Tudor Ambarus wrote:
> crypto_akcipher_maxsize() returns minimum length for output buffer
> or error code if key hasn't been set.
>
> Signed-off-by: Tudor Ambarus
Reviewed-by: David Howells
On Wed, May 24, 2017 at 04:40:32PM +1200, Derek Robson wrote:
> Fixed block comment alignment, Style fix only
> Found using checkpatch
It's 'one thing per patch', this whole set does one thing. You may
like to submit it as a single patch. You won't need the file name in
the commit summary then
- Original Message -
> Hi,
>
> I'm seeing rare crashes during NFS cthon with krb5 auth. After
> some digging I arrived at potential problem with sha1-avx2.
Adding more sha1_avx2 experts to CC.
>
> Problem appears to be that sha1_transform_avx2() reads beyond
> number of blocks you
Hi all,
This series adds support for the Inside Secure SafeXcel EIP197
cryptographic engine which can be found on Marvell Armada 7k and 8k
boards. A new cryptographic engine driver is added, as well as the
relevant device tree definition for the Armada 7040 DB and 8040 DB
boards.
This driver
Add support for Inside Secure SafeXcel EIP197 cryptographic engine,
which can be found on Marvell Armada 7k and 8k boards. This driver
currently implements: ecb(aes), cbc(aes), sha1, sha224, sha256 and
hmac(sah1) algorithms.
Two firmwares are needed for this engine to work. Their are mostly used
The EIP197 cryptographic engine supports 64 bits address width but is
limited to 40 bits on 7k/8k. Add a dma-mask property in the
cryptographic engine nodes to reflect this.
Signed-off-by: Antoine Tenart
---
arch/arm64/boot/dts/marvell/armada-cp110-master.dtsi
A new cryptographic engine driver was added in
drivers/crypto/inside-secure. Add myself as a maintainer for this
driver.
Signed-off-by: Antoine Tenart
---
MAINTAINERS | 6 ++
1 file changed, 6 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index
The Inside Secure Safexcel cryptographic engine is found on some Marvell
SoCs (7k/8k). Document the bindings used by its driver.
Signed-off-by: Antoine Tenart
---
.../bindings/crypto/inside-secure-safexcel.txt | 29 ++
1 file changed,
The cryptographic engine nodes have an interrupt which is configured as
both edge and level, which makes no sense at all. Fix this by
configuring it the right way (level).
Signed-off-by: Antoine Tenart
---
arch/arm64/boot/dts/marvell/armada-cp110-master.dtsi |
Hi Antoine,
On mer., mai 24 2017, Antoine Tenart wrote:
> The cryptographic engine nodes have an interrupt which is configured as
> both edge and level, which makes no sense at all. Fix this by
> configuring it the right way (level).
>
> Signed-off-by:
Add the infrustructure for attaching Upper Layer Protocols (ULPs) over TCP
sockets. Based on a similar infrastructure in tcp_cong. The idea is that any
ULP can add its own logic by changing the TCP proto_ops structure to its own
methods.
Example usage:
setsockopt(sock, SOL_TCP, TCP_ULP, "tls",
This series adds support for kernel TLS encryption over TCP sockets.
A standard TCP socket is converted to a TLS socket using a setsockopt.
Only symmetric crypto is done in the kernel, as well as TLS record
framing. The handshake remains in userspace, and the negotiated
cipher keys/iv are
Software implementation of transport layer security, implemented using ULP
infrastructure. tcp proto_ops are replaced with tls equivalents of sendmsg and
sendpage.
Only symmetric crypto is done in the kernel, keys are passed by setsockopt
after the handshake is complete. All control messages
Export do_tcp_sendpages and tcp_rate_check_app_limited, since tls will need to
sendpages while the socket is already locked.
tcp_sendpage is exported, but requires the socket lock to not be held already.
Signed-off-by: Aviad Yehezkel
Signed-off-by: Ilya Lesokhin
Add documentation for the tcp ULP tls interface.
Signed-off-by: Boris Pismenny
Signed-off-by: Dave Watson
---
Documentation/networking/tls.txt | 120 +++
1 file changed, 120 insertions(+)
create mode 100644
No users outside of padata.c
Signed-off-by: Thomas Gleixner
Cc: Steffen Klassert
Cc: Peter Zijlstra
Cc: Sebastian Siewior
Cc: Steven Rostedt
Cc: linux-crypto@vger.kernel.org
0day-ci/linux/commits/Corentin-Labbe/crypto-engine-replace-pr_xxx-by-dev_xxx/20170524-061949
base:
https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
:: branch date: 6 hours ago
:: commit date: 6 hours ago
>> crypto/crypto_engine.c:454:2-8: preceding lo
Move over most of the omap-aes driver internal definitions to a separate
header file. This is done so that the same definitions can be used in
the upcoming AES-GCM support code.
Signed-off-by: Tero Kristo
---
drivers/crypto/omap-aes.c | 150
These are going to be required by the addition of the GCM support.
Signed-off-by: Tero Kristo
---
drivers/crypto/omap-aes.c | 12 ++--
drivers/crypto/omap-aes.h | 7 +++
2 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/drivers/crypto/omap-aes.c
This contains the generic APIs for aligning SG buffers.
Signed-off-by: Tero Kristo
---
drivers/crypto/Kconfig | 11 +++
drivers/crypto/Makefile | 1 +
drivers/crypto/omap-crypto.c | 185 +++
drivers/crypto/omap-crypto.h |
Use the SG alignment APIs from the OMAP crypto support library instead
of using own implementations.
Signed-off-by: Tero Kristo
---
drivers/crypto/omap-aes.c | 120 +++---
1 file changed, 28 insertions(+), 92 deletions(-)
diff --git
Convert the driver to use autosuspend for runtime_pm. This boosts the
performance, and optimizes the power consumption for the driver. By
default, the timeout value for autosuspend is set to one second.
Signed-off-by: Tero Kristo
---
drivers/crypto/omap-des.c | 10 --
1
Currently, the hash later code only handles the cases when we have
either new data coming in with the request or old data in the buffer,
but not the combination when we have both. Fix this by changing the
ordering of the code a bit and handling both cases properly
simultaneously if needed. Also,
OMAP DES crypto accelerator itself is unable to detect weak keys, so
add a specific call to the generic des driver to check the key strength
if requested.
Signed-off-by: Tero Kristo
---
drivers/crypto/omap-des.c | 16 ++--
1 file changed, 14 insertions(+), 2
Use the SG alignment APIs from the OMAP crypto support library instead
of using own implementations. This reduces the amount of copy-paste
code.
Signed-off-by: Tero Kristo
---
drivers/crypto/omap-des.c | 112 --
1 file changed, 28
Currently there is an interesting corner case failure with omap-sham
driver, if the finalize call is done separately with no data, but
all previous data has already been processed. In this case, it is not
possible to close the hash with the hardware without providing any data,
so we get incorrect
This was previously missed from the code, causing SDMA to hang in
some cases where the buffer ended up being not aligned.
Signed-off-by: Tero Kristo
---
drivers/crypto/omap-sham.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/omap-sham.c
AES can have multiple HW accelerator cores in the system, in which case
each core has its own crypto engine in use. Currently, the used hardware
device is stored under the omap_aes_ctx struct, which is global for
the algorithm itself, causing conflicts when used with multiple cores.
Fix this by
Hi,
This series has a number of fixes towards 4.13 merge window (I don't
think we need to rush these as nobody has complained of any of the
issues so far), and the addition of AES GCM mode. Lokesh posted
the support patch for GCM quite a while back, I have addressed
the comments received back
This is not used for anything, so drop it.
Signed-off-by: Tero Kristo
---
drivers/crypto/omap-aes.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c
index fe32dd9..ad6e2b3 100644
--- a/drivers/crypto/omap-aes.c
+++
OMAP AES hw supports AES-GCM mode. This patch adds support for GCM and
RFC4106 GCM mode in omap-aes driver. The GCM implementation is mostly
written into its own source file, which gets built into the same driver
binary as the existing AES support.
Signed-off-by: Lokesh Vutla
Add a node for the cryptographic engine that can be found on sun5i SoCs.
This cryptographic engine is compatible with the Allwinner cryptographic
accelerator driver.
Signed-off-by: Antoine Tenart
---
arch/arm/boot/dts/sun5i.dtsi | 8
1 file changed, 8
The run-time self-tests fail quite early, as soon as the input block
size is larger than 64 bytes:
alg: hash: Test 4 failed for sha1-sun4i-ss
: b9 c9 1e 52 c0 26 d8 39 81 ff f2 3c 99 b1 27 b2
0010: 30 d6 c9 85
One thing to notice is the value of the last word, which is the one
Update the sun4i-ss driver to use the skcipher API instead of the old
ablkcipher one. It's a bit more tricky than s/ablkcipher/skcipher/, but
still nothing special and the driver's logic stays the same.
Signed-off-by: Antoine Tenart
---
Use the GENMASK helper instead of custom calculations to generate masks,
It also helps the readability.
Signed-off-by: Antoine Tenart
---
drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git
Parts of the bf buffer were dynamically set to 0. Change this to set the
whole buffer to 0 by default to avoid any mistake.
Signed-off-by: Antoine Tenart
---
drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff
Cosmetic clean up if conditional checks on 0s values.
Signed-off-by: Antoine Tenart
---
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 28 +++---
drivers/crypto/sunxi-ss/sun4i-ss-core.c | 10
drivers/crypto/sunxi-ss/sun4i-ss-hash.c |
Cosmetic change to avoid having a full screen a variable definitions. It
also helps to see which variables share the same type.
Signed-off-by: Antoine Tenart
---
drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 31 +++
1 file changed, 11
Replace custom bit shifts and masks with lower/upper_32_bits helpers.
Signed-off-by: Antoine Tenart
---
drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git
Hello all,
This series adds the cryptographic engine support to sun5i SoCs. This is
based on top of v4.12-rc1 and was tested on a CHIP. The series begins
with fixes and improvements. The series is available at:
https://github.com/atenart/linux v4.12-rc1/sun5i-crypto
The 8 first patches are
A bit is appended at the end of the input buffer for sha1. Simplify the
code assigning it.
Signed-off-by: Antoine Tenart
---
drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git
Do not use DMA is the request is 0 length.
Signed-off-by: Antoine Tenart
---
drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-hash.c
When sending the last block of data to the engine, it should be padded
so that the total length of the request can be given to the engine as
the last 2 words of the last 64 bytes block.
Simplify the calculation of this pad offset.
Signed-off-by: Antoine Tenart
43 matches
Mail list logo