On Wed, Jan 23, 2019 at 3:37 PM Greg Kroah-Hartman
wrote:
>
> On Wed, Jan 23, 2019 at 02:58:22PM +0200, Gilad Ben-Yossef wrote:
> > Hi,
> >
> > On Tue, Jan 22, 2019 at 5:14 PM Greg Kroah-Hartman
> > wrote:
> > >
> > > When calling debugfs functions, there is no need to ever check the
> > > return
This flag indicates that requests in this context should not wait for
tee-supplicant daemon to be started if not present and just return
with an error code. It is needed for requests which should be
non-blocking in nature like ones arising from TEE based kernel drivers
or any in kernel api that use
This series introduces a generic TEE bus driver concept for TEE based
kernel drivers which would like to communicate with TEE based devices/
services.
Patch #1 adds TEE bus concept where devices/services are identified via
Universally Unique Identifier (UUID) and drivers register a table of
device
OP-TEE provides a pseudo TA to enumerate TAs which can act as devices/
services for TEE bus. So implement device enumeration using invoke
function: PTA_CMD_GET_DEVICES provided by pseudo TA to fetch array of
device UUIDs. Also register these enumerated devices with TEE bus as
"optee-clntX" device.
On ARM SoC's with TrustZone enabled, peripherals like entropy sources
might not be accessible to normal world (linux in this case) and rather
accessible to secure world (OP-TEE in this case) only. So this driver
aims to provides a generic interface to OP-TEE based random number
generator service.
Introduce a generic TEE bus driver concept for TEE based kernel drivers
which would like to communicate with TEE based devices/services. Also
add support in module device table for these new TEE based devices.
In this TEE bus concept, devices/services are identified via Universally
Unique Identifi
From: Eric Biggers
Instantiating "cryptd(crc32c)" causes a crypto self-test failure because
the crypto_alloc_shash() in alg_test_crc32c() fails. This is because
cryptd(crc32c) is an ahash algorithm, not a shash algorithm; so it can
only be accessed through the ahash API, unlike shash algorithms
From: Eric Biggers
The arm64 NEON bit-sliced implementation of AES-CTR fails the improved
skcipher tests because it sometimes produces the wrong ciphertext. The
bug is that the final keystream block isn't returned from the assembly
code when the number of non-final blocks is zero. This can happ
From: Eric Biggers
The x86 AEGIS implementations all fail the improved AEAD tests because
they produce the wrong result with some data layouts. Also, when the
MAY_SLEEP flag is given, they can sleep in the skcipher_walk_*()
functions while preemption is disabled by kernel_fpu_begin().
Fix these
From: Eric Biggers
gcmaes_crypt_by_sg() dereferences the NULL pointer returned by
scatterwalk_ffwd() when encrypting an empty plaintext and the source
scatterlist ends immediately after the associated data.
Fix it by only fast-forwarding to the src/dst data scatterlists if the
data length is non
From: Eric Biggers
The x86 MORUS implementations all fail the improved AEAD tests because
they produce the wrong result with some data layouts. Also, when the
MAY_SLEEP flag is given, they can sleep in the skcipher_walk_*()
functions while preemption is disabled by kernel_fpu_begin().
Fix these
From: Eric Biggers
Hash algorithms with an alignmask set, e.g. "xcbc(aes-aesni)" and
"michael_mic", fail the improved hash tests because they sometimes
produce the wrong digest. The bug is that in the case where a
scatterlist element crosses pages, not all the data is actually hashed
because the
From: Eric Biggers
To achieve more comprehensive crypto test coverage, I'd like to add fuzz
tests that use random data layouts and request flags.
To be most effective these tests should be part of testmgr, so they
automatically run on every algorithm registered with the crypto API.
However, they
From: Eric Biggers
The generic MORUS implementations all fail the improved AEAD tests
because they produce the wrong result with some data layouts. Fix them.
Fixes: 396be41f16fd ("crypto: morus - Add generic MORUS AEAD implementations")
Cc: # v4.18+
Cc: Ondrej Mosnacek
Signed-off-by: Eric Big
From: Eric Biggers
The generic AEGIS implementations all fail the improved AEAD tests
because they produce the wrong result with some data layouts. Fix them.
Fixes: f606a88e5823 ("crypto: aegis - Add generic AEGIS AEAD implementations")
Cc: # v4.18+
Cc: Ondrej Mosnacek
Signed-off-by: Eric Big
From: Eric Biggers
Crypto algorithms must produce the same output for the same input
regardless of data layout, i.e. how the src and dst scatterlists are
divided into chunks and how each chunk is aligned. Request flags such
as CRYPTO_TFM_REQ_MAY_SLEEP must not affect the result either.
However,
From: Eric Biggers
Check that algorithms do not change the skcipher_request structure, as
users may rely on submitting the request again (e.g. after copying new
data into the same source buffer) without reinitializing everything.
Signed-off-by: Eric Biggers
---
crypto/testmgr.c | 41 ++
From: Eric Biggers
Add functions that generate a random testvec_config, in preparation for
using it for randomized fuzz tests.
Signed-off-by: Eric Biggers
---
crypto/testmgr.c | 117 +++
1 file changed, 117 insertions(+)
diff --git a/crypto/testmgr.
From: Eric Biggers
Convert alg_test_aead() to use the new test framework, using the same
list of testvec_configs that skcipher testing uses.
This significantly improves AEAD test coverage mainly because previously
there was only very limited test coverage of the possible data layouts.
Now the da
From: Eric Biggers
Convert alg_test_skcipher() to use the new test framework, adding a list
of testvec_configs to test by default. When the extra self-tests are
enabled, randomly generated testvec_configs are tested as well.
This improves skcipher test coverage mainly because now all algorithms
From: Eric Biggers
Convert alg_test_hash() to use the new test framework, adding a list of
testvec_configs to test by default. When the extra self-tests are
enabled, randomly generated testvec_configs are tested as well.
This improves hash test coverage mainly because now all algorithms have
a
Hello,
Crypto algorithms must produce the same output for the same input
regardless of data layout, i.e. how the src and dst scatterlists are
divided into chunks and how each chunk is aligned. Request flags such
as CRYPTO_TFM_REQ_MAY_SLEEP must not affect the result either.
However, testing of t
From: Eric Biggers
Check that algorithms do not change the aead_request structure, as users
may rely on submitting the request again (e.g. after copying new data
into the same source buffer) without reinitializing everything.
Signed-off-by: Eric Biggers
---
crypto/testmgr.c | 44 ++
Add AES crypto HW acceleration for Exynos5433, with the help of SlimSSS IP.
Signed-off-by: Kamil Konieczny
---
drivers/crypto/s5p-sss.c | 50
1 file changed, 46 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/s5p-sss.c b/drivers/crypto/s5p-sss.
Document DT bindings for crypto Samsung Exynos5433 SlimSSS (Slim Security
SubSystem) IP.
Signed-off-by: Kamil Konieczny
---
.../devicetree/bindings/crypto/samsung-sss.txt | 14 +++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/Documentation/devicetree/bindings/cry
Add slimSSS node to DT and crypto AES support for Exynos5433. Tested on
Exynos5433 board with crypto run-time self tests and with tcrypt with
command insmod tcrypt.ko mode=500 sec=1
Changes since v1:
- address Krzysztof Kozlowski review: add missing comma in struct
definition, add goto for error
On 23.01.2019 08:59, Krzysztof Kozlowski wrote:
> On Tue, 22 Jan 2019 at 16:26, Kamil Konieczny
> wrote:
>>
>> Document DT bindings for crypto Samsung Exynos5433 SlimSSS (Slim Security
>> SubSystem) IP.
>>
>> Signed-off-by: Kamil Konieczny
>> ---
>> .../devicetree/bindings/crypto/samsung-sss.txt
Hi Krzysztof,
On 23.01.2019 08:59, Krzysztof Kozlowski wrote:
> On Tue, 22 Jan 2019 at 16:26, Kamil Konieczny
> wrote:
>>
>> Document DT bindings for crypto Samsung Exynos5433 SlimSSS (Slim Security
>> SubSystem) IP.
>>
>> Signed-off-by: Kamil Konieczny
>> ---
>> .../devicetree/bindings/crypto/
Horia,
On Fri, Dec 07, 2018 at 12:31:23PM +0100, Sascha Hauer wrote:
> The crypto API wants the updated IV in req->info after decryption. The
> updated IV used to be copied correctly to req->info after running the
> decryption job. Since 115957bb3e59 this is done before running the job
> so instea
Hi Krzysztof,
On 23.01.2019 09:13, Krzysztof Kozlowski wrote:
> On Tue, 22 Jan 2019 at 16:26, Kamil Konieczny
> wrote:
>>
>> Add AES crypto HW acceleration for Exynos5433, with the help of SlimSSS IP.
>>
>> Signed-off-by: Kamil Konieczny
>> [...]
>> @@ -384,11 +387,19 @@ struct s5p_hash_ctx {
>>
On Wed, Jan 23, 2019 at 02:58:22PM +0200, Gilad Ben-Yossef wrote:
> Hi,
>
> On Tue, Jan 22, 2019 at 5:14 PM Greg Kroah-Hartman
> wrote:
> >
> > When calling debugfs functions, there is no need to ever check the
> > return value. The function can work or not, but the code logic should
> > never d
On Tue, Jan 22, 2019 at 04:14:19PM +0100, Greg Kroah-Hartman wrote:
> When calling debugfs functions, there is no need to ever check the
> return value. The function can work or not, but the code logic should
> never do something different based on this.
>
> Cc: Herbert Xu
> Cc: "David S. Miller
This series adds HiSilicon QM and ZIP controller driver in crypto subsystem.
A simple QM/ZIP driver which helps to provide an example for a general
accelerator framework is under review in community[1]. Based on this simple
driver, this series adds HW v2 support, PCI passthrough, reset, PCI/misc e
QM is a general IP used by HiSilicon accelerators. It provides a general
PCIe interface for the CPU and the accelerator to share a group of queues.
A QM integrated in an accelerator provides queue management service.
Queues can be assigned to PF and VFs, and queues can be controlled by
unified mai
Add debugfs descriptions for HiSilicon ZIP and QM driver.
Signed-off-by: Zhou Wang
Reviewed-by: Jonathan Cameron
---
Documentation/ABI/testing/debugfs-hisi-zip | 50 ++
1 file changed, 50 insertions(+)
create mode 100644 Documentation/ABI/testing/debugfs-hisi-zip
d
The HiSilicon ZIP accelerator implements the zlib and gzip algorithm. It
uses Hisilicon QM as the interface to the CPU.
This patch provides PCIe driver to the accelerator and register it to
the crypto subsystem.
Signed-off-by: Zhou Wang
Signed-off-by: Shiju Jose
Signed-off-by: Kenneth Lee
Sign
Add Zhou Wang as a maintainer for HiSilicon QM and ZIP controller driver.
Signed-off-by: Zhou Wang
Reviewed-by: John Garry
---
MAINTAINERS | 8
1 file changed, 8 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 51029a4..6e6be9b 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -
Hi,
On Tue, Jan 22, 2019 at 5:14 PM Greg Kroah-Hartman
wrote:
>
> When calling debugfs functions, there is no need to ever check the
> return value. The function can work or not, but the code logic should
> never do something different based on this.
I get the part about not failing loading t
Avoid plain memcmp() on the AEAD tag value as this could leak
information through a timing side channel.
Signed-off-by: Lars Persson
---
drivers/crypto/axis/artpec6_crypto.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/axis/artpec6_crypto.c
b/drivers/
The hardware implementation of SHA384 was not correct and it cannot
be used in any situation.
Signed-off-by: Lars Persson
---
drivers/crypto/axis/artpec6_crypto.c | 107 +--
1 file changed, 2 insertions(+), 105 deletions(-)
diff --git a/drivers/crypto/axis/artpec
The driver was optimized to only do cache maintenance for the last
word of the dma descriptor status array. Unfortunately an omission
also passed the last word as the address of the array start to the DMA
engine. In most cases this goes unnoticed since the hardware aligns
the address to a 64 byte b
From: Vincent Whitchurch
The request unmap and bounce buffer copying is currently unnecessarily
done while holding the queue spin lock.
Signed-off-by: Lars Persson
Signed-off-by: Vincent Whitchurch
---
drivers/crypto/axis/artpec6_crypto.c | 8
1 file changed, 4 insertions(+), 4 delet
Clients may submit a new requests from the completion callback
context. The driver was not prepared to receive a request in this
state because it already held the request queue lock and a recursive
lock error is triggered.
Now all completions are queued up until we are ready to drop the queue
lock
The hardware cannot restore the context correctly when it operates in
SHA512 mode. This is too restrictive when operating in a framework that
can interleave multiple hash sessions.
Signed-off-by: Lars Persson
---
drivers/crypto/axis/artpec6_crypto.c | 126 +++
1 f
The implementation assumed that the client always wants the whole 16
byte AES-GCM tag. Now we respect the requested authentication tag size
fetched using crypto_aead_authsize().
Signed-off-by: Lars Persson
---
drivers/crypto/axis/artpec6_crypto.c | 35 +--
1 file
Hi
This series brings to mainline fixes done during our product development and
fixes for errors detected by the IPsec testsuite in LTP.
Lars Persson (6):
crypto: axis - remove sha384 support for artpec7
crypto: axis - remove sha512 support for artpec7
crypto: axis - fix for recursive locki
Dear Friend
I have been expecting to hear from you based on my first message to
you, for your compensaction of 500,000.00 or didn't you receive my
first message that I sent to you?
If not reply back to me immediately its urgent
Quickly reply to this email fundrelease2...@gmail.com
Waiting your ur
When building without CONFIG_HW_RANDOM_PPC4XX, I hit the following build
failure:
drivers/crypto/amcc/crypto4xx_core.c: In function 'crypto4xx_probe':
drivers/crypto/amcc/crypto4xx_core.c:1407:20: error: passing argument 1 of
'ppc4xx_trng_probe' from incompatible pointer type
[-Werror=incompatib
On Tue, 22 Jan 2019 at 16:26, Kamil Konieczny
wrote:
>
> Add AES crypto HW acceleration for Exynos5433, with the help of SlimSSS IP.
>
> Signed-off-by: Kamil Konieczny
> ---
> drivers/crypto/s5p-sss.c | 50
> 1 file changed, 46 insertions(+), 4 deletions(
On Tue, 22 Jan 2019 at 16:26, Kamil Konieczny
wrote:
>
> Document DT bindings for crypto Samsung Exynos5433 SlimSSS (Slim Security
> SubSystem) IP.
>
> Signed-off-by: Kamil Konieczny
> ---
> .../devicetree/bindings/crypto/samsung-sss.txt | 13 ++---
> 1 file changed, 10 insertions(+
50 matches
Mail list logo
