summaryrefslogtreecommitdiffstats
path: root/drivers/crypto/bcm (follow)
Commit message (Collapse)AuthorAgeFilesLines
* crypto: bcm - Fix a whole host of kernel-doc misdemeanoursLee Jones2021-03-264-32/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the following W=1 kernel build warning(s): drivers/crypto/bcm/util.c:136: warning: Function parameter or member 'from_nents' not described in 'spu_msg_sg_add' drivers/crypto/bcm/util.c:136: warning: Function parameter or member 'length' not described in 'spu_msg_sg_add' drivers/crypto/bcm/spu.c:464: warning: Excess function parameter 'Return' description in 'spum_gcm_ccm_pad_len' drivers/crypto/bcm/spu.c:524: warning: Function parameter or member 'iv_len' not described in 'spum_aead_ivlen' drivers/crypto/bcm/spu.c:524: warning: expecting prototype for spu_aead_ivlen(). Prototype was for spum_aead_ivlen() instead drivers/crypto/bcm/spu.c:556: warning: Function parameter or member 'alg_digest_size' not described in 'spum_digest_size' drivers/crypto/bcm/spu.c:556: warning: Function parameter or member 'alg' not described in 'spum_digest_size' drivers/crypto/bcm/spu.c:556: warning: Function parameter or member 'htype' not described in 'spum_digest_size' drivers/crypto/bcm/spu.c:583: warning: bad line: drivers/crypto/bcm/spu.c:927: warning: Function parameter or member 'is_inbound' not described in 'spum_cipher_req_finish' drivers/crypto/bcm/spu.c:927: warning: Excess function parameter 'isInbound' description in 'spum_cipher_req_finish' drivers/crypto/bcm/spu2.c:557: warning: Function parameter or member 'fmd' not described in 'spu2_fmd_init' drivers/crypto/bcm/spu2.c:557: warning: Function parameter or member 'spu2_type' not described in 'spu2_fmd_init' drivers/crypto/bcm/spu2.c:557: warning: Excess function parameter 'spu2_cipher_type' description in 'spu2_fmd_init' drivers/crypto/bcm/spu2.c:615: warning: Function parameter or member 'auth_first' not described in 'spu2_fmd_ctrl0_write' drivers/crypto/bcm/spu2.c:615: warning: Excess function parameter 'authFirst' description in 'spu2_fmd_ctrl0_write' drivers/crypto/bcm/spu2.c:666: warning: Function parameter or member 'is_inbound' not described in 'spu2_fmd_ctrl1_write' drivers/crypto/bcm/spu2.c:803: warning: expecting prototype for spu_payload_length(). Prototype was for spu2_payload_length() instead drivers/crypto/bcm/spu2.c:825: warning: Function parameter or member 'is_hash' not described in 'spu2_response_hdr_len' drivers/crypto/bcm/spu2.c:825: warning: expecting prototype for spu_response_hdr_len(). Prototype was for spu2_response_hdr_len() instead drivers/crypto/bcm/spu2.c:843: warning: expecting prototype for spu_hash_pad_len(). Prototype was for spu2_hash_pad_len() instead drivers/crypto/bcm/spu2.c:855: warning: Function parameter or member 'cipher_mode' not described in 'spu2_gcm_ccm_pad_len' drivers/crypto/bcm/spu2.c:855: warning: Function parameter or member 'data_size' not described in 'spu2_gcm_ccm_pad_len' drivers/crypto/bcm/spu2.c:855: warning: expecting prototype for spu2_gcm_ccm_padlen(). Prototype was for spu2_gcm_ccm_pad_len() instead drivers/crypto/bcm/spu2.c:872: warning: expecting prototype for spu_assoc_resp_len(). Prototype was for spu2_assoc_resp_len() instead drivers/crypto/bcm/spu2.c:919: warning: Function parameter or member 'alg_digest_size' not described in 'spu2_digest_size' drivers/crypto/bcm/spu2.c:919: warning: Function parameter or member 'alg' not described in 'spu2_digest_size' drivers/crypto/bcm/spu2.c:919: warning: Function parameter or member 'htype' not described in 'spu2_digest_size' drivers/crypto/bcm/spu2.c:945: warning: expecting prototype for spu_create_request(). Prototype was for spu2_create_request() instead drivers/crypto/bcm/spu2.c:1122: warning: expecting prototype for spu_cipher_req_init(). Prototype was for spu2_cipher_req_init() instead drivers/crypto/bcm/spu2.c:1182: warning: Function parameter or member 'is_inbound' not described in 'spu2_cipher_req_finish' drivers/crypto/bcm/spu2.c:1182: warning: expecting prototype for spu_cipher_req_finish(). Prototype was for spu2_cipher_req_finish() instead drivers/crypto/bcm/spu2.c:1243: warning: expecting prototype for spu_request_pad(). Prototype was for spu2_request_pad() instead drivers/crypto/bcm/spu2.c:1321: warning: expecting prototype for spu_status_process(). Prototype was for spu2_status_process() instead drivers/crypto/bcm/cipher.c:1048: warning: Function parameter or member 'req' not described in 'spu_aead_rx_sg_create' drivers/crypto/bcm/cipher.c:2966: warning: Function parameter or member 'cipher' not described in 'rfc4543_gcm_esp_setkey' drivers/crypto/bcm/cipher.c:2966: warning: Function parameter or member 'key' not described in 'rfc4543_gcm_esp_setkey' drivers/crypto/bcm/cipher.c:2966: warning: Function parameter or member 'keylen' not described in 'rfc4543_gcm_esp_setkey' Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: Rob Rice <rob.rice@broadcom.com> Cc: linux-crypto@vger.kernel.org Signed-off-by: Lee Jones <lee.jones@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Fix sparse warningsHerbert Xu2021-01-227-40/+48
| | | | | | This patch fixes a number of sparse warnings in the bcm driver. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Rename struct device_private to bcm_device_privateJiri Olsa2021-01-143-4/+4
| | | | | | | | | | | | | | | | | | | | Renaming 'struct device_private' to 'struct bcm_device_private', because it clashes with 'struct device_private' from 'drivers/base/base.h'. While it's not a functional problem, it's causing two distinct type hierarchies in BTF data. It also breaks build with options: CONFIG_DEBUG_INFO_BTF=y CONFIG_CRYPTO_DEV_BCM_SPU=y as reported by Qais Yousef [1]. [1] https://lore.kernel.org/lkml/20201229151352.6hzmjvu3qh6p2qgg@e107158-lin/ Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver") Signed-off-by: Jiri Olsa <jolsa@kernel.org> Tested-by: Qais Yousef <qais.yousef@arm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sha - split sha.h into sha1.h and sha2.hEric Biggers2020-11-203-3/+6
| | | | | | | | | | | | | | | | | | | | | | | Currently <crypto/sha.h> contains declarations for both SHA-1 and SHA-2, and <crypto/sha3.h> contains declarations for SHA-3. This organization is inconsistent, but more importantly SHA-1 is no longer considered to be cryptographically secure. So to the extent possible, SHA-1 shouldn't be grouped together with any of the other SHA versions, and usage of it should be phased out. Therefore, split <crypto/sha.h> into two headers <crypto/sha1.h> and <crypto/sha2.h>, and make everyone explicitly specify whether they want the declarations for SHA-1, SHA-2, or both. This avoids making the SHA-1 declarations visible to files that don't want anything to do with SHA-1. It also prepares for potentially moving sha1.h into a new insecure/ or dangerous/ directory. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Verify GCM/CCM key length in setkeyHerbert Xu2020-10-081-1/+14
| | | | | | | | | | | | | | The setkey function for GCM/CCM algorithms didn't verify the key length before copying the key and subtracting the salt length. This patch delays the copying of the key til after the verification has been done. It also adds checks on the key length to ensure that it's at least as long as the salt. Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver") Cc: <stable@vger.kernel.org> Reported-by: kiyin(尹亮) <kiyin@tencent.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm-iproc - remove ecb(arc4) supportArd Biesheuvel2020-09-116-128/+6
| | | | | Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: drivers - set the flag CRYPTO_ALG_ALLOCATES_MEMORYMikulas Patocka2020-07-161-19/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set the flag CRYPTO_ALG_ALLOCATES_MEMORY in the crypto drivers that allocate memory. drivers/crypto/allwinner/sun8i-ce/sun8i-ce-core.c: sun8i_ce_cipher drivers/crypto/allwinner/sun8i-ss/sun8i-ss-core.c: sun8i_ss_cipher drivers/crypto/amlogic/amlogic-gxl-core.c: meson_cipher drivers/crypto/axis/artpec6_crypto.c: artpec6_crypto_common_init drivers/crypto/bcm/cipher.c: spu_skcipher_rx_sg_create drivers/crypto/caam/caamalg.c: aead_edesc_alloc drivers/crypto/caam/caamalg_qi.c: aead_edesc_alloc drivers/crypto/caam/caamalg_qi2.c: aead_edesc_alloc drivers/crypto/caam/caamhash.c: hash_digest_key drivers/crypto/cavium/cpt/cptvf_algs.c: process_request drivers/crypto/cavium/nitrox/nitrox_aead.c: nitrox_process_se_request drivers/crypto/cavium/nitrox/nitrox_skcipher.c: nitrox_process_se_request drivers/crypto/ccp/ccp-crypto-aes-cmac.c: ccp_do_cmac_update drivers/crypto/ccp/ccp-crypto-aes-galois.c: ccp_crypto_enqueue_request drivers/crypto/ccp/ccp-crypto-aes-xts.c: ccp_crypto_enqueue_request drivers/crypto/ccp/ccp-crypto-aes.c: ccp_crypto_enqueue_request drivers/crypto/ccp/ccp-crypto-des3.c: ccp_crypto_enqueue_request drivers/crypto/ccp/ccp-crypto-sha.c: ccp_crypto_enqueue_request drivers/crypto/chelsio/chcr_algo.c: create_cipher_wr drivers/crypto/hisilicon/sec/sec_algs.c: sec_alloc_and_fill_hw_sgl drivers/crypto/hisilicon/sec2/sec_crypto.c: sec_alloc_req_id drivers/crypto/inside-secure/safexcel_cipher.c: safexcel_queue_req drivers/crypto/inside-secure/safexcel_hash.c: safexcel_ahash_enqueue drivers/crypto/ixp4xx_crypto.c: ablk_perform drivers/crypto/marvell/cesa/cipher.c: mv_cesa_skcipher_dma_req_init drivers/crypto/marvell/cesa/hash.c: mv_cesa_ahash_dma_req_init drivers/crypto/marvell/octeontx/otx_cptvf_algs.c: create_ctx_hdr drivers/crypto/n2_core.c: n2_compute_chunks drivers/crypto/picoxcell_crypto.c: spacc_sg_to_ddt drivers/crypto/qat/qat_common/qat_algs.c: qat_alg_skcipher_encrypt drivers/crypto/qce/skcipher.c: qce_skcipher_async_req_handle drivers/crypto/talitos.c : talitos_edesc_alloc drivers/crypto/virtio/virtio_crypto_algs.c: __virtio_crypto_skcipher_do_req drivers/crypto/xilinx/zynqmp-aes-gcm.c: zynqmp_aes_aead_cipher Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> [EB: avoid overly-long lines] Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Use the defined variable to clean codeTang Bin2020-05-081-4/+4
| | | | | | | | Use the defined variable "dev" to make the code cleaner. Signed-off-by: Zhang Shengju <zhangshengju@cmss.chinamobile.com> Signed-off-by: Tang Bin <tangbin@cmss.chinamobile.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Fix unused assignmentTang Bin2020-04-301-8/+8
| | | | | | | | Delete unused initialized value in cipher.c file. Signed-off-by: Zhang Shengju <zhangshengju@cmss.chinamobile.com> Signed-off-by: Tang Bin <tangbin@cmss.chinamobile.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Remove the unnecessary cast for PTR_ERR().Tang Bin2020-04-301-1/+1
| | | | | | | | It's not necessary to specify 'int' casting for PTR_ERR(). Signed-off-by: Zhang Shengju <zhangshengju@cmss.chinamobile.com> Signed-off-by: Tang Bin <tangbin@cmss.chinamobile.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Delete redundant variable definitionTang Bin2020-04-241-1/+0
| | | | | | | | | | The variable "i" is redundant to be assigned a value of zero,because it's assigned in the for loop, so remove redundant one here. Signed-off-by: Shengju Zhang <zhangshengju@cmss.chinamobile.com> Signed-off-by: Tang Bin <tangbin@cmss.chinamobile.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Use scnprintf() for avoiding potential buffer overflowTakashi Iwai2020-03-201-20/+20
| | | | | | | | | Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: remove propagation of CRYPTO_TFM_RES_* flagsEric Biggers2020-01-091-12/+2
| | | | | | | | | | | | | | | | | | | | The CRYPTO_TFM_RES_* flags were apparently meant as a way to make the ->setkey() functions provide more information about errors. But these flags weren't actually being used or tested, and in many cases they weren't being set correctly anyway. So they've now been removed. Also, if someone ever actually needs to start better distinguishing ->setkey() errors (which is somewhat unlikely, as this has been unneeded for a long time), we'd be much better off just defining different return values, like -EINVAL if the key is invalid for the algorithm vs. -EKEYREJECTED if the key was rejected by a policy like "no weak keys". That would be much simpler, less error-prone, and easier to test. So just remove CRYPTO_TFM_RES_MASK and all the unneeded logic that propagates these flags around. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: remove CRYPTO_TFM_RES_BAD_KEY_LENEric Biggers2020-01-091-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to make the ->setkey() functions provide more information about errors. However, no one actually checks for this flag, which makes it pointless. Also, many algorithms fail to set this flag when given a bad length key. Reviewing just the generic implementations, this is the case for aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309, rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably many more in arch/*/crypto/ and drivers/crypto/. Some algorithms can even set this flag when the key is the correct length. For example, authenc and authencesn set it when the key payload is malformed in any way (not just a bad length), the atmel-sha and ccree drivers can set it if a memory allocation fails, and the chelsio driver sets it for bad auth tag lengths, not just bad key lengths. So even if someone actually wanted to start checking this flag (which seems unlikely, since it's been unused for a long time), there would be a lot of work needed to get it working correctly. But it would probably be much better to go back to the drawing board and just define different return values, like -EINVAL if the key is invalid for the algorithm vs. -EKEYREJECTED if the key was rejected by a policy like "no weak keys". That would be much simpler, less error-prone, and easier to test. So just remove this flag. Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm-spu - switch to skcipher APIArd Biesheuvel2019-11-173-204/+185
| | | | | | | | | | | | | | | Commit 7a7ffe65c8c5 ("crypto: skcipher - Add top-level skcipher interface") dated 20 august 2015 introduced the new skcipher API which is supposed to replace both blkcipher and ablkcipher. While all consumers of the API have been converted long ago, some producers of the ablkcipher remain, forcing us to keep the ablkcipher support routines alive, along with the matching code to expose [a]blkciphers via the skcipher API. So switch this driver to the skcipher API, allowing us to finally drop the ablkcipher code in the near future. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm/des - switch to new verification routinesArd Biesheuvel2019-08-221-62/+17
| | | | | Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - check assoclen for rfc4543/rfc4106Iuliana Prodan2019-07-271-0/+13
| | | | | | | | | | | Validated assoclen for RFC4543 which expects an assoclen of 16 or 20, the same as RFC4106. Based on seqiv, IPsec ESP and RFC4543/RFC4106 the assoclen is sizeof IP Header (spi, seq_no, extended seq_no) and IV len. This can be 16 or 20 bytes. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Merge branch 'linus' of ↵Linus Torvalds2019-07-092-9/+9
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto updates from Herbert Xu: "Here is the crypto update for 5.3: API: - Test shash interface directly in testmgr - cra_driver_name is now mandatory Algorithms: - Replace arc4 crypto_cipher with library helper - Implement 5 way interleave for ECB, CBC and CTR on arm64 - Add xxhash - Add continuous self-test on noise source to drbg - Update jitter RNG Drivers: - Add support for SHA204A random number generator - Add support for 7211 in iproc-rng200 - Fix fuzz test failures in inside-secure - Fix fuzz test failures in talitos - Fix fuzz test failures in qat" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (143 commits) crypto: stm32/hash - remove interruptible condition for dma crypto: stm32/hash - Fix hmac issue more than 256 bytes crypto: stm32/crc32 - rename driver file crypto: amcc - remove memset after dma_alloc_coherent crypto: ccp - Switch to SPDX license identifiers crypto: ccp - Validate the the error value used to index error messages crypto: doc - Fix formatting of new crypto engine content crypto: doc - Add parameter documentation crypto: arm64/aes-ce - implement 5 way interleave for ECB, CBC and CTR crypto: arm64/aes-ce - add 5 way interleave routines crypto: talitos - drop icv_ool crypto: talitos - fix hash on SEC1. crypto: talitos - move struct talitos_edesc into talitos.h lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE crypto/NX: Set receive window credits to max number of CRBs in RxFIFO crypto: asymmetric_keys - select CRYPTO_HASH where needed crypto: serpent - mark __serpent_setkey_sbox noinline crypto: testmgr - dynamically allocate crypto_shash crypto: testmgr - dynamically allocate testvec_config crypto: talitos - eliminate unneeded 'done' functions at build time ...
| * crypto: bcm - Make some symbols staticYueHaibing2019-06-132-9/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix sparse warnings: drivers/crypto/bcm/cipher.c:99:6: warning: symbol 'BCMHEADER' was not declared. Should it be static? drivers/crypto/bcm/cipher.c:2096:6: warning: symbol 'spu_no_incr_hash' was not declared. Should it be static? drivers/crypto/bcm/cipher.c:4823:5: warning: symbol 'bcm_spu_probe' was not declared. Should it be static? drivers/crypto/bcm/cipher.c:4867:5: warning: symbol 'bcm_spu_remove' was not declared. Should it be static? drivers/crypto/bcm/spu2.c:52:6: warning: symbol 'spu2_cipher_type_names' was not declared. Should it be static? drivers/crypto/bcm/spu2.c:56:6: warning: symbol 'spu2_cipher_mode_names' was not declared. Should it be static? drivers/crypto/bcm/spu2.c:60:6: warning: symbol 'spu2_hash_type_names' was not declared. Should it be static? drivers/crypto/bcm/spu2.c:66:6: warning: symbol 'spu2_hash_mode_names' was not declared. Should it be static? Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 459Thomas Gleixner2019-06-199-108/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license version 2 as published by the free software foundation the gpl this program is distributed in the hope that it will be useful but without any warranty without even the implied warranty of merchantability or fitness for a particular purpose see the gnu general public license version 2 gplv2 for more details you should have received a copy of the gnu general public license version 2 gplv2 along with this source code extracted by the scancode license scanner the SPDX license identifier GPL-2.0-only has been chosen to replace the boilerplate/reference in 16 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Enrico Weigelt <info@metux.net> Reviewed-by: Allison Randal <allison@lohutok.net> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190604081201.771169395@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* | treewide: Add SPDX license identifier - Makefile/KconfigThomas Gleixner2019-05-211-0/+1
|/ | | | | | | | | | | | | | Add SPDX license identifiers to all Make/Kconfig files which: - Have no license information of any form These files fall under the project license, GPL v2 only. The resulting SPDX license identifier is: GPL-2.0-only Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* crypto: shash - remove shash_desc::flagsEric Biggers2019-04-252-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | The flags field in 'struct shash_desc' never actually does anything. The only ostensibly supported flag is CRYPTO_TFM_REQ_MAY_SLEEP. However, no shash algorithm ever sleeps, making this flag a no-op. With this being the case, inevitably some users who can't sleep wrongly pass MAY_SLEEP. These would all need to be fixed if any shash algorithm actually started sleeping. For example, the shash_ahash_*() functions, which wrap a shash algorithm with the ahash API, pass through MAY_SLEEP from the ahash API to the shash API. However, the shash functions are called under kmap_atomic(), so actually they're assumed to never sleep. Even if it turns out that some users do need preemption points while hashing large buffers, we could easily provide a helper function crypto_shash_update_large() which divides the data into smaller chunks and calls crypto_shash_update() and cond_resched() for each chunk. It's not necessary to have a flag in 'struct shash_desc', nor is it necessary to make individual shash algorithms aware of this at all. Therefore, remove shash_desc::flags, and document that the crypto_shash_*() functions can be called from any context. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Forbid 2-key 3DES in FIPS modeHerbert Xu2019-04-181-10/+11
| | | | | | This patch forbids the use of 2-key 3DES (K1 == K3) in FIPS mode. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - remove unused array tag_to_hash_idxYueHaibing2019-03-281-3/+0
| | | | | | | | It's never used since introduction in commit 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver") Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: export arc4 definesIuliana Prodan2019-02-151-3/+1
| | | | | | | | | | Some arc4 cipher algorithm defines show up in two places: crypto/arc4.c and drivers/crypto/bcm/cipher.h. Let's export them in a common header and update their users. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - remove -I. header search path and unused macro defineMasahiro Yamada2019-02-011-2/+0
| | | | | | | | | | | | | The header search path -I. in kernel Makefiles is very suspicious; it allows the compiler to search for headers in the top of $(srctree), where obviously no header file exists. 'git grep BCMDRIVER' has no hit. So, this macro is not referenced. I was able to build this driver without the extra compiler options. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: clarify name of WEAK_KEY request flagEric Biggers2019-01-251-2/+2
| | | | | | | | | | | | | | | | | CRYPTO_TFM_REQ_WEAK_KEY confuses newcomers to the crypto API because it sounds like it is requesting a weak key. Actually, it is requesting that weak keys be forbidden (for algorithms that have the notion of "weak keys"; currently only DES and XTS do). Also it is only one letter away from CRYPTO_TFM_RES_WEAK_KEY, with which it can be easily confused. (This in fact happened in the UX500 driver, though just in some debugging messages.) Therefore, make the intent clear by renaming it to CRYPTO_TFM_REQ_FORBID_WEAK_KEYS. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - remove unused function do_decrypt()Eric Biggers2019-01-252-46/+0
| | | | | | | | The do_decrypt() function in util.c in the BCM crypto driver is never used, so remove it. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: brcm - Fix some set-but-not-used warningYueHaibing2019-01-181-5/+1
| | | | | | | | | | | | | | | | | | | | Fixes gcc '-Wunused-but-set-variable' warning: drivers/crypto/bcm/cipher.c: In function 'handle_ahash_req': drivers/crypto/bcm/cipher.c:720:15: warning: variable 'chunk_start' set but not used [-Wunused-but-set-variable] drivers/crypto/bcm/cipher.c: In function 'spu_rx_callback': drivers/crypto/bcm/cipher.c:1679:31: warning: variable 'areq' set but not used [-Wunused-but-set-variable] drivers/crypto/bcm/cipher.c:1678:22: warning: variable 'ctx' set but not used [-Wunused-but-set-variable] Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver") Signed-off-by: YueHaibing <yuehaibing@huawei.com> Reviewed-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - convert to use crypto_authenc_extractkeys()Eric Biggers2019-01-101-31/+13
| | | | | | | | | | | | | Convert the bcm crypto driver to use crypto_authenc_extractkeys() so that it picks up the fix for broken validation of rtattr::rta_len. This also fixes the DES weak key check to actually be done on the right key. (It was checking the authentication key, not the encryption key...) Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver") Cc: <stable@vger.kernel.org> # v4.11+ Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: skcipher - remove remnants of internal IV generatorsEric Biggers2018-12-231-1/+0
| | | | | | | | | | | | | | | | | | | Remove dead code related to internal IV generators, which are no longer used since they've been replaced with the "seqiv" and "echainiv" templates. The removed code includes: - The "givcipher" (GIVCIPHER) algorithm type. No algorithms are registered with this type anymore, so it's unneeded. - The "const char *geniv" member of aead_alg, ablkcipher_alg, and blkcipher_alg. A few algorithms still set this, but it isn't used anymore except to show via /proc/crypto and CRYPTO_MSG_GETALG. Just hardcode "<default>" or "<none>" in those cases. - The 'skcipher_givcrypt_request' structure, which is never used. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: remove useless initializations of cra_listEric Biggers2018-11-201-2/+0
| | | | | | | | | | | | | | | | | Some algorithms initialize their .cra_list prior to registration. But this is unnecessary since crypto_register_alg() will overwrite .cra_list when adding the algorithm to the 'crypto_alg_list'. Apparently the useless assignment has just been copy+pasted around. So, remove the useless assignments. Exception: paes_s390.c uses cra_list to check whether the algorithm is registered or not, so I left that as-is for now. This patch shouldn't change any actual behavior. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - fix normal/non key hash algorithm failureRaveendra Padasalagi2018-11-161-1/+5
| | | | | | | | | Remove setkey() callback handler for normal/non key hash algorithms and keep it for AES-CBC/CMAC which needs key. Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver") Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aead - remove useless setting of type flagsEric Biggers2018-07-081-1/+1
| | | | | | | | | | | | | | | Some aead algorithms set .cra_flags = CRYPTO_ALG_TYPE_AEAD. But this is redundant with the C structure type ('struct aead_alg'), and crypto_register_aead() already sets the type flag automatically, clearing any type flag that was already there. Apparently the useless assignment has just been copy+pasted around. So, remove the useless assignment from all the aead algorithms. This patch shouldn't change any actual behavior. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ahash - remove useless setting of cra_typeEric Biggers2018-07-081-1/+0
| | | | | | | | | | | | | | | Some ahash algorithms set .cra_type = &crypto_ahash_type. But this is redundant with the C structure type ('struct ahash_alg'), and crypto_register_ahash() already sets the .cra_type automatically. Apparently the useless assignment has just been copy+pasted around. So, remove the useless assignment from all the ahash algorithms. This patch shouldn't change any actual behavior. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ahash - remove useless setting of type flagsEric Biggers2018-07-081-3/+2
| | | | | | | | | | | | | | | | Many ahash algorithms set .cra_flags = CRYPTO_ALG_TYPE_AHASH. But this is redundant with the C structure type ('struct ahash_alg'), and crypto_register_ahash() already sets the type flag automatically, clearing any type flag that was already there. Apparently the useless assignment has just been copy+pasted around. So, remove the useless assignment from all the ahash algorithms. This patch shouldn't change any actual behavior. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: brcm - explicitly cast cipher to hash typeStefan Agner2018-03-301-2/+2
| | | | | | | | | | | | | | | | | | | | | In the AES cases enum spu_cipher_type and enum hash_type have the same values, so the assignment is fine. Explicitly cast the enum type conversion. This fixes two warnings when building with clang: drivers/crypto/bcm/cipher.c:821:34: warning: implicit conversion from enumeration type 'enum spu_cipher_type' to different enumeration type 'enum hash_type' [-Wenum-conversion] hash_parms.type = cipher_parms.type; ~ ~~~~~~~~~~~~~^~~~ drivers/crypto/bcm/cipher.c:1412:26: warning: implicit conversion from enumeration type 'enum spu_cipher_type' to different enumeration type 'enum hash_type' [-Wenum-conversion] hash_parms.type = ctx->cipher_type; ~ ~~~~~^~~~~~~~~~~ Signed-off-by: Stefan Agner <stefan@agner.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Delete an error message for a failed memory allocation in ↵Markus Elfring2018-02-221-1/+0
| | | | | | | | | | | do_shash() Omit an extra message for a memory allocation failure in this function. This issue was detected by using the Coccinelle software. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: drivers - remove duplicate includesPravin Shedge2017-12-221-1/+0
| | | | | | | | These duplicate includes have been found with scripts/checkincludes.pl but they have been removed manually to avoid removing false positives. Signed-off-by: Pravin Shedge <pravin.shedge4linux@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - pr_err() strings should end with newlinesArvind Yadav2017-10-121-7/+7
| | | | | | | | pr_err() messages should terminated with a new-line to avoid other messages being concatenated onto the end. Signed-off-by: Arvind Yadav <arvind.yadav.cs@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - use of_device_get_match_dataCorentin LABBE2017-10-071-5/+2
| | | | | | | | | The usage of of_device_get_match_data reduce the code size a bit. Furthermore, it prevents an improbable dereference when of_match_device() return NULL. Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: brcm - Explicity ACK mailbox messageraveendra padasalagi2017-09-221-55/+46
| | | | | | | | | | | | | | | | Add support to explicity ACK mailbox message because after sending message we can know the send status via error attribute of brcm_message. This is needed to support "txdone_ack" supported in mailbox controller driver. Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver") Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com> Reviewed-by: Anup Patel <anup.patel@broadcom.com> Reviewed-by: Scott Branden <scott.branden@broadcom.com> Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - Use GCM IV size constantCorentin LABBE2017-09-222-6/+5
| | | | | | | This patch replace GCM IV size value by their constant name. Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: brcm - Support more FlexRM rings than SPU engines.raveendra padasalagi2017-08-032-66/+56
| | | | | | | | | | | | | Enhance code to generically support cases where DMA rings are greater than or equal to number of SPU engines. New hardware has underlying DMA engine-FlexRM with 32 rings which can be used to communicate to any of the available 10 SPU engines. Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com> Reviewed-by: Scott Branden <scott.branden@broadcom.com> Reviewed-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: brcm - add NULL check on of_match_device() return valueGustavo A. R. Silva2017-07-181-0/+5
| | | | | | | | | | Check return value from call to of_match_device() in order to prevent a NULL pointer dereference. In case of NULL print error message and return -ENODEV Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: brcm - Fix SHA3-512 algorithm failureraveendra padasalagi2017-07-181-0/+1
| | | | | | | | | | | | | | In Broadcom SPU driver, due to missing break statement in spu2_hash_xlate() while mapping SPU2 equivalent SHA3-512 value, -EINVAL is chosen and hence leading to failure of SHA3-512 algorithm. This patch fixes the same. Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver") Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com> Reviewed-by: Ray Jui <ray.jui@broadcom.com> Reviewed-by: Scott Branden <scott.branden@broadcom.com> Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: brcm - fix spelling mistake: "fallbck" -> "fallback"Colin Ian King2017-06-191-1/+1
| | | | | | | | Trivial fix to spelling mistake in flow_log message Signed-off-by: Colin Ian King <colin.king@canonical.com> Reviewed-by: Steve Lin <steven.lin1@broadcom.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: brcm - Use IPAD/OPAD constantCorentin LABBE2017-05-231-2/+3
| | | | | | | | This patch simply replace all occurrence of HMAC IPAD/OPAD value by their define. Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - fix spelling mistake: "genereate" -> "generate"Colin Ian King2017-03-091-1/+1
| | | | | | | | trivial fix to spelling mistake in pr_err message Signed-off-by: Colin Ian King <colin.king@canonical.com> Acked-by: Steve Lin <steven.lin1@broadcom.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: brcm - Avoid double free in ahash_finup()Rob Rice2017-02-151-1/+0
| | | | | | | | | | In Broadcom SPU driver, in case where incremental hash is done in software in ahash_finup(), tmpbuf was freed twice. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Rob Rice <rob.rice@broadcom.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>