:34 AM, Borislav Petkov wrote: ... Fixes ontop: * !input.cert_chain_address test was repeated. I saw that by aligning them vertically, i.e., after making it more readable, the repetition became obvious. * Do the lengths checks first and the access_ok after, in each PDH and

Re: [PATCH] crypto: AF_ALG - remove locking in async callback

Am Freitag, 3. November 2017, 14:20:16 CET schrieb Herbert Xu: Hi Herbert, > > > > The code paths protected by the socket-lock do not use or modify the > > socket in a non-atomic fashion. The actions pertaining the socket do not > > even need to be handled as an atomic operation. Thus, the

Re: [PATCH 2/2] crypto: atmel-aes - Reset the controller before each use

2017-11-06 16:45 GMT+01:00 Tudor Ambarus : > Hi, Romain, > > On 10/31/2017 05:25 PM, Romain Izard wrote: >> >> When using the rfc4543(gcm(aes))) mode, the registers of the hardware >> engine are not empty after use. If the engine is not reset before its >> next use,

Re: [PATCH 3/3] staging: ccree: simplify ioread/iowrite

On Mon, Nov 06, 2017 at 10:59:47AM +0200, Gilad Ben-Yossef wrote: > On Mon, Nov 6, 2017 at 10:37 AM, Tobin C. Harding wrote: > > On Mon, Nov 06, 2017 at 06:55:52AM +, Gilad Ben-Yossef wrote: > >> Registers ioread/iowrite operations were done via macros, > >> sometime using a

Re: [PATCH v2 5/5] crypto: dh - Remove pointless checks for NULL 'p' and 'g'

On 11/06/2017 04:30 AM, Eric Biggers wrote: From: Eric Biggers Neither 'p' nor 'g' can be NULL, as they were unpacked using crypto_dh_decode_key(). And it makes no sense for them to be optional. So remove the NULL checks that were copy-and-pasted into both modules.

Re: [PATCH v2 3/5] crypto: dh - Don't permit 'key' or 'g' size longer than 'p'

On 11/06/2017 04:30 AM, Eric Biggers wrote: From: Eric Biggers The "qat-dh" DH implementation assumes that 'key' and 'g' can be copied into a buffer with size 'p_size'. However it was never checked that that was actually the case, which most likely allowed users to

Re: [PATCH 3/3] staging: ccree: simplify ioread/iowrite

On Mon, Nov 6, 2017 at 10:37 AM, Tobin C. Harding wrote: > On Mon, Nov 06, 2017 at 06:55:52AM +, Gilad Ben-Yossef wrote: >> Registers ioread/iowrite operations were done via macros, >> sometime using a "magical" implicit parameter. >> >> Replace all register access with simple

Re: [PATCH v2 1/5] crypto: dh - Fix double free of ctx->p

On 11/06/2017 04:30 AM, Eric Biggers wrote: From: Eric Biggers When setting the secret with the software Diffie-Hellman implementation, if allocating 'g' failed (e.g. if it was longer than MAX_EXTERN_MPI_BITS), then 'p' was freed twice: once immediately, and once later

Re: [PATCH 3/3] staging: ccree: simplify ioread/iowrite

On Mon, Nov 06, 2017 at 06:55:52AM +, Gilad Ben-Yossef wrote: > Registers ioread/iowrite operations were done via macros, > sometime using a "magical" implicit parameter. > > Replace all register access with simple inline macros. > > Signed-off-by: Gilad Ben-Yossef Hi,

[PATCH 1/1] crypto: stm32/hash - Fix return issue in update

When update data reached the threshold for data processing, we must inform that processing is on going. Signed-off-by: Lionel Debieve --- drivers/crypto/stm32/stm32-hash.c | 8 +--- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git