ARM Cortex-A57 and Cortex-A72 cores running in 32-bit mode are affected
by silicon errata #1742098 and #1655431, respectively, where the second
instruction of a AES instruction pair may execute twice if an interrupt
is taken right after the first instruction consumes an input register of
which a si
On Wed, 25 Nov 2020 at 22:39, Iuliana Prodan wrote:
>
> On 11/25/2020 11:16 PM, Ard Biesheuvel wrote:
> > On Wed, 25 Nov 2020 at 22:14, Iuliana Prodan (OSS)
> > wrote:
> >>
> >> From: Iuliana Prodan
> >>
> >> Add the option to allocate the crypto request object plus any extra space
> >> needed b
Hi Randy,
Thanks for your review! I will update it in next version.
Joey Lee
On Wed, Nov 25, 2020 at 09:25:51AM -0800, Randy Dunlap wrote:
> Hi--
>
> On 11/24/20 11:26 PM, Lee, Chun-Yi wrote:
> > Add an openssl command option example for generating CodeSign extended
> > key usage in X.509 when
On Thu, Nov 12, 2020 at 12:57:45PM +, David Howells wrote:
>
> Hi Herbert, Bruce,
>
> Here's my first cut at a generic Kerberos crypto library in the kernel so
> that I can share code between rxrpc and sunrpc (and cifs?).
Hi David:
I can't find the bit where you are actually sharing this co
Add new skcipher algorithms to Kunpeng930:
OFB(AES), CFB(AES), CTR(AES),
OFB(SM4), CFB(SM4), CTR(SM4).
Signed-off-by: Wenkai Lin
Signed-off-by: Longfang Liu
---
drivers/crypto/hisilicon/sec2/sec_crypto.c | 47 ++
drivers/crypto/hisilicon/sec2/sec_crypto.h | 2 ++
2
Add new AEAD algorithms to SEC:
CCM(AES), GCM(AES), CCM(SM4), GCM(SM4).
Signed-off-by: Longfang Liu
---
drivers/crypto/hisilicon/sec2/sec.h| 4 +
drivers/crypto/hisilicon/sec2/sec_crypto.c | 384 -
drivers/crypto/hisilicon/sec2/sec_crypto.h | 5 +
3 files
As the new Kunpeng930 supports some new algorithms,
the driver needs to be updated
Longfang Liu (4):
crypto: hisilicon/sec - add new type of sqe for Kunpeng930
crypto: hisilicon/sec - add new skcipher mode for SEC
crypto: hisilicon/sec - add new AEAD mode for SEC
crypto: hisilicon/sec - fi
In the new generation of accelerator hardware, in order to
add new algorithm support, the hardware adds a new SQE data structure,
so the driver has been upgraded as needed.
Signed-off-by: Sihang Chen
Signed-off-by: Longfang Liu
---
drivers/crypto/hisilicon/sec2/sec.h| 6 +-
drivers/cr
1. Fix a wrong printing problem
2. Modify log print style
Signed-off-by: Longfang Liu
---
drivers/crypto/hisilicon/sec2/sec.h| 5 +-
drivers/crypto/hisilicon/sec2/sec_crypto.c | 92 +++---
drivers/crypto/hisilicon/sec2/sec_crypto.h | 4 +-
3 files changed, 49 in
From: Meng Yu
A new generation of accelerator Kunpeng930 has appeared, and the
corresponding driver needs to be updated to support some new
algorithms of Kunpeng930. To be compatible with Kunpeng920, we
add parameter 'struct hisi_qm *qm' to sec_algs_(un)register to
identify the chip's version.
S
From: Saulo Alessandre
Signed-off-by: Saulo Alessandre
---
Documentation/admin-guide/module-signing.rst | 10 +
crypto/Kconfig | 12 +
crypto/Makefile | 7 +
crypto/asymmetric_keys/pkcs7_parser.c| 7 +-
crypto/asymmetric_k
On Wed, 25 Nov 2020, Nick Desaulniers wrote:
> On Wed, Nov 25, 2020 at 1:33 PM Finn Thain wrote:
> >
> > Or do you think that a codebase can somehow satisfy multiple checkers
> > and their divergent interpretations of the language spec?
>
> Have we found any cases yet that are divergent? I d
On Wed, 25 Nov 2020, Nick Desaulniers wrote:
> On Wed, Nov 25, 2020 at 1:33 PM Finn Thain
> wrote:
> >
> > Or do you think that a codebase can somehow satisfy multiple checkers
> > and their divergent interpretations of the language spec?
>
> Have we found any cases yet that are divergent? I d
On 24/11/2020 21:25, Kees Cook wrote:
> I still think this isn't right -- it's a case statement that runs off
> the end without an explicit flow control determination.
Proves too much — for instance
case foo:
case bar:
thing;
break;
doesn't require a fallthrough; after cas
On 25/11/2020 00:32, Miguel Ojeda wrote:
> I have said *authoring* lines of *this* kind takes a minute per line.
> Specifically: lines fixing the fallthrough warning mechanically and
> repeatedly where the compiler tells you to, and doing so full-time for
> a month.
> It is useful since it makes i
On 11/25/2020 11:16 PM, Ard Biesheuvel wrote:
On Wed, 25 Nov 2020 at 22:14, Iuliana Prodan (OSS)
wrote:
From: Iuliana Prodan
Add the option to allocate the crypto request object plus any extra space
needed by the driver into a DMA-able memory.
Add CRYPTO_TFM_REQ_DMA flag to be used by backe
On Wed, 25 Nov 2020, Nick Desaulniers wrote:
> So developers and distributions using Clang can't have
> -Wimplicit-fallthrough enabled because GCC is less strict (which has
> been shown in this thread to lead to bugs)? We'd like to have nice
> things too, you know.
>
Apparently the GCC devel
On Wed, 25 Nov 2020 at 22:14, Iuliana Prodan (OSS)
wrote:
>
> From: Iuliana Prodan
>
> Add the option to allocate the crypto request object plus any extra space
> needed by the driver into a DMA-able memory.
>
> Add CRYPTO_TFM_REQ_DMA flag to be used by backend implementations to
> indicate to cr
From: Iuliana Prodan
Remove CRYPTO_ALG_ALLOCATES_MEMORY flag and allocate the memory
needed by the driver, to fulfil a request, within the crypto
request object.
The extra size needed for base extended descriptor, hw
descriptor commands and link tables is computed in frontend
driver (caamalg) ini
From: Iuliana Prodan
Remove CRYPTO_ALG_ALLOCATES_MEMORY flag and allocate the memory
needed by the driver, to fulfil a request, within the crypto
request object.
The extra size needed for base extended descriptor and hw
descriptor commands, link tables, IV is computed in frontend
driver (caamalg)
From: Iuliana Prodan
Some crypto backends might require the requests' private contexts
to be allocated in DMA-able memory.
Signed-off-by: Horia Geanta
---
net/ipv4/esp4.c | 7 ++-
net/ipv6/esp6.c | 7 ++-
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/net/ipv4/esp4.c b
From: Iuliana Prodan
The CRYPTO_TFM_REQ_DMA flag can be used by backend implementations to
indicate to crypto API the need to allocate GFP_DMA memory
for private contexts of the crypto requests.
For public key encryption add the needed functions to
set/get/clear flags.
Signed-off-by: Horia Gean
From: Iuliana Prodan
Add the option to allocate the crypto request object plus any extra space
needed by the driver into a DMA-able memory.
Add CRYPTO_TFM_REQ_DMA flag to be used by backend implementations to
indicate to crypto API the need to allocate GFP_DMA memory
for private contexts of the
On Tue, Nov 24, 2020 at 11:05:35PM -0800, James Bottomley wrote:
> Now, what we have seems to be about 6 cases (at least what's been shown
> in this thread) where a missing break would cause potentially user
> visible issues. That means the value of this isn't zero, but it's not
> a no-brainer mas
I'm Dailborh R. from US. I picked interest in you and I would like to know
more about you and establish relationship with you. i will wait for
your response. thank you.
Hallo
Mein Name ist George Mike. Ich bin von Beruf Rechtsanwalt. Ich möchte
Ihnen anbieten
der nächste Verwandte meines Klienten. Sie erben die Summe von (8,5
Millionen US-Dollar)
Dollar, die mein Kunde vor seinem Tod auf der Bank gelassen hat.
Mein Kunde ist ein Staatsbürger Ihres Landes, der mi
Hi--
On 11/24/20 11:26 PM, Lee, Chun-Yi wrote:
> Add an openssl command option example for generating CodeSign extended
> key usage in X.509 when CONFIG_CHECK_CODESIGN_EKU be enabled.
is enabled.
>
> Signed-off-by: "Lee, Chun-Yi"
> ---
> Doc
On Wed, 25 Nov 2020 at 17:56, Eric Biggers wrote:
>
> On Wed, Nov 25, 2020 at 08:22:16AM +0100, Ard Biesheuvel wrote:
> > ARM Cortex-A72 cores running in 32-bit mode are affected by a silicon
> > erratum (1655431: ELR recorded incorrectly on interrupt taken between
> > cryptographic instructions i
On Wed, Nov 25, 2020 at 08:22:16AM +0100, Ard Biesheuvel wrote:
> ARM Cortex-A72 cores running in 32-bit mode are affected by a silicon
> erratum (1655431: ELR recorded incorrectly on interrupt taken between
> cryptographic instructions in a sequence [0]) where the second instruction
> of a AES ins
Hi Steffen,
I am working on a ticket complaining about netfilter policy match
missing packets in OUTPUT chain if XFRM interface is being used.
I don't fully overlook the relevant code path, but it seems like
skb_dest(skb)->xfrm is not yet assigned when the skb is routed towards
XFRM interface and
On Mon, Nov 23, 2020 at 10:39 PM James Bottomley
wrote:
> On Mon, 2020-11-23 at 19:56 +0100, Miguel Ojeda wrote:
> > On Mon, Nov 23, 2020 at 4:58 PM James Bottomley
> > wrote:
...
> > But if we do the math, for an author, at even 1 minute per line
> > change and assuming nothing can be automate
On Mon, Nov 23, 2020 at 07:58:06AM -0800, James Bottomley wrote:
> On Mon, 2020-11-23 at 15:19 +0100, Miguel Ojeda wrote:
> > On Sun, Nov 22, 2020 at 11:36 PM James Bottomley
> > wrote:
> > > It's not about the risk of the changes it's about the cost of
> > > implementing them. Even if you discou
32 matches
Mail list logo
