summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* crypto: api - Fix boot-up crash when crypto manager is disabledHerbert Xu2021-11-091-0/+2
| | | | | | | | | | | | | | When the crypto manager is disabled, we need to explicitly set the crypto algorithms' tested status so that they can be used. Fixes: cad439fc040e ("crypto: api - Do not create test larvals if...") Reported-by: Geert Uytterhoeven <geert@linux-m68k.org> Reported-by: Ido Schimmel <idosch@idosch.org> Reported-by: Guenter Roeck <linux@roeck-us.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Tested-by: Ido Schimmel <idosch@nvidia.com> Tested-by: Geert Uytterhoeven <geert@linux-m68k.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - fix wrong key length for pkcs1padLei He2021-10-291-1/+1
| | | | | | | | Fix wrong test data at testmgr.h, it seems to be caused by ignoring the last '\0' when calling sizeof. Signed-off-by: Lei He <helei.sig11@bytedance.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: pcrypt - Delay write to padata->infoDaniel Jordan2021-10-291-4/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These three events can race when pcrypt is used multiple times in a template ("pcrypt(pcrypt(...))"): 1. [taskA] The caller makes the crypto request via crypto_aead_encrypt() 2. [kworkerB] padata serializes the inner pcrypt request 3. [kworkerC] padata serializes the outer pcrypt request 3 might finish before the call to crypto_aead_encrypt() returns in 1, resulting in two possible issues. First, a use-after-free of the crypto request's memory when, for example, taskA writes to the outer pcrypt request's padata->info in pcrypt_aead_enc() after kworkerC completes the request. Second, the outer pcrypt request overwrites the inner pcrypt request's return code with -EINPROGRESS, making a successful request appear to fail. For instance, kworkerB writes the outer pcrypt request's padata->info in pcrypt_aead_done() and then taskA overwrites it in pcrypt_aead_enc(). Avoid both situations by delaying the write of padata->info until after the inner crypto request's return code is checked. This prevents the use-after-free by not touching the crypto request's memory after the next-inner crypto request is made, and stops padata->info from being overwritten. Fixes: 5068c7a883d16 ("crypto: pcrypt - Add pcrypt crypto parallelization wrapper") Reported-by: syzbot+b187b77c8474f9648fae@syzkaller.appspotmail.com Signed-off-by: Daniel Jordan <daniel.m.jordan@oracle.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ccp - Make use of the helper macro kthread_run()Cai Huoqing2021-10-292-6/+4
| | | | | | | | Repalce kthread_create/wake_up_process() with kthread_run() to simplify the code. Signed-off-by: Cai Huoqing <caihuoqing@baidu.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sa2ul - Use the defined variable to clean codeTang Bin2021-10-291-7/+6
| | | | | | | Use the defined variable "dev" to make the code cleaner. Signed-off-by: Tang Bin <tangbin@cmss.chinamobile.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: s5p-sss - Add error handling in s5p_aes_probe()Tang Bin2021-10-291-0/+2
| | | | | | | | | | | The function s5p_aes_probe() does not perform sufficient error checking after executing platform_get_resource(), thus fix it. Fixes: c2afad6c6105 ("crypto: s5p-sss - Add HASH support for Exynos") Cc: <stable@vger.kernel.org> Signed-off-by: Tang Bin <tangbin@cmss.chinamobile.com> Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: keembay-ocs-ecc - Add Keem Bay OCS ECC DriverPrabhjot Khurana2021-10-294-0/+1042
| | | | | | | | | | | | | | The Intel Keem Bay SoC can provide hardware acceleration of Elliptic Curve Cryptography (ECC) by means of its Offload and Crypto Subsystem (OCS). Add the Keem Bay OCS ECC driver which leverages such hardware capabilities to provide hardware-acceleration of ECDH-256 and ECDH-384. Signed-off-by: Prabhjot Khurana <prabhjot.khurana@intel.com> Co-developed-by: Daniele Alessandrelli <daniele.alessandrelli@intel.com> Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* dt-bindings: crypto: Add Keem Bay ECC bindingsPrabhjot Khurana2021-10-292-0/+54
| | | | | | | | | | Add Keem Bay Offload and Crypto Subsystem (OCS) Elliptic Curve Cryptography (ECC) device tree bindings. Signed-off-by: Prabhjot Khurana <prabhjot.khurana@intel.com> Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli@intel.com> Reviewed-by: Rob Herring <robh@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ecc - Export additional helper functionsDaniele Alessandrelli2021-10-292-4/+44
| | | | | | | | | | | | | | | | | | | | Export the following additional ECC helper functions: - ecc_alloc_point() - ecc_free_point() - vli_num_bits() - ecc_point_is_zero() This is done to allow future ECC device drivers to re-use existing code, thus simplifying their implementation. Functions are exported using EXPORT_SYMBOL() (instead of EXPORT_SYMBOL_GPL()) to be consistent with the functions already exported by crypto/ecc.c. Exported functions are documented in include/crypto/internal/ecc.h. Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ecc - Move ecc.h to include/crypto/internalDaniele Alessandrelli2021-10-296-5/+5
| | | | | | | | | | | Move ecc.h header file to 'include/crypto/internal' so that it can be easily imported from everywhere in the kernel tree. This change is done to allow crypto device drivers to re-use the symbols exported by 'crypto/ecc.c', thus avoiding code duplication. Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: engine - Add KPP Support to Crypto EnginePrabhjot Khurana2021-10-293-0/+35
| | | | | | | | | | Add KPP support to the crypto engine queue manager, so that it can be used to simplify the logic of KPP device drivers as done for other crypto drivers. Signed-off-by: Prabhjot Khurana <prabhjot.khurana@intel.com> Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: api - Do not create test larvals if manager is disabledHerbert Xu2021-10-292-25/+38
| | | | | | | | | | | | | | | | The delayed boot-time testing patch created a dependency loop between api.c and algapi.c because it added a crypto_alg_tested call to the former when the crypto manager is disabled. We could instead avoid creating the test larvals if the crypto manager is disabled. This avoids the dependency loop as well as saving some unnecessary work, albeit in a very unlikely case. Reported-by: Nathan Chancellor <nathan@kernel.org> Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org> Reported-by: kernel test robot <lkp@intel.com> Fixes: adad556efcdd ("crypto: api - Fix built-in testing dependency failures") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: tcrypt - fix skcipher multi-buffer tests for 1420B blocksHoria Geantă2021-10-221-3/+2
| | | | | | | | | | | | | | | Commit ad6d66bcac77e ("crypto: tcrypt - include 1420 byte blocks in aead and skcipher benchmarks") mentions: > power-of-2 block size. So let's add 1420 bytes explicitly, and round > it up to the next blocksize multiple of the algo in question if it > does not support 1420 byte blocks. but misses updating skcipher multi-buffer tests. Fix this by using the proper (rounded) input size. Fixes: ad6d66bcac77e ("crypto: tcrypt - include 1420 byte blocks in aead and skcipher benchmarks") Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* hwrng: s390 - replace snprintf in show functions with sysfs_emitQing Wang2021-10-221-2/+2
| | | | | | | | | | | | | coccicheck complains about the use of snprintf() in sysfs show functions. Fix the following coccicheck warning: drivers/char/hw_random/s390-trng.c:114:8-16: WARNING: use scnprintf or sprintf. drivers/char/hw_random/s390-trng.c:122:8-16: WARNING: use scnprintf or sprintf. Use sysfs_emit instead of scnprintf or sprintf makes more sense. Signed-off-by: Qing Wang <wangqing@vivo.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: octeontx2 - set assoclen in aead_do_fallback()Ovidiu Panait2021-10-151-0/+1
| | | | | | | | | Currently, in case of aead fallback, no associated data info is set in the fallback request. To fix this, call aead_request_set_ad() to pass the assoclen. Fixes: 6f03f0e8b6c8 ("crypto: octeontx2 - register with linux crypto framework") Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ccp - Fix whitespace in sev_cmd_buffer_len()Peter Gonda2021-10-151-1/+1
| | | | | | | | | | | | | | | | | | Extra tab in sev_cmd_buffer_len(). Signed-off-by: Peter Gonda <pgonda@google.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Marc Orr <marcorr@google.com> Cc: Joerg Roedel <jroedel@suse.de> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: David Rientjes <rientjes@google.com> Cc: John Allen <john.allen@amd.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Reviewed-by: Marc Orr <marcorr@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* hwrng: mtk - Force runtime pm ops for sleep opsMarkus Schneider-Pargmann2021-10-081-2/+7
| | | | | | | | | | | | | | | | | | | Currently mtk_rng_runtime_suspend/resume is called for both runtime pm and system sleep operations. This is wrong as these should only be runtime ops as the name already suggests. Currently freezing the system will lead to a call to mtk_rng_runtime_suspend even if the device currently isn't active. This leads to a clock warning because it is disabled/unprepared although it isn't enabled/prepared currently. This patch fixes this by only setting the runtime pm ops and forces to call the runtime pm ops from the system sleep ops as well if active but not otherwise. Fixes: 81d2b34508c6 ("hwrng: mtk - add runtime PM support") Signed-off-by: Markus Schneider-Pargmann <msp@baylibre.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Only disable migration in crypto_disable_simd_for_test()Sebastian Andrzej Siewior2021-10-081-2/+2
| | | | | | | | | | | | | | | | | crypto_disable_simd_for_test() disables preemption in order to receive a stable per-CPU variable which it needs to modify in order to alter crypto_simd_usable() results. This can also be achived by migrate_disable() which forbidds CPU migrations but allows the task to be preempted. The latter is important for PREEMPT_RT since operation like skcipher_walk_first() may allocate memory which must not happen with disabled preemption on PREEMPT_RT. Use migrate_disable() in crypto_disable_simd_for_test() to achieve a stable per-CPU pointer. Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - share adf_enable_pf2vf_comms() from adf_pf2vf_msg.cMarco Chiappero2021-10-086-23/+26
| | | | | | | | | | | | | | | The PFVF protocol "enable" functions are direction specific but not device specific. Move the protocol enable function for the PF into the PF specific protocol file for better file organization and duplicated code reduction. NOTE: the patch keeps gen4 disabled as it doesn't have full PFVF support yet. Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Co-developed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - extract send and wait from adf_vf2pf_request_version()Marco Chiappero2021-10-081-13/+37
| | | | | | | | | | | | | | In the function adf_vf2pf_request_version(), the VF sends a request to the PF and waits for a response before parsing and handling it. Since this pattern will be used by other requests, define a new function, adf_send_vf2pf_req(), that only deals with sending a VF2PF request and waiting for a response. Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Co-developed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - add VF and PF wrappers to common send functionMarco Chiappero2021-10-083-8/+36
| | | | | | | | | | | | | | | The send function, adf_iov_putmsg(), is shared by both PF and VF. This commit provides two direction specific APIs, adf_send_pf2vf_msg() and adf_send_vf2pf_msg() which decouple the implementation, which can change and evolve over time, from the user. With this change, the adf_iov_putmsg() is now isolated inside the file adf_pf2vf_msg.c and has been marked as static. Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Co-developed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - rename pfvf collision constantsMarco Chiappero2021-10-081-13/+13
| | | | | | | | Replace any reference of "IOV" with PFVF in the collision constants. Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - move pfvf collision detection valuesMarco Chiappero2021-10-082-9/+9
| | | | | | | | | | | | Keep adf_pf2vf_msg.h as much as possible focused on the protocol definition. Instead, collision parameters are an implementation detail which should stay close to the code consuming them, therefore move them to adf_pf2vf_msg.c. Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - make pfvf send message direction agnosticMarco Chiappero2021-10-081-7/+8
| | | | | | | | | | | | | | The functions adf_iov_putmsg() and __adf_iov_putmsg() are shared by both PF and VF. Any logging or documentation should not refer to any specific direction. Make comments and log messages direction agnostic by replacing PF2VF with PFVF. Also fix the wording for some related comments. Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Co-developed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - use hweight for bit countingGiovanni Cabiddu2021-10-081-14/+2
| | | | | | | | | | Replace homegrown bit counting logic in adf_gen2_get_num_accels() and adf_gen2_get_num_aes() with the functions hweight16() and hweight32(), respectively. Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Reviewed-by: Marco Chiappero <marco.chiappero@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - remove duplicated logic across GEN2 driversMarco Chiappero2021-10-088-245/+107
| | | | | | | | | | | | | | | | | QAT GEN2 devices share most of the behavior which means a number of device specific functions can be shared too and some differences abstracted away by simple parameters. The functions adf_enable_error_correction(), get_num_accels(), get_num_aes() and get_pf2vf_offset() for c3xxx, c62x and dh895xx have been reworked and moved to the GEN2 file, adf_gen2_hw_data.c. The definitions of tx_rx_gap and tx_rings_mask have been moved to adf_gen2_hw_data.h. Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Co-developed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - fix handling of VF to PF interruptsMarco Chiappero2021-10-089-76/+133
| | | | | | | | | | | | | | | | | | | | | | | Currently, VF to PF interrupt handling is based on the DH895XCC device behavior, which is not entirely common to all devices. In order to make interrupt detection and handling correct for all of the supported devices, make the interrupt handling device specific by: - introducing get_vf2pf_sources() for getting a 32 bits long value where each bit represents a vf2pf interrupt; - adding the device [enable|disable]_vf2pf_interrupts to hw_data; - defining [enable|disable]_vf2pf_interrupts for all the devices that are currently supported, using only their required and specific ERRSOU|ERRMASK registers (DH895XCC has 32 interrupts spread across ERRSOU3 and ERRSOU5, C62X/C3XXX has 16 in ERRSOU3 only, etc). Code has been shared by different devices wherever possible. This patch is based on earlier work done by Salvatore Benedetto. Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Co-developed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - remove unnecessary collision prevention step in PFVFMarco Chiappero2021-10-081-19/+1
| | | | | | | | | | | | The initial version of the PFVF protocol included an initial "carrier sensing" to get ownership of the channel. Collisions can happen anyway, the extra wait and test does not prevent collisions, it instead slows the communication down, so remove it. Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - disregard spurious PFVF interruptsGiovanni Cabiddu2021-10-082-0/+12
| | | | | | | | | | | | Upon receiving a PFVF message, check if the interrupt bit is set in the message. If it is not, that means that the interrupt was probably triggered by a collision. In this case, disregard the message and re-enable the interrupts. Fixes: ed8ccaef52fa ("crypto: qat - Add support for SRIOV") Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Reviewed-by: Marco Chiappero <marco.chiappero@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - detect PFVF collision after ACKGiovanni Cabiddu2021-10-081-0/+7
| | | | | | | | | | | | | | Detect a PFVF collision between the local and the remote function by checking if the message on the PFVF CSR has been overwritten. This is done after the remote function confirms that the message has been received, by clearing the interrupt bit, or the maximum number of attempts (ADF_IOV_MSG_ACK_MAX_RETRY) to check the CSR has been exceeded. Fixes: ed8ccaef52fa ("crypto: qat - Add support for SRIOV") Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Co-developed-by: Marco Chiappero <marco.chiappero@intel.com> Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ccree - avoid out-of-range warnings from clangArnd Bergmann2021-10-081-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | clang points out inconsistencies in the FIELD_PREP() invocation in this driver that result from the 'mask' being a 32-bit value: drivers/crypto/ccree/cc_driver.c:117:18: error: result of comparison of constant 18446744073709551615 with expression of type 'u32' (aka 'unsigned int') is always false [-Werror,-Wtautological-constant-out-of-range-compare] cache_params |= FIELD_PREP(mask, val); ^~~~~~~~~~~~~~~~~~~~~ include/linux/bitfield.h:94:3: note: expanded from macro 'FIELD_PREP' __BF_FIELD_CHECK(_mask, 0ULL, _val, "FIELD_PREP: "); \ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/bitfield.h:52:28: note: expanded from macro '__BF_FIELD_CHECK' BUILD_BUG_ON_MSG((_mask) > (typeof(_reg))~0ull, \ ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This does not happen in other places that just pass a constant here. Work around the warnings by widening the type of the temporary variable. Fixes: 05c2a705917b ("crypto: ccree - rework cache parameters handling") Signed-off-by: Arnd Bergmann <arnd@arndb.de> Acked-by: Gilad ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon/qm - modify the uacce mode checkKai Ye2021-10-081-8/+14
| | | | | | | | | As qm should register to uacce in UACCE_DEV_SVA mode, this patch modifies to checks uacce mode before doing uacce registration. Signed-off-by: Kai Ye <yekai13@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: api - Export crypto_boot_test_finishedHerbert Xu2021-10-011-0/+1
| | | | | | | | | | | We need to export crypto_boot_test_finished in case api.c is built-in while algapi.c is built as a module. Fixes: adad556efcdd ("crypto: api - Fix built-in testing dependency failures") Reported-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Tested-by: Stephen Rothwell <sfr@canb.auug.org.au> # ppc32 build Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon/zip - Fix spelling mistake "COMSUMED" -> "CONSUMED"Colin Ian King2021-10-011-1/+1
| | | | | | | There is a spelling mistake in a literal string. Fix it. Signed-off-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ecc - fix CRYPTO_DEFAULT_RNG dependencyArnd Bergmann2021-10-011-1/+1
| | | | | | | | | | | | | | | | | | The ecc.c file started out as part of the ECDH algorithm but got moved out into a standalone module later. It does not build without CRYPTO_DEFAULT_RNG, so now that other modules are using it as well we can run into this link error: aarch64-linux-ld: ecc.c:(.text+0xfc8): undefined reference to `crypto_default_rng' aarch64-linux-ld: ecc.c:(.text+0xff4): undefined reference to `crypto_put_default_rng' Move the 'select CRYPTO_DEFAULT_RNG' statement into the correct symbol. Fixes: 0d7a78643f69 ("crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm") Fixes: 4e6602916bc6 ("crypto: ecdsa - Add support for ECDSA signature verification") Signed-off-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* hwrng: meson - Improve error handling for core clockUwe Kleine-König2021-10-011-2/+3
| | | | | | | | | | | | | | | -ENOENT (ie. "there is no clock") is fine to ignore for an optional clock, other values are not supposed to be ignored and should be escalated to the caller (e.g. -EPROBE_DEFER). Ignore -ENOENT by using devm_clk_get_optional(). While touching this code also add an error message for the fatal errors. Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Reviewed-by: Neil Armstrong <narmstrong@baylibre.com> Reviewed-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: api - Fix built-in testing dependency failuresHerbert Xu2021-09-243-27/+108
| | | | | | | | | | | | | | | | | | | | | When complex algorithms that depend on other algorithms are built into the kernel, the order of registration must be done such that the underlying algorithms are ready before the ones on top are registered. As otherwise they would fail during the self-test which is required during registration. In the past we have used subsystem initialisation ordering to guarantee this. The number of such precedence levels are limited and they may cause ripple effects in other subsystems. This patch solves this problem by delaying all self-tests during boot-up for built-in algorithms. They will be tested either when something else in the kernel requests for them, or when we have finished registering all built-in algorithms, whichever comes earlier. Reported-by: Vladis Dronov <vdronov@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: marvell/cesa - drop unneeded MODULE_ALIASKrzysztof Kozlowski2021-09-241-1/+0
| | | | | | | | The MODULE_DEVICE_TABLE already creates proper alias for platform driver. Having another MODULE_ALIAS causes the alias to be duplicated. Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - power up 4xxx deviceGiovanni Cabiddu2021-09-244-0/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After reset or boot, QAT 4xxx devices are inactive and require to be explicitly activated. This is done by writing the DRV_ACTIVE bit in the PM_INTERRUPT register and polling the PM_INIT_STATE to make sure that the transaction has completed properly. If this is not done, the driver will fail the initialization sequence reporting the following message: [ 22.081193] 4xxx 0000:f7:00.0: enabling device (0140 -> 0142) [ 22.720285] QAT: AE0 is inactive!! [ 22.720287] QAT: failed to get device out of reset [ 22.720288] 4xxx 0000:f7:00.0: qat_hal_clr_reset error [ 22.720290] 4xxx 0000:f7:00.0: Failed to init the AEs [ 22.720290] 4xxx 0000:f7:00.0: Failed to initialise Acceleration Engine [ 22.720789] 4xxx 0000:f7:00.0: Resetting device qat_dev0 [ 22.825099] 4xxx: probe of 0000:f7:00.0 failed with error -14 The patch also temporarily disables the power management source of interrupt, to avoid possible spurious interrupts as the power management feature is not fully supported. The device init function has been added to adf_dev_init(), and not in the probe of 4xxx to make sure that the device is re-enabled in case of reset. Note that the error code reported by hw_data->init_device() in adf_dev_init() has been shadowed for consistency with the other calls in the same function. Fixes: 8c8268166e83 ("crypto: qat - add qat_4xxx driver") Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Reviewed-by: Wojciech Ziemba <wojciech.ziemba@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - disable pkc for non-E SoCsMichael Walle2021-09-242-4/+18
| | | | | | | | | | | | | | | | | | | | | On newer CAAM versions, not all accelerators are disabled if the SoC is a non-E variant. While the driver checks most of the modules for availability, there is one - PKHA - which sticks out. On non-E variants it is still reported as available, that is the number of instances is non-zero, but it has limited functionality. In particular it doesn't support encryption and decryption, but just signing and verifying. This is indicated by a bit in the PKHA_MISC field. Take this bit into account if we are checking for availability. This will the following error: [ 8.167817] caam_jr 8020000.jr: 20000b0f: CCB: desc idx 11: : Invalid CHA selected. Tested on an NXP LS1028A (non-E) SoC. Fixes: d239b10d4ceb ("crypto: caam - add register map changes cf. Era 10") Signed-off-by: Michael Walle <michael@walle.cc> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aesni - check walk.nbytes instead of errShreyansh Chouhan2021-09-171-1/+1
| | | | | | | | | | | | | | | | In the code for xts_crypt(), we check for the err value returned by skcipher_walk_virt() and return from the function if it is non zero. However, skcipher_walk_virt() can set walk.nbytes to 0, which would cause us to call kernel_fpu_begin(), and then skip the kernel_fpu_end() call. This patch checks for the walk.nbytes value instead, and returns if walk.nbytes is 0. This prevents us from calling kernel_fpu_begin() in the first place and also covers the case of having a non zero err value returned from skcipher_walk_virt(). Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Shreyansh Chouhan <chouhan.shreyansh630@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: drbg - Fix unused value warning in drbg_healthcheck_sanity()Tim Gardner2021-09-171-1/+1
| | | | | | | | | | | | | | | | | | | | | Coverity warns uf an unused value: CID 44865 (#2 of 2): Unused value (UNUSED_VALUE) assigned_value: Assigning value -14 to ret here, but that stored value is overwritten before it can be used. 2006 int ret = -EFAULT; ... value_overwrite: Overwriting previous write to ret with value from drbg_seed(drbg, &addtl, false). 2052 ret = drbg_seed(drbg, &addtl, false); Fix this by removing the variable initializer. Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Tim Gardner <tim.gardner@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: img-hash - remove need for error return variable retColin Ian King2021-09-171-6/+1
| | | | | | | | | | | | | The assignment to error return variable ret and then the jump to an error exit path can be simplified by just returning the error return at the failure point. This allows variable ret and the error return path to be removed. This cleans up a static analysis warninng that variable ret is being assigned (value never being used) and being re-assigned later. Addresses-Coverity: ("Unused value") Signed-off-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* hwrng: ixp4xx - Make use of the helper function devm_platform_ioremap_resource()Cai Huoqing2021-09-171-3/+1
| | | | | | | | | Use the devm_platform_ioremap_resource() helper instead of calling platform_get_resource() and devm_ioremap_resource() separately Signed-off-by: Cai Huoqing <caihuoqing@baidu.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - remove unneeded packed attributeGiovanni Cabiddu2021-09-171-6/+6
| | | | | | | | | | | | | | | Remove packed attribute from structures that do not need to be packed. These are just used internally and not shared with firmware. This also fixes a series of warning when compiling the driver with the flag -Waddress-of-packed-member, similar to the following: drivers/crypto/qat/qat_c62xvf/adf_c62xvf_hw_data.c:102:28: warning: taking address of packed member 'csr_ops' of class or structure 'adf_hw_device_data' may result in an unaligned pointer value Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Reported-by: kernel test robot <lkp@intel.com> Reviewed-by: Wojciech Ziemba <wojciech.ziemba@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - free irq in case of failureWojciech Ziemba2021-09-171-29/+34
| | | | | | | | | | If devm_request_irq() fails inside adf_request_irqs(), unwind properly by freeing the allocated irqs. Signed-off-by: Wojciech Ziemba <wojciech.ziemba@intel.com> Co-developed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - free irqs only if allocatedMaksim Lukoshkov2021-09-173-37/+35
| | | | | | | | | | | | | | Change the irq allocation logic so that it is possible to free only the allocated irqs in case of error. A new flag is introduced for every PF/VF interrupt. This flag is set to "true" only when the interrupt is requested. During clean up, devm_free_irq() is only called if this flag is set. Signed-off-by: Maksim Lukoshkov <maksim.lukoshkov@intel.com> Co-developed-by: Wojciech Ziemba <wojciech.ziemba@intel.com> Signed-off-by: Wojciech Ziemba <wojciech.ziemba@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - remove unmatched CPU affinity to cluster IRQWojciech Ziemba2021-09-171-1/+0
| | | | | | | | This patch removes redundant CPU affinity to AE cluster IRQ. Signed-off-by: Wojciech Ziemba <wojciech.ziemba@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - replace deprecated MSI APIWojciech Ziemba2021-09-173-60/+55
| | | | | | | | | | | Replace deprecated MSI enable and disable respectively and update handling of return values. Signed-off-by: Wojciech Ziemba <wojciech.ziemba@intel.com> Co-developed-by: Gupta Shashank <shashank.gupta@intel.com> Signed-off-by: Gupta Shashank <shashank.gupta@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon/qm - support the userspace task resettingKai Ye2021-09-171-1/+45
| | | | | | | | | | | | | Allocate an extra memory page for qp in the qp memory initialization. Set a qp error flag in the extra page addr when device resetting. This error flag can be seen in the userspace. This flag can helps users to stop tasks when device resetting. After resetting, this error flag will be reset when this qp is created again. So app should release the old qp and request a new one, and do the task on the new queue again. Signed-off-by: Kai Ye <yekai13@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>