The primary objective of this patch series is to change the behaviour
of pci_alloc_irq_vectors_affinity() such that it forwards the MSI-X enable
error code when appropriate. In the process, though, it was pointed out
that there are multiple places in the kernel which check/ask for message
signalled
On Tue, Jun 9, 2020 at 6:02 AM Zhangfei Gao wrote:
> On 2020/6/9 上午12:41, Bjorn Helgaas wrote:
> > On Mon, Jun 08, 2020 at 10:54:15AM +0800, Zhangfei Gao wrote:
> >> On 2020/6/6 上午7:19, Bjorn Helgaas wrote:
> +++ b/drivers/iommu/iommu.c
> @@ -2418,6 +2418,10 @@ int iommu_fwspec_init(stru
Seeing as there is shorthand available to use when asking for any type
of interrupt, or any type of message signalled interrupt, leverage it.
Signed-off-by: Piotr Stankiewicz
Reviewed-by: Andy Shevchenko
Reviewed-by: Antoine Tenart
Acked-by: Herbert Xu
---
drivers/crypto/inside-secure/safexce
The digital certificate format based on SM2 crypto algorithm as
specified in GM/T 0015-2012. It was published by State Encryption
Management Bureau, China.
This patch adds the OID object identifier defined by OSCCA. The
x509 certificate supports sm2-with-sm3 type certificate parsing.
It uses the s
Both crypto_sm3_update and crypto_sm3_finup have been
exported, exporting crypto_sm3_final, to avoid having to
use crypto_sm3_finup(desc, NULL, 0, dgst) to calculate
the hash in some cases.
Signed-off-by: Tianjia Zhang
---
crypto/sm3_generic.c | 7 ---
include/crypto/sm3.h | 2 ++
2 files ch
Expand the mpi library based on libgcrypt, and the ECC algorithm of
mpi based on libgcrypt requires these functions.
Some other algorithms will be developed based on mpi ecc, such as SM2.
Signed-off-by: Tianjia Zhang
---
include/linux/mpi.h| 88 +++
lib/mpi/Makefile | 5 +
l
Asymmetric digsig supports SM2-with-SM3 algorithm combination,
so that IMA can also verify SM2's signature data.
Signed-off-by: Tianjia Zhang
---
security/integrity/digsig_asymmetric.c | 14 +++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/security/integrity/digsig_a
Some asymmetric algorithms will get different ciphertext after
each encryption, such as SM2, and let testmgr support the testing
of such algorithms.
In struct akcipher_testvec, set c and c_size to be empty, skip
the comparison of the ciphertext, and compare the decrypted
plaintext with m to achiev
The implementation of EC is introduced from libgcrypt as the
basic algorithm of elliptic curve, which can be more perfectly
integrated with MPI implementation.
Some other algorithms will be developed based on mpi ecc, such as SM2.
Signed-off-by: Tianjia Zhang
---
include/linux/mpi.h | 105 +++
The digital certificate format based on SM2 crypto algorithm as
specified in GM/T 0015-2012. It was published by State Encryption
Management Bureau, China.
The method of generating Other User Information is defined as
ZA=H256(ENTLA || IDA || a || b || xG || yG || xA || yA), it also
specified in ht
Hello all,
This new module implement the OSCCA certificate and SM2 public key
algorithm. It was published by State Encryption Management Bureau, China.
List of specifications for OSCCA certificate and SM2 elliptic curve
public key cryptography:
* GM/T 0003.1-2012
* GM/T 0003.2-2012
* GM/T 0003.3-
This new module implement the SM2 public key algorithm. It was
published by State Encryption Management Bureau, China.
List of specifications for SM2 elliptic curve public key cryptography:
* GM/T 0003.1-2012
* GM/T 0003.2-2012
* GM/T 0003.3-2012
* GM/T 0003.4-2012
* GM/T 0003.5-2012
IETF: https:
Hi Herbert,
On Mon, Jun 8, 2020 at 3:49 AM Herbert Xu wrote:
>
> On Fri, Jun 05, 2020 at 01:16:57PM -0300, Mauricio Faria de Oliveira wrote:
> > This patch fixes a regression from commit 37f96694cf73 ("crypto: af_alg
> > - Use bh_lock_sock in sk_destruct"), which allows the critical regions
> >
On Tue, Jun 09, 2020 at 11:15:06AM +0200, Arnd Bergmann wrote:
> On Tue, Jun 9, 2020 at 6:02 AM Zhangfei Gao wrote:
> > On 2020/6/9 上午12:41, Bjorn Helgaas wrote:
> > > On Mon, Jun 08, 2020 at 10:54:15AM +0800, Zhangfei Gao wrote:
> > >> On 2020/6/6 上午7:19, Bjorn Helgaas wrote:
> > +++ b/drive
Hi
I've found out that a lot of hardware crypto drivers use GFP_ATOMIC. Some
of them switch between GFP_ATOMIC and GFP_KERNEL based on the flag
CRYPTO_TFM_REQ_MAY_SLEEP.
dm-crypt and dm-integrity don't use CRYPTO_TFM_REQ_MAY_SLEEP (because
GFP_KERNEL allocation requests can recurse back to the
Tianjia,
On Tue, Jun 09, 2020 at 09:48:47PM +0800, Tianjia Zhang wrote:
> Hello all,
>
> This new module implement the OSCCA certificate and SM2 public key
> algorithm. It was published by State Encryption Management Bureau, China.
> List of specifications for OSCCA certificate and SM2 elliptic c
On Tue, Jun 09, 2020 at 12:17:32PM -0300, Mauricio Faria de Oliveira wrote:
>
> Per your knowledge/experience with the crypto subsystem, the changed code
> paths are not hot enough to suffer from such implications?
I don't think replacing a spin-lock with a pair of atomic ops is
going to be too mu
From: Eric Biggers
Commit f23efcbcc523 ("crypto: ctr - no longer needs CRYPTO_SEQIV") made
CRYPTO_CTR stop selecting CRYPTO_SEQIV. This breaks IPsec for most
users since GCM and several other encryption algorithms require "seqiv"
-- and RFC 8221 lists AES-GCM as "MUST" be implemented.
Just make
This series consolidates and modernizes the lists of crypto algorithms
that are selected by the IPsec kconfig options, and adds CRYPTO_SEQIV
since it no longer gets selected automatically by other things.
See previous discussion at
https://lkml.kernel.org/netdev/20200604192322.22142-1-ebigg...@ker
From: Eric Biggers
The crypto algorithms selected by the ESP and AH kconfig options are
out-of-date with the guidance of RFC 8221, which lists the legacy
algorithms MD5 and DES as "MUST NOT" be implemented, and some more
modern algorithms like AES-GCM and HMAC-SHA256 as "MUST" be implemented.
But
From: Eric Biggers
Instead of duplicating the algorithm selections between INET_AH and
INET6_AH and between INET_ESP and INET6_ESP, create new tristates
XFRM_AH and XFRM_ESP that do the algorithm selections, and make these be
selected by the corresponding INET* options.
Suggested-by: Herbert Xu
On Tue, Jun 09, 2020 at 05:54:02PM -0700, Eric Biggers wrote:
> From: Eric Biggers
>
> The crypto algorithms selected by the ESP and AH kconfig options are
> out-of-date with the guidance of RFC 8221, which lists the legacy
> algorithms MD5 and DES as "MUST NOT" be implemented, and some more
> mo
On Tue, Jun 09, 2020 at 05:54:01PM -0700, Eric Biggers wrote:
> From: Eric Biggers
>
> Commit f23efcbcc523 ("crypto: ctr - no longer needs CRYPTO_SEQIV") made
> CRYPTO_CTR stop selecting CRYPTO_SEQIV. This breaks IPsec for most
> users since GCM and several other encryption algorithms require "s
On Tue, Jun 09, 2020 at 05:54:00PM -0700, Eric Biggers wrote:
> From: Eric Biggers
>
> Instead of duplicating the algorithm selections between INET_AH and
> INET6_AH and between INET_ESP and INET6_ESP, create new tristates
> XFRM_AH and XFRM_ESP that do the algorithm selections, and make these be
On Tue, Jun 09, 2020 at 01:11:05PM -0400, Mikulas Patocka wrote:
>
> Do you have another idea how to solve this problem?
I think the better approach would be to modify the drivers to not
allocate any memory. In general, any memory needed by the driver
to fulfil a request *should* be allocated wit
This series makes some more improvements to lib/crc-t10dif.c, as discussed at
https://lkml.kernel.org/linux-crypto/20200604063324.ga28...@gondor.apana.org.au/T/#u
This applies on top of Herbert's
"[v2 PATCH] crc-t10dif: Fix potential crypto notify dead-lock".
Eric Biggers (2):
crc-t10dif: use f
From: Eric Biggers
- Correctly compare the algorithm name in crc_t10dif_notify().
- Use proper NOTIFY_* status codes instead of 0.
- Consistently use CRC_T10DIF_STRING instead of "crct10dif" directly.
- Use a proper type for the shash_desc context.
- Use crypto_shash_driver_name() instead of
From: Eric Biggers
Currently the crc-t10dif module starts out with the fallback disabled
and crct10dif_tfm == NULL. crc_t10dif_mod_init() tries to allocate
crct10dif_tfm, and if it fails it enables the fallback.
This is backwards because it means that any call to crc_t10dif() prior
to module_in
On Fri, Jun 05, 2020 at 04:59:18PM +1000, Herbert Xu wrote:
> The crypto notify call occurs with a read mutex held so you must
> not do any substantial work directly. In particular, you cannot
> call crypto_alloc_* as they may trigger further notifications
> which may dead-lock in the presence of
On Sun, Jun 07, 2020 at 01:03:45PM +, David Laight wrote:
> From: Herbert Xu
> > Sent: 05 June 2020 13:17
> ...
> > Better yet use strscpy which will even return an error for you.
>
> It really ought to return the buffer length on truncation.
> Then you can loop:
> while(...)
>
30 matches
Mail list logo
