Re: [PATCH] nvmem: sunxi-sid: SID content is not a valid source of randomness

[LABBE Corentin]

On Mon, Oct 24, 2016 at 10:10:20PM +0200, Maxime Ripard wrote:
> On Sat, Oct 22, 2016 at 03:53:28PM +0200, Corentin Labbe wrote:
> > Since SID's content is constant over reboot,
> 
> That's not true, at least not across all the Allwinner SoCs, and
> especially not on the A10 and A20 that this driver supports.
> 

On my cubieboard2 (A20)
hexdump -C /sys/devices/platform/soc\@01c0/1c23800.eeprom/sunxi-sid0/nvmem 
  16 51 66 83 80 48 50 72  56 54 48 48 03 c2 75 72  |.Qf..HPrVTHH..ur|
0010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ||
*
0100  16 51 66 83 80 48 50 72  56 54 48 48 03 c2 75 72  |.Qf..HPrVTHH..ur|
0110  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ||
*
0200
cubiedev ~ # reboot
cubiedev ~ # hexdump -C 
/sys/devices/platform/soc\@01c0/1c23800.eeprom/sunxi-sid0/nvmem 
  16 51 66 83 80 48 50 72  56 54 48 48 03 c2 75 72  |.Qf..HPrVTHH..ur|
0010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ||
*
0100  16 51 66 83 80 48 50 72  56 54 48 48 03 c2 75 72  |.Qf..HPrVTHH..ur|
0110  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ||
*
0200

So clearly for me its constant.

> > it must not be used as source of randomness.
> 
> And I don't think that's true either. A constant entropy provider will
> not add any entropy, but will not remove any, would it?

I cced linux-crypto at the begining for confirmation on that.
But the problem is increased as a part of the content is predicatable over same 
type of device (at least the thirst bytes and all the zeros).
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v10 0/8] crypto: asynchronous compression api

[Herbert Xu]

On Fri, Oct 21, 2016 at 01:19:46PM +0100, Giovanni Cabiddu wrote:
> The following patch set introduces acomp, a generic asynchronous
> (de)compression api with support for SG lists.
> We propose a new crypto type called crypto_acomp_type, a new struct acomp_alg
> and struct crypto_acomp, together with number of helper functions to register
> acomp type algorithms and allocate tfm instances.
> This interface will allow the following operations:
> 
> int (*compress)(struct acomp_req *req);
> int (*decompress)(struct acomp_req *req);
> 
> Together with acomp we propose a new driver-side interface, scomp, which
> handles compression implementations which use linear buffers. We converted all
> compression algorithms available in LKCF to use this interface so that those
> algorithms will be accessible through the acomp api.
> 
> Changes in v10:
> - fixed build issues for configurations where CONFIG_CRYPTO_USER is 
> defined

All applied.  Thanks a lot Giovanni!
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH][TRIVIAL] crypto: ccp - fix typo "CPP"

[Herbert Xu]

Paul Bolle  wrote:
> The abbreviation for Cryptographic Coprocessor is "CCP".
> 
> Signed-off-by: Paul Bolle 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] hwrng: meson: Remove unneeded platform MODULE_ALIAS

[Herbert Xu]

On Wed, Oct 19, 2016 at 04:50:18PM -0300, Javier Martinez Canillas wrote:
> The Amlogic Meson is a DT-only platform, which means the devices are
> registered via OF and not using the legacy platform devices support.
> 
> So there's no need to have a MODULE_ALIAS("platform:meson-rng") since
> the reported uevent MODALIAS to user-space will always be the OF one.
> 
> Signed-off-by: Javier Martinez Canillas 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: ccp - Clean up the LSB slot allocation code

[Herbert Xu]

On Tue, Oct 18, 2016 at 05:33:37PM -0500, Gary R Hook wrote:
> Fix a few problems revealed by testing: verify consistent
> units, especially in public slot allocation. Percolate
> some common initialization code up to a common routine.
> Add some comments.
> 
> Signed-off-by: Gary R Hook 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: engine - Handle the kthread worker using the new API

[Herbert Xu]

On Wed, Oct 19, 2016 at 01:54:30PM +0200, Petr Mladek wrote:
> Use the new API to create and destroy the crypto engine kthread
> worker. The API hides some implementation details.
> 
> In particular, kthread_create_worker() allocates and initializes
> struct kthread_worker. It runs the kthread the right way
> and stores task_struct into the worker structure.
> 
> kthread_destroy_worker() flushes all pending works, stops
> the kthread and frees the structure.
> 
> This patch does not change the existing behavior except for
> dynamically allocating struct kthread_worker and storing
> only the pointer of this structure.
> 
> It is compile tested only because I did not find an easy
> way how to run the code. Well, it should be pretty safe
> given the nature of the change.
> 
> Signed-off-by: Petr Mladek 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: ccp - remove unneeded code

[Herbert Xu]

On Tue, Oct 18, 2016 at 05:28:49PM -0500, Gary R Hook wrote:
> Clean up patch for an unneeded structure member.
> 
> Signed-off-by: Gary R Hook 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v2] hwrng: meson: Fix module autoload for OF registration

[Herbert Xu]

On Mon, Oct 17, 2016 at 04:51:17PM -0300, Javier Martinez Canillas wrote:
> If the driver is built as a module, autoload won't work because the module
> alias information is not filled. So user-space can't match the registered
> device with the corresponding module.
> 
> Export the module alias information using the MODULE_DEVICE_TABLE() macro.
> 
> Before this patch:
> 
> $ modinfo drivers/char/hw_random/meson-rng.ko | grep alias
> alias:  platform:meson-rng
> 
> After this patch:
> 
> $ modinfo drivers/char/hw_random/meson-rng.ko | grep alias
> alias:  platform:meson-rng
> alias:  of:N*T*Camlogic,meson-rngC*
> alias:  of:N*T*Camlogic,meson-rng
> 
> Signed-off-by: Javier Martinez Canillas 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH -next] crypto: gcm - Fix error return code in crypto_gcm_create_common()

[Herbert Xu]

On Mon, Oct 17, 2016 at 03:10:06PM +, Wei Yongjun wrote:
> From: Wei Yongjun 
> 
> Fix to return error code -EINVAL from the invalid alg ivsize error
> handling case instead of 0, as done elsewhere in this function.
> 
> Signed-off-by: Wei Yongjun 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: ccp - change bitfield type to unsigned ints

[Herbert Xu]

On Tue, Oct 18, 2016 at 05:28:35PM -0500, Gary R Hook wrote:
> Bit fields are not sensitive to endianness, so use
> a transparent standard data type
> 
> Signed-off-by: Gary R Hook 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH -next] crypto: ccp - Fix non static symbol warning

[Herbert Xu]

On Mon, Oct 17, 2016 at 03:08:50PM +, Wei Yongjun wrote:
> From: Wei Yongjun 
> 
> Fixes the following sparse warning:
> 
> drivers/crypto/ccp/ccp-dev.c:44:6: warning:
>  symbol 'ccp_error_codes' was not declared. Should it be static?
> 
> Signed-off-by: Wei Yongjun 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [RESEND][PATCH] crypto: caam: add support for iMX6UL

[Herbert Xu]

On Mon, Oct 17, 2016 at 01:28:00PM +0200, Marcus Folkesson wrote:
> i.MX6UL does only require three clocks to enable CAAM module.
> 
> Signed-off-by: Marcus Folkesson 
> Acked-by: Rob Herring 
> Reviewed-by: Horia Geantă 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] padata: Remove unused but set variables

[Herbert Xu]

Steffen Klassert  wrote:
> On Mon, Oct 17, 2016 at 12:16:08PM +0200, Tobias Klauser wrote:
>> Remove the unused but set variable pinst in padata_parallel_worker to
>> fix the following warning when building with 'W=1':
>> 
>>   kernel/padata.c: In function ‘padata_parallel_worker’:
>>   kernel/padata.c:68:26: warning: variable ‘pinst’ set but not used 
>> [-Wunused-but-set-variable]
>> 
>> Also remove the now unused variable pd which is only used to set pinst.
>> 
>> Signed-off-by: Tobias Klauser 
> 
> Acked-by: Steffen Klassert 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: Move RSA+MPI constructs into an #include file

[Herbert Xu]

On Fri, Oct 14, 2016 at 02:36:00PM -0500, Gary R Hook wrote:
> Move RSA support of general use into internal/rsa.h.
> This allows reuse of, e.g. RSA MPI keys and support
> functions.
> 
> Signed-off-by: Gary R Hook 

Please fold this patch into the series that makes use of it.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v2 0/8] Conversion crypto API documentation to Sphinx

[Herbert Xu]

On Sun, Oct 23, 2016 at 06:46:12PM +0200, Stephan Mueller wrote:
> Am Sonntag, 23. Oktober 2016, 10:32:38 CEST schrieb Jonathan Corbet:
> 
> Hi Jonathan,
> 
> > On Fri, 21 Oct 2016 04:53:45 +0200
> > 
> > Stephan Mueller  wrote:
> > > the attached patch set converts the existing crypto API documentation
> > > from DocBook to Sphinx.
> > 
> > This looks generally good to me - thanks for doing it!
> > 
> > Is there any chance of running the Documentation/ parts through the docs
> > tree?  Documentation/index.rst has become a bit of a conflict point
> > otherwise...
> 
> Unless Herbert objects, I would not see any reason why we should not push it 
> through the docs tree.

No objections from me.

> Yet we should wait for Herbert's ack as I have added also new information in 
> the patch set (the KPP API documentation and the change in the AEAD 
> documentation).

Looks good to me.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Crypto Fixes for 4.9

[Herbert Xu]

Hi Linus:

This push fixes a regression caused by the stack vmalloc change.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Andrew Lutomirski (1):
  hwrng: core - Don't use a stack buffer in add_early_randomness()

 drivers/char/hw_random/core.c |6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

ARM-CE aes encryption on uneven blocks

[Cata Vasile]

Hi,

I'm trying to understand the code for AES encryption from ARM-CE.
>From the aes-glue.S calls I understand that the encryption primitives receive 
>the number of blocks, but have no way of determining the number of bytes to 
>encrypt, if for example the plaintext does not have a length of a multiple of 
>AES block size.
How does, for example, ecb_encrypt() also encrypt the last remaining bytes in 
the plaintext if it is not a multiple of AES block size if It can never deduce 
the full plaintext size?

Catalin Vasile--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v2] char: hw_random: atmel-rng: disable TRNG during suspend

[Wenyou Yang]

To fix the over consumption on the VDDCore due to the TRNG enabled,
disable the TRNG during suspend, not only disable the user interface
clock (which is controlled by PMC). Because the user interface clock
is independent from any clock that may be used in the entropy source
logic circuitry.

Signed-off-by: Wenyou Yang 
---

Changes in v2:
 - Enable the user interface first, then enable the internal clock
   when resume.

 drivers/char/hw_random/atmel-rng.c | 24 +---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/drivers/char/hw_random/atmel-rng.c 
b/drivers/char/hw_random/atmel-rng.c
index 0fcc9e6..ae7cae5 100644
--- a/drivers/char/hw_random/atmel-rng.c
+++ b/drivers/char/hw_random/atmel-rng.c
@@ -48,6 +48,16 @@ static int atmel_trng_read(struct hwrng *rng, void *buf, 
size_t max,
return 0;
 }
 
+static void atmel_trng_enable(struct atmel_trng *trng)
+{
+   writel(TRNG_KEY | 1, trng->base + TRNG_CR);
+}
+
+static void atmel_trng_disable(struct atmel_trng *trng)
+{
+   writel(TRNG_KEY, trng->base + TRNG_CR);
+}
+
 static int atmel_trng_probe(struct platform_device *pdev)
 {
struct atmel_trng *trng;
@@ -71,7 +81,7 @@ static int atmel_trng_probe(struct platform_device *pdev)
if (ret)
return ret;
 
-   writel(TRNG_KEY | 1, trng->base + TRNG_CR);
+   atmel_trng_enable(trng);
trng->rng.name = pdev->name;
trng->rng.read = atmel_trng_read;
 
@@ -94,7 +104,7 @@ static int atmel_trng_remove(struct platform_device *pdev)
 
hwrng_unregister(>rng);
 
-   writel(TRNG_KEY, trng->base + TRNG_CR);
+   atmel_trng_disable(trng);
clk_disable_unprepare(trng->clk);
 
return 0;
@@ -105,6 +115,7 @@ static int atmel_trng_suspend(struct device *dev)
 {
struct atmel_trng *trng = dev_get_drvdata(dev);
 
+   atmel_trng_disable(trng);
clk_disable_unprepare(trng->clk);
 
return 0;
@@ -113,8 +124,15 @@ static int atmel_trng_suspend(struct device *dev)
 static int atmel_trng_resume(struct device *dev)
 {
struct atmel_trng *trng = dev_get_drvdata(dev);
+   int ret;
+
+   ret = clk_prepare_enable(trng->clk);
+   if (ret)
+   return ret;
 
-   return clk_prepare_enable(trng->clk);
+   atmel_trng_enable(trng);
+
+   return 0;
 }
 
 static const struct dev_pm_ops atmel_trng_pm_ops = {
-- 
2.7.4

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

RE: [PATCH v1] char: hw_random: atmel-rng: disable TRNG during suspend

[Wenyou.Yang]

> -Original Message-
> From: Nicolas Ferre [mailto:nicolas.fe...@atmel.com]
> Sent: 2016年10月24日 20:07
> To: Wenyou Yang - A41535 ; Herbert Xu
> ; Matt Mackall 
> Cc: linux-crypto@vger.kernel.org; Wenyou Yang - A41535
> ; linux-arm-ker...@lists.infradead.org
> Subject: Re: [PATCH v1] char: hw_random: atmel-rng: disable TRNG during
> suspend
> 
> Le 24/10/2016 à 10:03, Wenyou Yang a écrit :
> > To fix the over consumption on the VDDCore due to the TRNG enabled,
> > disable the TRNG during suspend, not only disable the user interface
> > clock (which is controlled by PMC). Because the user interface clock
> > is independent from any clock that may be used in the entropy source
> > logic circuitry.
> >
> > Signed-off-by: Wenyou Yang 
> > ---
> >
> >  drivers/char/hw_random/atmel-rng.c | 16 ++--
> >  1 file changed, 14 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/char/hw_random/atmel-rng.c
> > b/drivers/char/hw_random/atmel-rng.c
> > index 0fcc9e6..2e2d09a 100644
> > --- a/drivers/char/hw_random/atmel-rng.c
> > +++ b/drivers/char/hw_random/atmel-rng.c
> > @@ -48,6 +48,16 @@ static int atmel_trng_read(struct hwrng *rng, void *buf,
> size_t max,
> > return 0;
> >  }
> >
> > +static void atmel_trng_enable(struct atmel_trng *trng) {
> > +   writel(TRNG_KEY | 1, trng->base + TRNG_CR); }
> > +
> > +static void atmel_trng_disable(struct atmel_trng *trng) {
> > +   writel(TRNG_KEY, trng->base + TRNG_CR); }
> > +
> >  static int atmel_trng_probe(struct platform_device *pdev)  {
> > struct atmel_trng *trng;
> > @@ -71,7 +81,7 @@ static int atmel_trng_probe(struct platform_device *pdev)
> > if (ret)
> > return ret;
> >
> > -   writel(TRNG_KEY | 1, trng->base + TRNG_CR);
> > +   atmel_trng_enable(trng);
> > trng->rng.name = pdev->name;
> > trng->rng.read = atmel_trng_read;
> >
> > @@ -94,7 +104,7 @@ static int atmel_trng_remove(struct platform_device
> > *pdev)
> >
> > hwrng_unregister(>rng);
> >
> > -   writel(TRNG_KEY, trng->base + TRNG_CR);
> > +   atmel_trng_disable(trng);
> > clk_disable_unprepare(trng->clk);
> >
> > return 0;
> > @@ -105,6 +115,7 @@ static int atmel_trng_suspend(struct device *dev)
> > {
> > struct atmel_trng *trng = dev_get_drvdata(dev);
> >
> > +   atmel_trng_disable(trng);
> > clk_disable_unprepare(trng->clk);
> >
> > return 0;
> > @@ -114,6 +125,7 @@ static int atmel_trng_resume(struct device *dev)
> > {
> > struct atmel_trng *trng = dev_get_drvdata(dev);
> >
> > +   atmel_trng_enable(trng);
> > return clk_prepare_enable(trng->clk);
> 
> Isn't it the other way around:
> enable the user interface first, then enable the internal clock? like:
> 
> clk_prepare_enable(trng->clk);
> atmel_trng_enable(trng);

Yes, I thought so.

But the datasheet said, "The user interface clock is independent from any clock 
that may be used in the entropy source logic circuitry.
The source of entropy can be enabled before enabling the user interface clock."
It seems the TRNG can be enabled before enabling the peripheral clock.


Best Regards,
Wenyou Yang

Re: [PATCH v2] crypto: mxs-dcp - Remove hash support

[Fabio Estevam]

On Mon, Oct 24, 2016 at 6:39 PM, Marek Vasut  wrote:

> Can't you rather fix it?

I would love to have this fixed, but I don't know how.

Any volunteers?
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Equivalent of blkciper_walk for skcipher

[Alex Cope]

How should an algorithm implementing the skcipher api walk over the
scatterlist?  blkcipher_walk seems to be what I need, but the API is
not compatible with skciper at the moment. Repeatedly calling
scatterwalk_map_and_copy looks like it will work, but would be less
performant than using something akin to blkciper_walk.
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v2] crypto: mxs-dcp - Remove hash support

[Marek Vasut]

On 10/24/2016 06:43 PM, Fabio Estevam wrote:
> From: Fabio Estevam 
> 
> mxs-dcp driver does not probe for a long time:
> 
> mxs-dcp 80028000.dcp: Failed to register sha1 hash!
> mxs-dcp: probe of 80028000.dcp failed with error -22
> 
> There were some previous attempts to fix this, and the following
> feedback was given by Herbert Xu [1]:
> 
> "This driver is hopelessly broken as its request context doesn't
> contain the hash state at all.  Unless someone can fix that we
> should probably just remove the hash implementations altogether."

This comment looks real unhelpful. I'd really appreciate a bit more
detail on how to fix it.

> [1] http://www.spinics.net/lists/linux-crypto/msg18187.html
> 
> So remove the hash support for now.
> 
> Signed-off-by: Fabio Estevam 
> ---
> Changes since v1:
> - Fix typo in commit log
> 

Can't you rather fix it?

-- 
Best regards,
Marek Vasut
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] nvmem: sunxi-sid: SID content is not a valid source of randomness

[Maxime Ripard]

On Sat, Oct 22, 2016 at 03:53:28PM +0200, Corentin Labbe wrote:
> Since SID's content is constant over reboot,

That's not true, at least not across all the Allwinner SoCs, and
especially not on the A10 and A20 that this driver supports.

> it must not be used as source of randomness.

And I don't think that's true either. A constant entropy provider will
not add any entropy, but will not remove any, would it?

Maxime

-- 
Maxime Ripard, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com


signature.asc
Description: PGP signature

[PATCH v2] crypto: mxs-dcp - Remove hash support

[Fabio Estevam]

From: Fabio Estevam 

mxs-dcp driver does not probe for a long time:

mxs-dcp 80028000.dcp: Failed to register sha1 hash!
mxs-dcp: probe of 80028000.dcp failed with error -22

There were some previous attempts to fix this, and the following
feedback was given by Herbert Xu [1]:

"This driver is hopelessly broken as its request context doesn't
contain the hash state at all.  Unless someone can fix that we
should probably just remove the hash implementations altogether."

[1] http://www.spinics.net/lists/linux-crypto/msg18187.html

So remove the hash support for now.

Signed-off-by: Fabio Estevam 
---
Changes since v1:
- Fix typo in commit log

 drivers/crypto/mxs-dcp.c | 367 +--
 1 file changed, 2 insertions(+), 365 deletions(-)

diff --git a/drivers/crypto/mxs-dcp.c b/drivers/crypto/mxs-dcp.c
index 625ee50..b1b1dda 100644
--- a/drivers/crypto/mxs-dcp.c
+++ b/drivers/crypto/mxs-dcp.c
@@ -498,278 +498,6 @@ static void mxs_dcp_aes_fallback_exit(struct crypto_tfm 
*tfm)
crypto_free_skcipher(actx->fallback);
 }
 
-/*
- * Hashing (SHA1/SHA256)
- */
-static int mxs_dcp_run_sha(struct ahash_request *req)
-{
-   struct dcp *sdcp = global_sdcp;
-   int ret;
-
-   struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
-   struct dcp_async_ctx *actx = crypto_ahash_ctx(tfm);
-   struct dcp_sha_req_ctx *rctx = ahash_request_ctx(req);
-   struct hash_alg_common *halg = crypto_hash_alg_common(tfm);
-
-   struct dcp_dma_desc *desc = >coh->desc[actx->chan];
-
-   dma_addr_t digest_phys = 0;
-   dma_addr_t buf_phys = dma_map_single(sdcp->dev, sdcp->coh->sha_in_buf,
-DCP_BUF_SZ, DMA_TO_DEVICE);
-
-   /* Fill in the DMA descriptor. */
-   desc->control0 = MXS_DCP_CONTROL0_DECR_SEMAPHORE |
-   MXS_DCP_CONTROL0_INTERRUPT |
-   MXS_DCP_CONTROL0_ENABLE_HASH;
-   if (rctx->init)
-   desc->control0 |= MXS_DCP_CONTROL0_HASH_INIT;
-
-   desc->control1 = actx->alg;
-   desc->next_cmd_addr = 0;
-   desc->source = buf_phys;
-   desc->destination = 0;
-   desc->size = actx->fill;
-   desc->payload = 0;
-   desc->status = 0;
-
-   /* Set HASH_TERM bit for last transfer block. */
-   if (rctx->fini) {
-   digest_phys = dma_map_single(sdcp->dev, req->result,
-halg->digestsize, DMA_FROM_DEVICE);
-   desc->control0 |= MXS_DCP_CONTROL0_HASH_TERM;
-   desc->payload = digest_phys;
-   }
-
-   ret = mxs_dcp_start_dma(actx);
-
-   if (rctx->fini)
-   dma_unmap_single(sdcp->dev, digest_phys, halg->digestsize,
-DMA_FROM_DEVICE);
-
-   dma_unmap_single(sdcp->dev, buf_phys, DCP_BUF_SZ, DMA_TO_DEVICE);
-
-   return ret;
-}
-
-static int dcp_sha_req_to_buf(struct crypto_async_request *arq)
-{
-   struct dcp *sdcp = global_sdcp;
-
-   struct ahash_request *req = ahash_request_cast(arq);
-   struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
-   struct dcp_async_ctx *actx = crypto_ahash_ctx(tfm);
-   struct dcp_sha_req_ctx *rctx = ahash_request_ctx(req);
-   struct hash_alg_common *halg = crypto_hash_alg_common(tfm);
-   const int nents = sg_nents(req->src);
-
-   uint8_t *in_buf = sdcp->coh->sha_in_buf;
-
-   uint8_t *src_buf;
-
-   struct scatterlist *src;
-
-   unsigned int i, len, clen;
-   int ret;
-
-   int fin = rctx->fini;
-   if (fin)
-   rctx->fini = 0;
-
-   for_each_sg(req->src, src, nents, i) {
-   src_buf = sg_virt(src);
-   len = sg_dma_len(src);
-
-   do {
-   if (actx->fill + len > DCP_BUF_SZ)
-   clen = DCP_BUF_SZ - actx->fill;
-   else
-   clen = len;
-
-   memcpy(in_buf + actx->fill, src_buf, clen);
-   len -= clen;
-   src_buf += clen;
-   actx->fill += clen;
-
-   /*
-* If we filled the buffer and still have some
-* more data, submit the buffer.
-*/
-   if (len && actx->fill == DCP_BUF_SZ) {
-   ret = mxs_dcp_run_sha(req);
-   if (ret)
-   return ret;
-   actx->fill = 0;
-   rctx->init = 0;
-   }
-   } while (len);
-   }
-
-   if (fin) {
-   rctx->fini = 1;
-
-   /* Submit whatever is left. */
-   if (!req->result)
-   return -EINVAL;
-
-   ret = mxs_dcp_run_sha(req);
-   if 

[PATCH] crypto: mxs-dcp - Remove hash support

[Fabio Estevam]

From: Fabio Estevam 

mxs-dcp driver does not probe for a long time:

mxs-dcp 80028000.dcp: Failed to register sha1 hash!
mxs-dcp: probe of 80028000.dcp failed with error -22

There were some previous attempts to fix this, and the following
feedback was given by Herbert Xu's [1]:

"This driver is hopelessly broken as its request context doesn't
contain the hash state at all.  Unless someone can fix that we
should probably just remove the hash implementations altogether."

[1] http://www.spinics.net/lists/linux-crypto/msg18187.html

So remove the hash support for now.

Signed-off-by: Fabio Estevam 
---
 drivers/crypto/mxs-dcp.c | 367 +--
 1 file changed, 2 insertions(+), 365 deletions(-)

diff --git a/drivers/crypto/mxs-dcp.c b/drivers/crypto/mxs-dcp.c
index 625ee50..b1b1dda 100644
--- a/drivers/crypto/mxs-dcp.c
+++ b/drivers/crypto/mxs-dcp.c
@@ -498,278 +498,6 @@ static void mxs_dcp_aes_fallback_exit(struct crypto_tfm 
*tfm)
crypto_free_skcipher(actx->fallback);
 }
 
-/*
- * Hashing (SHA1/SHA256)
- */
-static int mxs_dcp_run_sha(struct ahash_request *req)
-{
-   struct dcp *sdcp = global_sdcp;
-   int ret;
-
-   struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
-   struct dcp_async_ctx *actx = crypto_ahash_ctx(tfm);
-   struct dcp_sha_req_ctx *rctx = ahash_request_ctx(req);
-   struct hash_alg_common *halg = crypto_hash_alg_common(tfm);
-
-   struct dcp_dma_desc *desc = >coh->desc[actx->chan];
-
-   dma_addr_t digest_phys = 0;
-   dma_addr_t buf_phys = dma_map_single(sdcp->dev, sdcp->coh->sha_in_buf,
-DCP_BUF_SZ, DMA_TO_DEVICE);
-
-   /* Fill in the DMA descriptor. */
-   desc->control0 = MXS_DCP_CONTROL0_DECR_SEMAPHORE |
-   MXS_DCP_CONTROL0_INTERRUPT |
-   MXS_DCP_CONTROL0_ENABLE_HASH;
-   if (rctx->init)
-   desc->control0 |= MXS_DCP_CONTROL0_HASH_INIT;
-
-   desc->control1 = actx->alg;
-   desc->next_cmd_addr = 0;
-   desc->source = buf_phys;
-   desc->destination = 0;
-   desc->size = actx->fill;
-   desc->payload = 0;
-   desc->status = 0;
-
-   /* Set HASH_TERM bit for last transfer block. */
-   if (rctx->fini) {
-   digest_phys = dma_map_single(sdcp->dev, req->result,
-halg->digestsize, DMA_FROM_DEVICE);
-   desc->control0 |= MXS_DCP_CONTROL0_HASH_TERM;
-   desc->payload = digest_phys;
-   }
-
-   ret = mxs_dcp_start_dma(actx);
-
-   if (rctx->fini)
-   dma_unmap_single(sdcp->dev, digest_phys, halg->digestsize,
-DMA_FROM_DEVICE);
-
-   dma_unmap_single(sdcp->dev, buf_phys, DCP_BUF_SZ, DMA_TO_DEVICE);
-
-   return ret;
-}
-
-static int dcp_sha_req_to_buf(struct crypto_async_request *arq)
-{
-   struct dcp *sdcp = global_sdcp;
-
-   struct ahash_request *req = ahash_request_cast(arq);
-   struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
-   struct dcp_async_ctx *actx = crypto_ahash_ctx(tfm);
-   struct dcp_sha_req_ctx *rctx = ahash_request_ctx(req);
-   struct hash_alg_common *halg = crypto_hash_alg_common(tfm);
-   const int nents = sg_nents(req->src);
-
-   uint8_t *in_buf = sdcp->coh->sha_in_buf;
-
-   uint8_t *src_buf;
-
-   struct scatterlist *src;
-
-   unsigned int i, len, clen;
-   int ret;
-
-   int fin = rctx->fini;
-   if (fin)
-   rctx->fini = 0;
-
-   for_each_sg(req->src, src, nents, i) {
-   src_buf = sg_virt(src);
-   len = sg_dma_len(src);
-
-   do {
-   if (actx->fill + len > DCP_BUF_SZ)
-   clen = DCP_BUF_SZ - actx->fill;
-   else
-   clen = len;
-
-   memcpy(in_buf + actx->fill, src_buf, clen);
-   len -= clen;
-   src_buf += clen;
-   actx->fill += clen;
-
-   /*
-* If we filled the buffer and still have some
-* more data, submit the buffer.
-*/
-   if (len && actx->fill == DCP_BUF_SZ) {
-   ret = mxs_dcp_run_sha(req);
-   if (ret)
-   return ret;
-   actx->fill = 0;
-   rctx->init = 0;
-   }
-   } while (len);
-   }
-
-   if (fin) {
-   rctx->fini = 1;
-
-   /* Submit whatever is left. */
-   if (!req->result)
-   return -EINVAL;
-
-   ret = mxs_dcp_run_sha(req);
-   if (ret)
-   return ret;
-

[PATCH -next] crypto: drop pointless static qualifier in atmel_aes_probe()

[Wei Yongjun]

From: Wei Yongjun 

There is no need to have the 'struct atmel_aes_dev *aes_dd' variable
static since new value always be assigned before use it.

Signed-off-by: Wei Yongjun 
---
 drivers/crypto/atmel-aes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
index 6b656f4..0e3d0d6 100644
--- a/drivers/crypto/atmel-aes.c
+++ b/drivers/crypto/atmel-aes.c
@@ -2311,7 +2311,7 @@ static int atmel_aes_probe(struct platform_device *pdev)
 
 static int atmel_aes_remove(struct platform_device *pdev)
 {
-   static struct atmel_aes_dev *aes_dd;
+   struct atmel_aes_dev *aes_dd;
 
aes_dd = platform_get_drvdata(pdev);
if (!aes_dd)

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v1] char: hw_random: atmel-rng: disable TRNG during suspend

[Nicolas Ferre]

Le 24/10/2016 à 10:03, Wenyou Yang a écrit :
> To fix the over consumption on the VDDCore due to the TRNG enabled,
> disable the TRNG during suspend, not only disable the user interface
> clock (which is controlled by PMC). Because the user interface clock
> is independent from any clock that may be used in the entropy source
> logic circuitry.
> 
> Signed-off-by: Wenyou Yang 
> ---
> 
>  drivers/char/hw_random/atmel-rng.c | 16 ++--
>  1 file changed, 14 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/char/hw_random/atmel-rng.c 
> b/drivers/char/hw_random/atmel-rng.c
> index 0fcc9e6..2e2d09a 100644
> --- a/drivers/char/hw_random/atmel-rng.c
> +++ b/drivers/char/hw_random/atmel-rng.c
> @@ -48,6 +48,16 @@ static int atmel_trng_read(struct hwrng *rng, void *buf, 
> size_t max,
>   return 0;
>  }
>  
> +static void atmel_trng_enable(struct atmel_trng *trng)
> +{
> + writel(TRNG_KEY | 1, trng->base + TRNG_CR);
> +}
> +
> +static void atmel_trng_disable(struct atmel_trng *trng)
> +{
> + writel(TRNG_KEY, trng->base + TRNG_CR);
> +}
> +
>  static int atmel_trng_probe(struct platform_device *pdev)
>  {
>   struct atmel_trng *trng;
> @@ -71,7 +81,7 @@ static int atmel_trng_probe(struct platform_device *pdev)
>   if (ret)
>   return ret;
>  
> - writel(TRNG_KEY | 1, trng->base + TRNG_CR);
> + atmel_trng_enable(trng);
>   trng->rng.name = pdev->name;
>   trng->rng.read = atmel_trng_read;
>  
> @@ -94,7 +104,7 @@ static int atmel_trng_remove(struct platform_device *pdev)
>  
>   hwrng_unregister(>rng);
>  
> - writel(TRNG_KEY, trng->base + TRNG_CR);
> + atmel_trng_disable(trng);
>   clk_disable_unprepare(trng->clk);
>  
>   return 0;
> @@ -105,6 +115,7 @@ static int atmel_trng_suspend(struct device *dev)
>  {
>   struct atmel_trng *trng = dev_get_drvdata(dev);
>  
> + atmel_trng_disable(trng);
>   clk_disable_unprepare(trng->clk);
>  
>   return 0;
> @@ -114,6 +125,7 @@ static int atmel_trng_resume(struct device *dev)
>  {
>   struct atmel_trng *trng = dev_get_drvdata(dev);
>  
> + atmel_trng_enable(trng);
>   return clk_prepare_enable(trng->clk);

Isn't it the other way around:
enable the user interface first, then enable the internal clock? like:

clk_prepare_enable(trng->clk);
atmel_trng_enable(trng);

Regards,
-- 
Nicolas Ferre
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v1] char: hw_random: atmel-rng: disable TRNG during suspend

[Wenyou Yang]

To fix the over consumption on the VDDCore due to the TRNG enabled,
disable the TRNG during suspend, not only disable the user interface
clock (which is controlled by PMC). Because the user interface clock
is independent from any clock that may be used in the entropy source
logic circuitry.

Signed-off-by: Wenyou Yang 
---

 drivers/char/hw_random/atmel-rng.c | 16 ++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/drivers/char/hw_random/atmel-rng.c 
b/drivers/char/hw_random/atmel-rng.c
index 0fcc9e6..2e2d09a 100644
--- a/drivers/char/hw_random/atmel-rng.c
+++ b/drivers/char/hw_random/atmel-rng.c
@@ -48,6 +48,16 @@ static int atmel_trng_read(struct hwrng *rng, void *buf, 
size_t max,
return 0;
 }
 
+static void atmel_trng_enable(struct atmel_trng *trng)
+{
+   writel(TRNG_KEY | 1, trng->base + TRNG_CR);
+}
+
+static void atmel_trng_disable(struct atmel_trng *trng)
+{
+   writel(TRNG_KEY, trng->base + TRNG_CR);
+}
+
 static int atmel_trng_probe(struct platform_device *pdev)
 {
struct atmel_trng *trng;
@@ -71,7 +81,7 @@ static int atmel_trng_probe(struct platform_device *pdev)
if (ret)
return ret;
 
-   writel(TRNG_KEY | 1, trng->base + TRNG_CR);
+   atmel_trng_enable(trng);
trng->rng.name = pdev->name;
trng->rng.read = atmel_trng_read;
 
@@ -94,7 +104,7 @@ static int atmel_trng_remove(struct platform_device *pdev)
 
hwrng_unregister(>rng);
 
-   writel(TRNG_KEY, trng->base + TRNG_CR);
+   atmel_trng_disable(trng);
clk_disable_unprepare(trng->clk);
 
return 0;
@@ -105,6 +115,7 @@ static int atmel_trng_suspend(struct device *dev)
 {
struct atmel_trng *trng = dev_get_drvdata(dev);
 
+   atmel_trng_disable(trng);
clk_disable_unprepare(trng->clk);
 
return 0;
@@ -114,6 +125,7 @@ static int atmel_trng_resume(struct device *dev)
 {
struct atmel_trng *trng = dev_get_drvdata(dev);
 
+   atmel_trng_enable(trng);
return clk_prepare_enable(trng->clk);
 }
 
-- 
2.7.4

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html