[PATCH 2/3] hwrng: stm32 - add support for STM32 HW RNG

[Daniel Thompson]

Add support for STMicroelectronics STM32 random number generator.

The config value defaults to N, reflecting the fact that STM32 is a
very low resource microcontroller platform and unlikely to be targeted
by any "grown up" defconfigs.

Signed-off-by: Daniel Thompson 
---
 drivers/char/hw_random/Kconfig |  12 +++
 drivers/char/hw_random/Makefile|   1 +
 drivers/char/hw_random/stm32-rng.c | 202 +
 3 files changed, 215 insertions(+)
 create mode 100644 drivers/char/hw_random/stm32-rng.c

diff --git a/drivers/char/hw_random/Kconfig b/drivers/char/hw_random/Kconfig
index f48cf11c655e..7930cc9b719c 100644
--- a/drivers/char/hw_random/Kconfig
+++ b/drivers/char/hw_random/Kconfig
@@ -359,6 +359,18 @@ config HW_RANDOM_XGENE
 
  If unsure, say Y.
 
+config HW_RANDOM_STM32
+   tristate "STMicroelectronics STM32 random number generator"
+   depends on HW_RANDOM && (ARCH_STM32 || COMPILE_TEST)
+   help
+ This driver provides kernel-side support for the Random Number
+ Generator hardware found on STM32 microcontrollers.
+
+ To compile this driver as a module, choose M here: the
+ module will be called stm32-rng.
+
+ If unsure, say N.
+
 endif # HW_RANDOM
 
 config UML_RANDOM
diff --git a/drivers/char/hw_random/Makefile b/drivers/char/hw_random/Makefile
index 055bb01510ad..8b49c0f7abb1 100644
--- a/drivers/char/hw_random/Makefile
+++ b/drivers/char/hw_random/Makefile
@@ -31,3 +31,4 @@ obj-$(CONFIG_HW_RANDOM_BCM2835) += bcm2835-rng.o
 obj-$(CONFIG_HW_RANDOM_IPROC_RNG200) += iproc-rng200.o
 obj-$(CONFIG_HW_RANDOM_MSM) += msm-rng.o
 obj-$(CONFIG_HW_RANDOM_XGENE) += xgene-rng.o
+obj-$(CONFIG_HW_RANDOM_STM32) += stm32-rng.o
diff --git a/drivers/char/hw_random/stm32-rng.c 
b/drivers/char/hw_random/stm32-rng.c
new file mode 100644
index ..7fa3656a5fc5
--- /dev/null
+++ b/drivers/char/hw_random/stm32-rng.c
@@ -0,0 +1,202 @@
+/*
+ * Copyright (c) 2015, Daniel Thompson
+ *
+ * This file is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This file is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define RNG_CR 0x00
+#define RNG_CR_RNGEN BIT(2)
+
+#define RNG_SR 0x04
+#define RNG_SR_SEIS BIT(6)
+#define RNG_SR_CEIS BIT(5)
+#define RNG_SR_DRDY BIT(0)
+
+#define RNG_DR 0x08
+
+/*
+ * It takes 40 cycles @ 48MHz to generate each random number (e.g. <1us).
+ * At the time of writing STM32 parts max out at ~200MHz meaning a timeout
+ * of 500 leaves us a very comfortable margin for error. The loop to which
+ * the timeout applies takes at least 4 instructions per iteration so the
+ * timeout is enough to take us up to multi-GHz parts!
+ */
+#define RNG_TIMEOUT 500
+
+struct stm32_rng_private {
+   struct hwrng rng;
+   void __iomem *base;
+   struct clk *clk;
+};
+
+static int stm32_rng_read(struct hwrng *rng, void *data, size_t max, bool wait)
+{
+   struct stm32_rng_private *priv =
+   container_of(rng, struct stm32_rng_private, rng);
+   u32 sr;
+   int retval = 0;
+
+   pm_runtime_get_sync((struct device *) priv->rng.priv);
+
+   while (max > sizeof(u32)) {
+   sr = readl_relaxed(priv->base + RNG_SR);
+   if (!sr && wait) {
+   unsigned int timeout = RNG_TIMEOUT;
+
+   do {
+   cpu_relax();
+   sr = readl_relaxed(priv->base + RNG_SR);
+   } while (!sr && --timeout);
+   }
+
+   /* If error detected or data not ready... */
+   if (sr != RNG_SR_DRDY)
+   break;
+
+   *(u32 *)data = readl_relaxed(priv->base + RNG_DR);
+
+   retval += sizeof(u32);
+   data += sizeof(u32);
+   max -= sizeof(u32);
+   }
+
+   if (WARN_ONCE(sr & (RNG_SR_SEIS | RNG_SR_CEIS),
+ "bad RNG status - %x\n", sr))
+   writel_relaxed(0, priv->base + RNG_SR);
+
+   pm_runtime_mark_last_busy((struct device *) priv->rng.priv);
+   pm_runtime_put_sync_autosuspend((struct device *) priv->rng.priv);
+
+   return retval || !wait ? retval : -EIO;
+}
+
+static int stm32_rng_init(struct hwrng *rng)
+{
+   struct stm32_rng_private *priv =
+   container_of(rng, struct stm32_rng_private, rng);
+   int err;
+
+   err = clk_prepare_enable(priv->clk);
+   if (err)
+   return err;
+
+   

[PATCH 3/3] ARM: dts: stm32f429: Adopt STM32 RNG driver

[Daniel Thompson]

New bindings and driver have been created for STM32 series parts. This
patch integrates this changes.

Signed-off-by: Daniel Thompson 
Acked-by: Maxime Coquelin 
---
 arch/arm/boot/dts/stm32f429.dtsi | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/arch/arm/boot/dts/stm32f429.dtsi b/arch/arm/boot/dts/stm32f429.dtsi
index cb0613090243..90081fc22c6c 100644
--- a/arch/arm/boot/dts/stm32f429.dtsi
+++ b/arch/arm/boot/dts/stm32f429.dtsi
@@ -175,6 +175,13 @@
reg = <0x40023800 0x400>;
clocks = <_hse>;
};
+
+   rng: rng@50060800 {
+   compatible = "st,stm32-rng";
+   reg = <0x50060800 0x400>;
+   interrupts = <80>;
+   clocks = < 0 38>;
+   };
};
 };
 
-- 
2.4.3

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 0/3] hwrng: stm32 - add support for STM32 HW RNG

[Daniel Thompson]

This patchset introduces a driver for the STM32 hardware random number
generator.

v2:

 * Moved binding docs from .../hwrng/ to .../rng/ and renamed to match
   convention in new directory (Rob Herring).
 * Adopted runtime PM and auto-suspend instead of managing the clocks
   from the read function (Linus Walleij). Increased bandwidth by ~30%.
 * Simplified error detection in main read loop (Linus Walleij, Maxime
   Coquelin).
 * Only WARN_ONCE() when hardware failure mechanisms trigger (Maxime
   Coquelin).
 * Simplify end of probe function after cocci warning (Fengguang Wu).
 * Switch to devm_hwrng_register.


Daniel Thompson (3):
  dt-bindings: Document the STM32 HW RNG bindings
  hwrng: stm32 - add support for STM32 HW RNG
  ARM: dts: stm32f429: Adopt STM32 RNG driver

 .../devicetree/bindings/rng/st,stm32-rng.txt   |  21 +++
 arch/arm/boot/dts/stm32f429.dtsi   |   7 +
 drivers/char/hw_random/Kconfig |  12 ++
 drivers/char/hw_random/Makefile|   1 +
 drivers/char/hw_random/stm32-rng.c | 202 +
 5 files changed, 243 insertions(+)
 create mode 100644 Documentation/devicetree/bindings/rng/st,stm32-rng.txt
 create mode 100644 drivers/char/hw_random/stm32-rng.c

--
2.4.3

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 1/3] dt-bindings: Document the STM32 HW RNG bindings

[Daniel Thompson]

This adds documentation of device tree bindings for the STM32 hardware
random number generator.

Signed-off-by: Daniel Thompson 
Acked-by: Maxime Coquelin 
Acked-by: Rob Herring 
---
 .../devicetree/bindings/rng/st,stm32-rng.txt| 21 +
 1 file changed, 21 insertions(+)
 create mode 100644 Documentation/devicetree/bindings/rng/st,stm32-rng.txt

diff --git a/Documentation/devicetree/bindings/rng/st,stm32-rng.txt 
b/Documentation/devicetree/bindings/rng/st,stm32-rng.txt
new file mode 100644
index ..47f04176f93b
--- /dev/null
+++ b/Documentation/devicetree/bindings/rng/st,stm32-rng.txt
@@ -0,0 +1,21 @@
+STMicroelectronics STM32 HW RNG
+===
+
+The STM32 hardware random number generator is a simple fixed purpose IP and
+is fully separated from other crypto functions.
+
+Required properties:
+
+- compatible : Should be "st,stm32-rng"
+- reg : Should be register base and length as documented in the datasheet
+- interrupts : The designated IRQ line for the RNG
+- clocks : The clock needed to enable the RNG
+
+Example:
+
+   rng: rng@50060800 {
+   compatible = "st,stm32-rng";
+   reg = <0x50060800 0x400>;
+   interrupts = <80>;
+   clocks = < 0 38>;
+   };
-- 
2.4.3

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: unaligned access in pkcs7_verify

[Herbert Xu]

On Thu, Oct 08, 2015 at 10:43:43AM -0400, Sowmini Varadhan wrote:
> On (10/08/15 21:15), Herbert Xu wrote:
> > > desc_size = crypto_shash_descsize(tfm) + sizeof(*desc);
> > > -   sinfo->sig.digest_size = digest_size = 
> > > crypto_shash_digestsize(tfm);
> > > +   sinfo->sig.digest_size = digest_size = 
> > > +   ALIGN(crypto_shash_digestsize(tfm), sizeof (*desc));
>   :
> > What hash algorithm were you using?
> 
> Algorithm is sha1. From printk, crypto_shash_descsize(tfm) comes out
> to 0x60, digest_size to 0x14. Stack trace (for each modprobe [-r]) is 
> 
>   pkcs7_verify+0x1d0/0x5e0
>   system_verify_data+0x54/0xb4
>   mod_verify_sig+0xa0/0xc4
>   load_module+0x48/0x16a0
>   SyS_init_module+0x114/0x128
>   linux_sparc_syscall+0x34/0x44

Thanks.  We have two bugs here.  First of all pkcs7_verify definitely
shouldn't place the structure after the digest without aligning the
pointer.  So something like your patch is needed (but please use
alignof instead of sizeof).  Also don't put in digest_size but
instead align the pointer like

desc = PTR_ALIGN(digest + digest_size, ...)

The sparc sha algorithms themselves need to declare the alignment
that they require.  Currently they claim to be able to handle any
alignment which appears to not be the case.

Cheers,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: mxs-dcp is an stmp device

[Marek Vasut]

On Monday, October 12, 2015 at 03:52:34 PM, Arnd Bergmann wrote:
> The mxs-dcp driver relies on the stmp_reset_block() helper function, which
> is provided by CONFIG_STMP_DEVICE. This symbol is always set on MXS,
> but the driver can now also be built for MXC (i.MX6)

That is correct.

> , which results in a built error if no other driver selects STMP_DEVICE:

Ouch.

> drivers/built-in.o: In function `mxs_dcp_probe':
> vf610-ocotp.c:(.text+0x3df302): undefined reference to `stmp_reset_block'
> 
> This adds the 'select', like all other stmp drivers have it.
> 
> Signed-off-by: Arnd Bergmann 
> Fixes: a2712e6c75f ("crypto: mxs-dcp - Allow MXS_DCP to be used on MX6SL")

Acked-by: Marek Vasut 

> diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
> index ab7e3b668890..2569e043317e 100644
> --- a/drivers/crypto/Kconfig
> +++ b/drivers/crypto/Kconfig
> @@ -430,6 +430,7 @@ endif
>  config CRYPTO_DEV_MXS_DCP
>   tristate "Support for Freescale MXS DCP"
>   depends on (ARCH_MXS || ARCH_MXC)
> + select STMP_DEVICE
>   select CRYPTO_CBC
>   select CRYPTO_ECB
>   select CRYPTO_AES

Best regards,
Marek Vasut
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: unaligned access in pkcs7_verify

[David Miller]

From: Herbert Xu 
Date: Mon, 12 Oct 2015 21:32:09 +0800

> The sparc sha algorithms themselves need to declare the alignment
> that they require.  Currently they claim to be able to handle any
> alignment which appears to not be the case.

The sparc SHA assembler can handle arbitrary alignment.
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: mxs-dcp is an stmp device

[Arnd Bergmann]

The mxs-dcp driver relies on the stmp_reset_block() helper function, which
is provided by CONFIG_STMP_DEVICE. This symbol is always set on MXS,
but the driver can now also be built for MXC (i.MX6), which results
in a built error if no other driver selects STMP_DEVICE:

drivers/built-in.o: In function `mxs_dcp_probe':
vf610-ocotp.c:(.text+0x3df302): undefined reference to `stmp_reset_block'

This adds the 'select', like all other stmp drivers have it.

Signed-off-by: Arnd Bergmann 
Fixes: a2712e6c75f ("crypto: mxs-dcp - Allow MXS_DCP to be used on MX6SL")

diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index ab7e3b668890..2569e043317e 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -430,6 +430,7 @@ endif
 config CRYPTO_DEV_MXS_DCP
tristate "Support for Freescale MXS DCP"
depends on (ARCH_MXS || ARCH_MXC)
+   select STMP_DEVICE
select CRYPTO_CBC
select CRYPTO_ECB
select CRYPTO_AES

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: unaligned access in pkcs7_verify

[Sowmini Varadhan]

On (10/12/15 21:32), Herbert Xu wrote:
> Thanks.  We have two bugs here.  First of all pkcs7_verify definitely
> shouldn't place the structure after the digest without aligning the
> pointer.  So something like your patch is needed (but please use
> alignof instead of sizeof).  Also don't put in digest_size but
> instead align the pointer like
> 
>   desc = PTR_ALIGN(digest + digest_size, ...)

That patch might not be rock-solid by itself though.  I was seeing
some panics/crashes when I was running with that patch, so I backed 
it off temporarily - should sinfo->sig.digest_size be set to the aligned
value?

> The sparc sha algorithms themselves need to declare the alignment
> that they require.  Currently they claim to be able to handle any
> alignment which appears to not be the case.

How would one do that correctly? I'm not a crypto expert, but I can
help test the patch..

--Sowmini
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 5/8] crypto: akcipher: fix typos in include/crypto/akcipher.h

[LABBE Corentin]

Fix numerous spelling error in include/crypto/akcipher.h

Signed-off-by: LABBE Corentin 
---
 include/crypto/akcipher.h | 14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h
index 69d163e..0c9fa68 100644
--- a/include/crypto/akcipher.h
+++ b/include/crypto/akcipher.h
@@ -19,12 +19,12 @@
  *
  * @base:  Common attributes for async crypto requests
  * @src:   Pointer to memory containing the input parameters
- * The format of the parameter(s) is expeted to be Octet String
- * @dst:   Pointer to memory whare the result will be stored
+ * The format of the parameter(s) is expected to be Octet String
+ * @dst:   Pointer to memory where the result will be stored
  * @src_len:   Size of the input parameter
- * @dst_len:   Size of the output buffer. It needs to be at leaset
+ * @dst_len:   Size of the output buffer. It needs to be at least
  * as big as the expected result depending on the operation
- * After operation it will be updated with the acctual size of the
+ * After operation it will be updated with the actual size of the
  * result. In case of error, where the dst_len was insufficient,
  * it will be updated to the size required for the operation.
  * @__ctx: Start of private context data
@@ -59,7 +59,7 @@ struct crypto_akcipher {
  * algorithm. In case of error, where the dst_len was insufficient,
  * the req->dst_len will be updated to the size required for the
  * operation
- * @encrypt:   Function performs an encrytp operation as defined by public key
+ * @encrypt:   Function performs an encrypt operation as defined by public key
  * algorithm. In case of error, where the dst_len was insufficient,
  * the req->dst_len will be updated to the size required for the
  * operation
@@ -224,7 +224,7 @@ static inline void akcipher_request_set_callback(struct 
akcipher_request *req,
 }
 
 /**
- * akcipher_request_set_crypt() -- Sets reqest parameters
+ * akcipher_request_set_crypt() -- Sets request parameters
  *
  * Sets parameters required by crypto operation
  *
@@ -233,7 +233,7 @@ static inline void akcipher_request_set_callback(struct 
akcipher_request *req,
  * @dst:   ptr of output parameter
  * @src_len:   size of the input buffer
  * @dst_len:   size of the output buffer. It will be updated by the
- * implementation to reflect the acctual size of the result
+ * implementation to reflect the actual size of the result
  */
 static inline void akcipher_request_set_crypt(struct akcipher_request *req,
  void *src, void *dst,
-- 
2.4.9

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 8/8] crypto: testmgr: Use the xxx_zero_message_hash from headers

[LABBE Corentin]

Since md5/shaxxx headers have hash for zero message length, just use them.

Signed-off-by: LABBE Corentin 
---
 crypto/testmgr.h | 16 
 1 file changed, 4 insertions(+), 12 deletions(-)

diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 03b2f19..9585854 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -367,8 +367,7 @@ static struct hash_testvec md4_tv_template [] = {
 
 static struct hash_testvec md5_tv_template[] = {
{
-   .digest = "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04"
- "\xe9\x80\x09\x98\xec\xf8\x42\x7e",
+   .digest = md5_zero_message_hash,
}, {
.plaintext = "a",
.psize  = 1,
@@ -713,8 +712,7 @@ static struct hash_testvec sha1_tv_template[] = {
{
.plaintext = "",
.psize  = 0,
-   .digest = "\xda\x39\xa3\xee\x5e\x6b\x4b\x0d\x32\x55"
- "\xbf\xef\x95\x60\x18\x90\xaf\xd8\x07\x09",
+   .digest = sha1_zero_message_hash,
}, {
.plaintext = "abc",
.psize  = 3,
@@ -905,10 +903,7 @@ static struct hash_testvec sha224_tv_template[] = {
{
.plaintext = "",
.psize  = 0,
-   .digest = "\xd1\x4a\x02\x8c\x2a\x3a\x2b\xc9"
- "\x47\x61\x02\xbb\x28\x82\x34\xc4"
- "\x15\xa2\xb0\x1f\x82\x8e\xa6\x2a"
- "\xc5\xb3\xe4\x2f",
+   .digest = sha224_zero_message_hash,
}, {
.plaintext = "abc",
.psize  = 3,
@@ -1079,10 +1074,7 @@ static struct hash_testvec sha256_tv_template[] = {
{
.plaintext = "",
.psize  = 0,
-   .digest = "\xe3\xb0\xc4\x42\x98\xfc\x1c\x14"
- "\x9a\xfb\xf4\xc8\x99\x6f\xb9\x24"
- "\x27\xae\x41\xe4\x64\x9b\x93\x4c"
- "\xa4\x95\x99\x1b\x78\x52\xb8\x55",
+   .digest = sha256_zero_message_hash,
}, {
.plaintext = "abc",
.psize  = 3,
-- 
2.4.9

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 7/8] crypto: testmgr: Constify tested key/iv/plaintext/digest

[LABBE Corentin]

All key/iv/plaintext/digest in testmgr are constant data.
Furthermore the testmgr will never modify thoses data.
This patch set all members of xxx_testvec as pointer to const.

Signed-off-by: LABBE Corentin 
---
 crypto/testmgr.h | 34 +-
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 64b8a80..03b2f19 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -37,9 +37,9 @@
 
 struct hash_testvec {
/* only used with keyed hash algorithms */
-   char *key;
-   char *plaintext;
-   char *digest;
+   const char *key;
+   const char *plaintext;
+   const char *digest;
unsigned char tap[MAX_TAP];
unsigned short psize;
unsigned char np;
@@ -65,10 +65,10 @@ struct hash_testvec {
  */
 
 struct cipher_testvec {
-   char *key;
-   char *iv;
-   char *input;
-   char *result;
+   const char *key;
+   const char *iv;
+   const char *input;
+   const char *result;
unsigned short tap[MAX_TAP];
int np;
unsigned char also_non_np;
@@ -80,11 +80,11 @@ struct cipher_testvec {
 };
 
 struct aead_testvec {
-   char *key;
-   char *iv;
-   char *input;
-   char *assoc;
-   char *result;
+   const char *key;
+   const char *iv;
+   const char *input;
+   const char *assoc;
+   const char *result;
unsigned char tap[MAX_TAP];
unsigned char atap[MAX_TAP];
int np;
@@ -99,10 +99,10 @@ struct aead_testvec {
 };
 
 struct cprng_testvec {
-   char *key;
-   char *dt;
-   char *v;
-   char *result;
+   const char *key;
+   const char *dt;
+   const char *v;
+   const char *result;
unsigned char klen;
unsigned short dtlen;
unsigned short vlen;
@@ -126,7 +126,7 @@ struct drbg_testvec {
 };
 
 struct akcipher_testvec {
-   unsigned char *key;
+   const unsigned char *key;
unsigned char *m;
unsigned char *c;
unsigned int key_len;
-- 
2.4.9

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 6/8] crypto: akcipher: the key parameter must be const u8 *

[LABBE Corentin]

All cryptoAPI setkey function set the key parameter as const u8 *.
This patch make the crypto_akcipher_setkey parameters like others.

Signed-off-by: LABBE Corentin 
---
 include/crypto/akcipher.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h
index 0c9fa68..ade053b 100644
--- a/include/crypto/akcipher.h
+++ b/include/crypto/akcipher.h
@@ -330,7 +330,8 @@ static inline int crypto_akcipher_verify(struct 
akcipher_request *req)
  *
  * Return: zero on success; error code in case of error
  */
-static inline int crypto_akcipher_setkey(struct crypto_akcipher *tfm, void 
*key,
+static inline int crypto_akcipher_setkey(struct crypto_akcipher *tfm,
+const u8 *key,
 unsigned int keylen)
 {
struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
-- 
2.4.9

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 4/8] crypto: ux500: Use precalculated hash from headers

[LABBE Corentin]

Precalculated hash for empty message are now present in hash headers.
This patch just use them.

Signed-off-by: LABBE Corentin 
---
 drivers/crypto/ux500/hash/hash_core.c | 20 ++--
 1 file changed, 2 insertions(+), 18 deletions(-)

diff --git a/drivers/crypto/ux500/hash/hash_core.c 
b/drivers/crypto/ux500/hash/hash_core.c
index 8b9391f..0de5f59 100644
--- a/drivers/crypto/ux500/hash/hash_core.c
+++ b/drivers/crypto/ux500/hash/hash_core.c
@@ -41,22 +41,6 @@ static int hash_mode;
 module_param(hash_mode, int, 0);
 MODULE_PARM_DESC(hash_mode, "CPU or DMA mode. CPU = 0 (default), DMA = 1");
 
-/**
- * Pre-calculated empty message digests.
- */
-static const u8 zero_message_hash_sha1[SHA1_DIGEST_SIZE] = {
-   0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d,
-   0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90,
-   0xaf, 0xd8, 0x07, 0x09
-};
-
-static const u8 zero_message_hash_sha256[SHA256_DIGEST_SIZE] = {
-   0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14,
-   0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24,
-   0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
-   0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55
-};
-
 /* HMAC-SHA1, no key */
 static const u8 zero_message_hmac_sha1[SHA1_DIGEST_SIZE] = {
0xfb, 0xdb, 0x1d, 0x1b, 0x18, 0xaa, 0x6c, 0x08,
@@ -242,13 +226,13 @@ static int get_empty_message_digest(
 
if (HASH_OPER_MODE_HASH == ctx->config.oper_mode) {
if (HASH_ALGO_SHA1 == ctx->config.algorithm) {
-   memcpy(zero_hash, _message_hash_sha1[0],
+   memcpy(zero_hash, _zero_message_hash[0],
   SHA1_DIGEST_SIZE);
*zero_hash_size = SHA1_DIGEST_SIZE;
*zero_digest = true;
} else if (HASH_ALGO_SHA256 ==
ctx->config.algorithm) {
-   memcpy(zero_hash, _message_hash_sha256[0],
+   memcpy(zero_hash, _zero_message_hash[0],
   SHA256_DIGEST_SIZE);
*zero_hash_size = SHA256_DIGEST_SIZE;
*zero_digest = true;
-- 
2.4.9

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 1/8] crypto: hash: add zero length message hash for shax and md5

[LABBE Corentin]

Some crypto drivers cannot process empty data message and return a
precalculated hash for md5/sha1/sha224/sha256.

This patch add thoses precalculated hash in include/crypto.

Signed-off-by: LABBE Corentin 
---
 include/crypto/md5.h |  5 +
 include/crypto/sha.h | 20 
 2 files changed, 25 insertions(+)

diff --git a/include/crypto/md5.h b/include/crypto/md5.h
index 146af82..6496ee0 100644
--- a/include/crypto/md5.h
+++ b/include/crypto/md5.h
@@ -13,6 +13,11 @@
 #define MD5_H2 0x98badcfeUL
 #define MD5_H3 0x10325476UL
 
+static const u8 md5_zero_message_hash[MD5_DIGEST_SIZE] = {
+   0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04,
+   0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e,
+};
+
 struct md5_state {
u32 hash[MD5_HASH_WORDS];
u32 block[MD5_BLOCK_WORDS];
diff --git a/include/crypto/sha.h b/include/crypto/sha.h
index dd7905a..02d7ffb 100644
--- a/include/crypto/sha.h
+++ b/include/crypto/sha.h
@@ -64,6 +64,26 @@
 #define SHA512_H6  0x1f83d9abfb41bd6bULL
 #define SHA512_H7  0x5be0cd19137e2179ULL
 
+static const u8 sha1_zero_message_hash[SHA1_DIGEST_SIZE] = {
+   0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d,
+   0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90,
+   0xaf, 0xd8, 0x07, 0x09
+};
+
+static const u8 sha224_zero_message_hash[SHA224_DIGEST_SIZE] = {
+   0xd1, 0x4a, 0x02, 0x8c, 0x2a, 0x3a, 0x2b, 0xc9, 0x47,
+   0x61, 0x02, 0xbb, 0x28, 0x82, 0x34, 0xc4, 0x15, 0xa2,
+   0xb0, 0x1f, 0x82, 0x8e, 0xa6, 0x2a, 0xc5, 0xb3, 0xe4,
+   0x2f
+};
+
+static const u8 sha256_zero_message_hash[SHA256_DIGEST_SIZE] = {
+   0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14,
+   0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24,
+   0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
+   0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55
+};
+
 struct sha1_state {
u32 state[SHA1_DIGEST_SIZE / 4];
u64 count;
-- 
2.4.9

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 2/8] crypto: niagara: Use precalculated hash from headers

[LABBE Corentin]

Precalculated hash for empty message are now present in hash headers.
This patch just use them.

Signed-off-by: LABBE Corentin 
---
 drivers/crypto/n2_core.c | 33 ++---
 1 file changed, 6 insertions(+), 27 deletions(-)

diff --git a/drivers/crypto/n2_core.c b/drivers/crypto/n2_core.c
index 2e8dab9..8ea6c32 100644
--- a/drivers/crypto/n2_core.c
+++ b/drivers/crypto/n2_core.c
@@ -241,7 +241,7 @@ static inline bool n2_should_run_async(struct spu_queue 
*qp, int this_len)
 
 struct n2_ahash_alg {
struct list_headentry;
-   const char  *hash_zero;
+   const u8*hash_zero;
const u32   *hash_init;
u8  hw_op_hashsz;
u8  digest_size;
@@ -1267,7 +1267,7 @@ static LIST_HEAD(cipher_algs);
 
 struct n2_hash_tmpl {
const char  *name;
-   const char  *hash_zero;
+   const u8*hash_zero;
const u32   *hash_init;
u8  hw_op_hashsz;
u8  digest_size;
@@ -1276,40 +1276,19 @@ struct n2_hash_tmpl {
u8  hmac_type;
 };
 
-static const char md5_zero[MD5_DIGEST_SIZE] = {
-   0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04,
-   0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e,
-};
 static const u32 md5_init[MD5_HASH_WORDS] = {
cpu_to_le32(MD5_H0),
cpu_to_le32(MD5_H1),
cpu_to_le32(MD5_H2),
cpu_to_le32(MD5_H3),
 };
-static const char sha1_zero[SHA1_DIGEST_SIZE] = {
-   0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d, 0x32,
-   0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8,
-   0x07, 0x09
-};
 static const u32 sha1_init[SHA1_DIGEST_SIZE / 4] = {
SHA1_H0, SHA1_H1, SHA1_H2, SHA1_H3, SHA1_H4,
 };
-static const char sha256_zero[SHA256_DIGEST_SIZE] = {
-   0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a,
-   0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae,
-   0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99,
-   0x1b, 0x78, 0x52, 0xb8, 0x55
-};
 static const u32 sha256_init[SHA256_DIGEST_SIZE / 4] = {
SHA256_H0, SHA256_H1, SHA256_H2, SHA256_H3,
SHA256_H4, SHA256_H5, SHA256_H6, SHA256_H7,
 };
-static const char sha224_zero[SHA224_DIGEST_SIZE] = {
-   0xd1, 0x4a, 0x02, 0x8c, 0x2a, 0x3a, 0x2b, 0xc9, 0x47,
-   0x61, 0x02, 0xbb, 0x28, 0x82, 0x34, 0xc4, 0x15, 0xa2,
-   0xb0, 0x1f, 0x82, 0x8e, 0xa6, 0x2a, 0xc5, 0xb3, 0xe4,
-   0x2f
-};
 static const u32 sha224_init[SHA256_DIGEST_SIZE / 4] = {
SHA224_H0, SHA224_H1, SHA224_H2, SHA224_H3,
SHA224_H4, SHA224_H5, SHA224_H6, SHA224_H7,
@@ -1317,7 +1296,7 @@ static const u32 sha224_init[SHA256_DIGEST_SIZE / 4] = {
 
 static const struct n2_hash_tmpl hash_tmpls[] = {
{ .name = "md5",
- .hash_zero= md5_zero,
+ .hash_zero= md5_zero_message_hash,
  .hash_init= md5_init,
  .auth_type= AUTH_TYPE_MD5,
  .hmac_type= AUTH_TYPE_HMAC_MD5,
@@ -1325,7 +1304,7 @@ static const struct n2_hash_tmpl hash_tmpls[] = {
  .digest_size  = MD5_DIGEST_SIZE,
  .block_size   = MD5_HMAC_BLOCK_SIZE },
{ .name = "sha1",
- .hash_zero= sha1_zero,
+ .hash_zero= sha1_zero_message_hash,
  .hash_init= sha1_init,
  .auth_type= AUTH_TYPE_SHA1,
  .hmac_type= AUTH_TYPE_HMAC_SHA1,
@@ -1333,7 +1312,7 @@ static const struct n2_hash_tmpl hash_tmpls[] = {
  .digest_size  = SHA1_DIGEST_SIZE,
  .block_size   = SHA1_BLOCK_SIZE },
{ .name = "sha256",
- .hash_zero= sha256_zero,
+ .hash_zero= sha256_zero_message_hash,
  .hash_init= sha256_init,
  .auth_type= AUTH_TYPE_SHA256,
  .hmac_type= AUTH_TYPE_HMAC_SHA256,
@@ -1341,7 +1320,7 @@ static const struct n2_hash_tmpl hash_tmpls[] = {
  .digest_size  = SHA256_DIGEST_SIZE,
  .block_size   = SHA256_BLOCK_SIZE },
{ .name = "sha224",
- .hash_zero= sha224_zero,
+ .hash_zero= sha224_zero_message_hash,
  .hash_init= sha224_init,
  .auth_type= AUTH_TYPE_SHA256,
  .hmac_type= AUTH_TYPE_RESERVED,
-- 
2.4.9

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 3/8] crypto: ccp: Use precalculated hash from headers

[LABBE Corentin]

Precalculated hash for empty message are now present in hash headers.
This patch just use them.

Signed-off-by: LABBE Corentin 
---
 drivers/crypto/ccp/ccp-ops.c | 40 
 1 file changed, 8 insertions(+), 32 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index d09c6c4..3002b418 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -152,32 +152,6 @@ static const __be32 ccp_sha256_init[CCP_SHA_CTXSIZE / 
sizeof(__be32)] = {
cpu_to_be32(SHA256_H6), cpu_to_be32(SHA256_H7),
 };
 
-/* The CCP cannot perform zero-length sha operations so the caller
- * is required to buffer data for the final operation.  However, a
- * sha operation for a message with a total length of zero is valid
- * so known values are required to supply the result.
- */
-static const u8 ccp_sha1_zero[CCP_SHA_CTXSIZE] = {
-   0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d,
-   0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90,
-   0xaf, 0xd8, 0x07, 0x09, 0x00, 0x00, 0x00, 0x00,
-   0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-};
-
-static const u8 ccp_sha224_zero[CCP_SHA_CTXSIZE] = {
-   0xd1, 0x4a, 0x02, 0x8c, 0x2a, 0x3a, 0x2b, 0xc9,
-   0x47, 0x61, 0x02, 0xbb, 0x28, 0x82, 0x34, 0xc4,
-   0x15, 0xa2, 0xb0, 0x1f, 0x82, 0x8e, 0xa6, 0x2a,
-   0xc5, 0xb3, 0xe4, 0x2f, 0x00, 0x00, 0x00, 0x00,
-};
-
-static const u8 ccp_sha256_zero[CCP_SHA_CTXSIZE] = {
-   0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14,
-   0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24,
-   0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
-   0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55,
-};
-
 static u32 ccp_addr_lo(struct ccp_dma_info *info)
 {
return lower_32_bits(info->address + info->offset);
@@ -1388,18 +1362,20 @@ static int ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
if (sha->msg_bits)
return -EINVAL;
 
-   /* A sha operation for a message with a total length of zero,
-* return known result.
-*/
+/* The CCP cannot perform zero-length sha operations so the caller
+ * is required to buffer data for the final operation.  However, a
+ * sha operation for a message with a total length of zero is valid
+ * so known values are required to supply the result.
+ */
switch (sha->type) {
case CCP_SHA_TYPE_1:
-   sha_zero = ccp_sha1_zero;
+   sha_zero = sha1_zero_message_hash;
break;
case CCP_SHA_TYPE_224:
-   sha_zero = ccp_sha224_zero;
+   sha_zero = sha224_zero_message_hash;
break;
case CCP_SHA_TYPE_256:
-   sha_zero = ccp_sha256_zero;
+   sha_zero = sha256_zero_message_hash;
break;
default:
return -EINVAL;
-- 
2.4.9

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 1/2] crypto: atmel: use devm_xxx() managed function

[LABBE Corentin]

Using the devm_xxx() managed function to stripdown the error and remove
code.

Signed-off-by: LABBE Corentin 
---
 drivers/crypto/atmel-aes.c  | 38 +-
 drivers/crypto/atmel-sha.c  | 27 +--
 drivers/crypto/atmel-tdes.c | 29 +++--
 3 files changed, 25 insertions(+), 69 deletions(-)

diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
index de8f5da..fb16d81 100644
--- a/drivers/crypto/atmel-aes.c
+++ b/drivers/crypto/atmel-aes.c
@@ -1324,7 +1324,6 @@ static int atmel_aes_probe(struct platform_device *pdev)
struct crypto_platform_data *pdata;
struct device *dev = >dev;
struct resource *aes_res;
-   unsigned long aes_phys_size;
int err;
 
pdata = pdev->dev.platform_data;
@@ -1341,7 +1340,7 @@ static int atmel_aes_probe(struct platform_device *pdev)
goto aes_dd_err;
}
 
-   aes_dd = kzalloc(sizeof(struct atmel_aes_dev), GFP_KERNEL);
+   aes_dd = devm_kzalloc(>dev, sizeof(*aes_dd), GFP_KERNEL);
if (aes_dd == NULL) {
dev_err(dev, "unable to alloc data struct.\n");
err = -ENOMEM;
@@ -1372,36 +1371,35 @@ static int atmel_aes_probe(struct platform_device *pdev)
goto res_err;
}
aes_dd->phys_base = aes_res->start;
-   aes_phys_size = resource_size(aes_res);
 
/* Get the IRQ */
aes_dd->irq = platform_get_irq(pdev,  0);
if (aes_dd->irq < 0) {
dev_err(dev, "no IRQ resource info\n");
err = aes_dd->irq;
-   goto aes_irq_err;
+   goto res_err;
}
 
-   err = request_irq(aes_dd->irq, atmel_aes_irq, IRQF_SHARED, "atmel-aes",
-   aes_dd);
+   err = devm_request_irq(>dev, aes_dd->irq, atmel_aes_irq,
+  IRQF_SHARED, "atmel-aes", aes_dd);
if (err) {
dev_err(dev, "unable to request aes irq.\n");
-   goto aes_irq_err;
+   goto res_err;
}
 
/* Initializing the clock */
-   aes_dd->iclk = clk_get(>dev, "aes_clk");
+   aes_dd->iclk = devm_clk_get(>dev, "aes_clk");
if (IS_ERR(aes_dd->iclk)) {
dev_err(dev, "clock initialization failed.\n");
err = PTR_ERR(aes_dd->iclk);
-   goto clk_err;
+   goto res_err;
}
 
-   aes_dd->io_base = ioremap(aes_dd->phys_base, aes_phys_size);
+   aes_dd->io_base = devm_ioremap_resource(>dev, aes_res);
if (!aes_dd->io_base) {
dev_err(dev, "can't ioremap\n");
err = -ENOMEM;
-   goto aes_io_err;
+   goto res_err;
}
 
atmel_aes_hw_version_init(aes_dd);
@@ -1438,17 +1436,9 @@ err_algs:
 err_aes_dma:
atmel_aes_buff_cleanup(aes_dd);
 err_aes_buff:
-   iounmap(aes_dd->io_base);
-aes_io_err:
-   clk_put(aes_dd->iclk);
-clk_err:
-   free_irq(aes_dd->irq, aes_dd);
-aes_irq_err:
 res_err:
tasklet_kill(_dd->done_task);
tasklet_kill(_dd->queue_task);
-   kfree(aes_dd);
-   aes_dd = NULL;
 aes_dd_err:
dev_err(dev, "initialization failed.\n");
 
@@ -1473,16 +1463,6 @@ static int atmel_aes_remove(struct platform_device *pdev)
 
atmel_aes_dma_cleanup(aes_dd);
 
-   iounmap(aes_dd->io_base);
-
-   clk_put(aes_dd->iclk);
-
-   if (aes_dd->irq > 0)
-   free_irq(aes_dd->irq, aes_dd);
-
-   kfree(aes_dd);
-   aes_dd = NULL;
-
return 0;
 }
 
diff --git a/drivers/crypto/atmel-sha.c b/drivers/crypto/atmel-sha.c
index 5e6cf08..660d8c0 100644
--- a/drivers/crypto/atmel-sha.c
+++ b/drivers/crypto/atmel-sha.c
@@ -1349,11 +1349,9 @@ static int atmel_sha_probe(struct platform_device *pdev)
struct crypto_platform_data *pdata;
struct device *dev = >dev;
struct resource *sha_res;
-   unsigned long sha_phys_size;
int err;
 
-   sha_dd = devm_kzalloc(>dev, sizeof(struct atmel_sha_dev),
-   GFP_KERNEL);
+   sha_dd = devm_kzalloc(>dev, sizeof(*sha_dd), GFP_KERNEL);
if (sha_dd == NULL) {
dev_err(dev, "unable to alloc data struct.\n");
err = -ENOMEM;
@@ -1382,7 +1380,6 @@ static int atmel_sha_probe(struct platform_device *pdev)
goto res_err;
}
sha_dd->phys_base = sha_res->start;
-   sha_phys_size = resource_size(sha_res);
 
/* Get the IRQ */
sha_dd->irq = platform_get_irq(pdev,  0);
@@ -1392,26 +1389,26 @@ static int atmel_sha_probe(struct platform_device *pdev)
goto res_err;
}
 
-   err = request_irq(sha_dd->irq, atmel_sha_irq, IRQF_SHARED, "atmel-sha",
-   sha_dd);
+   err = devm_request_irq(>dev, sha_dd->irq, atmel_sha_irq,
+ 

[PATCH] crypto: add precalculated hash for zero message length

[LABBE Corentin]

Hello

Some crypto drivers cannot process empty data message and so rely on
precalculated hash.
This patch series add precalculated hash in headers and
make the drivers use them.

Using those precalculated hash make some additionnal constify patch necessary.

Regards

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 2/2] crypto: ux500: Use devm_xxx() managed function

[LABBE Corentin]

Using the devm_xxx() managed function to stripdown the error
and remove code.
In the same time, we replace request_mem_region/ioremap by the unified
devm_ioremap_resource() function.

Signed-off-by: LABBE Corentin 
---
 drivers/crypto/ux500/cryp/cryp_core.c | 70 +--
 drivers/crypto/ux500/hash/hash_core.c | 49 
 2 files changed, 16 insertions(+), 103 deletions(-)

diff --git a/drivers/crypto/ux500/cryp/cryp_core.c 
b/drivers/crypto/ux500/cryp/cryp_core.c
index fded0a5..1c1bd10 100644
--- a/drivers/crypto/ux500/cryp/cryp_core.c
+++ b/drivers/crypto/ux500/cryp/cryp_core.c
@@ -1414,7 +1414,7 @@ static int ux500_cryp_probe(struct platform_device *pdev)
struct device *dev = >dev;
 
dev_dbg(dev, "[%s]", __func__);
-   device_data = kzalloc(sizeof(struct cryp_device_data), GFP_ATOMIC);
+   device_data = devm_kzalloc(dev, sizeof(*device_data), GFP_ATOMIC);
if (!device_data) {
dev_err(dev, "[%s]: kzalloc() failed!", __func__);
ret = -ENOMEM;
@@ -1435,23 +1435,15 @@ static int ux500_cryp_probe(struct platform_device 
*pdev)
dev_err(dev, "[%s]: platform_get_resource() failed",
__func__);
ret = -ENODEV;
-   goto out_kfree;
-   }
-
-   res = request_mem_region(res->start, resource_size(res), pdev->name);
-   if (res == NULL) {
-   dev_err(dev, "[%s]: request_mem_region() failed",
-   __func__);
-   ret = -EBUSY;
-   goto out_kfree;
+   goto out;
}
 
device_data->phybase = res->start;
-   device_data->base = ioremap(res->start, resource_size(res));
+   device_data->base = devm_ioremap_resource(dev, res);
if (!device_data->base) {
dev_err(dev, "[%s]: ioremap failed!", __func__);
ret = -ENOMEM;
-   goto out_free_mem;
+   goto out;
}
 
spin_lock_init(_data->ctx_lock);
@@ -1463,11 +1455,11 @@ static int ux500_cryp_probe(struct platform_device 
*pdev)
dev_err(dev, "[%s]: could not get cryp regulator", __func__);
ret = PTR_ERR(device_data->pwr_regulator);
device_data->pwr_regulator = NULL;
-   goto out_unmap;
+   goto out;
}
 
/* Enable the clk for CRYP hardware block */
-   device_data->clk = clk_get(>dev, NULL);
+   device_data->clk = devm_clk_get(>dev, NULL);
if (IS_ERR(device_data->clk)) {
dev_err(dev, "[%s]: clk_get() failed!", __func__);
ret = PTR_ERR(device_data->clk);
@@ -1477,7 +1469,7 @@ static int ux500_cryp_probe(struct platform_device *pdev)
ret = clk_prepare(device_data->clk);
if (ret) {
dev_err(dev, "[%s]: clk_prepare() failed!", __func__);
-   goto out_clk;
+   goto out_regulator;
}
 
/* Enable device power (and clock) */
@@ -1510,11 +1502,8 @@ static int ux500_cryp_probe(struct platform_device *pdev)
goto out_power;
}
 
-   ret = request_irq(res_irq->start,
- cryp_interrupt_handler,
- 0,
- "cryp1",
- device_data);
+   ret = devm_request_irq(>dev, res_irq->start,
+  cryp_interrupt_handler, 0, "cryp1", device_data);
if (ret) {
dev_err(dev, "[%s]: Unable to request IRQ", __func__);
goto out_power;
@@ -1550,28 +1539,15 @@ out_power:
 out_clk_unprepare:
clk_unprepare(device_data->clk);
 
-out_clk:
-   clk_put(device_data->clk);
-
 out_regulator:
regulator_put(device_data->pwr_regulator);
 
-out_unmap:
-   iounmap(device_data->base);
-
-out_free_mem:
-   release_mem_region(res->start, resource_size(res));
-
-out_kfree:
-   kfree(device_data);
 out:
return ret;
 }
 
 static int ux500_cryp_remove(struct platform_device *pdev)
 {
-   struct resource *res = NULL;
-   struct resource *res_irq = NULL;
struct cryp_device_data *device_data;
 
dev_dbg(>dev, "[%s]", __func__);
@@ -1607,37 +1583,18 @@ static int ux500_cryp_remove(struct platform_device 
*pdev)
if (list_empty(_data.device_list.k_list))
cryp_algs_unregister_all();
 
-   res_irq = platform_get_resource(pdev, IORESOURCE_IRQ, 0);
-   if (!res_irq)
-   dev_err(>dev, "[%s]: IORESOURCE_IRQ, unavailable",
-   __func__);
-   else {
-   disable_irq(res_irq->start);
-   free_irq(res_irq->start, device_data);
-   }
-
if (cryp_disable_power(>dev, device_data, false))
dev_err(>dev, "[%s]: cryp_disable_power() failed",
__func__);
 

Re: [PATCH 8/8] crypto: testmgr: Use the xxx_zero_message_hash from headers

[kbuild test robot]

Hi LABBE,

[auto build test ERROR on crypto/master -- if it's inappropriate base, please 
suggest rules for selecting the more suitable base]

url:
https://github.com/0day-ci/linux/commits/LABBE-Corentin/crypto-hash-add-zero-length-message-hash-for-shax-and-md5/20151013-005943
config: arm-mmp (attached as .config)
reproduce:
wget 
https://git.kernel.org/cgit/linux/kernel/git/wfg/lkp-tests.git/plain/sbin/make.cross
 -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# save the attached .config to linux build tree
make.cross ARCH=arm 

All errors (new ones prefixed by >>):

   In file included from crypto/testmgr.c:48:0:
>> crypto/testmgr.h:370:13: error: 'md5_zero_message_hash' undeclared here (not 
>> in a function)
  .digest = md5_zero_message_hash,
^
>> crypto/testmgr.h:715:13: error: 'sha1_zero_message_hash' undeclared here 
>> (not in a function)
  .digest = sha1_zero_message_hash,
^
>> crypto/testmgr.h:715:3: error: initializer element is not constant
  .digest = sha1_zero_message_hash,
  ^
   crypto/testmgr.h:715:3: error: (near initialization for 
'sha1_tv_template[0].digest')
>> crypto/testmgr.h:906:13: error: 'sha224_zero_message_hash' undeclared here 
>> (not in a function)
  .digest = sha224_zero_message_hash,
^
   crypto/testmgr.h:906:3: error: initializer element is not constant
  .digest = sha224_zero_message_hash,
  ^
   crypto/testmgr.h:906:3: error: (near initialization for 
'sha224_tv_template[0].digest')
>> crypto/testmgr.h:1077:13: error: 'sha256_zero_message_hash' undeclared here 
>> (not in a function)
  .digest = sha256_zero_message_hash,
^
   crypto/testmgr.h:1077:3: error: initializer element is not constant
  .digest = sha256_zero_message_hash,
  ^
   crypto/testmgr.h:1077:3: error: (near initialization for 
'sha256_tv_template[0].digest')

vim +/md5_zero_message_hash +370 crypto/testmgr.h

   364   * MD5 test vectors from RFC1321
   365   */
   366  #define MD5_TEST_VECTORS7
   367  
   368  static struct hash_testvec md5_tv_template[] = {
   369  {
 > 370  .digest = md5_zero_message_hash,
   371  }, {
   372  .plaintext = "a",
   373  .psize  = 1,

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


.config.gz
Description: Binary data

Re: [PATCH 8/8] crypto: testmgr: Use the xxx_zero_message_hash from headers

[Corentin LABBE]

Le 12/10/2015 21:24, kbuild test robot a écrit :
> Hi LABBE,
> 
> [auto build test ERROR on crypto/master -- if it's inappropriate base, please 
> suggest rules for selecting the more suitable base]
> 
> url:
> https://github.com/0day-ci/linux/commits/LABBE-Corentin/crypto-hash-add-zero-length-message-hash-for-shax-and-md5/20151013-005943
> config: arm-mmp (attached as .config)
> reproduce:
> wget 
> https://git.kernel.org/cgit/linux/kernel/git/wfg/lkp-tests.git/plain/sbin/make.cross
>  -O ~/bin/make.cross
> chmod +x ~/bin/make.cross
> # save the attached .config to linux build tree
> make.cross ARCH=arm 
> 
> All errors (new ones prefixed by >>):
> 
>In file included from crypto/testmgr.c:48:0:
>>> crypto/testmgr.h:370:13: error: 'md5_zero_message_hash' undeclared here 
>>> (not in a function)
>   .digest = md5_zero_message_hash,
> ^
>>> crypto/testmgr.h:715:13: error: 'sha1_zero_message_hash' undeclared here 
>>> (not in a function)
>   .digest = sha1_zero_message_hash,
> ^
>>> crypto/testmgr.h:715:3: error: initializer element is not constant
>   .digest = sha1_zero_message_hash,
>   ^
>crypto/testmgr.h:715:3: error: (near initialization for 
> 'sha1_tv_template[0].digest')
>>> crypto/testmgr.h:906:13: error: 'sha224_zero_message_hash' undeclared here 
>>> (not in a function)
>   .digest = sha224_zero_message_hash,
> ^
>crypto/testmgr.h:906:3: error: initializer element is not constant
>   .digest = sha224_zero_message_hash,
>   ^
>crypto/testmgr.h:906:3: error: (near initialization for 
> 'sha224_tv_template[0].digest')
>>> crypto/testmgr.h:1077:13: error: 'sha256_zero_message_hash' undeclared here 
>>> (not in a function)
>   .digest = sha256_zero_message_hash,
> ^
>crypto/testmgr.h:1077:3: error: initializer element is not constant
>   .digest = sha256_zero_message_hash,
>   ^
>crypto/testmgr.h:1077:3: error: (near initialization for 
> 'sha256_tv_template[0].digest')
> 
> vim +/md5_zero_message_hash +370 crypto/testmgr.h
> 
>364 * MD5 test vectors from RFC1321
>365 */
>366#define MD5_TEST_VECTORS7
>367
>368static struct hash_testvec md5_tv_template[] = {
>369{
>  > 370.digest = md5_zero_message_hash,
>371}, {
>372.plaintext = "a",
>373.psize  = 1,
> 
> ---
> 0-DAY kernel test infrastructureOpen Source Technology Center
> https://lists.01.org/pipermail/kbuild-all   Intel Corporation
> 

Oups I forgot to add sha and md5 header, I will resend tomorow.

Regards

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 3/8] crypto: ccp: Use precalculated hash from headers

[Tom Lendacky]

On 10/12/2015 11:53 AM, LABBE Corentin wrote:

Precalculated hash for empty message are now present in hash headers.
This patch just use them.

Signed-off-by: LABBE Corentin 


Just a minor comment below.

Tested-by: Tom Lendacky 
Acked-by: Tom Lendacky 


---
  drivers/crypto/ccp/ccp-ops.c | 40 
  1 file changed, 8 insertions(+), 32 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index d09c6c4..3002b418 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -152,32 +152,6 @@ static const __be32 ccp_sha256_init[CCP_SHA_CTXSIZE / 
sizeof(__be32)] = {
cpu_to_be32(SHA256_H6), cpu_to_be32(SHA256_H7),
  };

-/* The CCP cannot perform zero-length sha operations so the caller
- * is required to buffer data for the final operation.  However, a
- * sha operation for a message with a total length of zero is valid
- * so known values are required to supply the result.
- */
-static const u8 ccp_sha1_zero[CCP_SHA_CTXSIZE] = {
-   0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d,
-   0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90,
-   0xaf, 0xd8, 0x07, 0x09, 0x00, 0x00, 0x00, 0x00,
-   0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-};
-
-static const u8 ccp_sha224_zero[CCP_SHA_CTXSIZE] = {
-   0xd1, 0x4a, 0x02, 0x8c, 0x2a, 0x3a, 0x2b, 0xc9,
-   0x47, 0x61, 0x02, 0xbb, 0x28, 0x82, 0x34, 0xc4,
-   0x15, 0xa2, 0xb0, 0x1f, 0x82, 0x8e, 0xa6, 0x2a,
-   0xc5, 0xb3, 0xe4, 0x2f, 0x00, 0x00, 0x00, 0x00,
-};
-
-static const u8 ccp_sha256_zero[CCP_SHA_CTXSIZE] = {
-   0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14,
-   0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24,
-   0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
-   0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55,
-};
-
  static u32 ccp_addr_lo(struct ccp_dma_info *info)
  {
return lower_32_bits(info->address + info->offset);
@@ -1388,18 +1362,20 @@ static int ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
if (sha->msg_bits)
return -EINVAL;

-   /* A sha operation for a message with a total length of zero,
-* return known result.
-*/
+/* The CCP cannot perform zero-length sha operations so the caller
+ * is required to buffer data for the final operation.  However, a
+ * sha operation for a message with a total length of zero is valid
+ * so known values are required to supply the result.
+ */


This comment should be indented and re-flowed to be consistent with
previous comments in this same section.

Thanks,
Tom


switch (sha->type) {
case CCP_SHA_TYPE_1:
-   sha_zero = ccp_sha1_zero;
+   sha_zero = sha1_zero_message_hash;
break;
case CCP_SHA_TYPE_224:
-   sha_zero = ccp_sha224_zero;
+   sha_zero = sha224_zero_message_hash;
break;
case CCP_SHA_TYPE_256:
-   sha_zero = ccp_sha256_zero;
+   sha_zero = sha256_zero_message_hash;
break;
default:
return -EINVAL;


--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html