- 31 3月, 2015 19 次提交
-
-
由 Stephan Mueller 提交于
The mcryptd is used as a wrapper around internal ciphers. Therefore, the mcryptd must process the internal cipher by marking mcryptd as internal if the underlying cipher is an internal cipher. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all 64 bit ARMv8 AES helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all ARMv8 AES helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all NEON bit sliced AES helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all Twofish AVX helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all Serpent SSE2 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all Serpent AVX helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all Serpent AVX2 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all CAST6 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all AVX Camellia helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all CAST5 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all AES-NI Camellia helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all GHASH ARMv8 vmull.p64 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all ash clmulni helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Flag all AES-NI helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
With ciphers that now cannot be accessed via the kernel crypto API, callers shall be able to identify the ciphers that are not callable. The /proc/crypto file is added a boolean field identifying that such internal ciphers. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
The cryptd is used as a wrapper around internal ciphers. Therefore, the cryptd must process the internal cipher by marking cryptd as internal if the underlying cipher is an internal cipher. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Allocate the ciphers irrespectively if they are marked as internal or not. As all ciphers, including the internal ciphers will be processed by the testmgr, it needs to be able to allocate those ciphers. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Several hardware related cipher implementations are implemented as follows: a "helper" cipher implementation is registered with the kernel crypto API. Such helper ciphers are never intended to be called by normal users. In some cases, calling them via the normal crypto API may even cause failures including kernel crashes. In a normal case, the "wrapping" ciphers that use the helpers ensure that these helpers are invoked such that they cannot cause any calamity. Considering the AF_ALG user space interface, unprivileged users can call all ciphers registered with the crypto API, including these helper ciphers that are not intended to be called directly. That means, with AF_ALG user space may invoke these helper ciphers and may cause undefined states or side effects. To avoid any potential side effects with such helpers, the patch prevents the helpers to be called directly. A new cipher type flag is added: CRYPTO_ALG_INTERNAL. This flag shall be used to mark helper ciphers. These ciphers can only be used if the caller invoke the cipher with CRYPTO_ALG_INTERNAL in the type and mask field. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 24 3月, 2015 1 次提交
-
-
由 Ard Biesheuvel 提交于
This fixes a bug in the new v8 Crypto Extensions GHASH code that only manifests itself in big-endian mode. Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 23 3月, 2015 6 次提交
-
-
由 Dan Carpenter 提交于
"hdev->req->nbytes" is an unsigned int so we so we lose the upper 3 bits to the shift wrap bug. Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Dan Carpenter 提交于
GCC complains about that %u is the wrong format string for size_t and also that "ret" is unused. Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Allan, Bruce W 提交于
Convert pr_info() and pr_err() log messages to dev_info() and dev_err(), respectively, where able. This adds the module name and PCI B:D:F to indicate which QAT device generated the log message. The "QAT:" is removed from these log messages as that is now unnecessary. A few of these log messages have additional spelling/contextual fixes. Signed-off-by: NBruce Allan <bruce.w.allan@intel.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Allan, Bruce W 提交于
Signed-off-by: NBruce Allan <bruce.w.allan@intel.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Allan, Bruce W 提交于
This define is a duplicate of the one in ./include/linux/pci_ids.h Signed-off-by: NBruce Allan <bruce.w.allan@intel.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 James Hartley 提交于
The Kconfig entry for CRYPTO_DEV_IMGTEC_HASH incorrectly selects CRYPTO_SHA224, which does not exist (and is covered by CRYPTO_SHA256 which covers both 224 and 256). Remove it. Also correct typo CRYPTO_ALG_API to be CRYPTO_ALGPI. Reported-by: NValentin Rothberg <valentinrothberg@gmail.com> Signed-off-by: NJames Hartley <james.hartley@imgtec.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 20 3月, 2015 1 次提交
-
-
由 mancha security 提交于
OPTIMIZER_HIDE_VAR(), as defined when using gcc, is insufficient to ensure protection from dead store optimization. For the random driver and crypto drivers, calls are emitted ... $ gdb vmlinux (gdb) disassemble memzero_explicit Dump of assembler code for function memzero_explicit: 0xffffffff813a18b0 <+0>: push %rbp 0xffffffff813a18b1 <+1>: mov %rsi,%rdx 0xffffffff813a18b4 <+4>: xor %esi,%esi 0xffffffff813a18b6 <+6>: mov %rsp,%rbp 0xffffffff813a18b9 <+9>: callq 0xffffffff813a7120 <memset> 0xffffffff813a18be <+14>: pop %rbp 0xffffffff813a18bf <+15>: retq End of assembler dump. (gdb) disassemble extract_entropy [...] 0xffffffff814a5009 <+313>: mov %r12,%rdi 0xffffffff814a500c <+316>: mov $0xa,%esi 0xffffffff814a5011 <+321>: callq 0xffffffff813a18b0 <memzero_explicit> 0xffffffff814a5016 <+326>: mov -0x48(%rbp),%rax [...] ... but in case in future we might use facilities such as LTO, then OPTIMIZER_HIDE_VAR() is not sufficient to protect gcc from a possible eviction of the memset(). We have to use a compiler barrier instead. Minimal test example when we assume memzero_explicit() would *not* be a call, but would have been *inlined* instead: static inline void memzero_explicit(void *s, size_t count) { memset(s, 0, count); <foo> } int main(void) { char buff[20]; snprintf(buff, sizeof(buff) - 1, "test"); printf("%s", buff); memzero_explicit(buff, sizeof(buff)); return 0; } With <foo> := OPTIMIZER_HIDE_VAR(): (gdb) disassemble main Dump of assembler code for function main: [...] 0x0000000000400464 <+36>: callq 0x400410 <printf@plt> 0x0000000000400469 <+41>: xor %eax,%eax 0x000000000040046b <+43>: add $0x28,%rsp 0x000000000040046f <+47>: retq End of assembler dump. With <foo> := barrier(): (gdb) disassemble main Dump of assembler code for function main: [...] 0x0000000000400464 <+36>: callq 0x400410 <printf@plt> 0x0000000000400469 <+41>: movq $0x0,(%rsp) 0x0000000000400471 <+49>: movq $0x0,0x8(%rsp) 0x000000000040047a <+58>: movl $0x0,0x10(%rsp) 0x0000000000400482 <+66>: xor %eax,%eax 0x0000000000400484 <+68>: add $0x28,%rsp 0x0000000000400488 <+72>: retq End of assembler dump. As can be seen, movq, movq, movl are being emitted inlined via memset(). Reference: http://thread.gmane.org/gmane.linux.kernel.cryptoapi/13764/ Fixes: d4c5efdb ("random: add and use memzero_explicit() for clearing data") Cc: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Nmancha security <mancha1@zoho.com> Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net> Acked-by: NHannes Frederic Sowa <hannes@stressinduktion.org> Acked-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 18 3月, 2015 1 次提交
-
-
由 Keith Packard 提交于
Hardware random number quality is measured from 0 (no entropy) to 1024 (perfect entropy). Allow hardware devices to assert the full range by truncating the device-provided value at 1024 instead of 1023. Signed-off-by: NKeith Packard <keithp@keithp.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 17 3月, 2015 3 次提交
-
-
由 Herbert Xu 提交于
crypto: img-hash - Add missing semicolon to fix build error There is a missing semicolon after MODULE_DEVICE_TABLE. Reported-by: NStephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Andre Wolokita 提交于
omap4_rng_init() checks bit 10 of the RNG_CONFIG_REG to determine whether the RNG is already running before performing any initiliasation. This is not the correct register to check, as the enable bit is in RNG_CONFIG_CONTROL. Read from RNG_CONTROL_REG instead. Signed-off-by: NAndre Wolokita <Andre.Wolokita@analog.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Andre Wolokita 提交于
In omap4_rng_init(), a check of bit 10 of the RNG_CONFIG_REG is done to determine whether the RNG is running. This is suspicious firstly due to the use of RNG_CONTROL_ENABLE_TRNG_MASK and secondly because the same mask is written to RNG_CONTROL_REG after configuration of the FROs. Similar suspicious logic is repeated in omap4_rng_cleanup() when RNG_CONTROL_REG masked with RNG_CONTROL_ENABLE_TRNG_MASK is read, the same mask bit is cleared, and then written to RNG_CONFIG_REG. Unless the TRNG is enabled with one bit in RNG_CONTROL and disabled with another in RNG_CONFIG and these bits are mirrored in some way, I believe that the TRNG is not really shutting off. Apart from the strange logic, I have reason to suspect that the OMAP4 related code in this driver is driving an Inside Secure IP hardware RNG and strongly suspect that bit 10 of RNG_CONFIG_REG is one of the bits configuring the sampling rate of the FROs. This option is by default set to 0 and is not being set anywhere in omap-rng.c. Reading this bit during omap4_rng_init() will always return 0. It will remain 0 because ~(value of TRNG_MASK in control) will always be 0, because the TRNG is never shut off. This is of course presuming that the OMAP4 features the Inside Secure IP. I'm interested in knowing what the guys at TI think about this, as only they can confirm or deny the detailed structure of these registers. Signed-off-by: NAndre Wolokita <Andre.Wolokita@analog.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
- 16 3月, 2015 9 次提交
-
-
由 Ameen Ali 提交于
fixing a syntax-error . Signed-off-by: NAmeen Ali <AmeenAli023@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Stephan Mueller 提交于
Due to the change to RNGs to always return zero in success case, the RNG interface must zeroize the buffer with the length provided by the caller. Signed-off-by: NStephan Mueller <smueller@chronox.de> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 James Hartley 提交于
This adds the binding documentation for the Imagination Technologies hash accelerator that provides hardware acceleration for SHA1/SHA224/SHA256/MD5 hashes. This hardware will be present in the upcoming pistachio SoC. Signed-off-by: NJames Hartley <james.hartley@imgtec.com> Reviewed-by: NAndrew Bresticker <abrestic@chromium.org> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 James Hartley 提交于
This adds support for the Imagination Technologies hash accelerator which provides hardware acceleration for SHA1 SHA224 SHA256 and MD5 hashes. Signed-off-by: NJames Hartley <james.hartley@imgtec.com> Reviewed-by: NAndrew Bresticker <abrestic@chromium.org> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Dmitry Torokhov 提交于
This allows us to get rid of driver's remove() method. Signed-off-by: NDmitry Torokhov <dmitry.torokhov@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Dmitry Torokhov 提交于
Instead of using static hwrng structure that is reused between binds/unbinds of the device let's embed it into driver's private structure that we allocate. This way we are guaranteed not to stumble onto something left from previous bind attempt. Signed-off-by: NDmitry Torokhov <dmitry.torokhov@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Dmitry Torokhov 提交于
This allows us to get rid of remove() method. Signed-off-by: NDmitry Torokhov <dmitry.torokhov@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Dmitry Torokhov 提交于
This allows us to get rid of remove() method. Signed-off-by: NDmitry Torokhov <dmitry.torokhov@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-
由 Dmitry Torokhov 提交于
This change converts bcm63xx-rng to use devm* API for managing all resources, which allows us to dispense with the rest of error handling path and remove() function. Also we combine hwern and driver-private data into a single allocation, use clk_prepare_enable() instead of "naked" clk_enable() and move clock enabling/disabling into hwrnd inti(0 and cleanup() methods so the clock stays off until rng is used. Signed-off-by: NDmitry Torokhov <dmitry.torokhov@gmail.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
-