RE: Request for Comments about Chained-IV feature in Linux crypto framework

Format it to plaintext and resend it as HTML subpart is treated as SPAM or Outlook Virus by the system. Thanks, - Wenqian From: Yu, Wenqian Sent: Thursday, August 3, 2017 9:13 AM To: linux-crypto@vger.kernel.org Cc: herb...@gondor.apana.org.au; dm-de...@redhat.com; m-cr...@saout.de; Milan

Re: [PATCH v3 7/7] ima: Support module-style appended signatures for appraisal

On Wed, 2017-08-02 at 14:42 -0300, Thiago Jung Bauermann wrote: > Mimi Zohar writes: > > > On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote: > >> --- a/security/integrity/ima/ima_appraise.c > >> +++ b/security/integrity/ima/ima_appraise.c > >> @@ -200,18

Re: [Patch V3] crypto: x86/sha1 : Fix reads beyond the number of blocks passed

On Wed, 2017-08-02 at 10:13 -0700, Megha Dey wrote: > It was reported that the sha1 AVX2 function(sha1_transform_avx2) is > reading ahead beyond its intended data, and causing a crash if the next > block is beyond page boundary: > http://marc.info/?l=linux-crypto-vger=149373371023377 > > This

Re: [Patch V3] crypto: x86/sha1 : Fix reads beyond the number of blocks passed

- Original Message - > On Wed, 2017-08-02 at 10:13 -0700, Megha Dey wrote: > > It was reported that the sha1 AVX2 function(sha1_transform_avx2) is > > reading ahead beyond its intended data, and causing a crash if the next > > block is beyond page boundary: > >

[Patch V4] crypto: x86/sha1 : Fix reads beyond the number of blocks passed

It was reported that the sha1 AVX2 function(sha1_transform_avx2) is reading ahead beyond its intended data, and causing a crash if the next block is beyond page boundary: http://marc.info/?l=linux-crypto-vger=149373371023377 This patch makes sure that there is no overflow for any buffer length.

Re: [Patch V2] crypto: x86/sha1 : Fix reads beyond the number of blocks passed

On 08/02/2017 02:38 AM, Megha Dey wrote: > It was reported that the sha1 AVX2 function(sha1_transform_avx2) is > reading ahead beyond its intended data, and causing a crash if the next > block is beyond page boundary: > http://marc.info/?l=linux-crypto-vger=149373371023377 > > This patch makes

Re: [PATCH v3] crypto: caam: Remove unused dentry members

On 8/1/2017 4:45 PM, Fabio Estevam wrote: > Most of the dentry members from structure caam_drv_private > are never used at all, so it is safe to remove them. > > Since debugfs_remove_recursive() is called, we don't need the > file entries. > > Signed-off-by: Fabio Estevam

[PATCH v3] crypto: ixp4xx - Fix error handling path in 'aead_perform()'

On Thu, Jul 20, 2017 at 09:37:10AM +0200, Arnd Bergmann wrote: > > Thanks for spotting my mistake! > > I've looked at it again and think it's unfortunately still wrong with > your patch, > as there is a 'goto free_buf_src' after dma_pool_alloc(), and that now needs > to jump to free_buf_dst

Re: [PATCH v3] crypto: ixp4xx - Fix error handling path in 'aead_perform()'

On Wed, Aug 2, 2017 at 10:40 AM, Herbert Xu wrote: > On Thu, Jul 20, 2017 at 09:37:10AM +0200, Arnd Bergmann wrote: > > Oops, looks like I introduced the bug. Anyway, such is the danger > of fixing compiler warnings in rarely used code. > > For some reason your patch

Re: Request for Comments about Chained-IV feature in Linux crypto framework

On Thu, Aug 03, 2017 at 01:12:32AM +, Yu, Wenqian wrote: > Hi, Herbert and all, > > For saving the offload cost of symmetric cipher to hardware accelerator, we > have a proposal (chained-IV) to batch multiple SG with different IV into one > skcipher request, which also benefits SW

Re: [PATCH V3 2/6] crypto/nx: Create nx842_configure_crb function

On Fri, Jul 21, 2017 at 09:57:39PM -0700, Haren Myneni wrote: > > Configure CRB is moved to nx842_configure_crb() so that it can > be used for icswx and VAS exec functions. VAS function will be > added later with P9 support. > > Signed-off-by: Haren Myneni Your patch does not

Re: [PATCH v1] crypto: caam - set hwrng quality level

On Wed, Aug 02, 2017 at 02:03:14PM +, Horia Geantă wrote: > > Take CAAM's engine HWRNG: it can work both as a TRNG and as a > TRNG-seeded DRBG (that's how it's currently configured). > IIUC, both setups are fit as source for the entropy pool. So which is it? If it's a DRBG then it should not

Re: [PATCH V7 5/7] crypto: AES CBC multi-buffer glue code

On Tue, Jul 25, 2017 at 07:09:58PM -0700, Megha Dey wrote: > > +/* notify the caller of progress ; request still stays in queue */ > + > +static void notify_callback(struct mcryptd_skcipher_request_ctx *rctx, > + struct mcryptd_alg_cstate *cstate, > +

Re: [RESEND,PATCH v4 3/3] crypto : stm32 - Add STM32F4 CRC32 support

On Mon, Jul 17, 2017 at 11:27:36AM +0300, Cosar Dindar wrote: > This patch adds CRC (CRC32 Crypto) support for STM32F4 series. > > As an hardware limitation polynomial and key setting are not supported. > They are fixed as 0x4C11DB7 (poly) and 0x (key). > CRC32C Castagnoli algorithm is

Re: [PATCH resend 00/18] crypto: ARM/arm64 roundup for v4.14

On Wed, Aug 02, 2017 at 03:46:16PM +0100, Dave Martin wrote: > Hi Herbert, > > This series from Ard is a prerequisite for an arm64 series [1] that I'd > like to get merged this cycle (because it is in turn a prerequisite for > another major series I want to progress). > > [1] without this series

Re: [PATCH v1] crypto: caam - set hwrng quality level

On 7/20/2017 4:08 PM, Harald Freudenberger wrote: > On 07/19/2017 08:13 PM, Oleksij Rempel wrote: >> On Wed, Jul 19, 2017 at 04:53:21PM +, Horia Geantă wrote: >>> On 7/19/2017 7:32 PM, Oleksij Rempel wrote: On Wed, Jul 19, 2017 at 12:49:47PM +, Horia Geantă wrote: > On 7/19/2017

Re: [PATCH resend 00/18] crypto: ARM/arm64 roundup for v4.14

Hi Herbert, This series from Ard is a prerequisite for an arm64 series [1] that I'd like to get merged this cycle (because it is in turn a prerequisite for another major series I want to progress). [1] without this series will break the kernel, whereas this series without [1] won't break the

[Patch V3] crypto: x86/sha1 : Fix reads beyond the number of blocks passed

It was reported that the sha1 AVX2 function(sha1_transform_avx2) is reading ahead beyond its intended data, and causing a crash if the next block is beyond page boundary: http://marc.info/?l=linux-crypto-vger=149373371023377 This patch makes sure that there is no overflow for any buffer length.

Re: [PATCH v3 1/7] integrity: Introduce struct evm_hmac_xattr

Hello Mimi, Thanks for your review! The patch at the end of the email implements your suggestions, what do you think? Mimi Zohar writes: > On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote: >> A separate struct evm_hmac_xattr is introduced, with the

Re: [Patch V2] crypto: x86/sha1 : Fix reads beyond the number of blocks passed

On 08/02/2017 03:39 AM, Jan Stancek wrote: > On 08/02/2017 02:38 AM, Megha Dey wrote: >> It was reported that the sha1 AVX2 function(sha1_transform_avx2) is >> reading ahead beyond its intended data, and causing a crash if the next >> block is beyond page boundary: >>

Re: [PATCH v3 7/7] ima: Support module-style appended signatures for appraisal

Mimi Zohar writes: > On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote: >> --- a/security/integrity/ima/ima_appraise.c >> +++ b/security/integrity/ima/ima_appraise.c >> @@ -200,18 +200,40 @@ int ima_read_xattr(struct dentry *dentry, >> */ >> int