Hi experts,
On Thu, May 02, 2019 at 12:12:02PM +0800, Lee, Chun-Yi wrote:
> We found that the db in Acer machine has self signed certificates
> (CN=DisablePW or CN=ABO) that they used obsolete OID 1.3.14.3.2.29
> sha1WithRSASignature and 2.5.29.1 subjectKeyIdentifier. Kernel
> emits -65 error cod
On Mon, Jul 15, 2019 at 1:20 PM Andrey Smirnov wrote:
>
> Using dma_addr_t for elements of JobR input ring is not appropriate on
> all 64-bit SoCs, some of which, like i.MX8MQ, use only 32-bit wide
> pointers there. Convert all of the code to use explicit helper
> function that can be later extend
On 7/15/19 12:03 PM, Lendacky, Thomas wrote:
> On 7/12/19 3:41 PM, David Rientjes wrote:
>> SEV_VERSION_GREATER_OR_EQUAL() will fail if upgrading from 2.2 to 3.1, for
>> example, because the minor version is not equal to or greater than the
>> major.
>>
>> Fix this and move to a static inline funct
In order to be able to unify 64 and 32 bit implementations of
wr_reg64, let's convert it to use helpers from
first. Here are the steps of the
transformation:
1. Inline wr_reg32 helpers:
if (!caam_imx && caam_little_end) {
if (caam_little_end) {
iow
In order to avoid any risk of JR IRQ request being handled while some
of the resources used for that are not yet allocated move the code
requesting said IRQ to the endo of caam_jr_init(). No functional
change intended.
Signed-off-by: Andrey Smirnov
Cc: Chris Spencer
Cc: Cory Tusar
Cc: Chris Hea
Use deveres to allocate all of the resources in caam_jr_init() (DMA
coherent and regular memory, IRQs) drop calls to corresponding
deallocation routines. No functional change intended.
Signed-off-by: Andrey Smirnov
Cc: Cory Tusar
Cc: Chris Healy
Cc: Lucas Stach
Cc: Horia Geantă
Cc: Aymen Sgha
Simplify clock initialization code by converting it to use clk-bulk,
devres and soc_device_match() match table. No functional change
intended.
Signed-off-by: Andrey Smirnov
Reviewed-by: Leonard Crestez
Cc: Chris Spencer
Cc: Cory Tusar
Cc: Chris Healy
Cc: Lucas Stach
Cc: Horia Geantă
Cc: Aym
Using dma_addr_t for elements of JobR input ring is not appropriate on
all 64-bit SoCs, some of which, like i.MX8MQ, use only 32-bit wide
pointers there. Convert all of the code to use explicit helper
function that can be later extended to support i.MX8MQ. No functional
change intended.
Signed-off
Since 32-bit of both wr_reg64 and rd_reg64 now use 64-bit IO helpers,
these functions should no longer be necessary. No functional change intended.
Signed-off-by: Andrey Smirnov
Cc: Chris Spencer
Cc: Cory Tusar
Cc: Chris Healy
Cc: Lucas Stach
Cc: Horia Geantă
Cc: Aymen Sghaier
Cc: Leonard C
Per feedback from NXP tech support the way to use register based
service interface on i.MX8MQ is to follow the same set of steps
outlined for the case when virtualization is enabled, regardless if it
is. Current version of SRM for i.MX8MQ speaks of DECO DID_MS and DECO
DID_LS registers, but apparen
Add clock entry needed to support i.MX8MQ.
Signed-off-by: Andrey Smirnov
Cc: Chris Spencer
Cc: Cory Tusar
Cc: Chris Healy
Cc: Lucas Stach
Cc: Horia Geantă
Cc: Aymen Sghaier
Cc: Leonard Crestez
Cc: linux-crypto@vger.kernel.org
Cc: linux-ker...@vger.kernel.org
---
drivers/crypto/caam/ctrl.c
i.MX8 SoC still use 32-bit addresses in its CAAM implmentation, so
change all of the code to be able to handle that.
Signed-off-by: Andrey Smirnov
Cc: Chris Spencer
Cc: Cory Tusar
Cc: Chris Healy
Cc: Lucas Stach
Cc: Horia Geantă
Cc: Aymen Sghaier
Cc: Leonard Crestez
Cc: linux-crypto@vger.k
Using struct jr_outentry to specify the layout of JobR output ring is
not appropriate for all 64-bit SoC, since some of them, like i.MX8MQ,
use 32-bit pointers there which doesn't match 64-bit
dma_addr_t. Convert existing code to use explicit helper functions to
access any of the JobR output ring e
In order to be able to configure CAAM pointer size at run-time, which
needed to support i.MX8MQ, which is 64-bit SoC with 32-bit pointer
size, convert CAAM_PTR_SZ to refer to a global variable of the same
name ("caam_ptr_sz") and adjust the rest of the code accordingly. No
functional change intende
Following the same transformation logic as outlined in previous commit
converting wr_reg64, convert rd_reg64 to use helpers from
first. No functional change intended.
Signed-off-by: Andrey Smirnov
Cc: Chris Spencer
Cc: Cory Tusar
Cc: Chris Healy
Cc: Lucas Stach
Cc: Horia Geantă
Cc: Aymen Sg
Instead of selecting the implementation of
cpu_to_caam_dma()/caam_dma_to_cpu() at build time using the
preprocessor, convert the code to do that at run-time using IS_ENABLED
macro. This is needed to add support for i.MX8MQ. No functional change
intended.
Signed-off-by: Andrey Smirnov
Cc: Chris Sp
Exactly the same code to figure out DMA mask is repeated twice in the
driver code. To avoid repetition, move that logic into a standalone
subroutine in intern.h. While at it re-shuffle the code to make it
more readable with early returns.
Signed-off-by: Andrey Smirnov
Reviewed-by: Horia Geantă
C
Everyone:
Picking up where Chris left off (I chatted with him privately
beforehead), this series adds support for i.MX8MQ to CAAM driver. Just
like [v1], this series is i.MX8MQ only.
Feedback is welcome!
Thanks,
Andrey Smirnov
Changes since [v4]:
- Fixed missing sentinel element in "crypto: c
On Thu, Jul 4, 2019 at 8:43 AM Iuliana Prodan wrote:
>
> On 7/3/2019 11:15 AM, Andrey Smirnov wrote:
> > Simplify clock initialization code by converting it to use clk-bulk,
> > devres and soc_device_match() match table. No functional change
> > intended.
> >
> > Signed-off-by: Andrey Smirnov
> >
On 7/12/19 3:41 PM, David Rientjes wrote:
> SEV_VERSION_GREATER_OR_EQUAL() will fail if upgrading from 2.2 to 3.1, for
> example, because the minor version is not equal to or greater than the
> major.
>
> Fix this and move to a static inline function for appropriate type
> checking.
>
> Fixes: ed
On Sat, Jul 13, 2019 at 01:03:21PM +0800, Herbert Xu wrote:
> On Fri, Jul 12, 2019 at 12:07:37PM -0400, Daniel Jordan wrote:
> >
> > modprobe (CPU2) kworker/21:1-293 (CPU21)
> > kworker/5:2-276 (CPU5)
> > --
From: Christophe Leroy
[ Upstream commit eae55a586c3c8b50982bad3c3426e9c9dd7a0075 ]
The driver assumes that the ICV is as a single piece in the last
element of the scatterlist. This assumption is wrong.
This patch ensures that the ICV is properly handled regardless of
the scatterlist layout.
F
From: Arnd Bergmann
[ Upstream commit 90acc0653d2bee203174e66d519fbaaa513502de ]
Build testing with some core crypto options disabled revealed
a few modules that are missing CRYPTO_HASH:
crypto/asymmetric_keys/x509_public_key.o: In function `x509_get_sig_params':
x509_public_key.c:(.text+0x4c7)
From: Horia Geantă
[ Upstream commit dcd9c76e5a183af4f793beb5141efcd260b8d09f ]
When enabling IOMMU support, the following issue becomes visible
in the AEAD zero-length case.
Even though the output sequence length is set to zero, the crypto engine
tries to prefetch 4 S/G table entries (since SG
From: Antoine Tenart
[ Upstream commit 89332590427235680236b9470e851afc49b3caa1 ]
When performing a transformation the hardware is given result
descriptors to save the result data. Those result descriptors are
batched using a 'first' and a 'last' bit. There are cases were more
descriptors than n
From: Arnd Bergmann
[ Upstream commit 90acc0653d2bee203174e66d519fbaaa513502de ]
Build testing with some core crypto options disabled revealed
a few modules that are missing CRYPTO_HASH:
crypto/asymmetric_keys/x509_public_key.o: In function `x509_get_sig_params':
x509_public_key.c:(.text+0x4c7)
From: Christophe Leroy
[ Upstream commit 3e03e792865ae48b8cfc69a0b4d65f02f467389f ]
Selftests report the following:
[2.984845] alg: skcipher: cbc-aes-talitos encryption test failed (wrong
output IV) on test vector 0, cfg="in-place"
[2.995377] : 3d af ba 42 9d 9e b4 30 b4 22 da
From: Antoine Tenart
[ Upstream commit 89332590427235680236b9470e851afc49b3caa1 ]
When performing a transformation the hardware is given result
descriptors to save the result data. Those result descriptors are
batched using a 'first' and a 'last' bit. There are cases were more
descriptors than n
From: Christophe Leroy
[ Upstream commit eae55a586c3c8b50982bad3c3426e9c9dd7a0075 ]
The driver assumes that the ICV is as a single piece in the last
element of the scatterlist. This assumption is wrong.
This patch ensures that the ICV is properly handled regardless of
the scatterlist layout.
F
From: Christophe Leroy
[ Upstream commit c9cca7034b34a2d82e9a03b757de2485c294851c ]
The MPC885 reference manual states:
SEC Lite-initiated 8xx writes can occur only on 32-bit-word boundaries, but
reads can occur on any byte boundary. Writing back a header read from a
non-32-bit-word boundary wi
From: Christophe Leroy
[ Upstream commit 3e03e792865ae48b8cfc69a0b4d65f02f467389f ]
Selftests report the following:
[2.984845] alg: skcipher: cbc-aes-talitos encryption test failed (wrong
output IV) on test vector 0, cfg="in-place"
[2.995377] : 3d af ba 42 9d 9e b4 30 b4 22 da
From: Christophe Leroy
[ Upstream commit 3e03e792865ae48b8cfc69a0b4d65f02f467389f ]
Selftests report the following:
[2.984845] alg: skcipher: cbc-aes-talitos encryption test failed (wrong
output IV) on test vector 0, cfg="in-place"
[2.995377] : 3d af ba 42 9d 9e b4 30 b4 22 da
From: Christophe Leroy
[ Upstream commit eae55a586c3c8b50982bad3c3426e9c9dd7a0075 ]
The driver assumes that the ICV is as a single piece in the last
element of the scatterlist. This assumption is wrong.
This patch ensures that the ICV is properly handled regardless of
the scatterlist layout.
F
From: Arnd Bergmann
[ Upstream commit 90acc0653d2bee203174e66d519fbaaa513502de ]
Build testing with some core crypto options disabled revealed
a few modules that are missing CRYPTO_HASH:
crypto/asymmetric_keys/x509_public_key.o: In function `x509_get_sig_params':
x509_public_key.c:(.text+0x4c7)
From: Christophe Leroy
[ Upstream commit c9cca7034b34a2d82e9a03b757de2485c294851c ]
The MPC885 reference manual states:
SEC Lite-initiated 8xx writes can occur only on 32-bit-word boundaries, but
reads can occur on any byte boundary. Writing back a header read from a
non-32-bit-word boundary wi
From: Arnd Bergmann
[ Upstream commit 90acc0653d2bee203174e66d519fbaaa513502de ]
Build testing with some core crypto options disabled revealed
a few modules that are missing CRYPTO_HASH:
crypto/asymmetric_keys/x509_public_key.o: In function `x509_get_sig_params':
x509_public_key.c:(.text+0x4c7)
From: Arnd Bergmann
[ Upstream commit 473971187d6727609951858c63bf12b0307ef015 ]
The same bug that gcc hit in the past is apparently now showing
up with clang, which decides to inline __serpent_setkey_sbox:
crypto/serpent_generic.c:268:5: error: stack frame size of 2112 bytes in
function '__se
From: Christophe Leroy
[ Upstream commit 3e03e792865ae48b8cfc69a0b4d65f02f467389f ]
Selftests report the following:
[2.984845] alg: skcipher: cbc-aes-talitos encryption test failed (wrong
output IV) on test vector 0, cfg="in-place"
[2.995377] : 3d af ba 42 9d 9e b4 30 b4 22 da
From: Arnd Bergmann
[ Upstream commit 90acc0653d2bee203174e66d519fbaaa513502de ]
Build testing with some core crypto options disabled revealed
a few modules that are missing CRYPTO_HASH:
crypto/asymmetric_keys/x509_public_key.o: In function `x509_get_sig_params':
x509_public_key.c:(.text+0x4c7)
From: Arnd Bergmann
[ Upstream commit 473971187d6727609951858c63bf12b0307ef015 ]
The same bug that gcc hit in the past is apparently now showing
up with clang, which decides to inline __serpent_setkey_sbox:
crypto/serpent_generic.c:268:5: error: stack frame size of 2112 bytes in
function '__se
From: Christophe Leroy
[ Upstream commit c9cca7034b34a2d82e9a03b757de2485c294851c ]
The MPC885 reference manual states:
SEC Lite-initiated 8xx writes can occur only on 32-bit-word boundaries, but
reads can occur on any byte boundary. Writing back a header read from a
non-32-bit-word boundary wi
From: Christophe Leroy
[ Upstream commit eae55a586c3c8b50982bad3c3426e9c9dd7a0075 ]
The driver assumes that the ICV is as a single piece in the last
element of the scatterlist. This assumption is wrong.
This patch ensures that the ICV is properly handled regardless of
the scatterlist layout.
F
From: Arnd Bergmann
[ Upstream commit 473971187d6727609951858c63bf12b0307ef015 ]
The same bug that gcc hit in the past is apparently now showing
up with clang, which decides to inline __serpent_setkey_sbox:
crypto/serpent_generic.c:268:5: error: stack frame size of 2112 bytes in
function '__se
From: Eric Biggers
[ Upstream commit e63e1b0dd0003dc31f73d875907432be3a2abe5d ]
Call cond_resched() after each fuzz test iteration. This avoids stall
warnings if fuzz_iterations is set very high for testing purposes.
While we're at it, also call cond_resched() after finishing testing each
test
From: Christophe Leroy
[ Upstream commit 3e03e792865ae48b8cfc69a0b4d65f02f467389f ]
Selftests report the following:
[2.984845] alg: skcipher: cbc-aes-talitos encryption test failed (wrong
output IV) on test vector 0, cfg="in-place"
[2.995377] : 3d af ba 42 9d 9e b4 30 b4 22 da
From: Christophe Leroy
[ Upstream commit c9cca7034b34a2d82e9a03b757de2485c294851c ]
The MPC885 reference manual states:
SEC Lite-initiated 8xx writes can occur only on 32-bit-word boundaries, but
reads can occur on any byte boundary. Writing back a header read from a
non-32-bit-word boundary wi
From: Christophe Leroy
[ Upstream commit eae55a586c3c8b50982bad3c3426e9c9dd7a0075 ]
The driver assumes that the ICV is as a single piece in the last
element of the scatterlist. This assumption is wrong.
This patch ensures that the ICV is properly handled regardless of
the scatterlist layout.
F
From: Arnd Bergmann
[ Upstream commit 473971187d6727609951858c63bf12b0307ef015 ]
The same bug that gcc hit in the past is apparently now showing
up with clang, which decides to inline __serpent_setkey_sbox:
crypto/serpent_generic.c:268:5: error: stack frame size of 2112 bytes in
function '__se
From: Eric Biggers
[ Upstream commit e63e1b0dd0003dc31f73d875907432be3a2abe5d ]
Call cond_resched() after each fuzz test iteration. This avoids stall
warnings if fuzz_iterations is set very high for testing purposes.
While we're at it, also call cond_resched() after finishing testing each
test
From: Antoine Tenart
[ Upstream commit 89332590427235680236b9470e851afc49b3caa1 ]
When performing a transformation the hardware is given result
descriptors to save the result data. Those result descriptors are
batched using a 'first' and a 'last' bit. There are cases were more
descriptors than n
From: Christophe Leroy
[ Upstream commit c9cca7034b34a2d82e9a03b757de2485c294851c ]
The MPC885 reference manual states:
SEC Lite-initiated 8xx writes can occur only on 32-bit-word boundaries, but
reads can occur on any byte boundary. Writing back a header read from a
non-32-bit-word boundary wi
From: Horia Geantă
[ Upstream commit dcd9c76e5a183af4f793beb5141efcd260b8d09f ]
When enabling IOMMU support, the following issue becomes visible
in the AEAD zero-length case.
Even though the output sequence length is set to zero, the crypto engine
tries to prefetch 4 S/G table entries (since SG
From: Christophe Leroy
[ Upstream commit 3e03e792865ae48b8cfc69a0b4d65f02f467389f ]
Selftests report the following:
[2.984845] alg: skcipher: cbc-aes-talitos encryption test failed (wrong
output IV) on test vector 0, cfg="in-place"
[2.995377] : 3d af ba 42 9d 9e b4 30 b4 22 da
From: Christophe Leroy
[ Upstream commit 3e03e792865ae48b8cfc69a0b4d65f02f467389f ]
Selftests report the following:
[2.984845] alg: skcipher: cbc-aes-talitos encryption test failed (wrong
output IV) on test vector 0, cfg="in-place"
[2.995377] : 3d af ba 42 9d 9e b4 30 b4 22 da
From: Christophe Leroy
[ Upstream commit 3e03e792865ae48b8cfc69a0b4d65f02f467389f ]
Selftests report the following:
[2.984845] alg: skcipher: cbc-aes-talitos encryption test failed (wrong
output IV) on test vector 0, cfg="in-place"
[2.995377] : 3d af ba 42 9d 9e b4 30 b4 22 da
From: Christophe Leroy
[ Upstream commit 3e03e792865ae48b8cfc69a0b4d65f02f467389f ]
Selftests report the following:
[2.984845] alg: skcipher: cbc-aes-talitos encryption test failed (wrong
output IV) on test vector 0, cfg="in-place"
[2.995377] : 3d af ba 42 9d 9e b4 30 b4 22 da
Hello,
I am Barr Fredrick Mbogo a business consultant i have a lucrative
business to discuss with you from the Eastern part of Africa Uganda to
be precise aimed at agreed percentage upon your acceptance of my hand
in business and friendship. Kindly respond to me if you are interested
to partner wit
On 7/10/2019 1:13 PM, Vakul Garg wrote:
> Add support of printing the dpseci frame queue statistics using debugfs.
>
Please move this into a separate file, that gets compiled only if
CONFIG_DEBUG_FS=y.
Function(s) that are needed outside this file should be called unconditionally
and should have
58 matches
Mail list logo
