Re: [PATCH v2 10/11] crypto: KEYS: check err on akcipher maxsize

Tudor Ambarus wrote: > crypto_akcipher_maxsize() returns minimum length for output buffer > or error code if key hasn't been set. > > Signed-off-by: Tudor Ambarus Reviewed-by: David Howells

Re: [PATCH 01/27] Drivers: ccree: ssi_sysfs.h - align block comments

On Wed, May 24, 2017 at 04:40:32PM +1200, Derek Robson wrote: > Fixed block comment alignment, Style fix only > Found using checkpatch It's 'one thing per patch', this whole set does one thing. You may like to submit it as a single patch. You won't need the file name in the commit summary then

Re: [bug] sha1-avx2 and read beyond

- Original Message - > Hi, > > I'm seeing rare crashes during NFS cthon with krb5 auth. After > some digging I arrived at potential problem with sha1-avx2. Adding more sha1_avx2 experts to CC. > > Problem appears to be that sha1_transform_avx2() reads beyond > number of blocks you

[PATCH v6 0/5] arm64: marvell: add cryptographic engine support for 7k/8k

Hi all, This series adds support for the Inside Secure SafeXcel EIP197 cryptographic engine which can be found on Marvell Armada 7k and 8k boards. A new cryptographic engine driver is added, as well as the relevant device tree definition for the Armada 7040 DB and 8040 DB boards. This driver

[PATCH v6 4/5] crypto: inside-secure: add SafeXcel EIP197 crypto engine driver

Add support for Inside Secure SafeXcel EIP197 cryptographic engine, which can be found on Marvell Armada 7k and 8k boards. This driver currently implements: ecb(aes), cbc(aes), sha1, sha224, sha256 and hmac(sah1) algorithms. Two firmwares are needed for this engine to work. Their are mostly used

[PATCH v6 3/5] arm64: marvell: dts: add dma-mask in crypto nodes for 7k/8k

The EIP197 cryptographic engine supports 64 bits address width but is limited to 40 bits on 7k/8k. Add a dma-mask property in the cryptographic engine nodes to reflect this. Signed-off-by: Antoine Tenart --- arch/arm64/boot/dts/marvell/armada-cp110-master.dtsi

[PATCH v6 5/5] MAINTAINERS: add a maintainer for the Inside Secure crypto driver

A new cryptographic engine driver was added in drivers/crypto/inside-secure. Add myself as a maintainer for this driver. Signed-off-by: Antoine Tenart --- MAINTAINERS | 6 ++ 1 file changed, 6 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index

[PATCH v6 1/5] Documentation/bindings: Document the SafeXel cryptographic engine driver

The Inside Secure Safexcel cryptographic engine is found on some Marvell SoCs (7k/8k). Document the bindings used by its driver. Signed-off-by: Antoine Tenart --- .../bindings/crypto/inside-secure-safexcel.txt | 29 ++ 1 file changed,

[PATCH v6 2/5] arm64: marvell: dts: fix interrupts in 7k/8k crypto nodes

The cryptographic engine nodes have an interrupt which is configured as both edge and level, which makes no sense at all. Fix this by configuring it the right way (level). Signed-off-by: Antoine Tenart --- arch/arm64/boot/dts/marvell/armada-cp110-master.dtsi |

Re: [PATCH v6 2/5] arm64: marvell: dts: fix interrupts in 7k/8k crypto nodes

Hi Antoine, On mer., mai 24 2017, Antoine Tenart wrote: > The cryptographic engine nodes have an interrupt which is configured as > both edge and level, which makes no sense at all. Fix this by > configuring it the right way (level). > > Signed-off-by:

[PATCH net-next 1/4] tcp: ULP infrastructure

Add the infrustructure for attaching Upper Layer Protocols (ULPs) over TCP sockets. Based on a similar infrastructure in tcp_cong. The idea is that any ULP can add its own logic by changing the TCP proto_ops structure to its own methods. Example usage: setsockopt(sock, SOL_TCP, TCP_ULP, "tls",

[PATCH net-next 0/4] kernel TLS

This series adds support for kernel TLS encryption over TCP sockets. A standard TCP socket is converted to a TLS socket using a setsockopt. Only symmetric crypto is done in the kernel, as well as TLS record framing. The handshake remains in userspace, and the negotiated cipher keys/iv are

[PATCH net-next 3/4] tls: kernel TLS support

Software implementation of transport layer security, implemented using ULP infrastructure. tcp proto_ops are replaced with tls equivalents of sendmsg and sendpage. Only symmetric crypto is done in the kernel, keys are passed by setsockopt after the handshake is complete. All control messages

[PATCH net-next 2/4] tcp: export do_tcp_sendpages and tcp_rate_check_app_limited functions

Export do_tcp_sendpages and tcp_rate_check_app_limited, since tls will need to sendpages while the socket is already locked. tcp_sendpage is exported, but requires the socket lock to not be held already. Signed-off-by: Aviad Yehezkel Signed-off-by: Ilya Lesokhin

[PATCH net-next 4/4] tls: Documentation

Add documentation for the tcp ULP tls interface. Signed-off-by: Boris Pismenny Signed-off-by: Dave Watson --- Documentation/networking/tls.txt | 120 +++ 1 file changed, 120 insertions(+) create mode 100644

[patch V3 06/32] padata: Make padata_alloc() static

No users outside of padata.c Signed-off-by: Thomas Gleixner Cc: Steffen Klassert Cc: Peter Zijlstra Cc: Sebastian Siewior Cc: Steven Rostedt Cc: linux-crypto@vger.kernel.org

Re: [PATCH 2/2] crypto: engine - Permit to enqueue skcipher request

0day-ci/linux/commits/Corentin-Labbe/crypto-engine-replace-pr_xxx-by-dev_xxx/20170524-061949 base: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master :: branch date: 6 hours ago :: commit date: 6 hours ago >> crypto/crypto_engine.c:454:2-8: preceding lo

[PATCH 08/13] crypto: omap-aes: move definitions over to a separate header file

Move over most of the omap-aes driver internal definitions to a separate header file. This is done so that the same definitions can be used in the upcoming AES-GCM support code. Signed-off-by: Tero Kristo --- drivers/crypto/omap-aes.c | 150

[PATCH 09/13] crypto: omap-aes: export some AES driver functionality locally

These are going to be required by the addition of the GCM support. Signed-off-by: Tero Kristo --- drivers/crypto/omap-aes.c | 12 ++-- drivers/crypto/omap-aes.h | 7 +++ 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/drivers/crypto/omap-aes.c

[PATCH 05/13] crypto: omap: add base support library for common routines

This contains the generic APIs for aligning SG buffers. Signed-off-by: Tero Kristo --- drivers/crypto/Kconfig | 11 +++ drivers/crypto/Makefile | 1 + drivers/crypto/omap-crypto.c | 185 +++ drivers/crypto/omap-crypto.h |

[PATCH 07/13] crypto: omap-aes: use base omap crypto support library

Use the SG alignment APIs from the OMAP crypto support library instead of using own implementations. Signed-off-by: Tero Kristo --- drivers/crypto/omap-aes.c | 120 +++--- 1 file changed, 28 insertions(+), 92 deletions(-) diff --git

[PATCH 04/13] crypto: omap-des - use runtime_pm autosuspend for clock handling

Convert the driver to use autosuspend for runtime_pm. This boosts the performance, and optimizes the power consumption for the driver. By default, the timeout value for autosuspend is set to one second. Signed-off-by: Tero Kristo --- drivers/crypto/omap-des.c | 10 -- 1

[PATCH 11/13] crypto: omap-sham: buffer handling fixes for hashing later

Currently, the hash later code only handles the cases when we have either new data coming in with the request or old data in the buffer, but not the combination when we have both. Fix this by changing the ordering of the code a bit and handling both cases properly simultaneously if needed. Also,

[PATCH 03/13] crypto: omap-des: add check for weak keys

OMAP DES crypto accelerator itself is unable to detect weak keys, so add a specific call to the generic des driver to check the key strength if requested. Signed-off-by: Tero Kristo --- drivers/crypto/omap-des.c | 16 ++-- 1 file changed, 14 insertions(+), 2

[PATCH 06/13] crypto: omap-des: use base omap crypto support library

Use the SG alignment APIs from the OMAP crypto support library instead of using own implementations. This reduces the amount of copy-paste code. Signed-off-by: Tero Kristo --- drivers/crypto/omap-des.c | 112 -- 1 file changed, 28

[PATCH 12/13] crypto: omap-sham: fix closing of hash with separate finalize call

Currently there is an interesting corner case failure with omap-sham driver, if the finalize call is done separately with no data, but all previous data has already been processed. In this case, it is not possible to close the hash with the hardware without providing any data, so we get incorrect

[PATCH 13/13] crypto: omap-sham: force word alignment on the xmit-buf also

This was previously missed from the code, causing SDMA to hang in some cases where the buffer ended up being not aligned. Signed-off-by: Tero Kristo --- drivers/crypto/omap-sham.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/omap-sham.c

[PATCH 02/13] crypto: omap-aes: fix context handling for multiple cores

AES can have multiple HW accelerator cores in the system, in which case each core has its own crypto engine in use. Currently, the used hardware device is stored under the omap_aes_ctx struct, which is global for the algorithm itself, causing conflicts when used with multiple cores. Fix this by

[PATCH 00/13] crypto: omap fixes / changes for 4.13

Hi, This series has a number of fixes towards 4.13 merge window (I don't think we need to rush these as nobody has complained of any of the issues so far), and the addition of AES GCM mode. Lokesh posted the support patch for GCM quite a while back, I have addressed the comments received back

[PATCH 01/13] crypto: omap-aes: drop unused flags attribute from omap_aes_ctx

This is not used for anything, so drop it. Signed-off-by: Tero Kristo --- drivers/crypto/omap-aes.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c index fe32dd9..ad6e2b3 100644 --- a/drivers/crypto/omap-aes.c +++

[PATCH 10/13] crypto: omap-aes: Add support for GCM mode

OMAP AES hw supports AES-GCM mode. This patch adds support for GCM and RFC4106 GCM mode in omap-aes driver. The GCM implementation is mostly written into its own source file, which gets built into the same driver binary as the existing AES support. Signed-off-by: Lokesh Vutla

[PATCH 11/11] ARM: sun5i: add a cryptographic engine node

Add a node for the cryptographic engine that can be found on sun5i SoCs. This cryptographic engine is compatible with the Allwinner cryptographic accelerator driver. Signed-off-by: Antoine Tenart --- arch/arm/boot/dts/sun5i.dtsi | 8 1 file changed, 8

[PATCH 10/11] crypto: sun4i-ss: fix large block size support

The run-time self-tests fail quite early, as soon as the input block size is larger than 64 bytes: alg: hash: Test 4 failed for sha1-sun4i-ss : b9 c9 1e 52 c0 26 d8 39 81 ff f2 3c 99 b1 27 b2 0010: 30 d6 c9 85 One thing to notice is the value of the last word, which is the one

[PATCH 09/11] crypto: sun4i-ss: move from ablkcipher to skcipher API

Update the sun4i-ss driver to use the skcipher API instead of the old ablkcipher one. It's a bit more tricky than s/ablkcipher/skcipher/, but still nothing special and the driver's logic stays the same. Signed-off-by: Antoine Tenart ---

[PATCH 08/11] crypto: sun4i-ss: use GENMASK to generate masks

Use the GENMASK helper instead of custom calculations to generate masks, It also helps the readability. Signed-off-by: Antoine Tenart --- drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git

[PATCH 05/11] crypto: sun4i-ss: do not dynamically set parts of the last buffer to 0

Parts of the bf buffer were dynamically set to 0. Change this to set the whole buffer to 0 by default to avoid any mistake. Signed-off-by: Antoine Tenart --- drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff

[PATCH 02/11] crypto: sun4i-ss: remove conditional checks against 0

Cosmetic clean up if conditional checks on 0s values. Signed-off-by: Antoine Tenart --- drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 28 +++--- drivers/crypto/sunxi-ss/sun4i-ss-core.c | 10 drivers/crypto/sunxi-ss/sun4i-ss-hash.c |

[PATCH 01/11] crypto: sun4i-ss: group variable definitions in sun4i_hash()

Cosmetic change to avoid having a full screen a variable definitions. It also helps to see which variables share the same type. Signed-off-by: Antoine Tenart --- drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 31 +++ 1 file changed, 11

[PATCH 03/11] crypto: sun4i-ss: use lower/upper_32_bits helpers

Replace custom bit shifts and masks with lower/upper_32_bits helpers. Signed-off-by: Antoine Tenart --- drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git

[PATCH 00/11] ARM: sun5i: cryptographic engine support

Hello all, This series adds the cryptographic engine support to sun5i SoCs. This is based on top of v4.12-rc1 and was tested on a CHIP. The series begins with fixes and improvements. The series is available at: https://github.com/atenart/linux v4.12-rc1/sun5i-crypto The 8 first patches are

[PATCH 07/11] crypto: sun4i-ss: simplify the appended bit assignment

A bit is appended at the end of the input buffer for sha1. Simplify the code assigning it. Signed-off-by: Antoine Tenart --- drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 8 ++-- 1 file changed, 2 insertions(+), 6 deletions(-) diff --git

[PATCH 04/11] crypto: sun4i-ss: cannot use DMA is the request is 0 length

Do not use DMA is the request is 0 length. Signed-off-by: Antoine Tenart --- drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-hash.c

[PATCH 06/11] crypto: sun4i-ss: simplify the pad length calculation

When sending the last block of data to the engine, it should be padded so that the total length of the request can be given to the engine as the last 2 words of the last 64 bytes block. Simplify the calculation of this pad offset. Signed-off-by: Antoine Tenart