]> www.infradead.org Git - linux.git/log
linux.git
5 years agocrypto: sun8i-ce - rename has_t_dlen_in_bytes to cipher_t_dlen_in_bytes
Corentin Labbe [Fri, 18 Sep 2020 07:23:09 +0000 (07:23 +0000)]
crypto: sun8i-ce - rename has_t_dlen_in_bytes to cipher_t_dlen_in_bytes

Hash algorithms will need also a spetial t_dlen handling, but since the
meaning will be different, rename the current flag to specify it apply
only on ciphers algorithms.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ce - handle different error registers
Corentin Labbe [Fri, 18 Sep 2020 07:23:08 +0000 (07:23 +0000)]
crypto: sun8i-ce - handle different error registers

Error registers are different across SoCs.
This patch handle those difference.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ce - split into prepare/run/unprepare
Corentin Labbe [Fri, 18 Sep 2020 07:23:07 +0000 (07:23 +0000)]
crypto: sun8i-ce - split into prepare/run/unprepare

This patch split the do_one_request into three.
Prepare will handle all DMA mapping and initialisation of the task
structure.
Unprepare will clean all DMA mapping.
And the do_one_request will be limited to just executing the task.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ce - move iv data to request context
Corentin Labbe [Fri, 18 Sep 2020 07:23:06 +0000 (07:23 +0000)]
crypto: sun8i-ce - move iv data to request context

Instead of storing IV data in the channel context, store them in the
request context.
Storing them in the channel structure was conceptualy wrong since they
are per request related.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ce - handle endianness of t_common_ctl
Corentin Labbe [Fri, 18 Sep 2020 07:23:05 +0000 (07:23 +0000)]
crypto: sun8i-ce - handle endianness of t_common_ctl

t_common_ctl is LE32 so we need to convert its value before using it.
This value is only used on H6 (ignored on other SoCs) and not handling
the endianness cause failure on xRNG/hashes operations on H6 when running BE.

Fixes: 06f751b61329 ("crypto: allwinner - Add sun8i-ce Crypto Engine")
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ss - better debug printing
Corentin Labbe [Fri, 18 Sep 2020 07:23:04 +0000 (07:23 +0000)]
crypto: sun8i-ss - better debug printing

This patch reworks the way debug info are printed.
Instead of printing raw numbers, let's add a bit of context.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ss - Add more comment on some structures
Corentin Labbe [Fri, 18 Sep 2020 07:23:03 +0000 (07:23 +0000)]
crypto: sun8i-ss - Add more comment on some structures

This patch adds some comment on structures used by sun8i-ss.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ss - fix a trivial typo
Corentin Labbe [Fri, 18 Sep 2020 07:23:02 +0000 (07:23 +0000)]
crypto: sun8i-ss - fix a trivial typo

This fixes a trivial typo.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ss - support hash algorithms
Corentin Labbe [Fri, 18 Sep 2020 07:23:01 +0000 (07:23 +0000)]
crypto: sun8i-ss - support hash algorithms

The SS support multiples hash algorithms, this patch adds support for
MD5, SHA1, SHA224 and SHA256.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ss - Add support for the PRNG
Corentin Labbe [Fri, 18 Sep 2020 07:23:00 +0000 (07:23 +0000)]
crypto: sun8i-ss - Add support for the PRNG

This patch had support for the PRNG present in the SS.
The output was tested with rngtest without any failure.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ss - Add SS_START define
Corentin Labbe [Fri, 18 Sep 2020 07:22:59 +0000 (07:22 +0000)]
crypto: sun8i-ss - Add SS_START define

Instead of using an hardcoded value, let's use a defined value for
SS_START.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/qm - Convert to DEFINE_SHOW_ATTRIBUTE
Qinglang Miao [Fri, 18 Sep 2020 01:31:13 +0000 (09:31 +0800)]
crypto: hisilicon/qm - Convert to DEFINE_SHOW_ATTRIBUTE

Use DEFINE_SHOW_ATTRIBUTE macro to simplify the code.

Signed-off-by: Qinglang Miao <miaoqinglang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: cavium/zip - Convert to DEFINE_SHOW_ATTRIBUTE
Qinglang Miao [Fri, 18 Sep 2020 01:31:12 +0000 (09:31 +0800)]
crypto: cavium/zip - Convert to DEFINE_SHOW_ATTRIBUTE

Use DEFINE_SHOW_ATTRIBUTE macro to simplify the code.

Signed-off-by: Qinglang Miao <miaoqinglang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: caam - Convert to DEFINE_SHOW_ATTRIBUTE
Qinglang Miao [Fri, 18 Sep 2020 01:31:11 +0000 (09:31 +0800)]
crypto: caam - Convert to DEFINE_SHOW_ATTRIBUTE

Use DEFINE_SHOW_ATTRIBUTE macro to simplify the code.

Signed-off-by: Qinglang Miao <miaoqinglang@huawei.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: amlogic - Convert to DEFINE_SHOW_ATTRIBUTE
Qinglang Miao [Fri, 18 Sep 2020 01:31:10 +0000 (09:31 +0800)]
crypto: amlogic - Convert to DEFINE_SHOW_ATTRIBUTE

Use DEFINE_SHOW_ATTRIBUTE macro to simplify the code.

Signed-off-by: Qinglang Miao <miaoqinglang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: allwinner - Convert to DEFINE_SHOW_ATTRIBUTE
Qinglang Miao [Fri, 18 Sep 2020 01:31:08 +0000 (09:31 +0800)]
crypto: allwinner - Convert to DEFINE_SHOW_ATTRIBUTE

Use DEFINE_SHOW_ATTRIBUTE macro to simplify the code.

Signed-off-by: Qinglang Miao <miaoqinglang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: proc - Removing some useless only space lines
Corentin Labbe [Thu, 17 Sep 2020 18:59:36 +0000 (18:59 +0000)]
crypto: proc - Removing some useless only space lines

Some line got only spaces, remove them

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: marvell/cesa - use devm_platform_ioremap_resource_byname
Zhang Qilong [Thu, 17 Sep 2020 07:42:34 +0000 (15:42 +0800)]
crypto: marvell/cesa - use devm_platform_ioremap_resource_byname

Use the devm_platform_ioremap_resource_byname() helper instead of
calling platform_get_resource_byname() and devm_ioremap_resource()
separately.

Signed-off-by: Zhang Qilong <zhangqilong3@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: arm/aes-neonbs - use typed init/exit routines for XTS
Ard Biesheuvel [Wed, 16 Sep 2020 12:36:42 +0000 (15:36 +0300)]
crypto: arm/aes-neonbs - use typed init/exit routines for XTS

Use the typed skcipher init/exit routines instead of the generic
cra_init/_exit routines when instantiating/releasing the XTS
skciphers.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: arm/aes-neonbs - avoid loading reorder argument on encryption
Ard Biesheuvel [Wed, 16 Sep 2020 12:36:41 +0000 (15:36 +0300)]
crypto: arm/aes-neonbs - avoid loading reorder argument on encryption

Reordering the tweak is never necessary for encryption, so avoid the
argument load on the encryption path.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: arm/aes-neonbs - avoid hacks to prevent Thumb2 mode switches
Ard Biesheuvel [Wed, 16 Sep 2020 12:36:40 +0000 (15:36 +0300)]
crypto: arm/aes-neonbs - avoid hacks to prevent Thumb2 mode switches

Instead of using a homegrown macrofied version of the adr instruction
that sets the Thumb bit in the output value, only to ensure that any
bx instructions consuming that value will not switch out of Thumb mode
when branching, use non-interworking mov (to PC) instructions, which
achieve the same thing.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: stm32/crc32 - Avoid lock if hardware is already used
Nicolas Toromanoff [Wed, 16 Sep 2020 06:33:44 +0000 (08:33 +0200)]
crypto: stm32/crc32 - Avoid lock if hardware is already used

If STM32 CRC device is already in use, calculate CRC by software.

This will release CPU constraint for a concurrent access to the
hardware, and avoid masking irqs during the whole block processing.

Fixes: 7795c0baf5ac ("crypto: stm32/crc32 - protect from concurrent accesses")
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: qat - remove unnecessary mutex_init()
Qinglang Miao [Wed, 16 Sep 2020 06:21:21 +0000 (14:21 +0800)]
crypto: qat - remove unnecessary mutex_init()

The mutex adf_ctl_lock is initialized statically. It is
unnecessary to initialize by mutex_init().

Signed-off-by: Qinglang Miao <miaoqinglang@huawei.com>
Acked-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: arm/sha512-neon - avoid ADRL pseudo instruction
Ard Biesheuvel [Wed, 16 Sep 2020 06:14:18 +0000 (09:14 +0300)]
crypto: arm/sha512-neon - avoid ADRL pseudo instruction

The ADRL pseudo instruction is not an architectural construct, but a
convenience macro that was supported by the ARM proprietary assembler
and adopted by binutils GAS as well, but only when assembling in 32-bit
ARM mode. Therefore, it can only be used in assembler code that is known
to assemble in ARM mode only, but as it turns out, the Clang assembler
does not implement ADRL at all, and so it is better to get rid of it
entirely.

So replace the ADRL instruction with a ADR instruction that refers to
a nearer symbol, and apply the delta explicitly using an additional
instruction.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: arm/sha256-neon - avoid ADRL pseudo instruction
Ard Biesheuvel [Wed, 16 Sep 2020 06:14:17 +0000 (09:14 +0300)]
crypto: arm/sha256-neon - avoid ADRL pseudo instruction

The ADRL pseudo instruction is not an architectural construct, but a
convenience macro that was supported by the ARM proprietary assembler
and adopted by binutils GAS as well, but only when assembling in 32-bit
ARM mode. Therefore, it can only be used in assembler code that is known
to assemble in ARM mode only, but as it turns out, the Clang assembler
does not implement ADRL at all, and so it is better to get rid of it
entirely.

So replace the ADRL instruction with a ADR instruction that refers to
a nearer symbol, and apply the delta explicitly using an additional
instruction.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: qat - convert to use DEFINE_SEQ_ATTRIBUTE macro
Liu Shixin [Wed, 16 Sep 2020 02:50:17 +0000 (10:50 +0800)]
crypto: qat - convert to use DEFINE_SEQ_ATTRIBUTE macro

Use DEFINE_SEQ_ATTRIBUTE macro to simplify the code.

Signed-off-by: Liu Shixin <liushixin2@huawei.com>
Acked-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: lib/chacha20poly1305 - Set SG_MITER_ATOMIC unconditionally
Herbert Xu [Tue, 15 Sep 2020 03:30:24 +0000 (13:30 +1000)]
crypto: lib/chacha20poly1305 - Set SG_MITER_ATOMIC unconditionally

There is no reason for the chacha20poly1305 SG miter code to use
kmap instead of kmap_atomic as the critical section doesn't sleep
anyway.  So we can simply get rid of the preemptible check and
set SG_MITER_ATOMIC unconditionally.

Even if we need to reenable preemption to lower latency we should
be doing that by interrupting the SG miter walk rather than using
kmap.

Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: inside-secure - Reuse code in safexcel_hmac_alg_setkey
Herbert Xu [Mon, 14 Sep 2020 04:22:16 +0000 (14:22 +1000)]
crypto: inside-secure - Reuse code in safexcel_hmac_alg_setkey

The code in the current implementation of safexcel_hmac_alg_setkey
can be reused by safexcel_cipher.  This patch does just that by
renaming the previous safexcel_hmac_setkey to __safexcel_hmac_setkey.
The now-shared safexcel_hmac_alg_setkey becomes safexcel_hmac_setkey
and a new safexcel_hmac_alg_setkey has been added for use by ahash
transforms.

As a result safexcel_aead_setkey's stack frame has been reduced by
about half in size, or about 512 bytes.

Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: inside-secure - Move ipad/opad into safexcel_context
Herbert Xu [Mon, 14 Sep 2020 04:22:14 +0000 (14:22 +1000)]
crypto: inside-secure - Move ipad/opad into safexcel_context

As both safexcel_ahash_ctx and safexcel_cipher_ctx contain ipad
and opad buffers this patch moves them into the common struct
safexcel_context.  It also adds a union so that they can be accessed
in the appropriate endian without crazy casts.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: inside-secure - Move priv pointer into safexcel_context
Herbert Xu [Mon, 14 Sep 2020 04:22:11 +0000 (14:22 +1000)]
crypto: inside-secure - Move priv pointer into safexcel_context

This patch moves the priv pointer into struct safexcel_context
because both structs that extend safexcel_context have that pointer
as well.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: atmel-aes - convert to use be32_add_cpu()
Liu Shixin [Mon, 14 Sep 2020 04:17:46 +0000 (12:17 +0800)]
crypto: atmel-aes - convert to use be32_add_cpu()

Convert cpu_to_be32(be32_to_cpu(E1) + E2) to use be32_add_cpu().

Signed-off-by: Liu Shixin <liushixin2@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocypto: mediatek - fix leaks in mtk_desc_ring_alloc
Xiaoliang Pang [Mon, 14 Sep 2020 03:00:51 +0000 (11:00 +0800)]
cypto: mediatek - fix leaks in mtk_desc_ring_alloc

In the init loop, if an error occurs in function 'dma_alloc_coherent',
then goto the err_cleanup section, after run i--,
in the array ring, the struct mtk_ring with index i will not be released,
causing memory leaks

Fixes: 785e5c616c849 ("crypto: mediatek - Add crypto driver support for some MediaTek chips")
Cc: Ryder Lee <ryder.lee@mediatek.com>
Signed-off-by: Xiaoliang Pang <dawning.pang@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agohwrng: ingenic - Add hardware TRNG for Ingenic X1830
周琰杰 (Zhou Yanjie) [Sun, 13 Sep 2020 16:10:21 +0000 (00:10 +0800)]
hwrng: ingenic - Add hardware TRNG for Ingenic X1830

Add X1830 SoC digital true random number generator driver.

Tested-by: 周正 (Zhou Zheng) <sernia.zhou@foxmail.com>
Co-developed-by: 漆鹏振 (Qi Pengzhen) <aric.pzqi@ingenic.com>
Signed-off-by: 漆鹏振 (Qi Pengzhen) <aric.pzqi@ingenic.com>
Signed-off-by: 周琰杰 (Zhou Yanjie) <zhouyanjie@wanyeetech.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agodt-bindings: RNG: Add Ingenic TRNG bindings.
周琰杰 (Zhou Yanjie) [Sun, 13 Sep 2020 16:10:20 +0000 (00:10 +0800)]
dt-bindings: RNG: Add Ingenic TRNG bindings.

Add the TRNG bindings for the X1830 SoC from Ingenic.

Signed-off-by: 周琰杰 (Zhou Yanjie) <zhouyanjie@wanyeetech.com>
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: Kconfig - mark unused ciphers as obsolete
Ard Biesheuvel [Fri, 11 Sep 2020 14:11:03 +0000 (17:11 +0300)]
crypto: Kconfig - mark unused ciphers as obsolete

We have a few interesting pieces in our cipher museum, which are never
used internally, and were only ever provided as generic C implementations.

Unfortunately, we cannot simply remove this code, as we cannot be sure
that it is not being used via the AF_ALG socket API, however unlikely.

So let's mark the Anubis, Khazad, SEED and TEA algorithms as obsolete,
which means they can only be enabled in the build if the socket API is
enabled in the first place.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: inside-secure - Add support for EIP197 with output classifier
Pascal van Leeuwen [Fri, 11 Sep 2020 07:46:39 +0000 (09:46 +0200)]
crypto: inside-secure - Add support for EIP197 with output classifier

This patch adds support for EIP197 instances that include the output
classifier (OCE) option, as used by one of our biggest customers.
The OCE normally requires initialization and dedicated firmware, but
for the simple operations supported by this driver, we just bypass it
completely for now (using what is formally a debug feature).

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@rambus.com>
Acked-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: n2 - Fix sparse endianness warning
Herbert Xu [Fri, 11 Sep 2020 06:55:05 +0000 (16:55 +1000)]
crypto: n2 - Fix sparse endianness warning

This patch fixes sparse endianness warnings by changing the type
of hash_init to u8 from u32.  There should be no difference in the
generated code.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i - Simplify with dev_err_probe()
Krzysztof Kozlowski [Thu, 10 Sep 2020 19:29:19 +0000 (21:29 +0200)]
crypto: sun8i - Simplify with dev_err_probe()

Common pattern of handling deferred probe can be simplified with
dev_err_probe().  Less code and the error value gets printed.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: stm32-hash - Simplify with dev_err_probe()
Krzysztof Kozlowski [Thu, 10 Sep 2020 19:29:18 +0000 (21:29 +0200)]
crypto: stm32-hash - Simplify with dev_err_probe()

Common pattern of handling deferred probe can be simplified with
dev_err_probe().  Less code and the error value gets printed.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: caam - Simplify with dev_err_probe()
Krzysztof Kozlowski [Thu, 10 Sep 2020 19:29:17 +0000 (21:29 +0200)]
crypto: caam - Simplify with dev_err_probe()

Common pattern of handling deferred probe can be simplified with
dev_err_probe().  Less code and the error value gets printed.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Reviewed-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: caam - Fix kerneldoc
Krzysztof Kozlowski [Thu, 10 Sep 2020 19:29:16 +0000 (21:29 +0200)]
crypto: caam - Fix kerneldoc

Fix kerneldoc warnings like:

  drivers/crypto/caam/caamalg_qi2.c:73: warning: cannot understand function prototype: 'struct caam_ctx'
  drivers/crypto/caam/caamalg_qi2.c:2962: warning: cannot understand function prototype: 'struct caam_hash_ctx'
  drivers/crypto/caam/ctrl.c:449: warning: Function parameter or member 'ctrl' not described in 'caam_get_era'

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Reviewed-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon - fixed memory allocation error
Longfang Liu [Thu, 10 Sep 2020 11:56:43 +0000 (19:56 +0800)]
crypto: hisilicon - fixed memory allocation error

1. Fix the bug of 'mac' memory leak as allocating 'pbuf' failing.
2. Fix the bug of 'qps' leak as allocating 'qp_ctx' failing.

Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon - update ZIP module parameter description
Longfang Liu [Thu, 10 Sep 2020 11:56:42 +0000 (19:56 +0800)]
crypto: hisilicon - update ZIP module parameter description

In order to pass kernel CRYPTO test, ZIP module parameter
'pf_q_num' needs to be set as greater than 1.

Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon - update SEC module parameter description
Longfang Liu [Thu, 10 Sep 2020 11:56:41 +0000 (19:56 +0800)]
crypto: hisilicon - update SEC module parameter description

In order to pass kernel CRYPTO test, SEC module parameter
'pf_q_num' needs to be set as greater than 1.

Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon - update HPRE module parameter description
Longfang Liu [Thu, 10 Sep 2020 11:56:40 +0000 (19:56 +0800)]
crypto: hisilicon - update HPRE module parameter description

In order to pass kernel CRYPTO test, HPRE module parameter
'pf_q_num' needs to be set as greater than 1.

Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon - update mininum queue
Longfang Liu [Thu, 10 Sep 2020 11:56:39 +0000 (19:56 +0800)]
crypto: hisilicon - update mininum queue

At present, as HPRE/SEC/ZIP modules' parameter 'pf_q_num' is 1,
kernel CRYPTO test will fail on the algorithms from the modules,
since 'QP' hardware resources are not enough for CRYPTO TFM.
To fix this, the minimum value of 'pf_q_num' should be 2.

Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: qat - use PCI_VDEVICE
Giovanni Cabiddu [Wed, 9 Sep 2020 10:59:40 +0000 (11:59 +0100)]
crypto: qat - use PCI_VDEVICE

Build pci_device_id structure using the PCI_VDEVICE macro.
This removes any references to the ADF_SYSTEM_DEVICE macro.

Suggested-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Reviewed-by: Fiona Trahe <fiona.trahe@intel.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: qat - replace device ids defines
Giovanni Cabiddu [Wed, 9 Sep 2020 10:59:39 +0000 (11:59 +0100)]
crypto: qat - replace device ids defines

Replace device ids defined in the QAT drivers with the ones in
include/linux/pci_ids.h.

Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Reviewed-by: Fiona Trahe <fiona.trahe@intel.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sa2ul - Fix pm_runtime_get_sync() error checking
Dan Carpenter [Wed, 9 Sep 2020 09:45:28 +0000 (12:45 +0300)]
crypto: sa2ul - Fix pm_runtime_get_sync() error checking

The pm_runtime_get_sync() function returns either 0 or 1 on success but
this code treats a return of 1 as a failure.

Fixes: 7694b6ca649f ("crypto: sa2ul - Add crypto driver")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: inside-secure - Prevent missing of processing errors
Pascal van Leeuwen [Tue, 8 Sep 2020 06:10:45 +0000 (08:10 +0200)]
crypto: inside-secure - Prevent missing of processing errors

On systems with coherence issues, packet processed could succeed while
it should have failed, e.g. because of an authentication fail.
This is because the driver would read stale status information that had
all error bits initialised to zero = no error.
Since this is potential a security risk, we want to prevent it from being
a possibility at all. So initialize all error bits to error state, so
that reading stale status information will always result in errors.

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@rambus.com>
Acked-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun4i-ss - Fix sparse endianness markers
Herbert Xu [Tue, 8 Sep 2020 05:00:36 +0000 (15:00 +1000)]
crypto: sun4i-ss - Fix sparse endianness markers

This patch also fixes the incorrect endianness markings in the
sun4i-ss driver.  It should have no effect in the genereated code.

Instead of using cpu_to_Xe32 followed by a memcpy, this patch
converts the final hash write to use put_unaligned_X instead.

Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/zip - fix some coding styles
Yang Shen [Mon, 7 Sep 2020 08:22:02 +0000 (16:22 +0800)]
crypto: hisilicon/zip - fix some coding styles

1.Unified alignment styles
2.Remove unnecessary goto branch
3.Remove address printf

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/zip - supplement some comments
Yang Shen [Mon, 7 Sep 2020 08:22:01 +0000 (16:22 +0800)]
crypto: hisilicon/zip - supplement some comments

Supplement some comments.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/zip - move some private macros from 'zip.h' to 'zip_crypto.c'
Yang Shen [Mon, 7 Sep 2020 08:22:00 +0000 (16:22 +0800)]
crypto: hisilicon/zip - move some private macros from 'zip.h' to 'zip_crypto.c'

Some macros which are defined in 'zip.h' are related to the struct
'hisi_zip_sqe' and are only used in 'zip_crypto.c'. So move them from
'zip.h' to 'zip_crypto.c'.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/zip - fix static check warning
Yang Shen [Mon, 7 Sep 2020 08:21:59 +0000 (16:21 +0800)]
crypto: hisilicon/zip - fix static check warning

Fix some code for PClint warning:
    Warning - Suspicious Cast

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/zip - add print for error branch
Yang Shen [Mon, 7 Sep 2020 08:21:58 +0000 (16:21 +0800)]
crypto: hisilicon/zip - add print for error branch

Add print for some error branches.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/zip - use a enum parameter instead of some macros
Yang Shen [Mon, 7 Sep 2020 08:21:57 +0000 (16:21 +0800)]
crypto: hisilicon/zip - use a enum parameter instead of some macros

Macros 'QPC_COMP', 'QPC_DECOMP' and 'HZIP_CTX_Q_NUM' are relative and
incremental. So, use an enum instead.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/zip - replace 'sprintf' with 'scnprintf'
Yang Shen [Mon, 7 Sep 2020 08:21:56 +0000 (16:21 +0800)]
crypto: hisilicon/zip - replace 'sprintf' with 'scnprintf'

Replace 'sprintf' with 'scnprintf' to avoid overrun.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/zip - modify debugfs interface parameters
Shukun Tan [Mon, 7 Sep 2020 08:21:55 +0000 (16:21 +0800)]
crypto: hisilicon/zip - modify debugfs interface parameters

Update debugfs interface parameters

Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/zip - unify naming style for functions and macros
Yang Shen [Mon, 7 Sep 2020 08:21:54 +0000 (16:21 +0800)]
crypto: hisilicon/zip - unify naming style for functions and macros

1.Add prefix 'HZIP' for some macros
2.Add prefix 'hisi_zip' for some functions

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: hisilicon/zip - remove some useless parameters
Yang Shen [Mon, 7 Sep 2020 08:21:53 +0000 (16:21 +0800)]
crypto: hisilicon/zip - remove some useless parameters

1.Remove the macro 'HZIP_VF_NUM'.
2.Remove 'list' of the struct 'hisi_zip'

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: omap-sham - fix digcnt register handling with export/import
Tero Kristo [Mon, 7 Sep 2020 07:56:24 +0000 (10:56 +0300)]
crypto: omap-sham - fix digcnt register handling with export/import

Running export/import for hashes in peculiar order (mostly done by
openssl) can mess up the internal book keeping of the OMAP SHA core.
Fix by forcibly writing the correct DIGCNT back to hardware. This issue
was noticed while transitioning to openssl 1.1 support.

Fixes: 0d373d603202 ("crypto: omap-sham - Add OMAP4/AM33XX SHAM Support")
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: omap-sham - convert to use crypto engine
Tero Kristo [Mon, 7 Sep 2020 07:56:10 +0000 (10:56 +0300)]
crypto: omap-sham - convert to use crypto engine

Convert the omap-sham driver to use crypto engine for queue handling,
instead of using local implementation.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sa2ul - Select CRYPTO_AUTHENC
Herbert Xu [Mon, 7 Sep 2020 06:22:40 +0000 (16:22 +1000)]
crypto: sa2ul - Select CRYPTO_AUTHENC

The sa2ul driver uses crypto_authenc_extractkeys and therefore
must select CRYPTO_AUTHENC.

Fixes: 7694b6ca649f ("crypto: sa2ul - Add crypto driver")
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Keerthy <j-keerthy@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: ux500 - Fix sparse endianness warnings
Herbert Xu [Fri, 4 Sep 2020 08:27:05 +0000 (18:27 +1000)]
crypto: ux500 - Fix sparse endianness warnings

This patch fixes a couple of sparse endianness warnings in the
ux500 driver.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: qat - include domain in top level debugfs path
Giovanni Cabiddu [Fri, 4 Sep 2020 08:04:15 +0000 (09:04 +0100)]
crypto: qat - include domain in top level debugfs path

Use pci_name() when creating debugfs entries in order to include PCI
domain in the path.

Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: s5p-sss - Pass error from clk_get and reduce verbosity on deferral
Krzysztof Kozlowski [Thu, 3 Sep 2020 18:04:00 +0000 (20:04 +0200)]
crypto: s5p-sss - Pass error from clk_get and reduce verbosity on deferral

Pass the error directly from devm_clk_get() to describe the real reason,
instead of fixed ENOENT.  Do not print error messages on deferred probe.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Reviewed-by: Kamil Konieczny <k.konieczny@samsung.com>
Acked-by: Kamil Konieczny <k.konieczny@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: s5p-sss - Add and fix kerneldoc
Krzysztof Kozlowski [Thu, 3 Sep 2020 18:03:59 +0000 (20:03 +0200)]
crypto: s5p-sss - Add and fix kerneldoc

Add missing and fix existing kerneldoc to silence W=1 warnings:

  drivers/crypto/s5p-sss.c:333: warning: Function parameter or member 'pclk' not described in 's5p_aes_dev'
  drivers/crypto/s5p-sss.c:373: warning: Function parameter or member 'sgl' not described in 's5p_hash_reqctx'
  drivers/crypto/s5p-sss.c:373: warning: Function parameter or member 'buffer' not described in 's5p_hash_reqctx'
  drivers/crypto/s5p-sss.c:1143: warning: Function parameter or member 'new_len' not described in 's5p_hash_prepare_sgs'
  drivers/crypto/s5p-sss.c:1143: warning: Excess function parameter 'nbytes' description in 's5p_hash_prepare_sgs'

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Reviewed-by: Kamil Konieczny <k.konieczny@samsung.com>
Acked-by: Kamil Konieczny <k.konieczny@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: s5p-sss - remove redundant null check
Xu Wang [Thu, 3 Sep 2020 08:37:38 +0000 (08:37 +0000)]
crypto: s5p-sss - remove redundant null check

Because clk_disable_unprepare already checked NULL clock
parameter, so the additional checks are unnecessary, just remove them.

Signed-off-by: Xu Wang <vulab@iscas.ac.cn>
Reviewed-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Kamil Konieczny <k.konieczny@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agohwrng: xiphera-trng: add support for XIP8001B hwrng
Atte Tommiska [Wed, 2 Sep 2020 10:28:17 +0000 (13:28 +0300)]
hwrng: xiphera-trng: add support for XIP8001B hwrng

Xiphera XIP8001B is an FPGA-based True Random Number Generator
Intellectual Property (IP) Core which can be instantiated in
multiple FPGA families. This driver adds Linux support for it through
the hwrng interface.

Signed-off-by: Atte Tommiska <atte.tommiska@xiphera.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agodt-bindings: rng: add bindings for Xiphera XIP8001B hwrng
Atte Tommiska [Wed, 2 Sep 2020 10:28:16 +0000 (13:28 +0300)]
dt-bindings: rng: add bindings for Xiphera XIP8001B hwrng

Document the device tree bindings of Xiphera's XIP8001B-trng IP.

Signed-off-by: Atte Tommiska <atte.tommiska@xiphera.com>
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agodt-bindings: vendor-prefixes: Add Xiphera vendor prefix
Atte Tommiska [Wed, 2 Sep 2020 10:28:15 +0000 (13:28 +0300)]
dt-bindings: vendor-prefixes: Add Xiphera vendor prefix

Xiphera is an FPGA-based cryptographic solutions provider based in
Finland.
Website of the company: https://xiphera.com/

Signed-off-by: Atte Tommiska <atte.tommiska@xiphera.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: cbc - Remove cbc.h
Herbert Xu [Tue, 1 Sep 2020 11:49:11 +0000 (21:49 +1000)]
crypto: cbc - Remove cbc.h

Now that crypto/cbc.h is only used by the generic cbc template,
we can merge it back into the CBC code.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: arm/aes-neonbs - Use generic cbc encryption path
Herbert Xu [Tue, 1 Sep 2020 11:48:40 +0000 (21:48 +1000)]
crypto: arm/aes-neonbs - Use generic cbc encryption path

Since commit b56f5cbc7e08ec7d31c42fc41e5247677f20b143 ("crypto:
arm/aes-neonbs - resolve fallback cipher at runtime") the CBC
encryption path in aes-neonbs is now identical to that obtained
through the cbc template.  This means that it can simply call
the generic cbc template instead of doing its own thing.

This patch removes the custom encryption path and simply invokes
the generic cbc template.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: arc4 - mark ecb(arc4) skcipher as obsolete
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:49 +0000 (18:16 +0300)]
crypto: arc4 - mark ecb(arc4) skcipher as obsolete

Cryptographic algorithms may have a lifespan that is significantly
shorter than Linux's, and so we need to start phasing out algorithms
that are known to be broken, and are no longer fit for general use.

RC4 (or arc4) is a good example here: there are a few areas where its
use is still somewhat acceptable, e.g., for interoperability with legacy
wifi hardware that can only use WEP or TKIP data encryption, but that
should not imply that, for instance, use of RC4 based EAP-TLS by the WPA
supplicant for negotiating TKIP keys is equally acceptable, or that RC4
should remain available as a general purpose cryptographic transform for
all in-kernel and user space clients.

Now that all in-kernel users that need to retain support have moved to
the arc4 library interface, and the known users of ecb(arc4) via the
socket API (iwd [0] and libell [1][2]) have been updated to switch to a
local implementation, we can take the next step, and mark the ecb(arc4)
skcipher as obsolete, and only provide it if the socket API is enabled in
the first place, as well as provide the option to disable all algorithms
that have been marked as obsolete.

[0] https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=1db8a85a60c64523
[1] https://git.kernel.org/pub/scm/libs/ell/ell.git/commit/?id=53482ce421b727c2
[2] https://git.kernel.org/pub/scm/libs/ell/ell.git/commit/?id=7f6a137809d42f6b

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agonet: wireless: drop bogus CRYPTO_xxx Kconfig selects
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:48 +0000 (18:16 +0300)]
net: wireless: drop bogus CRYPTO_xxx Kconfig selects

Drop some bogus Kconfig selects that are not entirely accurate, and
unnecessary to begin with, since the same Kconfig options also select
LIB80211 features that already imply the selected functionality (AES
for CCMP, ARC4 and ECB for TKIP)

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: bcm-iproc - remove ecb(arc4) support
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:47 +0000 (18:16 +0300)]
crypto: bcm-iproc - remove ecb(arc4) support

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: n2 - remove ecb(arc4) support
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:46 +0000 (18:16 +0300)]
crypto: n2 - remove ecb(arc4) support

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agoSUNRPC: remove RC4-HMAC-MD5 support from KerberosV
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:45 +0000 (18:16 +0300)]
SUNRPC: remove RC4-HMAC-MD5 support from KerberosV

The RC4-HMAC-MD5 KerberosV algorithm is based on RFC 4757 [0], which
was specifically issued for interoperability with Windows 2000, but was
never intended to receive the same level of support. The RFC says

  The IETF Kerberos community supports publishing this specification as
  an informational document in order to describe this widely
  implemented technology.  However, while these encryption types
  provide the operations necessary to implement the base Kerberos
  specification [RFC4120], they do not provide all the required
  operations in the Kerberos cryptography framework [RFC3961].  As a
  result, it is not generally possible to implement potential
  extensions to Kerberos using these encryption types.  The Kerberos
  encryption type negotiation mechanism [RFC4537] provides one approach
  for using such extensions even when a Kerberos infrastructure uses
  long-term RC4 keys.  Because this specification does not implement
  operations required by RFC 3961 and because of security concerns with
  the use of RC4 and MD4 discussed in Section 8, this specification is
  not appropriate for publication on the standards track.

  The RC4-HMAC encryption types are used to ease upgrade of existing
  Windows NT environments, provide strong cryptography (128-bit key
  lengths), and provide exportable (meet United States government
  export restriction requirements) encryption.  This document describes
  the implementation of those encryption types.

Furthermore, this RFC was re-classified as 'historic' by RFC 8429 [1] in
2018, stating that 'none of the encryption types it specifies should be
used'

Note that other outdated algorithms are left in place (some of which are
guarded by CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES), so this should only
adversely affect interoperability with Windows NT/2000 systems that have
not received any updates since 2008 (but are connected to a network
nonetheless)

[0] https://tools.ietf.org/html/rfc4757
[1] https://tools.ietf.org/html/rfc8429

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agostaging/rtl8192u: switch to RC4 library interface
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:44 +0000 (18:16 +0300)]
staging/rtl8192u: switch to RC4 library interface

Switch to the ARC4 library interface, to remove the pointless
dependency on the skcipher API, from which we will hopefully be
able to drop ecb(arc4) skcipher support.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agostaging/rtl8192e: switch to RC4 library interface
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:43 +0000 (18:16 +0300)]
staging/rtl8192e: switch to RC4 library interface

Switch to the ARC4 library interface, to remove the pointless
dependency on the skcipher API, from which we will hopefully be
able to drop ecb(arc4) skcipher support.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agohwrng: imx-rngc - add quality to use it as kernel entropy pool
Marco Felsch [Mon, 31 Aug 2020 14:00:42 +0000 (16:00 +0200)]
hwrng: imx-rngc - add quality to use it as kernel entropy pool

The RNGB can generate 2^20 words (1 word == 4 byte) of 'random' data
after the seed pool was initialized. The pool needs to be reseeded if
more words are required. The reseeding is done automatically since
commit 3acd9ea9331c ("hwrng: imx-rngc - use automatic seeding").

We can't retrieve the TRNG values directly so we need a other way to get
the quality level. We know that the PRNG uses 20.000 entropy samples
from the TRNG to generate 2^20 words (1MiB) and the quality level is
defined as (in bits of entropy per 1024 bits of input). So the quality
level can be calculated by:

   20.000 * 1024
   ------------- = ~ 19.5
        2^20

Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
Dominik Przychodni [Mon, 31 Aug 2020 10:59:59 +0000 (11:59 +0100)]
crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA

Return -EINVAL for authenc(hmac(sha1),cbc(aes)),
authenc(hmac(sha256),cbc(aes)) and authenc(hmac(sha512),cbc(aes))
if the cipher length is not multiple of the AES block.
This is to prevent an undefined device behaviour.

Fixes: d370cec32194 ("crypto: qat - Intel(R) QAT crypto interface")
Cc: <stable@vger.kernel.org>
Signed-off-by: Dominik Przychodni <dominik.przychodni@intel.com>
[giovanni.cabiddu@intel.com: reworded commit message]
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: caam - use traditional error check pattern
Andy Shevchenko [Mon, 31 Aug 2020 07:58:32 +0000 (10:58 +0300)]
crypto: caam - use traditional error check pattern

Use traditional error check pattern
ret = ...;
if (ret)
return ret;
...
instead of checking error code to be 0.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: poly1305-x86_64 - Use XORL r32,32
Uros Bizjak [Thu, 27 Aug 2020 17:38:31 +0000 (19:38 +0200)]
crypto: poly1305-x86_64 - Use XORL r32,32

x86_64 zero extends 32bit operations, so for 64bit operands,
XORL r32,r32 is functionally equal to XORQ r64,r64, but avoids
a REX prefix byte when legacy registers are used.

Signed-off-by: Uros Bizjak <ubizjak@gmail.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: curve25519-x86_64 - Use XORL r32,32
Uros Bizjak [Thu, 27 Aug 2020 17:30:58 +0000 (19:30 +0200)]
crypto: curve25519-x86_64 - Use XORL r32,32

x86_64 zero extends 32bit operations, so for 64bit operands,
XORL r32,r32 is functionally equal to XORL r64,r64, but avoids
a REX prefix byte when legacy registers are used.

Signed-off-by: Uros Bizjak <ubizjak@gmail.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sa2ul - fix compiler warning produced by clang
Tero Kristo [Tue, 25 Aug 2020 13:31:06 +0000 (16:31 +0300)]
crypto: sa2ul - fix compiler warning produced by clang

Clang detects a warning for an assignment that doesn't really do
anything. Fix this by removing the offending piece of code.

Fixes: 7694b6ca649f ("crypto: sa2ul - Add crypto driver")
Reported-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Reviewed-by: Nathan Chancellor <natechancellor@gmail.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com> # build
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: amlogic - Fix endianness marker
Herbert Xu [Fri, 28 Aug 2020 07:18:33 +0000 (17:18 +1000)]
crypto: amlogic - Fix endianness marker

The endianness marking on the variable v in meson_cipher is wrong.
It is actually in CPU-order, not little-endian.

This patch fixes it.

Fixes: 3d04158814e7 ("crypto: amlogic - enable working on big...")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Corentin Labbe <clabbe@baylibre.com>
Tested-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agopadata: add another maintainer and another list
Daniel Jordan [Fri, 28 Aug 2020 01:53:28 +0000 (21:53 -0400)]
padata: add another maintainer and another list

At Steffen's request, I'll help maintain padata for the foreseeable
future.

While at it, let's have patches go to lkml too since the code is now
used outside of crypto.

Signed-off-by: Daniel Jordan <daniel.m.jordan@oracle.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ss - remove redundant memzero_explicit()
Denis Efremov [Thu, 27 Aug 2020 12:16:11 +0000 (15:16 +0300)]
crypto: sun8i-ss - remove redundant memzero_explicit()

Remove redundant memzero_explicit() in sun8i_ss_cipher() before calling
kfree_sensitive(). kfree_sensitive() will zero the memory with
memzero_explicit().

Fixes: 453431a54934 ("mm, treewide: rename kzfree() to kfree_sensitive()")
Signed-off-by: Denis Efremov <efremov@linux.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ss - use kfree_sensitive()
Denis Efremov [Thu, 27 Aug 2020 06:44:02 +0000 (09:44 +0300)]
crypto: sun8i-ss - use kfree_sensitive()

Use kfree_sensitive() instead of open-coding it.

Signed-off-by: Denis Efremov <efremov@linux.com>
Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sun8i-ce - use kfree_sensitive()
Denis Efremov [Thu, 27 Aug 2020 06:44:01 +0000 (09:44 +0300)]
crypto: sun8i-ce - use kfree_sensitive()

Use kfree_sensitive() instead of open-coding it.

Signed-off-by: Denis Efremov <efremov@linux.com>
Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: amlogic - use kfree_sensitive()
Denis Efremov [Thu, 27 Aug 2020 06:44:00 +0000 (09:44 +0300)]
crypto: amlogic - use kfree_sensitive()

Use kfree_sensitive() instead of open-coding it.

Signed-off-by: Denis Efremov <efremov@linux.com>
Tested-by: Corentin Labbe <clabbe@baylibre.com>
Acked-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: inside-secure - use kfree_sensitive()
Denis Efremov [Thu, 27 Aug 2020 06:43:59 +0000 (09:43 +0300)]
crypto: inside-secure - use kfree_sensitive()

Use kfree_sensitive() instead of open-coding it.

Signed-off-by: Denis Efremov <efremov@linux.com>
Acked-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: ccree - Simplify with dev_err_probe()
Krzysztof Kozlowski [Wed, 26 Aug 2020 16:29:54 +0000 (18:29 +0200)]
crypto: ccree - Simplify with dev_err_probe()

Common pattern of handling deferred probe can be simplified with
dev_err_probe().  Less code and also it prints the error value.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: sa2ul - Simplify with dev_err_probe()
Krzysztof Kozlowski [Wed, 26 Aug 2020 16:29:53 +0000 (18:29 +0200)]
crypto: sa2ul - Simplify with dev_err_probe()

Common pattern of handling deferred probe can be simplified with
dev_err_probe().  Less code and also it prints the error value.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agohwrng: cctrn - Simplify with dev_err_probe()
Krzysztof Kozlowski [Wed, 26 Aug 2020 15:32:33 +0000 (17:32 +0200)]
hwrng: cctrn - Simplify with dev_err_probe()

Common pattern of handling deferred probe can be simplified with
dev_err_probe().  Less code and also it prints the error value.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Hadar Gat <hadar.gat@arm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: powerpc/crc-vpmsum_test - Fix sparse endianness warning
Herbert Xu [Tue, 25 Aug 2020 01:52:02 +0000 (11:52 +1000)]
crypto: powerpc/crc-vpmsum_test - Fix sparse endianness warning

This patch fixes a sparse endianness warning by changing crc32 to
__le32 instead of u32:

  CHECK   ../arch/powerpc/crypto/crc-vpmsum_test.c
../arch/powerpc/crypto/crc-vpmsum_test.c:102:39: warning: cast from restricted __le32

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: arm64/gcm - Fix endianness warnings
Herbert Xu [Tue, 25 Aug 2020 01:38:01 +0000 (11:38 +1000)]
crypto: arm64/gcm - Fix endianness warnings

This patch changes a couple u128's to be128 which is the correct
type to use and fixes a few sparse warnings.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5 years agocrypto: arm64/sha - Add declarations for assembly variables
Herbert Xu [Tue, 25 Aug 2020 01:34:28 +0000 (11:34 +1000)]
crypto: arm64/sha - Add declarations for assembly variables

This patch adds declarations for variables only used by assembly
code to silence compiler warnings:

  CC [M]  arch/arm64/crypto/sha1-ce-glue.o
  AS [M]  arch/arm64/crypto/sha1-ce-core.o
  CC [M]  arch/arm64/crypto/sha2-ce-glue.o
  AS [M]  arch/arm64/crypto/sha2-ce-core.o
  CHECK   ../arch/arm64/crypto/sha1-ce-glue.c
  CHECK   ../arch/arm64/crypto/sha2-ce-glue.c
../arch/arm64/crypto/sha1-ce-glue.c:38:11: warning: symbol 'sha1_ce_offsetof_count' was not declared. Should it be static?
../arch/arm64/crypto/sha1-ce-glue.c:39:11: warning: symbol 'sha1_ce_offsetof_finalize' was not declared. Should it be static?
../arch/arm64/crypto/sha2-ce-glue.c:38:11: warning: symbol 'sha256_ce_offsetof_count' was not declared. Should it be static?
../arch/arm64/crypto/sha2-ce-glue.c:40:11: warning: symbol 'sha256_ce_offsetof_finalize' was not declared. Should it be static?

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>