good. Thanks.
Acked-by: Dmitry Kasatkin d.kasat...@samsung.com
---
security/integrity/ima/ima_crypto.c | 47
+++--
1 file changed, 19 insertions(+), 28 deletions(-)
diff --git a/security/integrity/ima/ima_crypto.c
b/security/integrity/ima/ima_crypto.c
index
On 17/09/14 12:22, Herbert Xu wrote:
On Mon, Sep 15, 2014 at 12:30:23AM -0700, beh...@converseincode.com wrote:
From: Behan Webster beh...@converseincode.com
Add a macro which replaces the use of a Variable Length Array In Struct
(VLAIS)
with a C99 compliant equivalent. This macro instead
On Thu, Jul 17, 2014 at 10:55 PM, David Howells dhowe...@redhat.com wrote:
Dmitry Kasatkin d.kasat...@samsung.com wrote:
When ASYMMETRIC_KEYS=y, but depends on CRYPTO=m, selections will be also
modules.
In random config case OID_REGISTRY, MPILIB and ASN1 became modules producing
build
When SIGNATURE=y but depends on CRYPTO=m, it selects MPILIB as module
producing build break. This patch makes digsig to select crypto for
correcting dependency.
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
---
lib/Kconfig | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff
.
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
---
crypto/Kconfig | 6 +-
crypto/asymmetric_keys/Kconfig | 2 ++
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/crypto/Kconfig b/crypto/Kconfig
index ce4012a..96835d6 100644
--- a/crypto/Kconfig
+++ b/crypto
to `sprint_oid'
crypto/built-in.o: In function `rsa_extract_mpi':
- Dmitry
Dmitry Kasatkin (2):
asymmetric_keys: make crypto builtin if asymmetric keys selected as
builtin
digsig: make crypto builtin if digsig selected as builtin
crypto/Kconfig | 6 +-
crypto
On 10/07/14 11:02, Marek Vasut wrote:
On Thursday, July 10, 2014 at 01:05:39 AM, Dmitry Kasatkin wrote:
On 10 July 2014 00:00, Marek Vasut ma...@denx.de wrote:
On Tuesday, July 08, 2014 at 10:07:16 AM, Dmitry Kasatkin wrote:
[...]
Right, but my concern is not about unloading the kernel
On 10 July 2014 00:00, Marek Vasut ma...@denx.de wrote:
On Tuesday, July 08, 2014 at 10:07:16 AM, Dmitry Kasatkin wrote:
[...]
Right, but my concern is not about unloading the kernel module, but
about the IMA module parameters left initialized. The existing code
will continue using ahash
On 07/07/14 14:56, Mimi Zohar wrote:
On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
Async hash API allows to use HW acceleration for hash calculation.
It may give significant performance gain or/and reduce power consumption,
which might be very beneficial for battery powered
On 07/07/14 18:44, Mimi Zohar wrote:
On Mon, 2014-07-07 at 16:37 +0300, Dmitry Kasatkin wrote:
On 07/07/14 14:56, Mimi Zohar wrote:
On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
+/**
This is the kernel-doc delimiter.
+ * ima_calc_file_hash - calculae file hash
+ *
Missing
ahash crypto modules. Ahash allocated once on the first use.
- hash calculation falls back to sahsh if ahash allocation/calculation fails
- complex initialization separated from variable declaration
- improved comments
- Dmitry
Dmitry Kasatkin (3):
ima: use ahash API for file hash calculation
.
- hash calculation falls back to shash if ahash allocation/calculation fails
- complex initialization separated from variable declaration
- improved comments
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
---
Documentation/kernel-parameters.txt | 9 ++
security/integrity/ima/ima_crypto.c
Asynchronous hash API allows initiate hash calculation and perform
other tasks while hash is calculated.
This patch introduces usage of double buffering for simultaneous
hashing and reading of the next chunk of data from the storage.
Changes in v3:
- better comments
Signed-off-by: Dmitry
parameter replaced with module parameter
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
---
Documentation/kernel-parameters.txt | 8 +++
security/integrity/ima/ima_crypto.c | 98 -
2 files changed, 104 insertions(+), 2 deletions(-)
diff --git
On 2 July 2014 19:40, Mimi Zohar zo...@linux.vnet.ibm.com wrote:
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
Async hash API allows to use HW acceleration for hash calculation.
It may give significant performance gain or/and reduce power consumption,
which might be very beneficial
On 2 July 2014 20:44, Mimi Zohar zo...@linux.vnet.ibm.com wrote:
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
-/*
- * Calculate the MD5/SHA1 file digest
- */
+static struct crypto_ahash *ima_alloc_atfm(enum hash_algo algo)
+{
+ struct crypto_ahash *tfm = ima_ahash_tfm
On 2 July 2014 21:33, Dave Hansen dave.han...@intel.com wrote:
On 07/01/2014 01:12 PM, Dmitry Kasatkin wrote:
+ ima_ahash= [IMA] Asynchronous hash usage parameters
+ Format: min_file_size
+ Set the minimal file size when use asynchronous hash
On 2 July 2014 23:21, Mimi Zohar zo...@linux.vnet.ibm.com wrote:
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
Use of multiple-page collect buffers reduces:
1) the number of block IO requests
2) the number of asynchronous hash update requests
Second is important for HW
variable declaration
- improved comments
- Dmitry
Dmitry Kasatkin (3):
ima: use ahash API for file hash calculation
ima: introduce multi-page collect buffers
ima: provide double buffering for hash calculation
Documentation/kernel-parameters.txt | 6 +
security/integrity/ima/ima_crypto.c
Asynchronous hash API allows initiate hash calculation and perform
other tasks while hash is calculated.
This patch introduces usage of double buffering for simultaneous
hashing and reading of the next chunk of data from the storage.
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
' specifies that minimal file
size to use ahash is 2048 byes and buffer size is 16384 bytes.
Default buffer size is 4096 bytes.
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
---
Documentation/kernel-parameters.txt | 3 +-
security/integrity/ima/ima_crypto.c | 85
.
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
---
Documentation/kernel-parameters.txt | 5 +
security/integrity/ima/ima_crypto.c | 185 +++-
2 files changed, 186 insertions(+), 4 deletions(-)
diff --git a/Documentation/kernel-parameters.txt
b
On 26/06/14 14:54, Mimi Zohar wrote:
On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
Async hash API allows to use HW acceleration for hash calculation.
It may give significant performance gain or/and reduce power consumption,
which might be very beneficial for battery powered devices
makes HW acceleration more
efficient. It adds kernel parameter to specify buffer size to use.
Third patch introduces double-buffering which allows to readahead next portion
of data for hashing while calculating the hash.
- Dmitry
Dmitry Kasatkin (3):
ima: use ahash API for file hash calculation
Asynchronous hash API allows initiate hash calculation and perform
other tasks while hash is calculated.
This patch introduces usage of double buffering for simultenous
hashing and reading of the next chunk of data from the storage.
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
by this
parameter, shash will be used. Thus, by defult, original shash
implementation is used.
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
---
Documentation/kernel-parameters.txt | 3 +
security/integrity/ima/ima_crypto.c | 182 +++-
2 files changed, 181
.
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
---
Documentation/kernel-parameters.txt | 3 ++
security/integrity/ima/ima_crypto.c | 81 +++--
2 files changed, 81 insertions(+), 3 deletions(-)
diff --git a/Documentation/kernel-parameters.txt
b
Hi,
ahash allows to use HW acceleration, but usually it comes at a cost of
additional HW related configuration overhead, such as configuring hash
module, DMA, etc. For that reason hashing small chucks of data is
faster doing it with shash (CPU) rather than HW acceleration.
I measured long time
Hello,
On Sat, Sep 14, 2013 at 7:56 PM, Lee, Chun-Yi joeyli.ker...@gmail.com wrote:
Implement EMSA_PKCS1-v1_5-ENCODE [RFC3447 sec 9.2] in rsa.c. It's the
first step of signature generation operation (RSASSA-PKCS1-v1_5-SIGN).
This patch is temporary set emLen to pks-k, and temporary set EM to
On Sat, Sep 14, 2013 at 7:56 PM, Lee, Chun-Yi joeyli.ker...@gmail.com wrote:
Implement EMSA_PKCS1-v1_5-ENCODE [RFC3447 sec 9.2] in rsa.c. It's the
first step of signature generation operation (RSASSA-PKCS1-v1_5-SIGN).
This patch is temporary set emLen to pks-k, and temporary set EM to
pks-S
On 15/08/13 06:12, Joel Fernandes wrote:
On 08/14/2013 07:47 PM, Joe Perches wrote:
On Wed, 2013-08-14 at 18:40 -0500, Joel Fernandes wrote:
On 08/14/2013 06:29 PM, Joe Perches wrote:
On Wed, 2013-08-14 at 18:12 -0500, Joel Fernandes wrote:
When DEBUG is enabled, these macros can be used to
On 15/08/13 02:30, Joel Fernandes wrote:
On 08/14/2013 06:12 PM, Joel Fernandes wrote:
This patch series is a rewrite of the DMA portion of omap-aes driver
and also adds support for PIO mode. Both these modes, give better
performance than before.
Earlier, only a single SG was used for DMA
, binds integrity data to the
device. As a result data blocks and corresponding HMACs cannot simply be
copied over from other file systems.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
Documentation/device-mapper/dm-integrity.txt | 137
drivers/md/Kconfig
signature format.
BR,
Dmitry
Dmitry Kasatkin (1):
ima: digital signature verification using asymmetric keys
security/integrity/Kconfig | 12 +
security/integrity/digsig.c | 103 ++-
2 files changed, 114 insertions(+), 1 deletion(-)
--
1.7.10.4
, binds integrity data to the
device. As a result data blocks and corresponding HMACs cannot simply be
copied over from other file systems.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
Documentation/device-mapper/dm-integrity.txt | 137
drivers/md/Kconfig
, binds integrity data to the
device. As a result data blocks and corresponding HMACs cannot simply be
copied over from other file systems.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
Documentation/device-mapper/dm-integrity.txt | 137
drivers/md/Kconfig
mode flag to handle reboot notifications
- added discards handling
- use DM functions for printing kernel messages
- Dmitry
Dmitry Kasatkin (1):
dm-integrity: integrity protection device-mapper target
Documentation/device-mapper/dm-integrity.txt | 137
drivers/md/Kconfig
, binds integrity data to the
device. As a result data blocks and corresponding HMACs cannot simply be
copied over from other file systems.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
Documentation/device-mapper/dm-integrity.txt | 125
drivers/md/Kconfig
a lighter weight read-write block level integrity
protection for file systems not requiring full disk encryption, but
which do require writability.
- Dmitry
Dmitry Kasatkin (1):
dm-integrity: integrity protection device-mapper target
Documentation/device-mapper/dm-integrity.txt | 125
://git.kernel.org/pub/scm/linux/kernel/git/kasatkin/ima-ksign.git
http://meego.gitorious.org/meego-platform-security/ima-ksign
Supporting utility for key handling and signing is available here:
http://meego.gitorious.org/meego-platform-security/evm-utils
Regards,
Dmitry
Dmitry Kasatkin (7):
crypto: GnuPG
initramfs.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
security/integrity/Kconfig | 14 +++
security/integrity/Makefile|1 +
security/integrity/digsig.c| 48
security/integrity/integrity.h | 20
4
should be
different on every device.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
Acked-by: Mimi Zohar zo...@us.ibm.com
---
security/integrity/evm/evm.h| 12 +
security/integrity/evm/evm_crypto.c | 66 ++--
security/integrity/evm/evm_main.c | 94
defines the name
of the key.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
Acked-by: Mimi Zohar zo...@us.ibm.com
---
Documentation/digsig.txt | 97
include/linux/digsig.h | 64 +++
lib/Kconfig |8 ++
lib/Makefile |1 +
lib
,
if CONFIG_MPILIB_EXTRA is enabled.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
lib/Kconfig| 10 ++
lib/mpi/Makefile | 11 ++
lib/mpi/generic_mpi-asm-defs.h |4 +
lib/mpi/mpi-add.c
is used to implemenet RSA digital signature verification
used in IMA/EVM integrity protection subsystem.
Due to patch size limitation, the patch is divided into 4 parts.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
lib/Kconfig |7 +++
lib/Makefile |2 ++
lib
/ima-ksign
Supporting utility for key handling and signing is available here:
http://meego.gitorious.org/meego-platform-security/evm-utils
Regards,
Dmitry
Dmitry Kasatkin (7):
crypto: GnuPG based MPI lib - source files (part 1)
crypto: GnuPG based MPI lib - header files (part 2)
crypto: GnuPG
,
if CONFIG_MPILIB_EXTRA is enabled.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
lib/Kconfig| 10 ++
lib/mpi/Makefile | 12 ++
lib/mpi/generic_mpi-asm-defs.h |4 +
lib/mpi/generic_udiv-w-sdiv.c | 106 +
lib/mpi/mpi-add.c
is used to implemenet RSA digital signature verification
used in IMA/EVM integrity protection subsystem.
Due to patch size limitation, the patch is divided into 4 parts.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
lib/Kconfig |7 +++
lib/Makefile |2 ++
lib
should be
different on every device.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
Acked-by: Mimi Zohar zo...@us.ibm.com
---
security/integrity/evm/evm.h| 12 +
security/integrity/evm/evm_crypto.c | 66 ++--
security/integrity/evm/evm_main.c | 94
initramfs.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
security/integrity/Kconfig | 14 +++
security/integrity/Makefile|1 +
security/integrity/digsig.c| 48
security/integrity/integrity.h | 20
4
://meego.gitorious.org/meego-platform-security/evm-utils
Regards,
Dmitry
Dmitry Kasatkin (6):
crypto: GnuPG based MPI lib - source files needed for ksign
crypto: GnuPG based MPI lib - header files needed for ksign
crypto: GnuPG based MPI lib - make files needed for ksign
crypto: GnuPG based
is used to implemenet RSA digital signature verification
used in IMA/EVM integrity protection subsystem.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
---
crypto/Kconfig |6 ++
crypto/Makefile |1 +
crypto/mpi/Makefile | 20
3 files changed, 27
is different on
every device. File metadata can be protected using digital signature.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
Acked-by: Mimi Zohar zo...@us.ibm.com
---
security/integrity/evm/Kconfig | 15
security/integrity/evm/evm.h| 12
security/integrity
to the kernel format and to load it into the keyring.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
Acked-by: Mimi Zohar zo...@us.ibm.com
---
crypto/Kconfig | 13 ++
crypto/Makefile |3 +
crypto/ksign.c | 269
://git.kernel.org/pub/scm/linux/kernel/git/kasatkin/ima-ksign.git
Supporting utility for key handling and signing is available here:
http://meego.gitorious.org/meego-platform-security/evm-utils
Regards,
Dmitry
Dmitry Kasatkin (3):
crypto: GnuPG based MPI lib
crypto: ksign - digital signature
to the kernel format and to load it into the keyring.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@intel.com
Acked-by: Mimi Zohar zo...@us.ibm.com
---
crypto/Kconfig | 13 ++
crypto/Makefile |3 +
crypto/ksign.c | 269
-by: Dmitry Kasatkin dmitry.kasat...@intel.com
Acked-by: Mimi Zohar zo...@us.ibm.com
---
security/integrity/evm/Kconfig | 14
security/integrity/evm/evm.h| 12
security/integrity/evm/evm_crypto.c | 66 ++-
security/integrity/evm/evm_main.c | 125
On 16/08/11 03:57, James Morris wrote:
On Thu, 11 Aug 2011, Dmitry Kasatkin wrote:
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Adds the multi-precision-integer maths library which was originally taken
from GnuPG and ported to the kernel by (among others) David Howells.
This version
On 16/08/11 04:00, James Morris wrote:
On Thu, 11 Aug 2011, Dmitry Kasatkin wrote:
+static int ksign_verify_rsa(struct key *key,
+const char *sig, int siglen,
+ const char *h, int hlen)
+{
+int err = -ENOMEM;
+unsigned long len;
+unsigned
On 17/08/11 14:38, Nikos Mavrogiannopoulos wrote:
On Mon, Aug 15, 2011 at 6:12 PM, Dmitry Kasatkin
dmitry.kasat...@intel.com wrote:
On 11/08/11 20:20, Dmitry Kasatkin wrote:
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Adds the multi-precision-integer maths library which was originally
Hi,
Can anyone please tell why this patch did not appear in archives?
I have received it in my 2 accounts, but I cannot see it in archive.
Is any size limitations??
- Dmitry
On 11/08/11 20:20, Dmitry Kasatkin wrote:
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Adds the multi-precision
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
This patch implements RSA digital signature verification using GnuPG library.
Signature and public key have a special format and have special headers.
Signature header contains keyid, which is used to identify the key,
needed for signature
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
EVM/IMA might perform lots of signature verification operations.
For that reason performance is very critical. This patch adds
evm_keyring to store public keys used by EVM only.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
Acked
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
When building an image, which has to be flashed to different devices,
an HMAC cannot be used to sign file metadata, as the HMAC key is different
on every device. File metadata can be protected using digital signature.
This patch enables RSA
://meego.gitorious.org/meego-platform-security/ima-ksign
Supporting utility for key handling and signing is available here:
http://meego.gitorious.org/meego-platform-security/evm-utils
Regards,
Dmitry
Dmitry Kasatkin (5):
crypto: GnuPG based MPI lib
crypto: ksign - digital signature verification support
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Allows to specify keyring to search in for the key. Later patches
will use special keyrings to store EVM and IMA public keys.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
Acked-by: Mimi Zohar zo...@us.ibm.com
---
crypto/ksign.c
Thanks!
On Wed, Jun 8, 2011 at 4:08 PM, Herbert Xu herb...@gondor.apana.org.au wrote:
On Thu, Jun 02, 2011 at 09:10:02PM +0300, Dmitry Kasatkin wrote:
Hi,
Recently we got crashes few times after some other patches to 2.6.32 kernel.
This patch set greatly prevents race condition situations
Hi,
Recently we got crashes few times after some other patches to 2.6.32 kernel.
This patch set greatly prevents race condition situations.
No crashes are noticed any more.
Now the driver should be ok for multi core as well.
Regards,
Dmitry
Dmitry Kasatkin (11):
omap-sham: remove extra
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Request pointer is already available in the function.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Some flags are changed in interrupt handlers and verified in the tasklet.
There might be a race condition when tasklet is interrupted or another
cpu/core will run IRQ handler and tasklet in parallel.
Atomic bitops functions are now used instead
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Flags mask cannot be used with atomic bit operations.
This patch changes masks to bit numbers.
Atomic bit operations will be used by following patches.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c | 102
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c |3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index b959dc6..84e5890 100644
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
It could be a situation, that tasklet is executed twice because of
certain delay between dma callback and irq handler execution.
In that case, second tasklet execution could actually corrupt the data
of the new started dma transactions.
This patch
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Calling omap_sham_handle_queue from done tasklet should be done
after irq scheduled tasklet completes.
Having additional tasklet does not solve that issue because it might
be execute before.
So queue handling tasklet has been removed
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c |4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index 7ca7075..804c16b
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c |5 +
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index 804c16b..6399a8f
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c |1 -
1 files changed, 0 insertions(+), 1 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index a8de7b8..7ca7075 100644
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Couple of context flags have been moved to device flags.
IRQ and tasklet handlers does not need to access request
context anymore.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c | 19
From: Dmitry Kasatkin dmitry.kasat...@nokia.com
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c |5 -
1 files changed, 0 insertions(+), 5 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index 8a45fb7..ac12a60
Hi,
Here is few patches with couple of important fixes...
Regards,
Dmitry
Dmitry Kasatkin (3):
crypto: omap-sham - remove debug print
crypto: omap-sham - enable driver for EMU chips
crypto: omap-sham - hmac calculation bug fix for sha1 base hash
Markku Kylanpaa (1):
crypto: omap-sham
EMU chips also have crypto HW as HS chips.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index 50aca41..f5c01dc 100644
was correct. But in fact only the final hash had to be used.
All crypto tests for HMAC produces only single request and
could not catch the problem. This problem is fixed here.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c | 71
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c |2 --
1 files changed, 0 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index e36032b..50aca41 100644
--- a/drivers/crypto/omap-sham.c
+++ b/drivers
From: Markku Kylanpaa ext-markku.kylan...@nokia.com
SHA1 accelerator can also be busy. Add -EBUSY status return option and
return busy status from omap_sham_finup().
Signed-off-by: Markku Kylanpaa ext-markku.kylan...@nokia.com
---
drivers/crypto/omap-sham.c |2 +-
1 files changed, 1
Hi,
As I have said in my email that it will be used by IMA/EVM subsystem.
See security/integrity subdirectory in Linux kernel...
Indeed, use of HW accelerator is also on of the targets...
- Dmitry
On 21/03/11 16:06, ext Herbert Xu wrote:
On Mon, Mar 21, 2011 at 04:04:41PM +0200, Dmitry
before it is signed.
So after RSA decryption, de-padding has to be done, before comparing
result to the calculated hash.
- Dmitry
On 22/03/11 08:59, Dmitry Kasatkin wrote:
Hi,
As I have said in my email that it will be used by IMA/EVM subsystem.
See security/integrity subdirectory in Linux
Hi,
Accepted by whom?
We extend functionality of Integrity subsystem in order to support
flashable images which can be verified with public keys...
- Dmitry
On 22/03/11 09:34, ext Herbert Xu wrote:
On Tue, Mar 22, 2011 at 08:59:56AM +0200, Dmitry Kasatkin wrote:
As I have said in my email
/01/11 01:29, ext Herbert Xu wrote:
On Tue, Jan 25, 2011 at 03:44:47PM +0200, Dmitry Kasatkin wrote:
What we have done in our system is introduced a new flag which is set to
request.
flags |= CRYPTO_TFM_REQ_USE_FINUP;
ahash_request_set_callback(req, flags, tcrypt_complete, tresult);
We don't
Hi,
Indeed. Forgot about it. I even have that repo on my computer: newapi
branch.
Thanks,
Dmitry
On 13/01/11 10:08, ext Nikos Mavrogiannopoulos wrote:
On Thu, Jan 13, 2011 at 8:19 AM, Dmitry Kasatkin
dmitry.kasat...@nokia.com wrote:
Hi,
Does anybody know if there is a GPL implementation
pointer.
Cc: Dmitry Kasatkin dmitry.kasat...@nokia.com
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Jamie Iles ja...@jamieiles.com
Reviewed-by: Aaro Koskinen aaro.koski...@nokia.com
Reviewed-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-aes.c |5 +++--
1 files
: Dmitry Kasatkin dmitry.kasat...@nokia.com
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Jamie Iles ja...@jamieiles.com
Reviewed-by: Aaro Koskinen aaro.koski...@nokia.com
Reviewed-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c |4 ++--
1 files changed, 2
Hi,
Does anybody know if there is a GPL implementation of RSA verification
for the Linux kernel?
I know DigSig, but is anything recent available?
Thanks,
Dmitry
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More
,
but it will happen in implementation similar to dm-crypt.
Backlog needs to be checked before dequeuing next request.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-sham.c |7 +++
1 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b
thanks
On 02/12/10 10:37, ext Herbert Xu wrote:
On Tue, Nov 30, 2010 at 10:13:26AM +0200, Dmitry Kasatkin wrote:
Changes to v1:
- omap type specific handling removed
- fixed backlog handling bug in redundunt locking is removed
- aes module initialized once per request instead of dma
Changes to v1:
- omap type specific handling removed
- fixed backlog handling bug in redundunt locking is removed
- aes module initialized once per request instead of dma transaction
more efficient and right way to do it
- checkpatch fixes in separate patch
Dmitry Kasatkin (6):
omap-aes: DMA
DMA parameters for constant data were initialized during driver probe().
It seems that those settings sometimes are lost when devices goes to off mode.
This patch makes DMA initialization just before use.
It solves off mode problems.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
Previous version had not error handling.
Request could remain uncompleted.
Also in the case of DMA error, FLAGS_INIT is unset
and accelerator will be initialized again.
Buffer size allignment is checked.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-aes.c
AES module was initialized for every DMA transaction.
That is redundant.
Now it is initialized once per request.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-aes.c | 54 +++-
1 files changed, 28 insertions(+), 26
Submitting request involved double locking for enqueuing and
dequeuing. Now it is done under the same lock.
FLAGS_BUSY is now handled under the same lock.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-aes.c | 70
Key and IV should always be set before AES operation.
So no need to check if it has changed or not.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@nokia.com
---
drivers/crypto/omap-aes.c | 70 +++--
1 files changed, 17 insertions(+), 53 deletions
1 - 100 of 173 matches
Mail list logo