- 20 10月, 2015 2 次提交
-
-
由 Russell King 提交于
Currently, we read/write the state in CPU endian, but on the final request, we convert its endian according to the requested algorithm. (md5 is little endian, SHA are big endian.) Always keep creq->state in CPU native endian format, and perform the necessary conversion when copying the hash to the result. Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Russell King 提交于
There's an easier way to get at the hash transform - rather than using crypto_ahash_tfm(ahash), we can get it directly from req->base.tfm. Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 14 10月, 2015 4 次提交
-
-
由 Russell King 提交于
As all the import functions and export functions are virtually identical, factor out their common parts into a generic mv_cesa_ahash_import() and mv_cesa_ahash_export() respectively. This performs the actual import or export, and we pass the data pointers and length into these functions. We have to switch a % const operation to do_div() in the common import function to avoid provoking gcc to use the expensive 64-bit by 64-bit modulus operation. Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk> Acked-by: NBoris Brezillon <boris.brezillon@free-electrons.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Russell King 提交于
Attempting to use the sha1 digest for openssh via openssl reveals that the result from the hash is wrong: this happens when we export the state from one socket and import it into another via calling accept(). The reason for this is because the operation is reset to "initial block" state, whereas we may be past the first fragment of data to be hashed. Arrange for the operation code to avoid the initialisation of the state, thereby preserving the imported state. Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk> Acked-by: NBoris Brezillon <boris.brezillon@free-electrons.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Russell King 提交于
When a AF_ALG fd is accepted a second time (hence hash_accept() is used), hash_accept_parent() allocates a new private context using sock_kmalloc(). This context is uninitialised. After use of the new fd, we eventually end up with the kernel complaining: marvell-cesa f1090000.crypto: dma_pool_free cesa_padding, c0627770/0 (bad dma) where c0627770 is a random address. Poisoning the memory allocated by the above sock_kmalloc() produces kernel oopses within the marvell hash code, particularly the interrupt handling. The following simplfied call sequence occurs: hash_accept() crypto_ahash_export() marvell hash export function af_alg_accept() hash_accept_parent() <== allocates uninitialised struct hash_ctx crypto_ahash_import() marvell hash import function hash_ctx contains the struct mv_cesa_ahash_req in its req.__ctx member, and, as the marvell hash import function only partially initialises this structure, we end up with a lot of members which are left with whatever data was in memory prior to sock_kmalloc(). Add zero-initialisation of this structure. Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk> Acked-by: NBoris Brezillon <boris.brezillon@free-electronc.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Russell King 提交于
Several of the algorithms in marvell/hash.c have a statesize of zero. When an AF_ALG accept() on an already-accepted file descriptor to calls into hash_accept(), this causes: char state[crypto_ahash_statesize(crypto_ahash_reqtfm(req))]; to be zero-sized, but we still pass this to: err = crypto_ahash_export(req, state); which proceeds to write to 'state' as if it was a "struct md5_state", "struct sha1_state" etc. Add the necessary initialisers for the .statesize member. Acked-by: NBoris Brezillon <boris.brezillon@free-electrons.com> Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 19 6月, 2015 4 次提交
-
-
由 Arnaud Ebalard 提交于
Add support for SHA256 operations. Signed-off-by: NArnaud Ebalard <arno@natisbad.org> Signed-off-by: NBoris Brezillon <boris.brezillon@free-electrons.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Arnaud Ebalard 提交于
Add support for MD5 operations. Signed-off-by: NArnaud Ebalard <arno@natisbad.org> Signed-off-by: NBoris Brezillon <boris.brezillon@free-electrons.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Boris BREZILLON 提交于
The CESA IP supports CPU offload through a dedicated DMA engine (TDMA) which can control the crypto block. When you use this mode, all the required data (operation metadata and payload data) are transferred using DMA, and the results are retrieved through DMA when possible (hash results are not retrieved through DMA yet), thus reducing the involvement of the CPU and providing better performances in most cases (for small requests, the cost of DMA preparation might exceed the performance gain). Note that some CESA IPs do not embed this dedicated DMA, hence the activation of this feature on a per platform basis. Signed-off-by: NBoris Brezillon <boris.brezillon@free-electrons.com> Signed-off-by: NArnaud Ebalard <arno@natisbad.org> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Boris BREZILLON 提交于
The existing mv_cesa driver supports some features of the CESA IP but is quite limited, and reworking it to support new features (like involving the TDMA engine to offload the CPU) is almost impossible. This driver has been rewritten from scratch to take those new features into account. This commit introduce the base infrastructure allowing us to add support for DMA optimization. It also includes support for one hash (SHA1) and one cipher (AES) algorithm, and enable those features on the Armada 370 SoC. Other algorithms and platforms will be added later on. Signed-off-by: NBoris Brezillon <boris.brezillon@free-electrons.com> Signed-off-by: NArnaud Ebalard <arno@natisbad.org> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-