On Thu, Feb 22, 2018 at 02:50:10PM -0800, Eric Biggers wrote:
> From: Eric Biggers
>
> commit a208fa8f33031b9e0aba44c7d1b7e68eb0cbd29e upstream.
> [Please apply to 4.9-stable.]
Both now applied, thanks for the backports.
greg k-h
>> @@ -1032,14 +1032,13 @@ static int omap_aes_get_res_pdev(struct omap_aes_dev
>> *dd,
>> static int omap_aes_probe(struct platform_device *pdev)
>> {
>> struct device *dev = &pdev->dev;
>> -struct omap_aes_dev *dd;
>> struct crypto_alg *algp;
>> struct aead_alg *aalg;
>>
From: Eric Biggers
commit 9fa68f620041be04720d0cbfb1bd3ddfc6310b24 upstream.
[Please apply to 4.9-stable.]
Currently, almost none of the keyed hash algorithms check whether a key
has been set before proceeding. Some algorithms are okay with this and
will effectively just use a key of all 0's or
From: Eric Biggers
commit a208fa8f33031b9e0aba44c7d1b7e68eb0cbd29e upstream.
[Please apply to 4.9-stable.]
We need to consistently enforce that keyed hashes cannot be used without
setting the key. To do this we need a reliable way to determine whether
a given hash algorithm is keyed or not. AF
Read FW capability. Read key area size. Dump the TLS record count.
Signed-off-by: Atul Gupta
---
drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 32 +---
drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.h | 7 ++
drivers/net/ethernet/chelsio/cxgb4/sge.c| 98 -
Register chtls as Inline TLS driver, chtls is ULD to cxgb4.
Setsockopt to program (tx/rx) keys on chip. Support AES GCM
of key size 128. Support both Inline Rx and Tx.
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls_main.c | 600 ++
include/uapi/linux
Define macro for TLS Key context
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chcr_algo.h | 42 +
drivers/crypto/chelsio/chcr_core.h | 55 +-
2 files changed, 96 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/chel
CPL handlers for TLS session, record transmit and receive.
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls_cm.c | 2041 +++
net/ipv4/tcp_minisocks.c|1 +
2 files changed, 2042 insertions(+)
create mode 100644 drivers/crypto/chelsi
TLS handler for record transmit and receive.
Create Inline TLS work request and post to FW.
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls_io.c | 1867 +++
1 file changed, 1867 insertions(+)
create mode 100644 drivers/crypto/chelsio/chtls/chtls_io.c
Key area size in hw-config file. CPL struct for TLS request
and response. Work request for Inline TLS.
Signed-off-by: Atul Gupta
---
drivers/net/ethernet/chelsio/cxgb4/t4_msg.h | 121 ++-
drivers/net/ethernet/chelsio/cxgb4/t4_regs.h | 2 +
drivers/net/ethernet/chelsio/cxgb4/
Entry for Inline TLS as another driver dependent on cxgb4 and chcr
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/Kconfig| 11 +++
drivers/crypto/chelsio/Makefile | 1 +
drivers/crypto/chelsio/chtls/Makefile | 4
3 files changed, 16 insertions(+)
create mode 1
Program the tx and rx key on chip.
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls_hw.c | 394
1 file changed, 394 insertions(+)
create mode 100644 drivers/crypto/chelsio/chtls/chtls_hw.c
diff --git a/drivers/crypto/chelsio/chtls/chtls_hw.c
b/
Inline TLS state, connection management. Supporting macros definition.
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls.h| 487
drivers/crypto/chelsio/chtls/chtls_cm.h | 202 +
2 files changed, 689 insertions(+)
create mode 100644
Facility to register Inline TLS drivers to net/tls. Setup
TLS_FULL_HW prot to listen on offload device.
Cases handled
1. Inline TLS device exists, setup prot for TLS_FULL_HW
2. Atleast one Inline TLS exists, sets TLS_FULL_HW. If
non-inline capable device establish connection, move to TLS_SW_TX
3.
Signed-off-by: Atul Gupta
---
include/linux/netdev_features.h | 2 ++
net/core/ethtool.c | 1 +
2 files changed, 3 insertions(+)
diff --git a/include/linux/netdev_features.h b/include/linux/netdev_features.h
index db84c51..aacabe2 100644
--- a/include/linux/netdev_features.h
+++ b/i
tls_device structure to register Inline TLS drivers
with net/tls
Signed-off-by: Atul Gupta
---
include/net/tls.h | 23 +++
1 file changed, 23 insertions(+)
diff --git a/include/net/tls.h b/include/net/tls.h
index 4913430..e315bf9 100644
--- a/include/net/tls.h
+++ b/include/
Series for Chelsio Inline TLS driver (chtls.ko)
Use tls ULP infrastructure to register chtls as Inline TLS driver.
Chtls use TCP Sockets to transmit and receive TLS record. TCP proto_ops is
extended to offload TLS record.
T6 adapter provides the following features:
-TLS record offload, T
Hi my name is Benjamin Bales.
I am the founder and creator of CodeAI,
the first non-human contributor to your software project. CodeAI finds
and fixes security defects for you. It fixed 327. It wants to merge a
fix for a useless assignment. To view all 327 fixed issues from the
run claim your free
On Thu, Feb 22, 2018 at 9:12 PM, Herbert Xu wrote:
> On Thu, Feb 22, 2018 at 08:54:27PM +0530, Souptick Joarder wrote:
>>
>> Apology, Missed it. Then adding dma_pool_zalloc() not making much difference.
>> Shall I drop this patch or send v2 ?
>
> I think we should probably leave it alone.
>
> Than
On Thu, Feb 22, 2018 at 08:54:27PM +0530, Souptick Joarder wrote:
>
> Apology, Missed it. Then adding dma_pool_zalloc() not making much difference.
> Shall I drop this patch or send v2 ?
I think we should probably leave it alone.
Thanks,
--
Email: Herbert Xu
Home Page: http://gondor.apana.org.a
Hi
On 02/22/2018 03:03 PM, Herbert Xu wrote:
On Thu, Feb 15, 2018 at 02:03:07PM +0100, Lionel Debieve wrote:
This set of patches add extended functionalities for stm32 rng
driver.
Patch #1 includes a reset during probe to avoid any error status
which can occur during bootup process and keep saf
On Thu, Feb 22, 2018 at 8:44 PM, Herbert Xu wrote:
> On Thu, Feb 22, 2018 at 08:32:36PM +0530, Souptick Joarder wrote:
>> On Thu, Feb 22, 2018 at 7:40 PM, Herbert Xu
>> wrote:
>> > On Sat, Feb 17, 2018 at 03:41:13PM +0530, Souptick Joarder wrote:
>> >> Use dma_pool_zalloc() instead of dma_pool_a
On Wed, Feb 14, 2018 at 02:32:28PM +0100, SF Markus Elfring wrote:
> From: Markus Elfring
> Date: Wed, 14 Feb 2018 14:30:28 +0100
>
> Two update suggestions were taken into account
> from static source code analysis.
>
> Markus Elfring (2):
> Delete an error message for a failed memory allocat
On Wed, Feb 14, 2018 at 09:42:26PM +0100, SF Markus Elfring wrote:
> From: Markus Elfring
> Date: Wed, 14 Feb 2018 21:34:54 +0100
>
> Omit an extra message for a memory allocation failure in this function.
>
> This issue was detected by using the Coccinelle software.
>
> Signed-off-by: Markus E
On Wed, Feb 14, 2018 at 10:39:25PM +0100, SF Markus Elfring wrote:
> From: Markus Elfring
> Date: Wed, 14 Feb 2018 22:05:11 +0100
>
> Omit an extra message for a memory allocation failure in this function.
>
> This issue was detected by using the Coccinelle software.
>
> Signed-off-by: Markus E
On Thu, Feb 15, 2018 at 01:24:18PM +0100, SF Markus Elfring wrote:
> From: Markus Elfring
> Date: Thu, 15 Feb 2018 11:38:30 +0100
>
> Omit extra messages for a memory allocation failure in these functions.
>
> This issue was detected by using the Coccinelle software.
>
> Signed-off-by: Markus E
On Thu, Feb 22, 2018 at 08:32:36PM +0530, Souptick Joarder wrote:
> On Thu, Feb 22, 2018 at 7:40 PM, Herbert Xu
> wrote:
> > On Sat, Feb 17, 2018 at 03:41:13PM +0530, Souptick Joarder wrote:
> >> Use dma_pool_zalloc() instead of dma_pool_alloc + memset
> >>
> >> Signed-off-by: Souptick Joarder
>
On Fri, Feb 16, 2018 at 12:40:13AM +0800, kbuild test robot wrote:
> From: Fengguang Wu
>
> drivers/crypto/ccree/cc_cipher.c:629:15-22: WARNING opportunity for kmemdep
>
> Use kmemdup rather than duplicating its implementation
>
> Generated by: scripts/coccinelle/api/memdup.cocci
>
> Fixes: 6
On Wed, Feb 14, 2018 at 09:37:51AM -0800, Dave Watson wrote:
> This patch set refactors the x86 aes/gcm SSE crypto routines to
> support true scatter/gather by adding gcm_enc/dec_update methods.
>
> The layout is:
>
> * First 5 patches refactor the code to use macros, so changes only
> need to
On Wed, Feb 14, 2018 at 05:17:08PM +0100, SF Markus Elfring wrote:
> From: Markus Elfring
> Date: Wed, 14 Feb 2018 17:05:13 +0100
>
> Omit an extra message for a memory allocation failure in this function.
>
> This issue was detected by using the Coccinelle software.
>
> Signed-off-by: Markus E
On Wed, Feb 14, 2018 at 10:42:18AM -0800, Eric Biggers wrote:
> Hello,
>
> This series adds Speck support to the crypto API, including the Speck128
> and Speck64 variants. Speck is a lightweight block cipher that can be
> much faster than AES on processors that don't have AES instructions.
>
> W
On Wed, Feb 14, 2018 at 11:16:39AM +0100, SF Markus Elfring wrote:
> From: Markus Elfring
> Date: Wed, 14 Feb 2018 11:12:34 +0100
>
> A few update suggestions were taken into account
> from static source code analysis.
>
> Markus Elfring (4):
> Delete an error message for a failed memory alloc
On Tue, Feb 13, 2018 at 09:26:49AM +0100, Antoine Tenart wrote:
> Hi Herbert,
>
> We spent a lot of time with Ofer to test various use cases of the Inside
> Secure driver. We performed many tests in addition to the crypto
> subsystem ones (IPsec, openssl speed, tcrypt...). As a result the driver
>
On Mon, Feb 12, 2018 at 09:11:36PM +0100, Stefan Wahren wrote:
> In case the probe of the clock is deferred, we would assume it is
> optional. This is wrong, so defer the probe of this driver until
> the clock is available.
>
> Fixes: 791af4f4907a ("hwrng: bcm2835 - Manage an optional clock")
> Si
On Mon, Feb 12, 2018 at 10:52:37PM +0900, Jinbum Park wrote:
> Move the AES inverse S-box to the .rodata section
> where it is safe from abuse by speculation.
>
> Signed-off-by: Jinbum Park
Patch applied. Thanks.
--
Email: Herbert Xu
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: ht
On Sun, Feb 11, 2018 at 11:15:37PM +, Peter Robinson wrote:
> The MODULE_ALIAS is required to enable the sun4i-ss driver to load
> automatically when built at a module. Tested on a Cubietruck.
>
> Fixes: 6298e948215f ("crypto: sunxi-ss - Add Allwinner Security System crypto
> accelerator")
>
On Thu, Feb 22, 2018 at 7:40 PM, Herbert Xu wrote:
> On Sat, Feb 17, 2018 at 03:41:13PM +0530, Souptick Joarder wrote:
>> Use dma_pool_zalloc() instead of dma_pool_alloc + memset
>>
>> Signed-off-by: Souptick Joarder
>
> Hmm, the memset doesn't just happen at allocation time. You haven't
> expla
On Wed, Jan 31, 2018 at 12:27:18PM -0800, Junaid Shahid wrote:
> Changes in v3:
> - Rebased on top of the latest linux-next
> Changes in v2:
> - Integrated https://patchwork.kernel.org/patch/10173981
>
> Currently, the AESNI gcm(aes) implementation uses zero-copy only when the
> entire src and des
For v4 I am taking over this patch series as all the left over patches were
implemented by me.
V4:
- removed patch: [PATCH v3 2/5] crypto: caam: Fix endless loop when RNG is
already initialized from the series since Horia presented a better fix for the
endless loop in case of fail to acquire DECO
caam_remove already removes the debugfs entry, so we need to remove the one
immediately before calling caam_remove.
This fix a NULL dereference at error paths is caam_probe fail.
Fixes: 67c2315def06 ("crypto: caam - add Queue Interface (QI) backend support")
Tested-by: Ryan Harkin
Cc: "Horia Ge
I.MX7x only use two clocks for the CAAM module, so make sure we do not try to
use the mem and the emi_slow clock when running in that imx7d and imx7s machine
type.
Cc: "Horia Geantă"
Cc: Aymen Sghaier
Cc: Fabio Estevam
Cc: Peng Fan
Cc: "David S. Miller"
Cc: Lukas Auer
Signed-off-by: Rui Migu
Add CAAM clock so that we could use the Cryptographic Acceleration and
Assurance Module (CAAM) hardware block.
Cc: Michael Turquette
Cc: Stephen Boyd
Cc: linux-...@vger.kernel.org
Cc: "Horia Geantă"
Cc: Aymen Sghaier
Cc: Fabio Estevam
Cc: Peng Fan
Cc: "David S. Miller"
Cc: Lukas Auer
Revie
Add CAAM device node to the i.MX7s device tree.
Cc: Shawn Guo
Cc: Sascha Hauer
Cc: devicet...@vger.kernel.org
Cc: "Horia Geantă"
Cc: Aymen Sghaier
Cc: Fabio Estevam
Cc: Peng Fan
Cc: "David S. Miller"
Cc: Lukas Auer
Signed-off-by: Rui Miguel Silva
---
arch/arm/boot/dts/imx7s.dtsi | 30 +++
Hi Linus:
This push fixes an oops in the s5p-sss driver when used with
ecb(aes).
Please pull from
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus
Kamil Konieczny (1):
crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
drivers/crypto/s5p-sss.c | 12
On Sat, Feb 17, 2018 at 03:41:13PM +0530, Souptick Joarder wrote:
> Use dma_pool_zalloc() instead of dma_pool_alloc + memset
>
> Signed-off-by: Souptick Joarder
Hmm, the memset doesn't just happen at allocation time. You haven't
explained why it is OK to remove the memset at these other points.
On Thu, Feb 15, 2018 at 02:03:07PM +0100, Lionel Debieve wrote:
> This set of patches add extended functionalities for stm32 rng
> driver.
> Patch #1 includes a reset during probe to avoid any error status
> which can occur during bootup process and keep safe rng integrity.
>
> Patch #3 adds a new
On Thu, Feb 22, 2018 at 12:29:28PM +, Horia Geantă wrote:
>
> IIUC this means that there is no room for improvement.
> This patch needs to be reverted, to restore previous behaviour when the
> hw_context was mapped / unmapped for every request.
In general we should avoid trying to do batching
On Wed, Feb 14, 2018 at 10:40:26PM +0100, SF Markus Elfring wrote:
> From: Markus Elfring
> Date: Wed, 14 Feb 2018 22:22:20 +0100
>
> The kfree() function was called in one case by the do_shash() function
> during error handling even if the passed variable contained a null pointer.
>
> * Reorder
On Wed, Feb 14, 2018 at 04:26:36PM +0100, SF Markus Elfring wrote:
> From: Markus Elfring
> Date: Wed, 14 Feb 2018 16:12:05 +0100
>
> Replace the specification of data structures by pointer dereferences
> as the parameter for the operator "sizeof" to make the corresponding size
> determination a
On Fri, Feb 09, 2018 at 11:02:27PM +0100, Stephan Müller wrote:
> Hi,
>
> Herbert, the patch 1 is meant for stable. However, this patch as is
> only applies to the new AF_ALG interface implementation. Though,
> the issue goes back to the first implementation of AIO support.
> Shall I try prepare a
On Fri, 16 Feb 2018 11:44:49 +0100
Boris Brezillon wrote:
> Free Electrons is now Bootlin.
>
> Signed-off-by: Boris Brezillon
> ---
> Note that I'm planning to take this patch through the MTD tree.
Applied to the nand/next branch of the MTD tree.
> ---
> .mailmap| 7 ---
> MAINTAINE
On 2/22/2018 1:47 PM, Herbert Xu wrote:
> On Tue, Feb 20, 2018 at 11:32:25AM +, Horia Geantă wrote:
>>
>> If final/finup is optional, how is the final hash supposed to be retrieved?
>
> Sometimes the computation ends with a partial hash, that's what
> export is for. Also it is completely lega
On Tue, Feb 20, 2018 at 11:32:25AM +, Horia Geantă wrote:
>
> If final/finup is optional, how is the final hash supposed to be retrieved?
Sometimes the computation ends with a partial hash, that's what
export is for. Also it is completely legal to abandon the hash
state entirely.
> According
Le 22/02/2018 à 09:30, Horia Geantă a écrit :
On 2/22/2018 9:08 AM, Christophe Leroy wrote:
Upstream 87a81dce53b1ea61acaeefa5191a0376a2d1d721
Performing the hash of an empty file leads to a kernel Oops
[ 44.504600] Unable to handle kernel paging request for data at address
0x000c
[
On 2/22/2018 9:08 AM, Christophe Leroy wrote:
> Upstream 87a81dce53b1ea61acaeefa5191a0376a2d1d721
>
> Performing the hash of an empty file leads to a kernel Oops
>
> [ 44.504600] Unable to handle kernel paging request for data at address
> 0x000c
> [ 44.512819] Faulting instruction addre
55 matches
Mail list logo