On 09/03/2017 15:07, Borislav Petkov wrote:
> + /* Check if running under a hypervisor */
> + eax = 0x4000;
> + ecx = 0;
> + native_cpuid(, , , );
This is not how you check if running under a hypervisor; you should
check the HYPERVISOR bit, i.e. bit 31 of cpuid(1).ecx. This
On Thu, Mar 09, 2017 at 05:13:33PM +0100, Paolo Bonzini wrote:
> This is not how you check if running under a hypervisor; you should
> check the HYPERVISOR bit, i.e. bit 31 of cpuid(1).ecx. This in turn
> tells you if leaf 0x4000 is valid.
Ah, good point, I already do that in the microcode
On Mon, Feb 27, 2017 at 09:38:24AM -0300, Marcelo Henrique Cerri wrote:
> Hi Hebert,
>
> For v2:
>
> - fixed the memory leakage in cbc.
> - included crypto/algapi.h in crypto/cbc.c for crypto_requires_off();
> - ERR_CAST instead PTR_ERR in ctr.
> - Also propagated the fallback bit for rfc3686.
>
On Fri, Feb 24, 2017 at 03:46:57PM -0800, Eric Biggers wrote:
> From: Eric Biggers
>
> These two patches mark all the cryptographic test vectors as 'const'.
> This has several potential advantages and moves a large amount of data
> from .data to .rodata when the tests are
On Thu, Mar 9, 2017 at 4:16 PM, Herbert Xu wrote:
> On Wed, Feb 15, 2017 at 10:45:07AM +0530, Mahipal Challa wrote:
>> Hi Herbert,
>>
>> This series adds support for hardware accelerated compression & decompression
>> as found on ThunderX (arm64) SOCs.
>>
>> As per
On Wed, Feb 15, 2017 at 10:45:07AM +0530, Mahipal Challa wrote:
> Hi Herbert,
>
> This series adds support for hardware accelerated compression & decompression
> as found on ThunderX (arm64) SOCs.
>
> As per your suggestion, we've switched to the new crypto acomp/scomp
> interface.
>
> To test
On Tue, Feb 14, 2017 at 09:51:01PM +, Ard Biesheuvel wrote:
> Currently, the bit sliced NEON AES code for ARM has a link time
> dependency on the scalar ARM asm implementation, which it uses as a
> fallback to perform CBC encryption and the encryption of the initial
> XTS tweak.
>
> The bit
On Tue, Feb 14, 2017 at 01:43:26PM -0800, Eric Biggers wrote:
> This patchset makes a few cleanups to the generic GF(2^128) multiplication
> code
> to make it slightly easier to understand and modify. No functional changes
> are
> intended.
>
> Eric Biggers (4):
> crypto: gf128mul - fix some
On Tue, Feb 14, 2017 at 09:51:02PM +, Ard Biesheuvel wrote:
> To prevent unnecessary branching, mark the exit condition of the
> primary loop as likely(), given that a carry in a 32-bit counter
> occurs very rarely.
>
> On arm64, the resulting code is emitted by GCC as
>
> 9a8: cmp
On Wed, Mar 08, 2017 at 11:14:20PM +0200, Krzysztof Kozlowski wrote:
> Running TCRYPT with LRW compiled causes spinlock recursion:
>
> testing speed of async lrw(aes) (lrw(ecb-aes-s5p)) encryption
> tcrypt: test 0 (256 bit key, 16 byte blocks): 19007 operations in 1
> seconds (304112
On Wed, Feb 22, 2017 at 11:51:38PM +, Colin King wrote:
> From: Colin Ian King
>
> trivial fix to spelling mistake in pr_err message
>
> Signed-off-by: Colin Ian King
Patch applied. Thanks.
--
Email: Herbert Xu
On Thu, Mar 02, 2017 at 10:15:01AM -0500, Brijesh Singh wrote:
> From: Tom Lendacky
>
> Modify the SVM cpuid update function to indicate if Secure Encrypted
> Virtualization (SEV) is active in the guest by setting the SEV KVM CPU
> features bit. SEV is active if Secure
On Fri, Mar 03, 2017 at 07:25:21AM +0100, Milan Broz wrote:
> Patch below should be backported to 4.10 stable
> (only 4.10, older kernels are ok).
> We have reports some systems fail to boot from LUKS now
> (missing ecb module in initramdisk) ...
>
> Upstream commit is
On Thu, Mar 02, 2017 at 03:26:54PM -0600, Gary R Hook wrote:
> A version 5 device provides the primitive commands
> required for AES GCM. This patch adds support for
> en/decryption.
>
> Signed-off-by: Gary R Hook
This patch doesn't apply to the current cryptodev tree.
Am Donnerstag, 9. März 2017, 11:00:11 CET schrieb Herbert Xu:
Hi Herbert,
> On Fri, Feb 24, 2017 at 02:24:47PM +0100, Stephan Müller wrote:
> > Hi Herbert et al,
> >
> > attached are two patches where each patch has a different approach to copy
> > the AAD in the algif_aead operation. I would
Am Donnerstag, 9. März 2017, 11:05:54 CET schrieb Herbert Xu:
Hi Herbert,
> On Thu, Mar 09, 2017 at 11:02:41AM +0100, Stephan Müller wrote:
> > > > The patch
> > > > 0001-crypto-algif_aead-copy-AAD-from-src-to-dst_separate.patch
> > > > simply copies the AAD over from TX SGL to RX SGL. The pro
On Thu, Mar 09, 2017 at 11:08:32AM +0100, Stephan Müller wrote:
>
> This is the first patch (0001-crypto-algif_aead-copy-AAD-from-src-to-
> dst_separate.patch).
>
> The second alternative patch (0001-crypto-algif_aead-copy-AAD-from-src-to-
> dst_inplace.patch) does:
I see. Yes that looks good.
Gave it a try on 4.10.1, but still to no avail:
*
[8.516138] raid6: using intx1 recovery algorithm
[ [0;32m OK [0m] Started Flush Journal to Persistent Storage.
[9.692091] Unable to handle kernel NULL pointer dereference at
virtual address 0004
[9.698896] pgd = c0004000
[
On Thu, Mar 09, 2017 at 11:02:41AM +0100, Stephan Müller wrote:
>
> > > The patch 0001-crypto-algif_aead-copy-AAD-from-src-to-dst_separate.patch
> > > simply copies the AAD over from TX SGL to RX SGL. The pro is that the
> > > patch is small. The con is that this approach does *not* provide an
> >
Add missing " " in api-samples.rst
Signed-off-by: Fabien Dessenne
---
Documentation/crypto/api-samples.rst | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/Documentation/crypto/api-samples.rst
b/Documentation/crypto/api-samples.rst
index
On Fri, Feb 24, 2017 at 02:24:47PM +0100, Stephan Müller wrote:
> Hi Herbert et al,
>
> attached are two patches where each patch has a different approach to copy
> the
> AAD in the algif_aead operation. I would like to hear your opinion which
> approach should be taken.
>
> The patch
Am Donnerstag, 9. März 2017, 11:23:16 CET schrieb Herbert Xu:
Hi Herbert,
> I see. Yes that looks good.
Thank you. I will provide an official patch after the discussion about the
memory handling is completed.
As the memory handling patch should be considered for stable whereas the AAD
copy
On Thu, Mar 02, 2017 at 10:14:48AM -0500, Brijesh Singh wrote:
> From: Tom Lendacky
>
> Early in the boot process, add checks to determine if the kernel is
> running with Secure Encrypted Virtualization (SEV) active by issuing
> a CPUID instruction.
>
> During early
23 matches
Mail list logo