Hi all,
Today's linux-next merge of the crypto tree got a conflict in:
Documentation/crypto/api-intro.rst
between commit:
5846551bb147 ("docs: crypto: convert api-intro.txt to ReST format")
from the jc_docs tree and commit:
9332a9e73918 ("crypto: Replace HTTP links with HTTPS ones")
fr
On Thu, 23 Jul 2020 22:47:02 +0100
Giovanni Cabiddu wrote:
> Add denylist of devices that by default are not probed by vfio-pci.
> Devices in this list may be susceptible to untrusted application, even
> if the IOMMU is enabled. To be accessed via vfio-pci, the user has to
> explicitly disable th
The current generation of Intel® QuickAssist Technology devices
are not designed to run in an untrusted environment because of the
following issues reported in the document "Intel® QuickAssist Technology
(Intel® QAT) Software for Linux" (document number 336211-014):
QATE-39220 - GEN - Intel® QAT A
This patchset defines a denylist of devices in the vfio-pci module and adds
the current generation of Intel(R) QuickAssist devices to it as they are
not designed to run in an untrusted environment.
By default, if a device is in the denylist, the probe of vfio-pci fails.
If a user wants to use a de
Add device IDs for the following Intel QuickAssist devices: DH895XCC,
C3XXX and C62X.
The defines in this patch are going to be referenced in two independent
drivers, qat and vfio-pci.
Signed-off-by: Giovanni Cabiddu
---
include/linux/pci_ids.h | 6 ++
1 file changed, 6 insertions(+)
diff
Add denylist of devices that by default are not probed by vfio-pci.
Devices in this list may be susceptible to untrusted application, even
if the IOMMU is enabled. To be accessed via vfio-pci, the user has to
explicitly disable the denylist.
The denylist can be disabled via the module parameter di
Replace device ids defined in the QAT drivers with the ones in
include/linux/pci_ids.h.
Signed-off-by: Giovanni Cabiddu
---
drivers/crypto/qat/qat_c3xxx/adf_drv.c| 6 +++---
drivers/crypto/qat/qat_c3xxxvf/adf_drv.c | 6 +++---
drivers/crypto/qat/qat_c62x/adf_drv.c
Build pci_device_id structure using the PCI_VDEVICE macro.
This removes any references to the ADF_SYSTEM_DEVICE macro.
Signed-off-by: Giovanni Cabiddu
---
drivers/crypto/qat/qat_c3xxx/adf_drv.c | 7 ++-
drivers/crypto/qat/qat_c3xxxvf/adf_drv.c| 7 ++-
drivers/crypto/qat/qat_c62x
On Wed, Jul 22, 2020 at 11:02:10PM -0600, Alex Williamson wrote:
> On Tue, 14 Jul 2020 07:36:07 +0100
> Giovanni Cabiddu wrote:
>
> > Add blocklist of devices that by default are not probed by vfio-pci.
> > Devices in this list may be susceptible to untrusted application, even
> > if the IOMMU is
On Thu, 23 Jul 2020 14:24:45 +0800, 周琰杰 (Zhou Yanjie) wrote:
> Add the RNG bindings for the JZ4780 SoC and
> the X1000 SoC from Ingenic.
>
> Signed-off-by: 周琰杰 (Zhou Yanjie)
> ---
>
> Notes:
> v1->v2:
> No change.
>
> .../devicetree/bindings/rng/ingenic,rng.yaml | 36
> +
On Thu, Jul 23, 2020 at 09:40:27AM -0700, Eric Dumazet wrote:
> I am not sure why you chose sockptr_t for something that really seems
> generic.
>
> Or is it really meant to be exclusive to setsockopt() and/or getsockopt() ?
>
> If the first user of this had been futex code, we would have used
On Thursday 2020-07-23 08:08, Christoph Hellwig wrote:
>+typedef struct {
>+ union {
>+ void*kernel;
>+ void __user *user;
>+ };
>+ boolis_kernel : 1;
>+} sockptr_t;
>+
>+static inline bool sockptr_is_null(sockptr_t sockptr)
>+{
From: 'Christoph Hellwig'
> Sent: 23 July 2020 15:45
>
> On Thu, Jul 23, 2020 at 02:42:11PM +, David Laight wrote:
> > From: Christoph Hellwig
> > > Sent: 23 July 2020 07:09
> > >
> > > The bpfilter user mode helper processes the optval address using
> > > process_vm_readv. Don't send it kern
On Thu, Jul 23, 2020 at 02:42:11PM +, David Laight wrote:
> From: Christoph Hellwig
> > Sent: 23 July 2020 07:09
> >
> > The bpfilter user mode helper processes the optval address using
> > process_vm_readv. Don't send it kernel addresses fed under
> > set_fs(KERNEL_DS) as that won't work.
>
From: Christoph Hellwig
> Sent: 23 July 2020 07:09
>
> The bpfilter user mode helper processes the optval address using
> process_vm_readv. Don't send it kernel addresses fed under
> set_fs(KERNEL_DS) as that won't work.
What sort of operations is the bpf filter doing on the sockopt buffers?
An
On Thu, Jul 23, 2020 at 12:57:23PM +0300, Tero Kristo wrote:
> On 23/07/2020 10:43, Herbert Xu wrote:
> > This patch fixes a bunch of initialiser warnings.
> >
> > Signed-off-by: Herbert Xu
>
> Looks ok to me, however I never saw any build warnings with the code myself.
> Which compiler/version
On Thu, Jul 23, 2020 at 11:16:16AM +, David Laight wrote:
> From: Christoph Hellwig
> > Sent: 23 July 2020 07:09
> >
> > This is mostly to prepare for cleaning up the callers, as bpfilter by
> > design can't handle kernel pointers.
>
> You've failed to fix the sense of the above...
The sense
From: Christoph Hellwig
> Sent: 23 July 2020 07:09
>
> This is mostly to prepare for cleaning up the callers, as bpfilter by
> design can't handle kernel pointers.
You've failed to fix the sense of the above...
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes
On Thu, Jul 23, 2020 at 08:08:43AM +0200, Christoph Hellwig wrote:
> The __user doesn't make sense when casting to an integer type, just
> switch to a uintptr_t cast which also removes the need for the __force.
Feel free to add my:
Reviewed-by: Luc Van Oostenryck
-- Luc
Hi Herbert,
On Thu, Jul 23, 2020 at 9:51 AM Herbert Xu wrote:
>
> The carry variables are assigned but never used, which upsets
> the compiler. This patch removes them.
>
> Signed-off-by: Herbert Xu
>
> diff --git a/arch/x86/crypto/curve25519-x86_64.c
> b/arch/x86/crypto/curve25519-x86_64.c
>
On 23/07/2020 10:43, Herbert Xu wrote:
This patch fixes a bunch of initialiser warnings.
Signed-off-by: Herbert Xu
Looks ok to me, however I never saw any build warnings with the code
myself. Which compiler/version produces them?
-Tero
diff --git a/drivers/crypto/sa2ul.c b/drivers/crypt
The current code waits for data to be available before attempting a
second read. However the second read would not be executed as the
while loop exits.
This fix does not wait if all data has been read and reads a second
time if only partial data was retrieved on the first read.
This fix also does
Data rates of MAX_UINT32 will schedule an unnecessary one jiffy
timeout on the call to msleep. Avoid this scenario by using 0 as the
unlimited data rate.
Signed-off-by: Jorge Ramirez-Ortiz
---
drivers/char/hw_random/optee-rng.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/
Hi Christoph,
On 23/07/2020 08:08, Christoph Hellwig wrote:
Pass a sockptr_t to prepare for set_fs-less handling of the kernel
pointer from bpf-cgroup.
Signed-off-by: Christoph Hellwig
---
net/mptcp/protocol.c | 6 --
Thank you for looking at that!
For MPTCP-related code:
Acked-by: M
Hi Christoph,
On 23/07/2020 08:09, Christoph Hellwig wrote:
Rework the remaining setsockopt code to pass a sockptr_t instead of a
plain user pointer. This removes the last remaining set_fs(KERNEL_DS)
outside of architecture specific code.
Signed-off-by: Christoph Hellwig
Acked-by: Stefan Schm
Data rates of MAX_UINT32 will schedule an unnecessary one jiffy
timeout on the call to msleep. Avoid this scenario by using 0 as the
unlimited data rate.
Signed-off-by: Jorge Ramirez-Ortiz
---
drivers/char/hw_random/optee-rng.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/
The current code waits for data to be available before attempting a
second read. However the second read would not be executed as the
while loop exits.
This fix does not wait if all data has been read and reads a second
time if only partial data was retrieved on the first read.
Signed-off-by: Jor
On Thu, Jul 23, 2020 at 9:57 AM Herbert Xu wrote:
>
> On Wed, May 27, 2020 at 04:17:40PM +0200, Arnd Bergmann wrote:
> > The clang integrated assembler complains about movzxw:
> >
> > arch/x86/crypto/crc32c-pcl-intel-asm_64.S:173:2: error: invalid instruction
> > mnemonic 'movzxw'
> >
> > It seem
On Wed, Jul 15, 2020 at 06:25:59PM +0300, Horia Geantă wrote:
> Add support for RNGB found in some i.MX6 SoCs (6SL, 6SLL, 6ULL, 6ULZ),
> based on RNGC driver (drivers/char/hw_random/imx-rngc.c).
>
> This driver claims support also for RNGB (besides RNGC),
> and is currently used only by i.MX25.
>
On Sun, Jul 19, 2020 at 06:49:59PM +0200, Alexander A. Klimov wrote:
> Rationale:
> Reduces attack surface on kernel devs opening the links for MITM
> as HTTPS traffic is much harder to manipulate.
>
> Deterministic algorithm:
> For each file:
> If not .svg:
> For each line:
> If doesn
On Mon, Jul 20, 2020 at 03:51:57PM +0200, Uros Bizjak wrote:
> Resolves conflict with the tip tree.
>
> CC: Herbert Xu
> CC: Thomas Gleixner
> CC: Ingo Molnar
> CC: Borislav Petkov
> CC: "H. Peter Anvin"
> CC: Stephen Rothwell ,
> CC: "Chang S. Bae" ,
> CC: Peter Zijlstra ,
> CC: Sasha Levin
On Fri, Jul 17, 2020 at 04:35:49PM -0700, Randy Dunlap wrote:
> From: Randy Dunlap
>
> Drop the doubled word "request" in a kernel-doc comment.
>
> Signed-off-by: Randy Dunlap
> Cc: Herbert Xu
> Cc: "David S. Miller"
> Cc: linux-crypto@vger.kernel.org
> ---
> include/crypto/skcipher.h |2
On Sun, Jul 19, 2020 at 11:07:50AM -0700, Randy Dunlap wrote:
> Delete the doubled word "from" in multiple places.
>
> Signed-off-by: Randy Dunlap
> Cc: Herbert Xu
> Cc: "David S. Miller"
> Cc: linux-crypto@vger.kernel.org
> ---
> crypto/testmgr.h | 10 +-
> 1 file changed, 5 inserti
On Fri, Jul 17, 2020 at 04:35:33PM -0700, Randy Dunlap wrote:
> From: Randy Dunlap
>
> Drop the doubled word "in" in a comment.
>
> Signed-off-by: Randy Dunlap
> Cc: Herbert Xu
> Cc: "David S. Miller"
> Cc: linux-crypto@vger.kernel.org
> ---
> include/crypto/hash.h |2 +-
> 1 file change
On Wed, May 27, 2020 at 04:17:40PM +0200, Arnd Bergmann wrote:
> The clang integrated assembler complains about movzxw:
>
> arch/x86/crypto/crc32c-pcl-intel-asm_64.S:173:2: error: invalid instruction
> mnemonic 'movzxw'
>
> It seems that movzwq is the mnemonic that it expects instead,
> and this
On Mon, Jul 13, 2020 at 07:06:34AM -0700, t...@redhat.com wrote:
> From: Tom Rix
>
> clang static analysis flags this error
>
> qat_uclo.c:297:3: warning: Attempt to free released memory
> [unix.Malloc]
> kfree(*init_tab_base);
> ^
>
> When
On Tue, Jul 14, 2020 at 04:13:50PM -0400, Daniel Jordan wrote:
> These cleanups save ~5% of the padata text/data and make it a little
> easier to use and develop going forward.
>
> In particular, they pave the way to extend padata's multithreading support to
> VFIO, a work-in-progress version of w
On Mon, Jul 13, 2020 at 11:34:20AM +0300, Tero Kristo wrote:
> Hi,
>
> V6 has only a bunch of static checker warnings fixed. Tested building
> with W=1 and C=1 make options, also did a sanity test with crypto
> manager tests + extra tests, and did a quick trial with tcrypt.
Patches 1-5 applied.
The carry variables are assigned but never used, which upsets
the compiler. This patch removes them.
Signed-off-by: Herbert Xu
diff --git a/arch/x86/crypto/curve25519-x86_64.c
b/arch/x86/crypto/curve25519-x86_64.c
index 8a17621f7d3a..8acbb6584a37 100644
--- a/arch/x86/crypto/curve25519-x86_64.
This patch fixes a bunch of zero initialiser warnings.
Signed-off-by: Herbert Xu
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 6863f911fcee..487ba5f369e4 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1649,7 +1649,7 @@ static int test_hash_vs_generic_impl(const char *driver,
This patch fixes a bunch of initialiser warnings.
Signed-off-by: Herbert Xu
diff --git a/drivers/crypto/sa2ul.c b/drivers/crypto/sa2ul.c
index ebcdffcdb686..fc3a8268e2c8 100644
--- a/drivers/crypto/sa2ul.c
+++ b/drivers/crypto/sa2ul.c
@@ -916,7 +916,7 @@ static int sa_cipher_setkey(struct crypto
From: André Draszik
On i.MX7 and i.MX8M, the SNVS requires a clock. This is similar to the
clock bound to the SNVS RTC node, but if the SNVS RTC driver isn't
enabled, then SNVS doesn't work, and as such the pwrkey driver doesn't
work (i.e. hangs the kernel, as the clock isn't enabled).
Also see
From: André Draszik
The snvs_pwrkey shares the SNVS LPSR status register with the snvs_rtc.
This driver here should only return IRQ_HANDLED if the status register
indicates that the event we're handling in the irq handler was genuinely
intended for this driver. Otheriwse the interrupt subsystem
Hi Herbert, Dmitry,
This is a resend of v2 patches 1,5,6 that were not picked up
https://lore.kernel.org/linux-input/20200225161201.1975-1-...@andred.net
with collecting Acked-by, Reviewed-by.
I skipped Robin's Reviewed-by since I prefer avoiding misintepreting
the discussion between him and Andr
From: André Draszik
At the moment, enabling this driver without the SNVS RTC driver
being active will hang the kernel as soon as the power button
is pressed.
The reason is that in that case the SNVS isn't enabled, and
any attempt to read the SNVS registers will simply hang forever.
Ensure the c
Horia Geantă wrote:
> On 7/16/2020 12:00 PM, Qinglang Miao wrote:
>> From: Liu Shixin
>>
>> Use DEFINE_SHOW_ATTRIBUTE macro to simplify the code.
>>
>> Signed-off-by: Liu Shixin
> Reviewed-by: Horia Geantă
>
> This patch depends on linux-next
> commit 4d4901c6d748 ("seq_file: switch over dir
Qinglang Miao wrote:
>
> @@ -584,41 +584,9 @@ static int zip_print_regs(struct seq_file *s, void
> *unused)
>return 0;
> }
>
> -static int zip_stats_open(struct inode *inode, struct file *file)
> -{
> - return single_open(file, zip_show_stats, NULL);
> -}
> -
> -static const struct
Qinglang Miao wrote:
> From: Liu Shixin
>
> Use DEFINE_SHOW_ATTRIBUTE macro to simplify the code.
>
> Signed-off-by: Liu Shixin
> ---
> drivers/crypto/hisilicon/qm.c | 12 +---
> 1 file changed, 1 insertion(+), 11 deletions(-)
>
> diff --git a/drivers/crypto/hisilicon/qm.c b/drivers/cr
Requests will be sent continuously as resetting, which will cause 'printk'
flooding. Using 'dev_info_ratelimited' can solve this problem well.
Fixes: b67202e8ed30("crypto: hisilicon/qm - add state machine for QM")
Signed-off-by: Yang Shen
Reviewed-by: Zhou Wang
---
drivers/crypto/hisilicon/qm.c
Since the drivers such as HPRE/SEC/ZIP do not implement
'pci_driver.shutdow', a RAS will be triggered at OS rebooting or shutting
down as the hardware device is processing request.
The log looks like this:
NOTICE: [NimbusSecNodeType1]:[2372L]This is sec, Base = 0x14180
NOTICE: [
From: Shukun Tan
When PF FLR, the hardware will actively trigger the VF FLR. Configuration
space of VF needs to be saved and restored to ensure that it is available
after the PF FLR.
Fixes: 7ce396fa12a9("crypto: hisilicon - add FLR support")
Signed-off-by: Shukun Tan
Signed-off-by: Yang Shen
R
From: Shukun Tan
Increasing depth of 'event queue' from 1024 to 2048, which equals to twice
depth of 'completion queue'. It will fix the easily happened 'event queue
overflow' as using 1024 queue depth for 'event queue'.
Fixes: 263c9959c937("crypto: hisilicon - add queue management driver...")
S
From: Weili Qian
Call trace will appear in the Hisilicon crypto driver unbinding or
disabling SRIOV during task running with TFMs on the corresponding
function. This patch adds a waiting logic as user doing the above two
operations to avoid panic. The two operations will hold on until the
tasks r
Now, there are three reasons of stopping: 'NORMAL', 'SOFT_RESET' and 'FLR'.
In order to keep this, explicitly pass the stop reason as an input
parameter of 'hisi_qm_stop' function.
Fixes: b67202e8ed30("crypto: hisilicon/qm - add state machine for QM")
Signed-off-by: Shukun Tan
Signed-off-by: Yang
This patchset fix some qm bugs:
patch 1: store the string address before pass to 'strsep'
patch 2: clear 'qp_status->used' when init the 'qp'
patch 3: use 'dev_info_ratelimited' to avoid printk flooding.
patch 4: fix the judgement of queue is full
patch 7: save the vf configuration space to make su
From: Shukun Tan
The used reference count is used for counting the number of 'sqe' which
is under processing. This reference count should be cleared as starting
'qp', otherwise the 'used' will be messy when allocating this 'qp' again.
Fixes: 5308f6600a39("crypto: hisilicon - QM memory management
From: Sihang Chen
Save the string address before pass to strsep, release it at end.
Because strsep will update the string address to point after the
token.
Fixes: c31dc9fe165d("crypto: hisilicon/qm - add DebugFS for xQC and...")
Signed-off-by: Sihang Chen
Signed-off-by: Yang Shen
Reviewed-by:
From: Hui Tang
The queue depth is 1024, so the condition for judging the queue full
should be 1023, otherwise the hardware cannot judge whether the queue
is empty or full.
Fixes: 263c9959c937("crypto: hisilicon - add queue management driver...")
Signed-off-by: Hui Tang
Signed-off-by: Yang Shen
When the devices are removed or not existing, the corresponding algorithms
which are registered by 'hisi-zip' driver can't be used.
Move 'hisi_zip_register_to_crypto' from 'hisi_zip_init' to
'hisi_zip_probe'. The algorithms will be registered to crypto only when
there is device bind on the driver.
59 matches
Mail list logo
