Re: [PATCH v8 1/4] crypto: AF_ALG -- add sign/verify API

Am Donnerstag, 10. August 2017, 15:59:33 CEST schrieb Tudor Ambarus: Hi Tudor, > On 08/10/2017 04:03 PM, Stephan Mueller wrote: > > Is there a style requirement for that? checkpatch.pl does not complain. I > > thought that one liners in a conditional should not have braces? > > Linux coding

[PATCH] crypto: AF_ALG - get_page upon reassignment to TX SGL

Hi Herbert, The error can be triggered with the following test. Invoking that test in a while [ 1 ] loop shows that no memory is leaked. #include #include int main(int argc, char *argv[]) { char buf[8192]; struct kcapi_handle *handle; struct iovec iov; int ret;

Re: [PATCH v5 2/5] lib: Add zstd modules

On 2017-08-10 07:32, Austin S. Hemmelgarn wrote: On 2017-08-10 04:30, Eric Biggers wrote: On Wed, Aug 09, 2017 at 07:35:53PM -0700, Nick Terrell wrote: It can compress at speeds approaching lz4, and quality approaching lzma. Well, for a very loose definition of "approaching", and certainly

[PATCH v8 3/4] crypto: AF_ALG -- add asymmetric cipher

This patch adds the user space interface for asymmetric ciphers. The interface allows the use of sendmsg as well as vmsplice to provide data. The akcipher interface implementation uses the common AF_ALG interface code regarding TX and RX SGL handling. Signed-off-by: Stephan Mueller

[PATCH] crypto: MPI - kunmap after finishing accessing buffer

Hi Herbert, I found that issue while playing around with edge conditions in my algif_akcipher implementation. This issue only manifests in a segmentation violation on 32 bit machines and with an SGL where each SG points to one byte. SGLs with larger buffers seem to be not affected by this issue.

[PATCH v8 4/4] crypto: algif_akcipher - enable compilation

Add the Makefile and Kconfig updates to allow algif_akcipher to be compiled. Signed-off-by: Stephan Mueller --- crypto/Kconfig | 9 + crypto/Makefile | 1 + 2 files changed, 10 insertions(+) diff --git a/crypto/Kconfig b/crypto/Kconfig index

[PATCH v8 0/4] crypto: add algif_akcipher user space API

Hi, This patch set adds the AF_ALG user space API to externalize the asymmetric cipher API recently added to the kernel crypto API. The patch set is tested with the user space library of libkcapi [1]. Use [1] test/test.sh for a full test run. The test covers the following scenarios: *

[PATCH v8 1/4] crypto: AF_ALG -- add sign/verify API

Add the flags for handling signature generation and signature verification. The af_alg helper code as well as the algif_skcipher and algif_aead code must be changed from a boolean indicating the cipher operation to an integer because there are now 4 different cipher operations that are defined.

[PATCH v8 2/4] crypto: AF_ALG -- add setpubkey setsockopt call

For supporting asymmetric ciphers, user space must be able to set the public key. The patch adds a new setsockopt call for setting the public key. Signed-off-by: Stephan Mueller --- crypto/af_alg.c | 18 +- include/crypto/if_alg.h | 1 +

Re: [PATCH v2] crypto: AF_ALG - consolidation of duplicate code

Am Mittwoch, 9. August 2017, 15:57:34 CEST schrieb Herbert Xu: Hi Herbert, > > Patch applied. Thanks. Thanks. As now the AIO code path is updated, the bug that I was reporting last September allowing to crash the kernel via AF_ALG is fixed. As the patch is very invasive, I am not sure that

Re: [PATCH v2] crypto: AF_ALG - consolidation of duplicate code

Am Donnerstag, 10. August 2017, 10:21:53 CEST schrieb Herbert Xu: Hi Herbert, > On Thu, Aug 10, 2017 at 10:16:48AM +0200, Stephan Mueller wrote: > > As now the AIO code path is updated, the bug that I was reporting last > > September allowing to crash the kernel via AF_ALG is fixed. > > > > As

Re: [PATCH v2] crypto: AF_ALG - consolidation of duplicate code

On Thu, Aug 10, 2017 at 10:16:48AM +0200, Stephan Mueller wrote: > > As now the AIO code path is updated, the bug that I was reporting last > September allowing to crash the kernel via AF_ALG is fixed. > > As the patch is very invasive, I am not sure that patch set should be sent to > stable.

Re: [PATCH v5 2/5] lib: Add zstd modules

On Wed, Aug 09, 2017 at 07:35:53PM -0700, Nick Terrell wrote: > > It can compress at speeds approaching lz4, and quality approaching lzma. Well, for a very loose definition of "approaching", and certainly not at the same time. I doubt there's a use case for using the highest compression levels

Re: [Freedombox-discuss] Hardware Crypto

To me it seems obvious that if the hardware provides a real RNG, that should be used to feed random(4). This solves a genuine problem and, even if calls to the hardware are expensive, overall overhead will not be high because random(4) does not need huge amounts of input. I'm much less certain

Re: [PATCH v4 2/4] crypto: add crypto_(un)register_ahashes()

On 08/10/2017 02:53 PM, Lars Persson wrote: From: Rabin Vincent There are already helpers to (un)register multiple normal and AEAD algos. Add one for ahashes too. Signed-off-by: Lars Persson Signed-off-by: Rabin Vincent --- v4:

Re: [PATCH v5 2/5] lib: Add zstd modules

On 2017-08-10 13:24, Eric Biggers wrote: On Thu, Aug 10, 2017 at 07:32:18AM -0400, Austin S. Hemmelgarn wrote: On 2017-08-10 04:30, Eric Biggers wrote: On Wed, Aug 09, 2017 at 07:35:53PM -0700, Nick Terrell wrote: It can compress at speeds approaching lz4, and quality approaching lzma.

Re: [PATCH v5 2/5] lib: Add zstd modules

On Thu, Aug 10, 2017 at 07:32:18AM -0400, Austin S. Hemmelgarn wrote: > On 2017-08-10 04:30, Eric Biggers wrote: > >On Wed, Aug 09, 2017 at 07:35:53PM -0700, Nick Terrell wrote: > >> > >>It can compress at speeds approaching lz4, and quality approaching lzma. > > > >Well, for a very loose

[RFC PATCH 10/10] arm64: defconfig: enable CAAM crypto engine on QorIQ DPAA2 SoCs

Enable CAAM (Cryptographic Accelerator and Assurance Module) driver for QorIQ Data Path Acceleration Architecture (DPAA) v2. It handles DPSECI (Data Path SEC Interface) DPAA2 objects that sit on the Management Complex (MC) fsl-mc bus. Signed-off-by: Horia Geantă ---

[RFC PATCH 06/10] crypto: caam - add DPAA2-CAAM (DPSECI) backend API

Add the low-level API that allows to manage DPSECI DPAA2 objects that sit on the Management Complex (MC) fsl-mc bus. The API is compatible with MC firmware 10.2.0+. Signed-off-by: Horia Geantă --- drivers/crypto/caam/dpseci.c | 858

[RFC PATCH 08/10] crypto: caam/qi2 - add DPAA2-CAAM driver

Add CAAM driver that works using the DPSECI backend, i.e. manages DPSECI DPAA2 objects sitting on the Management Complex (MC) fsl-mc bus. Data transfers (crypto requests) are sent/received to/from CAAM crypto engine via Queue Interface (v2), this being similar to existing caam/qi. OTOH,

[RFC PATCH 07/10] crypto: caam - add Queue Interface v2 error codes

Add support to translate error codes returned by QI v2, i.e. Queue Interface present on DataPath Acceleration Architecture v2 (DPAA2). Signed-off-by: Horia Geantă --- drivers/crypto/caam/error.c | 75 +++--

[RFC PATCH 05/10] crypto: caam/qi - prepare for gcm(aes) support

Update gcm(aes) descriptors (generic, rfc4106 and rfc4543) such that they would also work when submitted via the QI interface. Signed-off-by: Horia Geantă --- drivers/crypto/caam/caamalg.c | 19 +++-- drivers/crypto/caam/caamalg_desc.c | 165

[RFC PATCH 09/10] crypto: caam/qi2 - add ablkcipher algorithms

Add support to submit the following ablkcipher algorithms via the DPSECI backend: cbc({aes,des,des3_ede}) ctr(aes), rfc3686(ctr(aes)) xts(aes) Signed-off-by: Horia Geantă --- drivers/crypto/caam/Kconfig | 1 + drivers/crypto/caam/caamalg_qi2.c | 816

[RFC PATCH 01/10] staging: fsl-mc: dpio: add frame list format support

Add support for dpaa2_fd_list format, i.e. dpaa2_fl_entry structure and accessors. Frame list entries (FLEs) are similar, but not identical to frame descriptors (FDs): + "F" (final) bit - FMT[b'01] is reserved - DD, SC, DROPP bits (covered by "FD compatibility" field in FLE case) - FLC[5:0] not

[RFC PATCH 00/10] crypto: caam - add DPAA2 (DPSECI) driver

Hi, This patch set adds the CAAM crypto engine driver for DPAA2 (Data Path Acceleration Architecture v2) found on ARMv8-based SoCs like LS1088A, LS2088A. Driver consists of: -DPSECI (Data Path SEC Interface) backend - low-level API that allows to manage DPSECI devices (DPAA2 objects) that sit on

[RFC PATCH 04/10] staging: fsl-dpaa2/eth: move generic FD defines to DPIO

Previous commits: 6e2387e8f19e ("staging: fsl-dpaa2/eth: Add Freescale DPAA2 Ethernet driver") 39163c0ce0f4 ("staging: fsl-dpaa2/eth: Errors checking update") have added bits that are not specific to the WRIOP accelerator. Move these where they belong (in DPIO) such that other accelerators can

[RFC PATCH 03/10] staging: fsl-mc: dpio: add order preservation support

From: Radu Alexe Order preservation is a feature that will be supported in dpni, dpseci and dpci devices. This is a preliminary patch for the changes to be introduced in the corresponding drivers. Signed-off-by: Radu Alexe Signed-off-by: Horia Geantă

[RFC PATCH 02/10] staging: fsl-mc: dpio: add congestion notification support

Add support for Congestion State Change Notifications (CSCN), which allow DPIO users to be notified when a congestion group changes its state (due to hitting the entrance / exit threshold). Signed-off-by: Ioana Radulescu Signed-off-by: Radu Alexe

Re: [PATCH v5 2/5] lib: Add zstd modules

On 08/10/2017 04:30 AM, Eric Biggers wrote: On Wed, Aug 09, 2017 at 07:35:53PM -0700, Nick Terrell wrote: The memory reported is the amount of memory the compressor requests. | Method | Size (B) | Time (s) | Ratio | MB/s| Adj MB/s | Mem (MB) |

Re: [PATCH v5 2/5] lib: Add zstd modules

On Thu, Aug 10, 2017 at 10:57:01AM -0400, Austin S. Hemmelgarn wrote: > Also didn't think to mention this, but I could see the max level > being very popular for use with SquashFS root filesystems used in > LiveCD's. Currently, they have to decide between read performance > and image size, while

Re: [PATCH v5 2/5] lib: Add zstd modules

On 08/10/2017 03:00 PM, Eric Biggers wrote: On Thu, Aug 10, 2017 at 01:41:21PM -0400, Chris Mason wrote: On 08/10/2017 04:30 AM, Eric Biggers wrote: On Wed, Aug 09, 2017 at 07:35:53PM -0700, Nick Terrell wrote: The memory reported is the amount of memory the compressor requests. | Method

Re: [PATCH v8 1/4] crypto: AF_ALG -- add sign/verify API

On 08/10/2017 04:03 PM, Stephan Mueller wrote: Is there a style requirement for that? checkpatch.pl does not complain. I thought that one liners in a conditional should not have braces? Linux coding style requires braces in both branches when you have a branch with a statement and the other

Re: [PATCH v5 2/5] lib: Add zstd modules

On Thu, Aug 10, 2017 at 01:41:21PM -0400, Chris Mason wrote: > On 08/10/2017 04:30 AM, Eric Biggers wrote: > >On Wed, Aug 09, 2017 at 07:35:53PM -0700, Nick Terrell wrote: > > >>The memory reported is the amount of memory the compressor requests. > >> > >>| Method | Size (B) | Time (s) | Ratio

Re: [PATCH v5 2/5] lib: Add zstd modules

On 2017-08-10 04:30, Eric Biggers wrote: On Wed, Aug 09, 2017 at 07:35:53PM -0700, Nick Terrell wrote: It can compress at speeds approaching lz4, and quality approaching lzma. Well, for a very loose definition of "approaching", and certainly not at the same time. I doubt there's a use case

Re: [PATCH v5 2/5] lib: Add zstd modules

On 8/10/17, 10:48 AM, "Austin S. Hemmelgarn" wrote: >On 2017-08-10 13:24, Eric Biggers wrote: >>On Thu, Aug 10, 2017 at 07:32:18AM -0400, Austin S. Hemmelgarn wrote: >>>On 2017-08-10 04:30, Eric Biggers wrote: On Wed, Aug 09, 2017 at 07:35:53PM -0700, Nick Terrell wrote:

Re: [PATCH v5 2/5] lib: Add zstd modules

On Thu, Aug 10, 2017 at 01:41:21PM -0400, Chris Mason wrote: > On 08/10/2017 04:30 AM, Eric Biggers wrote: > > > >Theses benchmarks are misleading because they compress the whole file as a > >single stream without resetting the dictionary, which isn't how data will > >typically be compressed in

Re: [PATCH v5 2/5] lib: Add zstd modules

On 8/10/17, 1:30 AM, "Eric Biggers" wrote: > On Wed, Aug 09, 2017 at 07:35:53PM -0700, Nick Terrell wrote: >> >> It can compress at speeds approaching lz4, and quality approaching lzma. > > Well, for a very loose definition of "approaching", and certainly not at the > same

Re: [PATCH v5 2/5] lib: Add zstd modules

On 2017-08-10 15:25, Hugo Mills wrote: On Thu, Aug 10, 2017 at 01:41:21PM -0400, Chris Mason wrote: On 08/10/2017 04:30 AM, Eric Biggers wrote: Theses benchmarks are misleading because they compress the whole file as a single stream without resetting the dictionary, which isn't how data will

Re: [PATCH v8 0/4] crypto: add algif_akcipher user space API

Hi Stephan, On Thu, 10 Aug 2017, Stephan Müller wrote: Hi, This patch set adds the AF_ALG user space API to externalize the asymmetric cipher API recently added to the kernel crypto API. ... Changes v8: * port to kernel 4.13 * port to consolidated AF_ALG code Stephan Mueller (4):

Re: [PATCH v8 1/4] crypto: AF_ALG -- add sign/verify API

Hi, Stephan, On 08/10/2017 09:39 AM, Stephan Müller wrote: Add the flags for handling signature generation and signature verification. The af_alg helper code as well as the algif_skcipher and algif_aead code must be changed from a boolean indicating the cipher operation to an integer because

[PATCH v4 3/4] crypto: axis: add ARTPEC-6/7 crypto accelerator driver

This is an asynchronous crypto API driver for the accelerator present in the ARTPEC-6 and -7 SoCs from Axis Communications AB. The driver supports AES in ECB/CTR/CBC/XTS/GCM modes and SHA1/2 hash standards. Signed-off-by: Lars Persson --- drivers/crypto/Kconfig |

[PATCH v4 0/4] crypto: add driver for Axis ARTPEC crypto accelerator

This series adds a driver for the crypto accelerator in the ARTPEC series of SoCs from Axis Communications AB. Changelog v4: - The skcipher conversion had a mistake where the algos were registered instead of unregistered at module unloading. Changelog v3: - The patch author added his

[PATCH v4 1/4] dt-bindings: crypto: add ARTPEC crypto

Document the device tree bindings for the ARTPEC crypto accelerator on ARTPEC-6 and ARTPEC-7 SoCs. Acked-by: Rob Herring Signed-off-by: Lars Persson --- .../devicetree/bindings/crypto/artpec6-crypto.txt| 16 1 file changed, 16

[PATCH v4 4/4] MAINTAINERS: Add ARTPEC crypto maintainer

Assign the Axis kernel team as maintainer for crypto drivers under drivers/crypto/axis. Signed-off-by: Lars Persson --- MAINTAINERS | 1 + 1 file changed, 1 insertion(+) diff --git a/MAINTAINERS b/MAINTAINERS index d5b6c71e783e..72186cf9820d 100644 --- a/MAINTAINERS +++

[PATCH v4 2/4] crypto: add crypto_(un)register_ahashes()

From: Rabin Vincent There are already helpers to (un)register multiple normal and AEAD algos. Add one for ahashes too. Signed-off-by: Lars Persson Signed-off-by: Rabin Vincent --- v4: crypto_register_skciphers was used where

Re: [PATCH v8 1/4] crypto: AF_ALG -- add sign/verify API

Am Donnerstag, 10. August 2017, 14:49:39 CEST schrieb Tudor Ambarus: Hi Tudor, thanks for reviewing > > > > - err = ctx->enc ? crypto_aead_encrypt(>cra_u.aead_req) : > > -crypto_aead_decrypt(>cra_u.aead_req); > > - } else { > > + } else > > Unbalanced

Re: [PATCH v8 0/4] crypto: add algif_akcipher user space API

Hi Mat, >> This patch set adds the AF_ALG user space API to externalize the >> asymmetric cipher API recently added to the kernel crypto API. > > ... > >> Changes v8: >> * port to kernel 4.13 >> * port to consolidated AF_ALG code >> >> Stephan Mueller (4): >> crypto: AF_ALG -- add sign/verify