[PATCH 1/2] Add DOWNLOAD_FIRMWARE SEV command

The DOWNLOAD_FIRMWARE command, added as of SEV API v0.15, allows the OS to install SEV firmware newer than the currently active SEV firmware. For the new SEV firmware to be applied it must: * Pass the validation test performed by the existing firmware. * Be of the same build or a newer build compa

[PATCH 2/2] Add GET_ID SEV command

The GET_ID command, added as of SEV API v0.16, allows the SEV firmware to be queried about a unique CPU ID. This unique ID can then be used to obtain the public certificate containing the Chip Endorsement Key (CEK) public key signed by the AMD SEV Signing Key (ASK). For more information please ref

Re: [PATCH 1/5] random: fix crng_ready() test

Hi Ted, On Fri, Apr 13, 2018 at 3:30 AM, Theodore Ts'o wrote: > The crng_init variable has three states: > > 0: The CRNG is not initialized at all > 1: The CRNG has a small amount of entropy, hopefully good enough for >early-boot, non-cryptographical use cases > 2: The CRNG is fully initializ

RE: [PATCH 01/10] crypto: aead - allow to allocate AEAD requests on the stack

From: Antoine Tenart > Sent: 02 May 2018 10:57 > Adds the AEAD_REQUEST_ON_STACK primitive to allow allocating AEAD > requests on the stack, as it can already be done with various other > crypto algorithms within the kernel. > > Signed-off-by: Antoine Tenart > --- > include/crypto/aead.h | 5

[PATCH 02/10] crypto: inside-secure - rework cipher functions for future AEAD support

This patch reworks the Inside Secure cipher functions, to remove all skcipher specific information and structure from all functions generic enough to be shared between skcipher and aead algorithms. This is a cosmetic only patch. Signed-off-by: Antoine Tenart --- .../crypto/inside-secure/safexce

[PATCH 09/10] crypto: inside-secure - authenc(hmac(sha224),cbc(aes)) support

This patch adds the authenc(hmac(sha224),cbc(aes)) AEAD algorithm support to the Inside Secure SafeXcel driver. Signed-off-by: Antoine Tenart --- drivers/crypto/inside-secure/safexcel.c | 1 + drivers/crypto/inside-secure/safexcel.h | 1 + .../crypto/inside-secure/safexcel_cipher.c

[PATCH 10/10] crypto: inside-secure - authenc(hmac(sha1),cbc(aes)) support

This patch adds the authenc(hmac(sha1),cbc(aes)) AEAD algorithm support to the Inside Secure SafeXcel driver. Signed-off-by: Antoine Tenart --- drivers/crypto/inside-secure/safexcel.c | 1 + drivers/crypto/inside-secure/safexcel.h | 1 + .../crypto/inside-secure/safexcel_cipher.c

[PATCH 06/10] crypto: inside-secure - fix the hash then encrypt/decrypt types

This commit fixes the CONTEXT_CONTROL_TYPE_HASH_ENCRYPT_OUT and CONTEXT_CONTROL_TYPE_HASH_DECRYPT_OUT types by assigning the right value, and by renaming CONTEXT_CONTROL_TYPE_HASH_DECRYPT_OUT to CONTEXT_CONTROL_TYPE_HASH_DECRYPT_IN. This is not submitted as a fix for older kernel versions as these

[PATCH 04/10] crypto: inside-secure - make the context control size dynamic

This patch makes the context control size computation dynamic, not to rely on hardcoded values. This is better for the future, and will help adding the AEAD support. Signed-off-by: Antoine Tenart --- drivers/crypto/inside-secure/safexcel_cipher.c | 5 ++--- 1 file changed, 2 insertions(+), 3 del

[PATCH 05/10] crypto: inside-secure - make the key and context size computation dynamic

This patches makes the key and context size computation dynamic when using memzero_explicit() on these two arrays. This is safer, cleaner and will help future modifications of the driver when these two parameters sizes will changes (the context size will be bigger when using AEAD algorithms). Sign

[PATCH 07/10] crypto: inside-secure - improve error reporting

This patch improves the error reporting from the Inside Secure driver to the upper layers and crypto consumers. All errors reported by the engine aren't fatal, and some may be genuine. Signed-off-by: Antoine Tenart --- drivers/crypto/inside-secure/safexcel.c | 21 +++ drive

[PATCH 08/10] crypto: inside-secure - authenc(hmac(sha256),cbc(aes)) support

This patch adds support for the first AEAD algorithm in the Inside Secure SafeXcel driver, authenc(hmac(sha256),cbc(aes)). As this is the first AEAD algorithm added to this driver, common AEAD functions are added as well. Signed-off-by: Antoine Tenart --- drivers/crypto/Kconfig

[PATCH 03/10] crypto: inside-secure - rework the alg type settings in the context

This patches reworks the way the algorithm type is set in the context, by using the fact that the decryption algorithms are just a combination of the algorithm encryption type and CONTEXT_CONTROL_TYPE_NULL_IN. This will help having simpler code when adding the AEAD support, to avoid ending up with

[PATCH 00/10] crypto: inside-secure - AEAD support

Hi all, This series brings AEAD algorithms to the Inside Secure SafeXcel driver. The first 7 commits rework the driver to allow the future AEAD addition, and then 3 commits add AEAD functions and 3 algorithms. This is based on top of v4.17-rc3. Thanks! Antoine Antoine Tenart (10): crypto: aea

[PATCH 01/10] crypto: aead - allow to allocate AEAD requests on the stack

Adds the AEAD_REQUEST_ON_STACK primitive to allow allocating AEAD requests on the stack, as it can already be done with various other crypto algorithms within the kernel. Signed-off-by: Antoine Tenart --- include/crypto/aead.h | 5 + 1 file changed, 5 insertions(+) diff --git a/include/cryp