| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
1. Remove some macros define since it is not used.
2. Remove enum QM_HW_UNKNOWN since it is not used.
3. Remove unused member 'is_frozen' in 'hisi_qm' structure.
Signed-off-by: Weili Qian <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
In crypto4xx_cipher_done, we should be unmapping the dst page, not
mapping it.
This was flagged by a sparse warning about the unused addr variable.
While we're at it, also fix a sparse warning regarding the unused
ctx variable in crypto4xx_ahash_done (by actually using it).
Fixes: 049359d65527 ("crypto: amcc - Add crypt4xx driver")
Signed-off-by: Herbert Xu <[email protected]>
Tested-by: Christian Lamparter <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
cn10k_cpt.o, otx2_cptlf.o and otx2_cpt_mbox_common.o are linked
into both rvu_cptpf and rvu_cptvf modules:
> scripts/Makefile.build:252: ./drivers/crypto/marvell/octeontx2/Makefile:
> cn10k_cpt.o is added to multiple modules: rvu_cptpf rvu_cptvf
> scripts/Makefile.build:252: ./drivers/crypto/marvell/octeontx2/Makefile:
> otx2_cptlf.o is added to multiple modules: rvu_cptpf rvu_cptvf
> scripts/Makefile.build:252: ./drivers/crypto/marvell/octeontx2/Makefile:
> otx2_cpt_mbox_common.o is added to multiple modules: rvu_cptpf rvu_cptvf
Despite they're build under the same Kconfig option
(CONFIG_CRYPTO_DEV_OCTEONTX2_CPT), it's better do link the common
code into a standalone module and export the shared functions. Under
certain circumstances, this can lead to the same situation as fixed
by commit 637a642f5ca5 ("zstd: Fixing mixed module-builtin objects").
Plus, those three common object files are relatively big to duplicate
them several times.
Introduce the new module, rvu_cptcommon, to provide the common
functions to both modules.
Fixes: 19d8e8c7be15 ("crypto: octeontx2 - add virtual function driver support")
Suggested-by: Masahiro Yamada <[email protected]>
Signed-off-by: Alexander Lobakin <[email protected]>
Reviewed-by: Masahiro Yamada <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This driver generates a large number of sparse warnings due to
two issues.
First of all the structure nx842_devdata is defined inline causing
the __rcu tag to be added to all users of it. This easily fixed by
splitting up the struct definition.
The second issue is with kdoc markers being incomplete. The trivial
case of nx842_exec_vas has been fixed, while the other incomplete
documentation has simply been downgraded to normal C comments.
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch does the final flag day conversion of all completion
functions which are now all contained in the Crypto API.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
Reviewed-by: Giovanni Cabiddu <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
Acked-by: Tom Lendacky <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
Acked-by: Jesper Nilsson <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the request_complete helpers instead of calling the completion
function directly.
Signed-off-by: Herbert Xu <[email protected]>
|
|
There is no need to use GFP_ATOMIC here. GFP_KERNEL is already used for
another memory allocation just the line after.
Signed-off-by: Christophe JAILLET <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch fixes following warnings:
1. sparse: incorrect type in assignment (different base types)
Fix: change to __le32 type.
2. sparse: cast removes address space '__iomem' of expression
Fix: use readb to avoid dereferencing the memory.
Signed-off-by: Neal Liu <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The functions qat_crypto_get_instance_node() and
qat_compression_get_instance_node() allow to get a QAT instance (ring
pair) on a device close to the node specified as input parameter.
When this is not possible, and a QAT device is available in the system,
these function return an instance on a remote node and they print a
message reporting that it is not possible to find a device on the specified
node. This is interpreted by people as an error rather than an info.
The print "Could not find a device on node" indicates that a kernel
application is running on a core in a socket that does not have a QAT
device directly attached to it and performance might suffer.
Due to the nature of the message, this can be considered as a debug
message, therefore drop the severity to debug and report it only once
to avoid flooding.
Suggested-by: Vladis Dronov <[email protected]>
Signed-off-by: Giovanni Cabiddu <[email protected]>
Reviewed-by: Fiona Trahe <[email protected]>
Reviewed-by: Vladis Dronov <[email protected]>
Tested-by: Vladis Dronov <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
When preparing an AER-CTR request, the driver copies the key provided by
the user into a data structure that is accessible by the firmware.
If the target device is QAT GEN4, the key size is rounded up by 16 since
a rounded up size is expected by the device.
If the key size is rounded up before the copy, the size used for copying
the key might be bigger than the size of the region containing the key,
causing an out-of-bounds read.
Fix by doing the copy first and then update the keylen.
This is to fix the following warning reported by KASAN:
[ 138.150574] BUG: KASAN: global-out-of-bounds in qat_alg_skcipher_init_com.isra.0+0x197/0x250 [intel_qat]
[ 138.150641] Read of size 32 at addr ffffffff88c402c0 by task cryptomgr_test/2340
[ 138.150651] CPU: 15 PID: 2340 Comm: cryptomgr_test Not tainted 6.2.0-rc1+ #45
[ 138.150659] Hardware name: Intel Corporation ArcherCity/ArcherCity, BIOS EGSDCRB1.86B.0087.D13.2208261706 08/26/2022
[ 138.150663] Call Trace:
[ 138.150668] <TASK>
[ 138.150922] kasan_check_range+0x13a/0x1c0
[ 138.150931] memcpy+0x1f/0x60
[ 138.150940] qat_alg_skcipher_init_com.isra.0+0x197/0x250 [intel_qat]
[ 138.151006] qat_alg_skcipher_init_sessions+0xc1/0x240 [intel_qat]
[ 138.151073] crypto_skcipher_setkey+0x82/0x160
[ 138.151085] ? prepare_keybuf+0xa2/0xd0
[ 138.151095] test_skcipher_vec_cfg+0x2b8/0x800
Fixes: 67916c951689 ("crypto: qat - add AES-CTR support for QAT GEN4 devices")
Cc: <[email protected]>
Reported-by: Vladis Dronov <[email protected]>
Signed-off-by: Giovanni Cabiddu <[email protected]>
Reviewed-by: Fiona Trahe <[email protected]>
Reviewed-by: Vladis Dronov <[email protected]>
Tested-by: Vladis Dronov <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
id is unused in atmel_i2c_probe() and the callers have extra efforts to
determine the right parameter. So drop the parameter simplifying both
atmel_i2c_probe() and its callers.
Signed-off-by: Uwe Kleine-König <[email protected]>
Reviewed-by: Tudor Ambarus <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch replaces the custom crypto completion function with
crypto_req_done.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Replace direct modifications to vma->vm_flags with calls to modifier
functions to be able to track flag changes and to keep vma locking
correctness.
[[email protected]: fix drivers/misc/open-dice.c, per Hyeonggon Yoo]
Link: https://lkml.kernel.org/r/[email protected]
Signed-off-by: Suren Baghdasaryan <[email protected]>
Acked-by: Michal Hocko <[email protected]>
Acked-by: Mel Gorman <[email protected]>
Acked-by: Mike Rapoport (IBM) <[email protected]>
Acked-by: Sebastian Reichel <[email protected]>
Reviewed-by: Liam R. Howlett <[email protected]>
Reviewed-by: Hyeonggon Yoo <[email protected]>
Cc: Andy Lutomirski <[email protected]>
Cc: Arjun Roy <[email protected]>
Cc: Axel Rasmussen <[email protected]>
Cc: David Hildenbrand <[email protected]>
Cc: David Howells <[email protected]>
Cc: Davidlohr Bueso <[email protected]>
Cc: David Rientjes <[email protected]>
Cc: Eric Dumazet <[email protected]>
Cc: Greg Thelen <[email protected]>
Cc: Hugh Dickins <[email protected]>
Cc: Ingo Molnar <[email protected]>
Cc: Jann Horn <[email protected]>
Cc: Joel Fernandes <[email protected]>
Cc: Johannes Weiner <[email protected]>
Cc: Kent Overstreet <[email protected]>
Cc: Laurent Dufour <[email protected]>
Cc: Lorenzo Stoakes <[email protected]>
Cc: Matthew Wilcox <[email protected]>
Cc: Minchan Kim <[email protected]>
Cc: Paul E. McKenney <[email protected]>
Cc: Peter Oskolkov <[email protected]>
Cc: Peter Xu <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Cc: Punit Agrawal <[email protected]>
Cc: Sebastian Andrzej Siewior <[email protected]>
Cc: Shakeel Butt <[email protected]>
Cc: Soheil Hassas Yeganeh <[email protected]>
Cc: Song Liu <[email protected]>
Cc: Vlastimil Babka <[email protected]>
Cc: Will Deacon <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
|
|
It turns out we can just modify the newer STM32 HASH driver
to be used with Ux500 and now that we have done that, delete
the old and sparsely maintained Ux500 HASH driver.
Signed-off-by: Linus Walleij <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The Ux500 has a hash block which is an ancestor to the STM32
hash block. With some minor code path additions we can
support also this variant in the STM32 driver. Differences:
- Ux500 only supports SHA1 and SHA256 (+/- MAC) so we split
up the algorithm registration per-algorithm and register
each algorithm along with its MAC variant separately.
- Ux500 does not have an interrupt to indicate that hash
calculation is complete, so we add code paths to handle
polling for completion if the interrupt is missing in the
device tree.
- Ux500 is lacking the SR status register, to check if an
operating is complete, we need to poll the HASH_STR_DCAL
bit in the HASH_STR register instead.
- Ux500 had the resulting hash at address offset 0x0c and
8 32bit registers ahead. We account for this with a special
code path when reading out the hash digest.
- Ux500 need a special bit set in the control register before
performing the final hash calculation on an empty message.
- Ux500 hashes on empty messages will be performed if the
above bit is set, but are incorrect. For this reason we
just make an inline synchronous hash using a fallback
hash.
Tested on the Ux500 Golden device with the extended tests.
Acked-by: Lionel Debieve <[email protected]>
Signed-off-by: Linus Walleij <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
When calculating the hash using the CPU, right before the final
hash calculation, heavy testing on Ux500 reveals that it is wise
to wait for the hardware to go idle before calculating the
final hash.
The default test vectors mostly worked fine, but when I used the
extensive tests and stress the hardware I ran into this problem.
Acked-by: Lionel Debieve <[email protected]>
Signed-off-by: Linus Walleij <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
When exporting state we are waiting indefinitely in the same
was as the ordinary stm32_hash_wait_busy() poll-for-completion
function but without a timeout, which means we could hang in
an eternal loop. Fix this by waiting for completion like the
rest of the code.
Acked-by: Lionel Debieve <[email protected]>
Signed-off-by: Linus Walleij <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
We are passing (rctx->flags & HASH_FLAGS_FINUP) as indicator
for the final request but we already know this to be true since
we are in the (final) arm of an if-statement set from the same
flag. Just open-code it as true.
Acked-by: Lionel Debieve <[email protected]>
Signed-off-by: Linus Walleij <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch replaces the custom crypto completion function with
crypto_req_done.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use cpu_to_be32 instead of be32_to_cpu in img_hash_read_result_queue
to silence sparse. The generated code should be identical.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Perform a cache flush on the SEV-ES TMR memory after allocation to prevent
any possibility of the firmware encountering an error should dirty cache
lines be present. Use clflush_cache_range() to flush the SEV-ES TMR memory.
Fixes: 97f9ac3db661 ("crypto: ccp - Add support for SEV-ES to the PSP driver")
Signed-off-by: Tom Lendacky <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The ZLIB format (RFC 1950) is made of deflate compressed data surrounded
by a header and a footer. The QAT accelerators support only the deflate
algorithm, therefore the header and the footer need to be inserted in
software.
This adds logic in the QAT driver to support the ZLIB format. In
particular:
* Generalize the function qat_comp_alg_compress_decompress() to allow
skipping an initial region (header) of the source and/or destination
scatter lists.
* Add logic to register the qat_zlib_deflate algorithm into the acomp
framework.
* For ZLIB compression, skip the initial portion of the destination
buffer before sending the job to the QAT accelerator and insert the
ZLIB header and footer in the callback, after the QAT request has
been processed.
* For ZLIB decompression, parse the header in the input buffer
provided by the user and verify its validity before attempting the
decompression of the buffer with QAT. Then submit the buffer to QAT
for decompression. In the callback verify the correctness of the
footer by comparing the value of the ADLER produced by QAT with the
one in the destination buffer.
Signed-off-by: Lucas Segarra Fernandez <[email protected]>
Reviewed-by: Giovanni Cabiddu <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Extend qat_bl_sgl_to_bufl() to allow skipping the mapping of a region
of the source and the destination scatter lists starting from byte
zero.
This is to support the ZLIB format (RFC 1950) in the qat driver.
The ZLIB format is made of deflate compressed data surrounded by a
header and a footer. The QAT accelerators support only the deflate
algorithm, therefore the header should not be mapped since it is
inserted in software.
Signed-off-by: Lucas Segarra Fernandez <[email protected]>
Reviewed-by: Giovanni Cabiddu <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
To work around a Clang __builtin_object_size bug that shows up under
CONFIG_FORTIFY_SOURCE and UBSAN_BOUNDS, move the per-loop-iteration
mem_block wipe into a single wipe of the entire pool structure after
the loop.
Reported-by: Nathan Chancellor <[email protected]>
Link: https://github.com/ClangBuiltLinux/linux/issues/1780
Cc: Weili Qian <[email protected]>
Cc: Zhou Wang <[email protected]>
Cc: Herbert Xu <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: [email protected]
Signed-off-by: Kees Cook <[email protected]>
Tested-by: Nathan Chancellor <[email protected]> # build
Link: https://lore.kernel.org/r/[email protected]
|
|
Instead of calling the base completion function directly, use the
correct ahash helper which is ahash_request_complete.
Signed-off-by: Herbert Xu <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Instead of doing saving and restoring on the AEAD request object
for fallback processing, use a subrequest instead.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Convert platform_get_resource(), devm_ioremap_resource() to a single
call to devm_platform_get_and_ioremap_resource(), as this is exactly
what this function does.
Signed-off-by: ye xingchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
aspeed_acry_akcipher_algs is only used in aspeed-acry.c now,
change it to static.
Signed-off-by: Yang Yingliang <[email protected]>
Acked-by: Andrew Jeffery <[email protected]>
Reviewed-by: Neal Liu <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add a new MODULE_FIRMWARE() entry for 4th generation EPYC processors.
Signed-off-by: Tom Lendacky <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add comments next to the version data MMIO register values to identify
the register name being used.
Signed-off-by: Tom Lendacky <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|