platform/kernel/linux-starfive.git
4 years agocrypto: hisilicon - update HPRE module parameter description
Longfang Liu [Thu, 10 Sep 2020 11:56:40 +0000 (19:56 +0800)]
crypto: hisilicon - update HPRE module parameter description

In order to pass kernel CRYPTO test, HPRE module parameter
'pf_q_num' needs to be set as greater than 1.

Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon - update mininum queue
Longfang Liu [Thu, 10 Sep 2020 11:56:39 +0000 (19:56 +0800)]
crypto: hisilicon - update mininum queue

At present, as HPRE/SEC/ZIP modules' parameter 'pf_q_num' is 1,
kernel CRYPTO test will fail on the algorithms from the modules,
since 'QP' hardware resources are not enough for CRYPTO TFM.
To fix this, the minimum value of 'pf_q_num' should be 2.

Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: qat - use PCI_VDEVICE
Giovanni Cabiddu [Wed, 9 Sep 2020 10:59:40 +0000 (11:59 +0100)]
crypto: qat - use PCI_VDEVICE

Build pci_device_id structure using the PCI_VDEVICE macro.
This removes any references to the ADF_SYSTEM_DEVICE macro.

Suggested-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Reviewed-by: Fiona Trahe <fiona.trahe@intel.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: qat - replace device ids defines
Giovanni Cabiddu [Wed, 9 Sep 2020 10:59:39 +0000 (11:59 +0100)]
crypto: qat - replace device ids defines

Replace device ids defined in the QAT drivers with the ones in
include/linux/pci_ids.h.

Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Reviewed-by: Fiona Trahe <fiona.trahe@intel.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: sa2ul - Fix pm_runtime_get_sync() error checking
Dan Carpenter [Wed, 9 Sep 2020 09:45:28 +0000 (12:45 +0300)]
crypto: sa2ul - Fix pm_runtime_get_sync() error checking

The pm_runtime_get_sync() function returns either 0 or 1 on success but
this code treats a return of 1 as a failure.

Fixes: 7694b6ca649f ("crypto: sa2ul - Add crypto driver")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: inside-secure - Prevent missing of processing errors
Pascal van Leeuwen [Tue, 8 Sep 2020 06:10:45 +0000 (08:10 +0200)]
crypto: inside-secure - Prevent missing of processing errors

On systems with coherence issues, packet processed could succeed while
it should have failed, e.g. because of an authentication fail.
This is because the driver would read stale status information that had
all error bits initialised to zero = no error.
Since this is potential a security risk, we want to prevent it from being
a possibility at all. So initialize all error bits to error state, so
that reading stale status information will always result in errors.

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@rambus.com>
Acked-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: sun4i-ss - Fix sparse endianness markers
Herbert Xu [Tue, 8 Sep 2020 05:00:36 +0000 (15:00 +1000)]
crypto: sun4i-ss - Fix sparse endianness markers

This patch also fixes the incorrect endianness markings in the
sun4i-ss driver.  It should have no effect in the genereated code.

Instead of using cpu_to_Xe32 followed by a memcpy, this patch
converts the final hash write to use put_unaligned_X instead.

Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/zip - fix some coding styles
Yang Shen [Mon, 7 Sep 2020 08:22:02 +0000 (16:22 +0800)]
crypto: hisilicon/zip - fix some coding styles

1.Unified alignment styles
2.Remove unnecessary goto branch
3.Remove address printf

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/zip - supplement some comments
Yang Shen [Mon, 7 Sep 2020 08:22:01 +0000 (16:22 +0800)]
crypto: hisilicon/zip - supplement some comments

Supplement some comments.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/zip - move some private macros from 'zip.h' to 'zip_crypto.c'
Yang Shen [Mon, 7 Sep 2020 08:22:00 +0000 (16:22 +0800)]
crypto: hisilicon/zip - move some private macros from 'zip.h' to 'zip_crypto.c'

Some macros which are defined in 'zip.h' are related to the struct
'hisi_zip_sqe' and are only used in 'zip_crypto.c'. So move them from
'zip.h' to 'zip_crypto.c'.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/zip - fix static check warning
Yang Shen [Mon, 7 Sep 2020 08:21:59 +0000 (16:21 +0800)]
crypto: hisilicon/zip - fix static check warning

Fix some code for PClint warning:
    Warning - Suspicious Cast

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/zip - add print for error branch
Yang Shen [Mon, 7 Sep 2020 08:21:58 +0000 (16:21 +0800)]
crypto: hisilicon/zip - add print for error branch

Add print for some error branches.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/zip - use a enum parameter instead of some macros
Yang Shen [Mon, 7 Sep 2020 08:21:57 +0000 (16:21 +0800)]
crypto: hisilicon/zip - use a enum parameter instead of some macros

Macros 'QPC_COMP', 'QPC_DECOMP' and 'HZIP_CTX_Q_NUM' are relative and
incremental. So, use an enum instead.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/zip - replace 'sprintf' with 'scnprintf'
Yang Shen [Mon, 7 Sep 2020 08:21:56 +0000 (16:21 +0800)]
crypto: hisilicon/zip - replace 'sprintf' with 'scnprintf'

Replace 'sprintf' with 'scnprintf' to avoid overrun.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/zip - modify debugfs interface parameters
Shukun Tan [Mon, 7 Sep 2020 08:21:55 +0000 (16:21 +0800)]
crypto: hisilicon/zip - modify debugfs interface parameters

Update debugfs interface parameters

Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/zip - unify naming style for functions and macros
Yang Shen [Mon, 7 Sep 2020 08:21:54 +0000 (16:21 +0800)]
crypto: hisilicon/zip - unify naming style for functions and macros

1.Add prefix 'HZIP' for some macros
2.Add prefix 'hisi_zip' for some functions

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/zip - remove some useless parameters
Yang Shen [Mon, 7 Sep 2020 08:21:53 +0000 (16:21 +0800)]
crypto: hisilicon/zip - remove some useless parameters

1.Remove the macro 'HZIP_VF_NUM'.
2.Remove 'list' of the struct 'hisi_zip'

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: omap-sham - fix digcnt register handling with export/import
Tero Kristo [Mon, 7 Sep 2020 07:56:24 +0000 (10:56 +0300)]
crypto: omap-sham - fix digcnt register handling with export/import

Running export/import for hashes in peculiar order (mostly done by
openssl) can mess up the internal book keeping of the OMAP SHA core.
Fix by forcibly writing the correct DIGCNT back to hardware. This issue
was noticed while transitioning to openssl 1.1 support.

Fixes: 0d373d603202 ("crypto: omap-sham - Add OMAP4/AM33XX SHAM Support")
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: omap-sham - convert to use crypto engine
Tero Kristo [Mon, 7 Sep 2020 07:56:10 +0000 (10:56 +0300)]
crypto: omap-sham - convert to use crypto engine

Convert the omap-sham driver to use crypto engine for queue handling,
instead of using local implementation.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: sa2ul - Select CRYPTO_AUTHENC
Herbert Xu [Mon, 7 Sep 2020 06:22:40 +0000 (16:22 +1000)]
crypto: sa2ul - Select CRYPTO_AUTHENC

The sa2ul driver uses crypto_authenc_extractkeys and therefore
must select CRYPTO_AUTHENC.

Fixes: 7694b6ca649f ("crypto: sa2ul - Add crypto driver")
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Keerthy <j-keerthy@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: ux500 - Fix sparse endianness warnings
Herbert Xu [Fri, 4 Sep 2020 08:27:05 +0000 (18:27 +1000)]
crypto: ux500 - Fix sparse endianness warnings

This patch fixes a couple of sparse endianness warnings in the
ux500 driver.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: qat - include domain in top level debugfs path
Giovanni Cabiddu [Fri, 4 Sep 2020 08:04:15 +0000 (09:04 +0100)]
crypto: qat - include domain in top level debugfs path

Use pci_name() when creating debugfs entries in order to include PCI
domain in the path.

Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: s5p-sss - Pass error from clk_get and reduce verbosity on deferral
Krzysztof Kozlowski [Thu, 3 Sep 2020 18:04:00 +0000 (20:04 +0200)]
crypto: s5p-sss - Pass error from clk_get and reduce verbosity on deferral

Pass the error directly from devm_clk_get() to describe the real reason,
instead of fixed ENOENT.  Do not print error messages on deferred probe.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Reviewed-by: Kamil Konieczny <k.konieczny@samsung.com>
Acked-by: Kamil Konieczny <k.konieczny@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: s5p-sss - Add and fix kerneldoc
Krzysztof Kozlowski [Thu, 3 Sep 2020 18:03:59 +0000 (20:03 +0200)]
crypto: s5p-sss - Add and fix kerneldoc

Add missing and fix existing kerneldoc to silence W=1 warnings:

  drivers/crypto/s5p-sss.c:333: warning: Function parameter or member 'pclk' not described in 's5p_aes_dev'
  drivers/crypto/s5p-sss.c:373: warning: Function parameter or member 'sgl' not described in 's5p_hash_reqctx'
  drivers/crypto/s5p-sss.c:373: warning: Function parameter or member 'buffer' not described in 's5p_hash_reqctx'
  drivers/crypto/s5p-sss.c:1143: warning: Function parameter or member 'new_len' not described in 's5p_hash_prepare_sgs'
  drivers/crypto/s5p-sss.c:1143: warning: Excess function parameter 'nbytes' description in 's5p_hash_prepare_sgs'

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Reviewed-by: Kamil Konieczny <k.konieczny@samsung.com>
Acked-by: Kamil Konieczny <k.konieczny@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: s5p-sss - remove redundant null check
Xu Wang [Thu, 3 Sep 2020 08:37:38 +0000 (08:37 +0000)]
crypto: s5p-sss - remove redundant null check

Because clk_disable_unprepare already checked NULL clock
parameter, so the additional checks are unnecessary, just remove them.

Signed-off-by: Xu Wang <vulab@iscas.ac.cn>
Reviewed-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Kamil Konieczny <k.konieczny@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agohwrng: xiphera-trng: add support for XIP8001B hwrng
Atte Tommiska [Wed, 2 Sep 2020 10:28:17 +0000 (13:28 +0300)]
hwrng: xiphera-trng: add support for XIP8001B hwrng

Xiphera XIP8001B is an FPGA-based True Random Number Generator
Intellectual Property (IP) Core which can be instantiated in
multiple FPGA families. This driver adds Linux support for it through
the hwrng interface.

Signed-off-by: Atte Tommiska <atte.tommiska@xiphera.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agodt-bindings: rng: add bindings for Xiphera XIP8001B hwrng
Atte Tommiska [Wed, 2 Sep 2020 10:28:16 +0000 (13:28 +0300)]
dt-bindings: rng: add bindings for Xiphera XIP8001B hwrng

Document the device tree bindings of Xiphera's XIP8001B-trng IP.

Signed-off-by: Atte Tommiska <atte.tommiska@xiphera.com>
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agodt-bindings: vendor-prefixes: Add Xiphera vendor prefix
Atte Tommiska [Wed, 2 Sep 2020 10:28:15 +0000 (13:28 +0300)]
dt-bindings: vendor-prefixes: Add Xiphera vendor prefix

Xiphera is an FPGA-based cryptographic solutions provider based in
Finland.
Website of the company: https://xiphera.com/

Signed-off-by: Atte Tommiska <atte.tommiska@xiphera.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: cbc - Remove cbc.h
Herbert Xu [Tue, 1 Sep 2020 11:49:11 +0000 (21:49 +1000)]
crypto: cbc - Remove cbc.h

Now that crypto/cbc.h is only used by the generic cbc template,
we can merge it back into the CBC code.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: arm/aes-neonbs - Use generic cbc encryption path
Herbert Xu [Tue, 1 Sep 2020 11:48:40 +0000 (21:48 +1000)]
crypto: arm/aes-neonbs - Use generic cbc encryption path

Since commit b56f5cbc7e08ec7d31c42fc41e5247677f20b143 ("crypto:
arm/aes-neonbs - resolve fallback cipher at runtime") the CBC
encryption path in aes-neonbs is now identical to that obtained
through the cbc template.  This means that it can simply call
the generic cbc template instead of doing its own thing.

This patch removes the custom encryption path and simply invokes
the generic cbc template.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: arc4 - mark ecb(arc4) skcipher as obsolete
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:49 +0000 (18:16 +0300)]
crypto: arc4 - mark ecb(arc4) skcipher as obsolete

Cryptographic algorithms may have a lifespan that is significantly
shorter than Linux's, and so we need to start phasing out algorithms
that are known to be broken, and are no longer fit for general use.

RC4 (or arc4) is a good example here: there are a few areas where its
use is still somewhat acceptable, e.g., for interoperability with legacy
wifi hardware that can only use WEP or TKIP data encryption, but that
should not imply that, for instance, use of RC4 based EAP-TLS by the WPA
supplicant for negotiating TKIP keys is equally acceptable, or that RC4
should remain available as a general purpose cryptographic transform for
all in-kernel and user space clients.

Now that all in-kernel users that need to retain support have moved to
the arc4 library interface, and the known users of ecb(arc4) via the
socket API (iwd [0] and libell [1][2]) have been updated to switch to a
local implementation, we can take the next step, and mark the ecb(arc4)
skcipher as obsolete, and only provide it if the socket API is enabled in
the first place, as well as provide the option to disable all algorithms
that have been marked as obsolete.

[0] https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=1db8a85a60c64523
[1] https://git.kernel.org/pub/scm/libs/ell/ell.git/commit/?id=53482ce421b727c2
[2] https://git.kernel.org/pub/scm/libs/ell/ell.git/commit/?id=7f6a137809d42f6b

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agonet: wireless: drop bogus CRYPTO_xxx Kconfig selects
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:48 +0000 (18:16 +0300)]
net: wireless: drop bogus CRYPTO_xxx Kconfig selects

Drop some bogus Kconfig selects that are not entirely accurate, and
unnecessary to begin with, since the same Kconfig options also select
LIB80211 features that already imply the selected functionality (AES
for CCMP, ARC4 and ECB for TKIP)

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: bcm-iproc - remove ecb(arc4) support
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:47 +0000 (18:16 +0300)]
crypto: bcm-iproc - remove ecb(arc4) support

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: n2 - remove ecb(arc4) support
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:46 +0000 (18:16 +0300)]
crypto: n2 - remove ecb(arc4) support

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agoSUNRPC: remove RC4-HMAC-MD5 support from KerberosV
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:45 +0000 (18:16 +0300)]
SUNRPC: remove RC4-HMAC-MD5 support from KerberosV

The RC4-HMAC-MD5 KerberosV algorithm is based on RFC 4757 [0], which
was specifically issued for interoperability with Windows 2000, but was
never intended to receive the same level of support. The RFC says

  The IETF Kerberos community supports publishing this specification as
  an informational document in order to describe this widely
  implemented technology.  However, while these encryption types
  provide the operations necessary to implement the base Kerberos
  specification [RFC4120], they do not provide all the required
  operations in the Kerberos cryptography framework [RFC3961].  As a
  result, it is not generally possible to implement potential
  extensions to Kerberos using these encryption types.  The Kerberos
  encryption type negotiation mechanism [RFC4537] provides one approach
  for using such extensions even when a Kerberos infrastructure uses
  long-term RC4 keys.  Because this specification does not implement
  operations required by RFC 3961 and because of security concerns with
  the use of RC4 and MD4 discussed in Section 8, this specification is
  not appropriate for publication on the standards track.

  The RC4-HMAC encryption types are used to ease upgrade of existing
  Windows NT environments, provide strong cryptography (128-bit key
  lengths), and provide exportable (meet United States government
  export restriction requirements) encryption.  This document describes
  the implementation of those encryption types.

Furthermore, this RFC was re-classified as 'historic' by RFC 8429 [1] in
2018, stating that 'none of the encryption types it specifies should be
used'

Note that other outdated algorithms are left in place (some of which are
guarded by CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES), so this should only
adversely affect interoperability with Windows NT/2000 systems that have
not received any updates since 2008 (but are connected to a network
nonetheless)

[0] https://tools.ietf.org/html/rfc4757
[1] https://tools.ietf.org/html/rfc8429

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agostaging/rtl8192u: switch to RC4 library interface
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:44 +0000 (18:16 +0300)]
staging/rtl8192u: switch to RC4 library interface

Switch to the ARC4 library interface, to remove the pointless
dependency on the skcipher API, from which we will hopefully be
able to drop ecb(arc4) skcipher support.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agostaging/rtl8192e: switch to RC4 library interface
Ard Biesheuvel [Mon, 31 Aug 2020 15:16:43 +0000 (18:16 +0300)]
staging/rtl8192e: switch to RC4 library interface

Switch to the ARC4 library interface, to remove the pointless
dependency on the skcipher API, from which we will hopefully be
able to drop ecb(arc4) skcipher support.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agohwrng: imx-rngc - add quality to use it as kernel entropy pool
Marco Felsch [Mon, 31 Aug 2020 14:00:42 +0000 (16:00 +0200)]
hwrng: imx-rngc - add quality to use it as kernel entropy pool

The RNGB can generate 2^20 words (1 word == 4 byte) of 'random' data
after the seed pool was initialized. The pool needs to be reseeded if
more words are required. The reseeding is done automatically since
commit 3acd9ea9331c ("hwrng: imx-rngc - use automatic seeding").

We can't retrieve the TRNG values directly so we need a other way to get
the quality level. We know that the PRNG uses 20.000 entropy samples
from the TRNG to generate 2^20 words (1MiB) and the quality level is
defined as (in bits of entropy per 1024 bits of input). So the quality
level can be calculated by:

   20.000 * 1024
   ------------- = ~ 19.5
        2^20

Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
Dominik Przychodni [Mon, 31 Aug 2020 10:59:59 +0000 (11:59 +0100)]
crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA

Return -EINVAL for authenc(hmac(sha1),cbc(aes)),
authenc(hmac(sha256),cbc(aes)) and authenc(hmac(sha512),cbc(aes))
if the cipher length is not multiple of the AES block.
This is to prevent an undefined device behaviour.

Fixes: d370cec32194 ("crypto: qat - Intel(R) QAT crypto interface")
Cc: <stable@vger.kernel.org>
Signed-off-by: Dominik Przychodni <dominik.przychodni@intel.com>
[giovanni.cabiddu@intel.com: reworded commit message]
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: caam - use traditional error check pattern
Andy Shevchenko [Mon, 31 Aug 2020 07:58:32 +0000 (10:58 +0300)]
crypto: caam - use traditional error check pattern

Use traditional error check pattern
ret = ...;
if (ret)
return ret;
...
instead of checking error code to be 0.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: poly1305-x86_64 - Use XORL r32,32
Uros Bizjak [Thu, 27 Aug 2020 17:38:31 +0000 (19:38 +0200)]
crypto: poly1305-x86_64 - Use XORL r32,32

x86_64 zero extends 32bit operations, so for 64bit operands,
XORL r32,r32 is functionally equal to XORQ r64,r64, but avoids
a REX prefix byte when legacy registers are used.

Signed-off-by: Uros Bizjak <ubizjak@gmail.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: curve25519-x86_64 - Use XORL r32,32
Uros Bizjak [Thu, 27 Aug 2020 17:30:58 +0000 (19:30 +0200)]
crypto: curve25519-x86_64 - Use XORL r32,32

x86_64 zero extends 32bit operations, so for 64bit operands,
XORL r32,r32 is functionally equal to XORL r64,r64, but avoids
a REX prefix byte when legacy registers are used.

Signed-off-by: Uros Bizjak <ubizjak@gmail.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: sa2ul - fix compiler warning produced by clang
Tero Kristo [Tue, 25 Aug 2020 13:31:06 +0000 (16:31 +0300)]
crypto: sa2ul - fix compiler warning produced by clang

Clang detects a warning for an assignment that doesn't really do
anything. Fix this by removing the offending piece of code.

Fixes: 7694b6ca649f ("crypto: sa2ul - Add crypto driver")
Reported-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Reviewed-by: Nathan Chancellor <natechancellor@gmail.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com> # build
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: amlogic - Fix endianness marker
Herbert Xu [Fri, 28 Aug 2020 07:18:33 +0000 (17:18 +1000)]
crypto: amlogic - Fix endianness marker

The endianness marking on the variable v in meson_cipher is wrong.
It is actually in CPU-order, not little-endian.

This patch fixes it.

Fixes: 3d04158814e7 ("crypto: amlogic - enable working on big...")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Corentin Labbe <clabbe@baylibre.com>
Tested-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agopadata: add another maintainer and another list
Daniel Jordan [Fri, 28 Aug 2020 01:53:28 +0000 (21:53 -0400)]
padata: add another maintainer and another list

At Steffen's request, I'll help maintain padata for the foreseeable
future.

While at it, let's have patches go to lkml too since the code is now
used outside of crypto.

Signed-off-by: Daniel Jordan <daniel.m.jordan@oracle.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: sun8i-ss - remove redundant memzero_explicit()
Denis Efremov [Thu, 27 Aug 2020 12:16:11 +0000 (15:16 +0300)]
crypto: sun8i-ss - remove redundant memzero_explicit()

Remove redundant memzero_explicit() in sun8i_ss_cipher() before calling
kfree_sensitive(). kfree_sensitive() will zero the memory with
memzero_explicit().

Fixes: 453431a54934 ("mm, treewide: rename kzfree() to kfree_sensitive()")
Signed-off-by: Denis Efremov <efremov@linux.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: sun8i-ss - use kfree_sensitive()
Denis Efremov [Thu, 27 Aug 2020 06:44:02 +0000 (09:44 +0300)]
crypto: sun8i-ss - use kfree_sensitive()

Use kfree_sensitive() instead of open-coding it.

Signed-off-by: Denis Efremov <efremov@linux.com>
Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: sun8i-ce - use kfree_sensitive()
Denis Efremov [Thu, 27 Aug 2020 06:44:01 +0000 (09:44 +0300)]
crypto: sun8i-ce - use kfree_sensitive()

Use kfree_sensitive() instead of open-coding it.

Signed-off-by: Denis Efremov <efremov@linux.com>
Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: amlogic - use kfree_sensitive()
Denis Efremov [Thu, 27 Aug 2020 06:44:00 +0000 (09:44 +0300)]
crypto: amlogic - use kfree_sensitive()

Use kfree_sensitive() instead of open-coding it.

Signed-off-by: Denis Efremov <efremov@linux.com>
Tested-by: Corentin Labbe <clabbe@baylibre.com>
Acked-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: inside-secure - use kfree_sensitive()
Denis Efremov [Thu, 27 Aug 2020 06:43:59 +0000 (09:43 +0300)]
crypto: inside-secure - use kfree_sensitive()

Use kfree_sensitive() instead of open-coding it.

Signed-off-by: Denis Efremov <efremov@linux.com>
Acked-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: ccree - Simplify with dev_err_probe()
Krzysztof Kozlowski [Wed, 26 Aug 2020 16:29:54 +0000 (18:29 +0200)]
crypto: ccree - Simplify with dev_err_probe()

Common pattern of handling deferred probe can be simplified with
dev_err_probe().  Less code and also it prints the error value.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: sa2ul - Simplify with dev_err_probe()
Krzysztof Kozlowski [Wed, 26 Aug 2020 16:29:53 +0000 (18:29 +0200)]
crypto: sa2ul - Simplify with dev_err_probe()

Common pattern of handling deferred probe can be simplified with
dev_err_probe().  Less code and also it prints the error value.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agohwrng: cctrn - Simplify with dev_err_probe()
Krzysztof Kozlowski [Wed, 26 Aug 2020 15:32:33 +0000 (17:32 +0200)]
hwrng: cctrn - Simplify with dev_err_probe()

Common pattern of handling deferred probe can be simplified with
dev_err_probe().  Less code and also it prints the error value.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Hadar Gat <hadar.gat@arm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: powerpc/crc-vpmsum_test - Fix sparse endianness warning
Herbert Xu [Tue, 25 Aug 2020 01:52:02 +0000 (11:52 +1000)]
crypto: powerpc/crc-vpmsum_test - Fix sparse endianness warning

This patch fixes a sparse endianness warning by changing crc32 to
__le32 instead of u32:

  CHECK   ../arch/powerpc/crypto/crc-vpmsum_test.c
../arch/powerpc/crypto/crc-vpmsum_test.c:102:39: warning: cast from restricted __le32

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: arm64/gcm - Fix endianness warnings
Herbert Xu [Tue, 25 Aug 2020 01:38:01 +0000 (11:38 +1000)]
crypto: arm64/gcm - Fix endianness warnings

This patch changes a couple u128's to be128 which is the correct
type to use and fixes a few sparse warnings.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: arm64/sha - Add declarations for assembly variables
Herbert Xu [Tue, 25 Aug 2020 01:34:28 +0000 (11:34 +1000)]
crypto: arm64/sha - Add declarations for assembly variables

This patch adds declarations for variables only used by assembly
code to silence compiler warnings:

  CC [M]  arch/arm64/crypto/sha1-ce-glue.o
  AS [M]  arch/arm64/crypto/sha1-ce-core.o
  CC [M]  arch/arm64/crypto/sha2-ce-glue.o
  AS [M]  arch/arm64/crypto/sha2-ce-core.o
  CHECK   ../arch/arm64/crypto/sha1-ce-glue.c
  CHECK   ../arch/arm64/crypto/sha2-ce-glue.c
../arch/arm64/crypto/sha1-ce-glue.c:38:11: warning: symbol 'sha1_ce_offsetof_count' was not declared. Should it be static?
../arch/arm64/crypto/sha1-ce-glue.c:39:11: warning: symbol 'sha1_ce_offsetof_finalize' was not declared. Should it be static?
../arch/arm64/crypto/sha2-ce-glue.c:38:11: warning: symbol 'sha256_ce_offsetof_count' was not declared. Should it be static?
../arch/arm64/crypto/sha2-ce-glue.c:40:11: warning: symbol 'sha256_ce_offsetof_finalize' was not declared. Should it be static?

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: arm/poly1305 - Add prototype for poly1305_blocks_neon
Herbert Xu [Tue, 25 Aug 2020 01:23:00 +0000 (11:23 +1000)]
crypto: arm/poly1305 - Add prototype for poly1305_blocks_neon

This patch adds a prototype for poly1305_blocks_neon to slience
a compiler warning:

  CC [M]  arch/arm/crypto/poly1305-glue.o
../arch/arm/crypto/poly1305-glue.c:25:13: warning: no previous prototype for `poly1305_blocks_neon' [-Wmissing-prototypes]
 void __weak poly1305_blocks_neon(void *state, const u8 *src, u32 len, u32 hibit)
             ^~~~~~~~~~~~~~~~~~~~

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: stm32 - Fix sparse warnings
Herbert Xu [Fri, 21 Aug 2020 13:59:12 +0000 (23:59 +1000)]
crypto: stm32 - Fix sparse warnings

This patch fixes most of the sparse endianness warnings in stm32.
The patch itself doesn't change anything apart from markings,
but there is some questionable code in stm32_cryp_check_ctr_counter.

That function operates on the counters as if they're in CPU order,
however, they're then written out as big-endian.  This looks like
a genuine bug.  Therefore I've left that warning alone until
someone can confirm that this really does work as intended on
little-endian.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: ccree - fix runtime PM imbalance on error
dinghao.liu@zju.edu.cn [Fri, 21 Aug 2020 08:15:13 +0000 (16:15 +0800)]
crypto: ccree - fix runtime PM imbalance on error

pm_runtime_get_sync() increments the runtime PM usage counter
even when it returns an error code. However, users of cc_pm_get(),
a direct wrapper of pm_runtime_get_sync(), assume that PM usage
counter will not change on error. Thus a pairing decrement is needed
on the error handling path to keep the counter balanced.

Fixes: 8c7849a30255c ("crypto: ccree - simplify Runtime PM handling")
Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: mediatek - Fix endianness bugs and sparse warnings
Herbert Xu [Fri, 21 Aug 2020 07:52:04 +0000 (17:52 +1000)]
crypto: mediatek - Fix endianness bugs and sparse warnings

This patch squashes all the sparse warnings in mediatek, some of
which appear to be genuine bugs.  In particular, previously on
BE the keys and IVs all get 32-bit swabbed which can't be right
because they don't get swabbed on LE.  I presume LE is the one
that actually works.

Another funky thing is that the GHASH key gets swabbed on LE.
This makes no sense but I'm presuming someone actually tested
this on LE so I'm preserving the swabbing.  Someone needs to
test this though as it is entirely possible that GCM is the
only thing that worked on BE but not LE.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hifn_795x - Remove 64-bit build-time check
Herbert Xu [Fri, 21 Aug 2020 04:55:47 +0000 (14:55 +1000)]
crypto: hifn_795x - Remove 64-bit build-time check

As we're already using Kconfig to disable 64-bit builds for this
driver, there is no point in doing it again in the source code.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: cavium/nitrox - add an error message to explain the failure of pci_request_me...
George Acosta [Fri, 21 Aug 2020 03:12:08 +0000 (22:12 -0500)]
crypto: cavium/nitrox - add an error message to explain the failure of pci_request_mem_regions

Provide an error message for users when pci_request_mem_regions failed.

Signed-off-by: George Acosta <acostag.ubuntu@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: sa2ul - Fix pointer-to-int-cast warning
YueHaibing [Tue, 18 Aug 2020 14:00:01 +0000 (22:00 +0800)]
crypto: sa2ul - Fix pointer-to-int-cast warning

drivers/crypto/sa2ul.c: In function ‘sa_sha_init’:
drivers/crypto/sa2ul.c:1486:33: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
   crypto_ahash_digestsize(tfm), (u64)rctx);
                                 ^
./include/linux/dev_printk.h:123:47: note: in definition of macro ‘dev_dbg’
   dev_printk(KERN_DEBUG, dev, dev_fmt(fmt), ##__VA_ARGS__); \
                                               ^~~~~~~~~~~

Use %p to print rctx pointer.

Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: ahash - Remove AHASH_REQUEST_ON_STACK
Herbert Xu [Tue, 18 Aug 2020 08:25:38 +0000 (18:25 +1000)]
crypto: ahash - Remove AHASH_REQUEST_ON_STACK

This patch removes AHASH_REQUEST_ON_STACK which is unused.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: ahash - Add ahash_alg_instance
Herbert Xu [Tue, 18 Aug 2020 08:25:36 +0000 (18:25 +1000)]
crypto: ahash - Add ahash_alg_instance

This patch adds the helper ahash_alg_instance which is used to
convert a crypto_ahash object into its corresponding ahash_instance.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: ahash - Add init_tfm/exit_tfm
Herbert Xu [Tue, 18 Aug 2020 08:25:34 +0000 (18:25 +1000)]
crypto: ahash - Add init_tfm/exit_tfm

This patch adds the type-safe init_tfm/exit_tfm functions to the
ahash interface.  This is meant to replace the unsafe cra_init and
cra_exit interface.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: arm/curve25519 - include <linux/scatterlist.h>
Fabio Estevam [Mon, 24 Aug 2020 14:09:53 +0000 (11:09 -0300)]
crypto: arm/curve25519 - include <linux/scatterlist.h>

Building ARM allmodconfig leads to the following warnings:

arch/arm/crypto/curve25519-glue.c:73:12: error: implicit declaration of function 'sg_copy_to_buffer' [-Werror=implicit-function-declaration]
arch/arm/crypto/curve25519-glue.c:74:9: error: implicit declaration of function 'sg_nents_for_len' [-Werror=implicit-function-declaration]
arch/arm/crypto/curve25519-glue.c:88:11: error: implicit declaration of function 'sg_copy_from_buffer' [-Werror=implicit-function-declaration]

Include <linux/scatterlist.h> to fix such warnings

Reported-by: Olof's autobuilder <build@lixom.net>
Fixes: 0c3dc787a62a ("crypto: algapi - Remove skbuff.h inclusion")
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: stm32 - Add missing header inclusions
Herbert Xu [Fri, 21 Aug 2020 12:42:10 +0000 (22:42 +1000)]
crypto: stm32 - Add missing header inclusions

The stm32 driver was missing a number of includes that we being
pulled in by unrelated header files.  As the indirect inclusion
went away, it now fails to build.

This patch adds the missing inclusions.

Reported-by: kernel test robot <lkp@intel.com>
Fixes: 0c3dc787a62a ("crypto: algapi - Remove skbuff.h inclusion")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/qm - fix the process of register algorithms to crypto
Yang Shen [Sat, 15 Aug 2020 09:56:17 +0000 (17:56 +0800)]
crypto: hisilicon/qm - fix the process of register algorithms to crypto

When the devices are removed or not existing, the corresponding algorithms
which are registered by 'hisi-zip' driver can't be used.

Move 'hisi_zip_register_to_crypto' from 'hisi_zip_init' to
'hisi_zip_probe'. The algorithms will be registered to crypto only when
there is device bind on the driver. And when the devices are removed,
the algorithms will be unregistered.

In the previous process, the function 'xxx_register_to_crypto' need a lock
and a static variable to judge if the registration is the first time.
Move this action into the function 'hisi_qm_alg_register'. Each device
will call 'hisi_qm_alg_register' to add itself to qm list in probe process
and registering algs when the qm list is empty.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/qm - fix the call trace when unbind device
Weili Qian [Sat, 15 Aug 2020 09:56:16 +0000 (17:56 +0800)]
crypto: hisilicon/qm - fix the call trace when unbind device

Call trace will appear in the Hisilicon crypto driver unbinding or
disabling SRIOV during task running with TFMs on the corresponding
function.
The log looks like this:
[  293.908078] Call trace:
[  293.908080]  __queue_work+0x494/0x548
[  293.908081]  queue_work_on+0x84/0xd8
[  293.908092]  qm_irq+0x4c/0xd0 [hisi_qm]
[  293.908096]  __handle_irq_event_percpu+0x74/0x2a0
[  293.908098]  handle_irq_event_percpu+0x40/0x98
[  293.908099]  handle_irq_event+0x4c/0x80
[  293.908101]  handle_fasteoi_irq+0xb0/0x170
[  293.908102]  generic_handle_irq+0x3c/0x58
[  293.908103]  __handle_domain_irq+0x68/0xc0
[  293.908104]  gic_handle_irq+0xb4/0x298
[  293.908105]  el1_irq+0xcc/0x180
[  293.908107]  arch_cpu_idle+0x38/0x228
[  293.908110]  default_idle_call+0x20/0x40
[  293.908113]  do_idle+0x1cc/0x2b8
[  293.908114]  cpu_startup_entry+0x2c/0x30
[  293.908115]  rest_init+0xdc/0xe8
[  293.908117]  arch_call_rest_init+0x14/0x1c
[  293.908117]  start_kernel+0x490/0x4c4

This patch adds a waiting logic as user doing the above two operations
to avoid panic. The two operations will hold on in the driver
remove function until the tasks release all their relative TFMs.

Signed-off-by: Hui Tang <tanghui20@huawei.com>
Signed-off-by: Weili Qian <qianweili@huawei.com>
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/qm - register callback function to 'pci_driver.shutdown'
Yang Shen [Sat, 15 Aug 2020 09:56:15 +0000 (17:56 +0800)]
crypto: hisilicon/qm - register callback function to 'pci_driver.shutdown'

Since the drivers such as HPRE/SEC/ZIP do not implement
'pci_driver.shutdow', a RAS will be triggered at OS rebooting or shutting
down as the hardware device is processing request.
The log looks like this:
NOTICE:  [NimbusSecNodeType1]:[2372L]This is sec, Base = 0x141800000
NOTICE:  [NimbusSecHandle]:[2319L] SecIntSt = 0x3
NOTICE:  [NimbusSecHandle]:[2320L] SecQmIntStatus = 0x2
NOTICE:  [PrintSecurityType]:[344L] SecurityType is RECOVERABLE!

This patch offers a new API in qm to shutdown devices, and add shutdown
callbacks in ACC driver based on this new API.

So the running devices will be stopped when the OS reboot or shutdown.

Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/qm - fix VF not available after PF FLR
Shukun Tan [Sat, 15 Aug 2020 09:56:14 +0000 (17:56 +0800)]
crypto: hisilicon/qm - fix VF not available after PF FLR

When PF FLR, the hardware will actively trigger the VF FLR. Configuration
space of VF needs to be saved and restored to ensure that it is available
after the PF FLR.

Fixes: 7ce396fa12a9("crypto: hisilicon - add FLR support")
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/qm - fix no stop reason when use 'hisi_qm_stop'
Yang Shen [Sat, 15 Aug 2020 09:56:13 +0000 (17:56 +0800)]
crypto: hisilicon/qm - fix no stop reason when use 'hisi_qm_stop'

Now, there are three reasons of stopping: 'NORMAL', 'SOFT_RESET' and 'FLR'.
In order to keep this, explicitly pass the stop reason as an input
parameter of 'hisi_qm_stop' function.

Fixes: b67202e8ed30("crypto: hisilicon/qm - add state machine for QM")
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/qm - fix event queue depth to 2048
Shukun Tan [Sat, 15 Aug 2020 09:56:12 +0000 (17:56 +0800)]
crypto: hisilicon/qm - fix event queue depth to 2048

Increasing depth of 'event queue' from 1024 to 2048, which equals to twice
depth of 'completion queue'. It will fix the easily happened 'event queue
overflow' as using 1024 queue depth for 'event queue'.

Fixes: 263c9959c937("crypto: hisilicon - add queue management driver...")
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/qm - fix judgement of queue is full
Hui Tang [Sat, 15 Aug 2020 09:56:11 +0000 (17:56 +0800)]
crypto: hisilicon/qm - fix judgement of queue is full

The queue depth is 1024, so the condition for judging the queue full
should be 1023, otherwise the hardware cannot judge whether the queue
is empty or full.

Fixes: 263c9959c937("crypto: hisilicon - add queue management driver...")
Signed-off-by: Hui Tang <tanghui20@huawei.com>
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/qm - fix print frequence in hisi_qp_send
Yang Shen [Sat, 15 Aug 2020 09:56:10 +0000 (17:56 +0800)]
crypto: hisilicon/qm - fix print frequence in hisi_qp_send

Requests will be sent continuously as resetting, which will cause 'printk'
flooding. Using 'dev_info_ratelimited' can solve this problem well.

Fixes: b67202e8ed30("crypto: hisilicon/qm - add state machine for QM")
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/qm - clear used reference count when start qp
Shukun Tan [Sat, 15 Aug 2020 09:56:09 +0000 (17:56 +0800)]
crypto: hisilicon/qm - clear used reference count when start qp

The used reference count is used for counting the number of 'sqe' which
is under processing. This reference count should be cleared as starting
'qp', otherwise the 'used' will be messy when allocating this 'qp' again.

Fixes: 5308f6600a39("crypto: hisilicon - QM memory management...")
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hisilicon/qm - fix wrong release after using strsep
Sihang Chen [Sat, 15 Aug 2020 09:56:08 +0000 (17:56 +0800)]
crypto: hisilicon/qm - fix wrong release after using strsep

Save the string address before pass to strsep, release it at end.
Because strsep will update the string address to point after the
token.

Fixes: c31dc9fe165d("crypto: hisilicon/qm - add DebugFS for xQC and...")
Signed-off-by: Sihang Chen <chensihang1@hisilicon.com>
Signed-off-by: Yang Shen <shenyang39@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: virtio - don't use 'default m'
Ram Muthiah [Wed, 12 Aug 2020 19:20:53 +0000 (12:20 -0700)]
crypto: virtio - don't use 'default m'

Drivers shouldn't be enabled by default unless there is a very good
reason to do so.  There doesn't seem to be any such reason for the
virtio crypto driver, so change it to the default of 'n'.

Signed-off-by: Ram Muthiah <rammuthiah@google.com>
[EB: adjusted commit message]
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: picoxcell - Fix potential race condition bug
Madhuparna Bhowmik [Tue, 11 Aug 2020 12:30:24 +0000 (18:00 +0530)]
crypto: picoxcell - Fix potential race condition bug

engine->stat_irq_thresh was initialized after device_create_file() in
the probe function, the initialization may race with call to
spacc_stat_irq_thresh_store() which updates engine->stat_irq_thresh,
therefore initialize it before creating the file in probe function.

Found by Linux Driver Verification project (linuxtesting.org).

Fixes: ce92136843cb ("crypto: picoxcell - add support for the...")
Signed-off-by: Madhuparna Bhowmik <madhuparnabhowmik10@gmail.com>
Acked-by: Jamie Iles <jamie@jamieiles.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: hash - Remove unused async iterators
Ira Weiny [Tue, 11 Aug 2020 00:40:15 +0000 (17:40 -0700)]
crypto: hash - Remove unused async iterators

Revert "crypto: hash - Add real ahash walk interface"
This reverts commit 75ecb231ff45b54afa9f4ec9137965c3c00868f4.

The callers of the functions in this commit were removed in ab8085c130ed

Remove these unused calls.

Fixes: ab8085c130ed ("crypto: x86 - remove SHA multibuffer routines and mcryptd")
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: ux500 - Fix kmap() bug
Ira Weiny [Tue, 11 Aug 2020 00:40:14 +0000 (17:40 -0700)]
crypto: ux500 - Fix kmap() bug

Once the crypto hash walk is started by crypto_hash_walk_first()
returning non-zero, crypto_hash_walk_done() must be called to unmap any
memory which was mapped by *_walk_first().

Ensure crypto_hash_walk_done() is called properly by:

1) Re-arranging the check for device data to be prior to calling
   *_walk_first()
2) on error call crypto_hash_walk_done() with an error code to
   allow the hash walk code to clean up.

While we are at it clean up the 'out' label to be more meaningful.

Signed-off-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agohwrng: intel - cleanup initialization
Tom Rix [Sun, 9 Aug 2020 15:04:23 +0000 (08:04 -0700)]
hwrng: intel - cleanup initialization

clang static analysis reports this problem

intel-rng.c:333:2: warning: Assigned value is garbage or undefined
        void __iomem *mem = mem;
        ^~~~~~~~~~~~~~~~~   ~~~

Because mem is assigned before it is used, this is not
a real problem.  But the initialization is strange and not
needed, so remove it.

Signed-off-by: Tom Rix <trix@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: caam - Move debugfs fops into standalone file
Horia Geantă [Thu, 6 Aug 2020 18:09:49 +0000 (21:09 +0300)]
crypto: caam - Move debugfs fops into standalone file

Currently the debugfs fops are defined in caam/intern.h.  This causes
problems because it creates identical static functions and variables
in multiple files.  It also creates warnings when those files don't
use the fops.

This patch moves them into a standalone file, debugfs.c.

It also removes unnecessary uses of ifdefs on CONFIG_DEBUG_FS.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[Moved most of debugfs-related operations into debugfs.c.]
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agohwrng: optee - fix wait use case
Jorge Ramirez-Ortiz [Thu, 6 Aug 2020 10:00:10 +0000 (12:00 +0200)]
hwrng: optee - fix wait use case

The current code waits for data to be available before attempting a
second read. However the second read would not be executed as the
while loop will exit.

This fix does not wait if all data has been read (skips the call to
msleep(0)) and reads a second time if partial data was retrieved on
the first read.

Worth noticing that since msleep(0) schedules a one jiffy timeout is
better to skip such a call.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agohwrng: optee - handle unlimited data rates
Jorge Ramirez-Ortiz [Thu, 6 Aug 2020 10:00:09 +0000 (12:00 +0200)]
hwrng: optee - handle unlimited data rates

Data rates of MAX_UINT32 will schedule an unnecessary one jiffy
timeout on the call to msleep. Avoid this scenario by using 0 as the
unlimited data rate.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: x86/crc32c-intel - Use CRC32 mnemonic
Uros Bizjak [Wed, 5 Aug 2020 11:17:29 +0000 (13:17 +0200)]
crypto: x86/crc32c-intel - Use CRC32 mnemonic

Current minimum required version of binutils is 2.23,
which supports CRC32 instruction mnemonic.

Replace the byte-wise specification of CRC32 with this proper mnemonic.
The compiler is now able to pass memory operand to the instruction,
so there is no need for a temporary register anymore.

Some examples of the improvement:

 12a: 48 8b 08              mov    (%rax),%rcx
 12d: f2 48 0f 38 f1 f1     crc32q %rcx,%rsi
 133: 48 83 c0 08           add    $0x8,%rax
 137: 48 39 d0              cmp    %rdx,%rax
 13a: 75 ee                 jne    12a <crc32c_intel_update+0x1a>

to:

 125: f2 48 0f 38 f1 06     crc32q (%rsi),%rax
 12b: 48 83 c6 08           add    $0x8,%rsi
 12f: 48 39 d6              cmp    %rdx,%rsi
 132: 75 f1                 jne    125 <crc32c_intel_update+0x15>

and:

 146: 0f b6 08              movzbl (%rax),%ecx
 149: f2 0f 38 f0 f1        crc32b %cl,%esi
 14e: 48 83 c0 01           add    $0x1,%rax
 152: 48 39 d0              cmp    %rdx,%rax
 155: 75 ef                 jne    146 <crc32c_intel_update+0x36>

to:

 13b: f2 0f 38 f0 02        crc32b (%rdx),%eax
 140: 48 83 c2 01           add    $0x1,%rdx
 144: 48 39 ca              cmp    %rcx,%rdx
 147: 75 f2                 jne    13b <crc32c_intel_update+0x2b>

As the compiler has some more freedom w.r.t. register allocation,
there is also a couple of reg-reg moves removed.

There are no hidden states for CRC32 insn, so there is no need to mark
assembly as volatile.

v2: Introduce CRC32_INST define.

Signed-off-by: Uros Bizjak <ubizjak@gmail.com>
CC: Herbert Xu <herbert@gondor.apana.org.au>
CC: "David S. Miller" <davem@davemloft.net>
CC: Thomas Gleixner <tglx@linutronix.de>
CC: Ingo Molnar <mingo@redhat.com>
CC: Borislav Petkov <bp@alien8.de>
CC: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: ccree - remove bitlocker cipher
Gilad Ben-Yossef [Wed, 5 Aug 2020 06:23:01 +0000 (09:23 +0300)]
crypto: ccree - remove bitlocker cipher

Remove the bitlocker cipher which is not supported by
the kernel.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: ccree - remove data unit size support
Gilad Ben-Yossef [Wed, 5 Aug 2020 06:23:00 +0000 (09:23 +0300)]
crypto: ccree - remove data unit size support

Remove the implementaion of automatic advancement of sector size in IV for
storage ciphers as its use is not supproted by the kernel.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: tcrypt - Add support for hash speed testing with keys
Herbert Xu [Wed, 5 Aug 2020 05:57:08 +0000 (15:57 +1000)]
crypto: tcrypt - Add support for hash speed testing with keys

Currently if you speed test a hash that requires a key you'll get an
error because tcrypt does not set a key by default.  This patch
allows a key to be set using the new module parameter klen.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
Christophe JAILLET [Sun, 2 Aug 2020 14:56:48 +0000 (16:56 +0200)]
crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call

Update the size used in 'dma_free_coherent()' in order to match the one
used in the corresponding 'dma_alloc_coherent()', in 'setup_crypt_desc()'.

Fixes: 81bef0150074 ("crypto: ixp4xx - Hardware crypto support for IXP4xx CPUs")
Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()
Tianjia Zhang [Sun, 2 Aug 2020 11:15:32 +0000 (19:15 +0800)]
crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()

In case of memory allocation failure, a negative error code should
be returned.

Fixes: 785e5c616c849 ("crypto: mediatek - Add crypto driver support for some MediaTek chips")
Cc: Ryder Lee <ryder.lee@mediatek.com>
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: marvell/cesa - Fix sparse warnings
Herbert Xu [Fri, 31 Jul 2020 13:55:40 +0000 (23:55 +1000)]
crypto: marvell/cesa - Fix sparse warnings

This patch fixes most sparse warnings in the cesa driver.  The only
ones remaining are to do with copying data between iomem pointers and
SG lists.

Most changes are trivial.  The following are the noteworthy ones:

- Removal of swab in mv_cesa_aes_setkey.  This appears to be bogus
as everything gets swabbed again later on so for BE this ends up
being different from LE.  The change takes the LE behaviour as the
correct one.

- next_dma in mv_cesa_tdma_chain was not swabbed.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: algif_aead - Do not set MAY_BACKLOG on the async path
Herbert Xu [Fri, 31 Jul 2020 07:03:50 +0000 (17:03 +1000)]
crypto: algif_aead - Do not set MAY_BACKLOG on the async path

The async path cannot use MAY_BACKLOG because it is not meant to
block, which is what MAY_BACKLOG does.  On the other hand, both
the sync and async paths can make use of MAY_SLEEP.

Fixes: 83094e5e9e49 ("crypto: af_alg - add async support to...")
Cc: <stable@vger.kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: algif_skcipher - EBUSY on aio should be an error
Herbert Xu [Fri, 31 Jul 2020 07:03:27 +0000 (17:03 +1000)]
crypto: algif_skcipher - EBUSY on aio should be an error

I removed the MAY_BACKLOG flag on the aio path a while ago but
the error check still incorrectly interpreted EBUSY as success.
This may cause the submitter to wait for a request that will never
complete.

Fixes: dad419970637 ("crypto: algif_skcipher - Do not set...")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: tcrypt - delete duplicated words in messages
Randy Dunlap [Fri, 31 Jul 2020 02:39:24 +0000 (19:39 -0700)]
crypto: tcrypt - delete duplicated words in messages

Drop the doubled word "failed" in pr_err() messages.

Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: engine - delete duplicated word
Randy Dunlap [Fri, 31 Jul 2020 02:39:23 +0000 (19:39 -0700)]
crypto: engine - delete duplicated word

Drop the doubled word "a".

Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: crct10dif_generic - fix duplicated words
Randy Dunlap [Fri, 31 Jul 2020 02:39:22 +0000 (19:39 -0700)]
crypto: crct10dif_generic - fix duplicated words

Change the doubled word "at" to "at a".

Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: crc32c_generic - delete and fix duplicated words
Randy Dunlap [Fri, 31 Jul 2020 02:39:21 +0000 (19:39 -0700)]
crypto: crc32c_generic - delete and fix duplicated words

Drop the doubled word "the".
Change "at at" to "at a".

Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4 years agocrypto: algif_aead - delete duplicated word
Randy Dunlap [Fri, 31 Jul 2020 02:39:19 +0000 (19:39 -0700)]
crypto: algif_aead - delete duplicated word

Drop the doubled word "is".

Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>