1. 01 3月, 2015 1 次提交
  2. 27 2月, 2015 1 次提交
  3. 11 2月, 2015 1 次提交
    • L
      crypto: fix af_alg_make_sg() conversion to iov_iter · 9399f0c5
      Linus Torvalds 提交于
      Commit 1d10eb2f ("crypto: switch af_alg_make_sg() to iov_iter")
      broke af_alg_make_sg() and skcipher_recvmsg() in the process of moving
      them to the iov_iter interfaces.  The 'npages' calculation in the formar
      calculated the number of *bytes* in the pages, and in the latter case
      the conversion didn't re-read the value of 'ctx->used' after waiting for
      it to become non-zero.
      
      This reverts to the original code for both these cases.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: David Miller <davem@davemloft.net>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      9399f0c5
  4. 04 2月, 2015 4 次提交
  5. 26 1月, 2015 2 次提交
  6. 20 1月, 2015 3 次提交
  7. 14 1月, 2015 1 次提交
  8. 13 1月, 2015 2 次提交
    • R
      crypto: testmgr - don't use interruptible wait in tests · 8a45ac12
      Rabin Vincent 提交于
      tcrypt/testmgr uses wait_for_completion_interruptible() everywhere when
      it waits for a request to be completed.  If it's interrupted, then the
      test is aborted and the request is freed.
      
      However, if any of these calls actually do get interrupted, the result
      will likely be a kernel crash, when the driver handles the now-freed
      request.  Use wait_for_completion() instead.
      Signed-off-by: NRabin Vincent <rabin.vincent@axis.com>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      8a45ac12
    • M
      crypto: add missing crypto module aliases · 3e14dcf7
      Mathias Krause 提交于
      Commit 5d26a105 ("crypto: prefix module autoloading with "crypto-"")
      changed the automatic module loading when requesting crypto algorithms
      to prefix all module requests with "crypto-". This requires all crypto
      modules to have a crypto specific module alias even if their file name
      would otherwise match the requested crypto algorithm.
      
      Even though commit 5d26a105 added those aliases for a vast amount of
      modules, it was missing a few. Add the required MODULE_ALIAS_CRYPTO
      annotations to those files to make them get loaded automatically, again.
      This fixes, e.g., requesting 'ecb(blowfish-generic)', which used to work
      with kernels v3.18 and below.
      
      Also change MODULE_ALIAS() lines to MODULE_ALIAS_CRYPTO(). The former
      won't work for crypto modules any more.
      
      Fixes: 5d26a105 ("crypto: prefix module autoloading with "crypto-"")
      Cc: Kees Cook <keescook@chromium.org>
      Signed-off-by: NMathias Krause <minipli@googlemail.com>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      3e14dcf7
  9. 05 1月, 2015 1 次提交
  10. 29 12月, 2014 2 次提交
    • S
      crypto: algif_rng - enable RNG interface compilation · 2f375538
      Stephan Mueller 提交于
      Enable compilation of the RNG AF_ALG support and provide a Kconfig
      option to compile the RNG AF_ALG support.
      Signed-off-by: NStephan Mueller <smueller@chronox.de>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      2f375538
    • S
      crypto: algif_rng - add random number generator support · 5afdfd22
      Stephan Mueller 提交于
      This patch adds the random number generator support for AF_ALG.
      
      A random number generator's purpose is to generate data without
      requiring the caller to provide any data. Therefore, the AF_ALG
      interface handler for RNGs only implements a callback handler for
      recvmsg.
      
      The following parameters provided with a recvmsg are processed by the
      RNG callback handler:
      
      	* sock - to resolve the RNG context data structure accessing the
      	  RNG instance private to the socket
      
      	* len - this parameter allows userspace callers to specify how
      	  many random bytes the RNG shall produce and return. As the
      	  kernel context for the RNG allocates a buffer of 128 bytes to
      	  store random numbers before copying them to userspace, the len
      	  parameter is checked that it is not larger than 128. If a
      	  caller wants more random numbers, a new request for recvmsg
      	  shall be made.
      
      The size of 128 bytes is chose because of the following considerations:
      
      	* to increase the memory footprint of the kernel too much (note,
      	  that would be 128 bytes per open socket)
      
      	* 128 is divisible by any typical cryptographic block size an
      	  RNG may have
      
      	* A request for random numbers typically only shall supply small
      	  amount of data like for keys or IVs that should only require
      	  one invocation of the recvmsg function.
      
      Note, during instantiation of the RNG, the code checks whether the RNG
      implementation requires seeding. If so, the RNG is seeded with output
      from get_random_bytes.
      
      A fully working example using all aspects of the RNG interface is
      provided at http://www.chronox.de/libkcapi.htmlSigned-off-by: NStephan Mueller <smueller@chronox.de>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      5afdfd22
  11. 26 12月, 2014 1 次提交
  12. 24 12月, 2014 1 次提交
  13. 22 12月, 2014 9 次提交
  14. 11 12月, 2014 1 次提交
  15. 10 12月, 2014 1 次提交
    • A
      put iov_iter into msghdr · c0371da6
      Al Viro 提交于
      Note that the code _using_ ->msg_iter at that point will be very
      unhappy with anything other than unshifted iovec-backed iov_iter.
      We still need to convert users to proper primitives.
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      c0371da6
  16. 05 12月, 2014 2 次提交
  17. 02 12月, 2014 1 次提交
    • S
      crypto: algif_skcipher - initialize upon init request · f26b7b80
      Stephan Mueller 提交于
      When using the algif_skcipher, the following call sequence causess a
      re-initialization:
      
      1. sendmsg with ALG_SET_OP and iov == NULL, iovlen == 0 (i.e
      initializing the cipher, but not sending data)
      
      2. sendmsg with msg->msg-controllen == 0 and iov != NULL (using the initalized
      cipher handle by sending data)
      
      In step 2, the cipher operation type (encryption or decryption) is reset
      to always decryption, because the local variable of enc is put into
      ctx->enc as ctx->user is still zero.
      
      The same applies when all send data is processed and ctx->used falls to
      zero followed by user space to send new data.
      
      This patch changes the behavior to only reset the cipher operation type
      (and the IV) if such configuration request is received.
      Signed-off-by: NStephan Mueller <smueller@chronox.de>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      f26b7b80
  18. 01 12月, 2014 1 次提交
  19. 28 11月, 2014 1 次提交
  20. 27 11月, 2014 1 次提交
  21. 26 11月, 2014 3 次提交