1. 22 Feb, 2019 1 commit
  2. 08 Feb, 2019 1 commit
    • Gilad Ben-Yossef's avatar
      crypto: ccree - fix resume race condition on init · 1358c13a
      Gilad Ben-Yossef authored
      We were enabling autosuspend, which is using data set by the
      hash module, prior to the hash module being inited, casuing
      a crash on resume as part of the startup sequence if the race
      was lost.
      
      This was never a real problem because the PM infra was using low
      res timers so we were always winning the race, until commit 8234f673
      ("PM-runtime: Switch autosuspend over to using hrtimers") changed that :-)
      
      Fix this by seperating the PM setup and enablement and doing the
      latter only at the end of the init sequence.
      Signed-off-by: default avatarGilad Ben-Yossef <gilad@benyossef.com>
      Cc: Vincent Guittot <vincent.guittot@linaro.org>
      Cc: stable@kernel.org # v4.20
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      1358c13a
  3. 25 Jan, 2019 1 commit
  4. 10 Jan, 2019 7 commits
    • Christophe Leroy's avatar
      crypto: talitos - fix ablkcipher for CONFIG_VMAP_STACK · 1bea445b
      Christophe Leroy authored
      [    2.364486] WARNING: CPU: 0 PID: 60 at ./arch/powerpc/include/asm/io.h:837 dma_nommu_map_page+0x44/0xd4
      [    2.373579] CPU: 0 PID: 60 Comm: cryptomgr_test Tainted: G        W         4.20.0-rc5-00560-g6bfb52e23a00-dirty #531
      [    2.384740] NIP:  c000c540 LR: c000c584 CTR: 00000000
      [    2.389743] REGS: c95abab0 TRAP: 0700   Tainted: G        W          (4.20.0-rc5-00560-g6bfb52e23a00-dirty)
      [    2.400042] MSR:  00029032 <EE,ME,IR,DR,RI>  CR: 24042204  XER: 00000000
      [    2.406669]
      [    2.406669] GPR00: c02f2244 c95abb60 c6262990 c95abd80 0000256a 00000001 00000001 00000001
      [    2.406669] GPR08: 00000000 00002000 00000010 00000010 24042202 00000000 00000100 c95abd88
      [    2.406669] GPR16: 00000000 c05569d4 00000001 00000010 c95abc88 c0615664 00000004 00000000
      [    2.406669] GPR24: 00000010 c95abc88 c95abc88 00000000 c61ae210 c7ff6d40 c61ae210 00003d68
      [    2.441559] NIP [c000c540] dma_nommu_map_page+0x44/0xd4
      [    2.446720] LR [c000c584] dma_nommu_map_page+0x88/0xd4
      [    2.451762] Call Trace:
      [    2.454195] [c95abb60] [82000808] 0x82000808 (unreliable)
      [    2.459572] [c95abb80] [c02f2244] talitos_edesc_alloc+0xbc/0x3c8
      [    2.465493] [c95abbb0] [c02f2600] ablkcipher_edesc_alloc+0x4c/0x5c
      [    2.471606] [c95abbd0] [c02f4ed0] ablkcipher_encrypt+0x20/0x64
      [    2.477389] [c95abbe0] [c02023b0] __test_skcipher+0x4bc/0xa08
      [    2.483049] [c95abe00] [c0204b60] test_skcipher+0x2c/0xcc
      [    2.488385] [c95abe20] [c0204c48] alg_test_skcipher+0x48/0xbc
      [    2.494064] [c95abe40] [c0205cec] alg_test+0x164/0x2e8
      [    2.499142] [c95abf00] [c0200dec] cryptomgr_test+0x48/0x50
      [    2.504558] [c95abf10] [c0039ff4] kthread+0xe4/0x110
      [    2.509471] [c95abf40] [c000e1d0] ret_from_kernel_thread+0x14/0x1c
      [    2.515532] Instruction dump:
      [    2.518468] 7c7e1b78 7c9d2378 7cbf2b78 41820054 3d20c076 8089c200 3d20c076 7c84e850
      [    2.526127] 8129c204 7c842e70 7f844840 419c0008 <0fe00000> 2f9e0000 54847022 7c84fa14
      [    2.533960] ---[ end trace bf78d94af73fe3b8 ]---
      [    2.539123] talitos ff020000.crypto: master data transfer error
      [    2.544775] talitos ff020000.crypto: TEA error: ISR 0x20000000_00000040
      [    2.551625] alg: skcipher: encryption failed on test 1 for ecb-aes-talitos: ret=22
      
      IV cannot be on stack when CONFIG_VMAP_STACK is selected because the stack
      cannot be DMA mapped anymore.
      
      This patch copies the IV into the extended descriptor.
      
      Fixes: 4de9d0b5 ("crypto: talitos - Add ablkcipher algorithms")
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarChristophe Leroy <christophe.leroy@c-s.fr>
      Reviewed-by: default avatarHoria Geantă <horia.geanta@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      1bea445b
    • Christophe Leroy's avatar
      crypto: talitos - reorder code in talitos_edesc_alloc() · c56c2e17
      Christophe Leroy authored
      This patch moves the mapping of IV after the kmalloc(). This
      avoids having to unmap in case kmalloc() fails.
      Signed-off-by: default avatarChristophe Leroy <christophe.leroy@c-s.fr>
      Reviewed-by: default avatarHoria Geantă <horia.geanta@nxp.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      c56c2e17
    • Dan Carpenter's avatar
      crypto: cavium/nitrox - Use after free in process_response_list() · 06bbf753
      Dan Carpenter authored
      We free "sr" and then dereference it on the next line.
      
      Fixes: c9613335 ("crypto: cavium/nitrox - Added AEAD cipher support")
      Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      06bbf753
    • Horia Geantă's avatar
      crypto: caam - fix SHA support detection · 2dd3fde4
      Horia Geantă authored
      The addition of Chacha20 + Poly1305 authenc support inadvertently broke
      detection of algorithms supported by MDHA (Message Digest Hardware
      Accelerator), fix it.
      
      Fixes: d6bbd4ee ("crypto: caam/jr - add support for Chacha20 + Poly1305")
      Signed-off-by: default avatarHoria Geantă <horia.geanta@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      2dd3fde4
    • Aymen Sghaier's avatar
      crypto: caam - fix zero-length buffer DMA mapping · 04e6d25c
      Aymen Sghaier authored
      Recent changes - probably DMA API related (generic and/or arm64-specific) -
      exposed a case where driver maps a zero-length buffer:
      ahash_init()->ahash_update()->ahash_final() with a zero-length string to
      hash
      
      kernel BUG at kernel/dma/swiotlb.c:475!
      Internal error: Oops - BUG: 0 [#1] PREEMPT SMP
      Modules linked in:
      CPU: 2 PID: 1823 Comm: cryptomgr_test Not tainted 4.20.0-rc1-00108-g00c9fe37 #1
      Hardware name: LS1046A RDB Board (DT)
      pstate: 80000005 (Nzcv daif -PAN -UAO)
      pc : swiotlb_tbl_map_single+0x170/0x2b8
      lr : swiotlb_map_page+0x134/0x1f8
      sp : ffff00000f79b8f0
      x29: ffff00000f79b8f0 x28: 0000000000000000
      x27: ffff0000093d0000 x26: 0000000000000000
      x25: 00000000001f3ffe x24: 0000000000200000
      x23: 0000000000000000 x22: 00000009f2c538c0
      x21: ffff800970aeb410 x20: 0000000000000001
      x19: ffff800970aeb410 x18: 0000000000000007
      x17: 000000000000000e x16: 0000000000000001
      x15: 0000000000000019 x14: c32cb8218a167fe8
      x13: ffffffff00000000 x12: ffff80097fdae348
      x11: 0000800976bca000 x10: 0000000000000010
      x9 : 0000000000000000 x8 : ffff0000091fd6c8
      x7 : 0000000000000000 x6 : 00000009f2c538bf
      x5 : 0000000000000000 x4 : 0000000000000001
      x3 : 0000000000000000 x2 : 00000009f2c538c0
      x1 : 00000000f9fff000 x0 : 0000000000000000
      Process cryptomgr_test (pid: 1823, stack limit = 0x(____ptrval____))
      Call trace:
       swiotlb_tbl_map_single+0x170/0x2b8
       swiotlb_map_page+0x134/0x1f8
       ahash_final_no_ctx+0xc4/0x6cc
       ahash_final+0x10/0x18
       crypto_ahash_op+0x30/0x84
       crypto_ahash_final+0x14/0x1c
       __test_hash+0x574/0xe0c
       test_hash+0x28/0x80
       __alg_test_hash+0x84/0xd0
       alg_test_hash+0x78/0x144
       alg_test.part.30+0x12c/0x2b4
       alg_test+0x3c/0x68
       cryptomgr_test+0x44/0x4c
       kthread+0xfc/0x128
       ret_from_fork+0x10/0x18
      Code: d34bfc18 2a1a03f7 1a9f8694 35fff89a (d4210000)
      
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAymen Sghaier <aymen.sghaier@nxp.com>
      Signed-off-by: default avatarHoria Geantă <horia.geanta@nxp.com>
      Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      04e6d25c
    • Eric Biggers's avatar
      crypto: ccree - convert to use crypto_authenc_extractkeys() · dc95b535
      Eric Biggers authored
      Convert the ccree crypto driver to use crypto_authenc_extractkeys() so
      that it picks up the fix for broken validation of rtattr::rta_len.
      
      Fixes: ff27e85a ("crypto: ccree - add AEAD support")
      Cc: <stable@vger.kernel.org> # v4.17+
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      dc95b535
    • Eric Biggers's avatar
      crypto: bcm - convert to use crypto_authenc_extractkeys() · ab57b335
      Eric Biggers authored
      Convert the bcm crypto driver to use crypto_authenc_extractkeys() so
      that it picks up the fix for broken validation of rtattr::rta_len.
      
      This also fixes the DES weak key check to actually be done on the right
      key. (It was checking the authentication key, not the encryption key...)
      
      Fixes: 9d12ba86 ("crypto: brcm - Add Broadcom SPU driver")
      Cc: <stable@vger.kernel.org> # v4.11+
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      ab57b335
  5. 08 Jan, 2019 1 commit
  6. 04 Jan, 2019 1 commit
    • Linus Torvalds's avatar
      Remove 'type' argument from access_ok() function · 96d4f267
      Linus Torvalds authored
      Nobody has actually used the type (VERIFY_READ vs VERIFY_WRITE) argument
      of the user address range verification function since we got rid of the
      old racy i386-only code to walk page tables by hand.
      
      It existed because the original 80386 would not honor the write protect
      bit when in kernel mode, so you had to do COW by hand before doing any
      user access.  But we haven't supported that in a long time, and these
      days the 'type' argument is a purely historical artifact.
      
      A discussion about extending 'user_access_begin()' to do the range
      checking resulted this patch, because there is no way we're going to
      move the old VERIFY_xyz interface to that model.  And it's best done at
      the end of the merge window when I've done most of my merges, so let's
      just get this done once and for all.
      
      This patch was mostly done with a sed-script, with manual fix-ups for
      the cases that weren't of the trivial 'access_ok(VERIFY_xyz' form.
      
      There were a couple of notable cases:
      
       - csky still had the old "verify_area()" name as an alias.
      
       - the iter_iov code had magical hardcoded knowledge of the actual
         values of VERIFY_{READ,WRITE} (not that they mattered, since nothing
         really used it)
      
       - microblaze used the type argument for a debug printout
      
      but other than those oddities this should be a total no-op patch.
      
      I tried to fix up all architectures, did fairly extensive grepping for
      access_ok() uses, and the changes are trivial, but I may have missed
      something.  Any missed conversion should be trivially fixable, though.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      96d4f267
  7. 23 Dec, 2018 13 commits
  8. 21 Dec, 2018 1 commit
  9. 20 Dec, 2018 1 commit
  10. 19 Dec, 2018 1 commit
  11. 14 Dec, 2018 4 commits
  12. 13 Dec, 2018 1 commit
  13. 07 Dec, 2018 4 commits
  14. 29 Nov, 2018 2 commits
  15. 23 Nov, 2018 1 commit