1. 28 2月, 2020 14 次提交
  2. 12 2月, 2020 2 次提交
  3. 08 2月, 2020 2 次提交
  4. 04 2月, 2020 5 次提交
  5. 01 2月, 2020 3 次提交
  6. 31 1月, 2020 4 次提交
  7. 30 1月, 2020 7 次提交
    • H
      s390/pkey/zcrypt: Support EP11 AES secure keys · 55d0a513
      Harald Freudenberger 提交于
      Extend the low level ep11 misc functions implementation by
      several functions to support EP11 key objects for paes and pkey:
      - EP11 AES secure key generation
      - EP11 AES secure key generation from given clear key value
      - EP11 AES secure key blob check
      - findcard function returns list of apqns based on given criterias
      - EP11 AES secure key derive to CPACF protected key
      
      Extend the pkey module to be able to generate and handle EP11
      secure keys and also use them as base for deriving protected
      keys for CPACF usage. These ioctls are extended to support
      EP11 keys: PKEY_GENSECK2, PKEY_CLR2SECK2, PKEY_VERIFYKEY2,
      PKEY_APQNS4K, PKEY_APQNS4KT, PKEY_KBLOB2PROTK2.
      
      Additionally the 'clear key' token to protected key now uses
      an EP11 card if the other ways (via PCKMO, via CCA) fail.
      
      The PAES cipher implementation needed a new upper limit for
      the max key size, but is now also working with EP11 keys.
      Signed-off-by: NHarald Freudenberger <freude@linux.ibm.com>
      Signed-off-by: NVasily Gorbik <gor@linux.ibm.com>
      55d0a513
    • H
      s390/zcrypt: ep11 structs rework, export zcrypt_send_ep11_cprb · a7367997
      Harald Freudenberger 提交于
      Minor rework for struct ep11_cprb and struct ep11_urb. Use of u8, u16,
      u32 instead of unsigned char. Declare pointers to mem from userspace
      with __user to give sparse a chance to check.
      
      Export zcrypt_send_ep11_cprb() function as this function will be
      called by code in progress which will build ep11 cprbs within the
      zcrypt device driver zoo and send them to EP11 crypto cards.
      Signed-off-by: NHarald Freudenberger <freude@linux.ibm.com>
      Signed-off-by: NVasily Gorbik <gor@linux.ibm.com>
      a7367997
    • H
      s390/zcrypt: enable card/domain autoselect on ep11 cprbs · 8f291ebf
      Harald Freudenberger 提交于
      For EP11 CPRBs there was only to choose between specify
      one or more ep11 targets or not give a target at all. Without
      any target the zcrypt code assumed AUTOSELECT. For EP11 this
      ended up in choosing any EP11 APQN with regards to the weight.
      
      However, CCA CPRBs can have a more fine granular target
      addressing. The caller can give 0xFFFF as AUTOSELECT for
      the card and/or the domain. So it's possible to address
      any card but domain given or any domain but card given.
      
      This patch now introduces the very same for EP11 CPRB handling.
      An EP11 target entry now may contain 0xFFFF as card and/or
      domain value with the meaning of ANY card or domain. So
      now the same behavior as with CCA CPRBs becomes possible:
      Address any card with given domain or address any domain within
      given card.
      
      For convenience the zcrypt.h header file now has two new
      defines AUTOSEL_AP and AUTOSEL_DOM covering the 0xFFFF
      value to address card any and domain any.
      Signed-off-by: NHarald Freudenberger <freude@linux.ibm.com>
      Signed-off-by: NVasily Gorbik <gor@linux.ibm.com>
      8f291ebf
    • H
      s390/crypto: enable clear key values for paes ciphers · 7f820d05
      Harald Freudenberger 提交于
      With this patch the paes ciphers do accept AES clear key values of
      size 16, 24 or 32 byte. The key value is internal rearranged to form a
      paes clear key token so that the pkey kernel module recognizes and
      handles this key material as source for protected keys.
      
      Using clear key material as a source for protected keys is a security
      risc as the raw key material is kept in memory. However, so the AES
      selftests provided with the testmanager can be run during registration
      of the paes ciphers.
      Signed-off-by: NHarald Freudenberger <freude@linux.ibm.com>
      Signed-off-by: NVasily Gorbik <gor@linux.ibm.com>
      7f820d05
    • H
      s390/crypto: Rework on paes implementation · 6f3196b7
      Harald Freudenberger 提交于
      There have been some findings during Eric Biggers rework of the
      paes implementation which this patch tries to address:
      
      A very minor finding within paes ctr where when the cpacf instruction
      returns with only partially data en/decrytped the walk_done() was
      mistakenly done with the all data counter.  Please note this can only
      happen when the kmctr returns because the protected key became invalid
      in the middle of the operation. And this is only with suspend and
      resume on a system with different effective wrapping key.
      
      Eric Biggers mentioned that the context struct within the tfm struct
      may be shared among multiple kernel threads. So here now a rework
      which uses a spinlock per context to protect the read and write of the
      protected key blob value. The en/decrypt functions copy the protected
      key(s) at the beginning into a param struct and do not work with the
      protected key within the context any more. If the protected key in the
      param struct becomes invalid, the key material is again converted to
      protected key(s) and the context gets this update protected by the
      spinlock. Race conditions are still possible and may result in writing
      the very same protected key value more than once. So the spinlock
      needs to make sure the protected key(s) within the context are
      consistent updated.
      
      The ctr page is now locked by a mutex instead of a spinlock. A similar
      patch went into the aes_s390 code as a result of a complain "sleeping
      function called from invalid context at ...algapi.h". See
      commit 1c2c7029 ("s390/crypto: fix possible sleep during spinlock
      aquired")' for more.
      
      During testing with instrumented code another issue with the xts
      en/decrypt function revealed. The retry cleared the running iv value
      and thus let to wrong en/decrypted data.
      
      Tested and verified with additional testcases via AF_ALG interface and
      additional selftests within the kernel (which will be made available
      as soon as possible).
      Reported-by: NEric Biggers <ebiggers@kernel.org>
      Signed-off-by: NHarald Freudenberger <freude@linux.ibm.com>
      Signed-off-by: NVasily Gorbik <gor@linux.ibm.com>
      6f3196b7
    • S
      s390: support KPROBES_ON_FTRACE · 657480d9
      Sven Schnelle 提交于
      Instead of using our own kprobes-on-ftrace handling convert the
      code to support KPROBES_ON_FTRACE.
      Signed-off-by: NSven Schnelle <svens@linux.ibm.com>
      Signed-off-by: NVasily Gorbik <gor@linux.ibm.com>
      657480d9
    • G
      s390/mm: fix dynamic pagetable upgrade for hugetlbfs · 5f490a52
      Gerald Schaefer 提交于
      Commit ee71d16d ("s390/mm: make TASK_SIZE independent from the number
      of page table levels") changed the logic of TASK_SIZE and also removed the
      arch_mmap_check() implementation for s390. This combination has a subtle
      effect on how get_unmapped_area() for hugetlbfs pages works. It is now
      possible that a user process establishes a hugetlbfs mapping at an address
      above 4 TB, without triggering a dynamic pagetable upgrade from 3 to 4
      levels.
      
      This is because hugetlbfs mappings will not use mm->get_unmapped_area, but
      rather file->f_op->get_unmapped_area, which currently is the generic
      implementation of hugetlb_get_unmapped_area() that does not know about s390
      dynamic pagetable upgrades, but with the new definition of TASK_SIZE, it
      will now allow mappings above 4 TB.
      
      Subsequent access to such a mapped address above 4 TB will result in a page
      fault loop, because the CPU cannot translate such a large address with 3
      pagetable levels. The fault handler will try to map in a hugepage at the
      address, but due to the folded pagetable logic it will end up with creating
      entries in the 3 level pagetable, possibly overwriting existing mappings,
      and then it all repeats when the access is retried.
      
      Apart from the page fault loop, this can have various nasty effects, e.g.
      kernel panic from one of the BUG_ON() checks in memory management code,
      or even data loss if an existing mapping gets overwritten.
      
      Fix this by implementing HAVE_ARCH_HUGETLB_UNMAPPED_AREA support for s390,
      providing an s390 version for hugetlb_get_unmapped_area() with pagetable
      upgrade support similar to arch_get_unmapped_area(), which will then be
      used instead of the generic version.
      
      Fixes: ee71d16d ("s390/mm: make TASK_SIZE independent from the number of page table levels")
      Cc: <stable@vger.kernel.org> # 4.12+
      Signed-off-by: NGerald Schaefer <gerald.schaefer@de.ibm.com>
      Signed-off-by: NVasily Gorbik <gor@linux.ibm.com>
      5f490a52
  8. 28 1月, 2020 3 次提交