Add support for AES Counter Mode (CTR) compliant with RFC3686 to be
used along with authenc algorithms (md5, sha1, sha224, sha256, sha384,
sha512) as one-shot aead algorithms.
Signed-off-by: NCatalin Vasile <catalin.vasile@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Add support for Advanced Encryption Standard (AES) in Counter Mode (CTR)
as provided in IPsec implementation standard RFC3686.

ablkcipher shared descriptors now save context registers after job
execution. This is used to load Nonce specific to RFC3686 only at
first execution of shared job descriptor.
Signed-off-by: NCatalin Vasile <catalin.vasile@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Add support for AES working in Counter Mode
Signed-off-by: NCatalin Vasile <catalin.vasile@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Add AES-GMAC as an IPSec ESP mechanism to provide
data origin authentication, but not confidentiality.
This method is referred as ENCR_NULL_AUTH_AES_GMAC.
Signed-off-by: NTudor Ambarus <tudor.ambarus@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.

e.g.: in the worst case we could have one sg entry for a single byte.

This patch fixes it modifying the logic of the bound limit
moving it to nx_sg_build_lists and set a correct sg_max limit,
adding a trim function to ensure the bound in sg_list. Also fixing
nx_build_sg_list  NULL and untreated return in case of overflow.
Signed-off-by: NLeonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

NX SHA algorithms stores the message digest into tfm what
cause a concurrence issue where hashes may be replaced by others.
This patch cleans up the cases where it's handling unnecessarily shared
variables in nx context and copies the current msg digest to a sctx->state
in order to safetly handle with the hashe's state.

Also fixes and does some clean ups regarding the right sg max limit
and bounds to the sg list avoind a memory crash.
Signed-off-by: NLeonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.

This patch removes the old logic and replaces it into nx_sg_build_lists
in order to build a correct nx_sg list using the correct sg_max limit
and bounds.
Signed-off-by: NLeonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.

This patch removes the old logic and replace it into nx_sg_build_lists
in order to build a correct nx_sg list using the correct sg_max limit
and bounds.
Signed-off-by: NLeonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.

This patch removes the old logic and replaces it into nx_sg_build_lists
in order to build a correct nx_sg list using the correct sg_max limit
and bounds.
Signed-off-by: NLeonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.

- This patch removes the old logic and replaces it into nx_sg_build_lists
in order to build a correct nx_sg list using the correct sg_max limit
and bounds.

IV vector was not set correctly to zero causing ctr crash in tcrypt tests.

- Fixed setting IV vector  bits to zero.
Signed-off-by: NLeonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.

This patch removes the old logic and replaces it into nx_sg_build_lists in
order to build a correct nx_sg list using the correct sg_max limit and
bounds.
Signed-off-by: NLeonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The previous limits were estimated locally in a single step
basead on bound values, however it was not correct since
when given certain scatterlist the function nx_build_sg_lists
was consuming more sg entries than allocated causing a
memory corruption and crashes.

This patch removes the old logic and replaces it into nx_sg_build_lists
in order to build a correct nx_sg list using the correct sg_max limit
and bounds.
Signed-off-by: NLeonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch fixes the assumption that output sequence is not contiguous
when input sequence is not contiguous and in-place encryption is done.
Output sequence does not need to be contiguous with associated data.
Signed-off-by: NTudor Ambarus <tudor.ambarus@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Move PCI BARs definitions to device specific module where it belongs.
Signed-off-by: NTadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Add Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM)
as an IPsec Encapsulating Security Payload (ESP) mechanism
to provide confidentiality and data origin authentication.
Signed-off-by: NTudor Ambarus <tudor.ambarus@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Add support for AES working in Galois Counter Mode.

There is a limitation related to IV size, similar to the one present in
SW implementation (crypto/gcm.c):
The only IV size allowed is 12 bytes. It will be padded by HW to the right
with 0x0000_0001 (up to 16 bytes - AES block size), according to the GCM
specification.
Signed-off-by: NTudor Ambarus <tudor.ambarus@freescale.com>
Signed-off-by: NHoria Geanta <horia.geanta@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The buf is used to hold the list of hwrng devices registered.
The old code ensures we don't walk off the end of buf as we
fill it, but it's unnecessarily complicated and thus difficult
to maintain. Simplify it by using strlcat.
Signed-off-by: NRickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
Reviewed-by: NJason Cooper <jason@lakedaemon.net>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NBruce Allan <bruce.w.allan@intel.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

WARNING:UNNECESSARY_BREAK: break is not useful after a goto or return
#472: FILE: drivers/crypto/qat/qat_common/qat_algs.c:472:
+               goto bad_key;
+               break;
Signed-off-by: NBruce Allan <bruce.w.allan@intel.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Analyzing with coccinelle MODE=report...

Please check for false positives in the output before submitting a patch.
When using "patch" mode, carefully review the patch before submitting it.

drivers/crypto/qat/qat_dh895xcc/adf_isr.c:191:3-8: WARNING: NULL check
before freeing functions like kfree, debugfs_remove,
debugfs_remove_recursive or usb_free_urb is not needed. Maybe consider
reorganizing relevant code to avoid passing NULL values.

drivers/crypto/qat/qat_dh895xcc/adf_isr.c:208:3-8: WARNING: NULL check
before freeing functions like kfree, debugfs_remove,
debugfs_remove_recursive or usb_free_urb is not needed. Maybe consider
reorganizing relevant code to avoid passing NULL values.
Signed-off-by: NBruce Allan <bruce.w.allan@intel.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The mutex table_lock is unlocked in two functions without first being locked.
Fix the functions to properly protect the accel_table with the table_lock.

Also, fix a spelling error in one of the function's header comment.
Signed-off-by: NBruce Allan <bruce.w.allan@intel.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

skb->truesize is not meant to be tracking amount of used bytes
in an skb, but amount of reserved/consumed bytes in memory.

For instance, if we use a single byte in last page fragment,
we have to account the full size of the fragment.

skb->truesize can be very different from skb->len, that has
a very specific safety purpose.
Signed-off-by: NEric Dumazet <edumazet@google.com>
Cc: Rasesh Mody <rasesh.mody@qlogic.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Commit b4d2394d ("dsa: Replace mii_bus with a generic host device")
replaces mii_bus with a generic host_dev, and introduces
dsa_host_dev_to_mii_bus() to support conversion from host_dev to mii_bus.
However, in some cases it uses to_mii_bus to perform that conversion.
Since host_dev is not the phy bus device but typically a platform device,
this fails and results in a crash with the affected drivers.

BUG: unable to handle kernel NULL pointer dereference at           (null)
IP: [<ffffffff81781d35>] __mutex_lock_slowpath+0x75/0x100
PGD 406783067 PUD 406784067 PMD 0
Oops: 0002 [#1] SMP
...
Call Trace:
[<ffffffff810a538b>] ? pick_next_task_fair+0x61b/0x880
[<ffffffff81781de3>] mutex_lock+0x23/0x37
[<ffffffff81533244>] mdiobus_read+0x34/0x60
[<ffffffff8153b95a>] __mv88e6xxx_reg_read+0x8a/0xa0
[<ffffffff8153b9bc>] mv88e6xxx_reg_read+0x4c/0xa0

Fixes: b4d2394d ("dsa: Replace mii_bus with a generic host device")
Cc: Alexander Duyck <alexander.h.duyck@intel.com>
Signed-off-by: NGuenter Roeck <linux@roeck-us.net>
Acked-by: NAlexander Duyck <alexander.h.duyck@redhat.com>
Acked-by: NFlorian Fainelli <f.fainelli@gmail.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Don't ring the doorbell, and don't do PIO.  This will also prevent
 TX Push, because there will be more than one buffer waiting when
 the doorbell is rung.
Signed-off-by: NEdward Cree <ecree@solarflare.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Remove calling cancel_delayed_work_sync() for runtime suspend,
because it would cause dead lock. Instead, return -EBUSY to
avoid the device enters suspending if the net is running and
the delayed work is pending or running. The delayed work would
try to wake up the device later, so the suspending is not
necessary.
Signed-off-by: NHayes Wang <hayeswang@realtek.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

In case that the IP header has optional field at the end, this patch will
get the port numbers after that field, and compute the hash. The general
parser skb_flow_dissect() is used here.
Signed-off-by: NHaiyang Zhang <haiyangz@microsoft.com>
Reviewed-by: NK. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

pskb_may_pull maybe change skb->data and make eth pointer oboslete,
so eth needs to reload

Fixes: 91269e39 ("vxlan: using pskb_may_pull as early as possible")
Cc: Eric Dumazet <edumazet@google.com>
Signed-off-by: NLi RongQing <roy.qing.li@gmail.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This simplifies the lanai.c driver by using
the module_pci_driver() macro, at the expense
of losing only debugging messages.
Signed-off-by: NMichael Opdenacker <michael.opdenacker@free-electrons.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

On the Haswell platform, a split BAR option to allow creation of 2
32bit BARs (4 and 5) from the 64bit BAR 4. Adding support for this
new option.
Signed-off-by: NDave Jiang <dave.jiang@intel.com>
Signed-off-by: NJon Mason <jdmason@kudzu.us>

Instead of using a module parameter, we should detect the errata via
PCI DID and then set an appropriate flag. This will be used for additional
errata later on.
Signed-off-by: NDave Jiang <dave.jiang@intel.com>
Signed-off-by: NJon Mason <jdmason@kudzu.us>

To simplify some of the platform detection code. Move the platform detection
to a function to be called earlier.
Signed-off-by: NDave Jiang <dave.jiang@intel.com>
Signed-off-by: NJon Mason <jdmason@kudzu.us>

Move the platform detection function to separate functions to allow
easier maintenence.
Signed-off-by: NDave Jiang <dave.jiang@intel.com>
Signed-off-by: NJon Mason <jdmason@kudzu.us>

Create a debugfs entry for the NTB device to log the basic device info,
as well as display the error count on a number of registers.
Signed-off-by: NJon Mason <jon.mason@intel.com>

Add Thrustmaster as Xbox 360 controller vendor. This is required for
example to make the GP XID (044f:b326) gamepad work.
Signed-off-by: NTommi Rantala <tt.rantala@gmail.com>
Signed-off-by: NDmitry Torokhov <dmitry.torokhov@gmail.com>

Add the USB ID for the Xbox 360 Thrustmaster Ferrari 458 Racing Wheel.
Signed-off-by: NTommi Rantala <tt.rantala@gmail.com>
Signed-off-by: NDmitry Torokhov <dmitry.torokhov@gmail.com>

The check to see whether the device is already disabled in
max77693_haptic_disable() was inversed, this change corrects it.
Signed-off-by: NJaewon Kim <jaewon02.kim@samsung.com>
Reviewed-by: NChanwoo Choi <cw00.choi@samsung.com>
Signed-off-by: NDmitry Torokhov <dmitry.torokhov@gmail.com>

xenkbd_disconnect_backend doesn't free grant table entry.  This bug affects
live migration.

xenkbd_disconnect_backend uses gnttab_end_foreign_access_ref to handle
grant table entry which doesn't really free an entry.

Thus every time we do xenkbd_resume, grant table entry increses by one. As
an grant table entry occupies 8 bytes, an grant table page has at most 512
entries. Every 512 times we do xenkdb_resume, grant table pages increses by
one.

After around 3500 times of live migration, grant table pages will increase
by 7, causing too many pages to populate and hitting max_pages limit when
assigning pages.Thus assign_pages will fail, so will live migration.
Signed-off-by: NChang Huaixin <huaixin.chx@alibaba-inc.com>
Acked-by: NDavid Vrabel <david.vrabel@citrix.com>
Signed-off-by: NDmitry Torokhov <dmitry.torokhov@gmail.com>

The check for vfinfo is not sufficient because it does not protect
against specifying vf that is outside of sriov_num_vfs range.
All of the ndo functions have a check for it except for
ixgbevf_ndo_set_spoofcheck().

The following patch is all we need to protect against this panic:

ip link set p96p1 vf 0 spoofchk off
BUG: unable to handle kernel NULL pointer dereference at 0000000000000052
IP: [<ffffffffa044a1c1>]
ixgbe_ndo_set_vf_spoofchk+0x51/0x150 [ixgbe]
Reported-by: NThierry Herbelot <thierry.herbelot@6wind.com>
Signed-off-by: NEmil Tantilov <emil.s.tantilov@intel.com>
Acked-by: NThierry Herbelot <thierry.herbelot@6wind.com>
Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>

Compiling with CONFIG_FM10K=y and VXLAN=m resulting in linking error:

   drivers/built-in.o: In function `fm10k_open':
   (.text+0x1f9d7a): undefined reference to `vxlan_get_rx_port'
   make: *** [vmlinux] Error 1

The fix follows the same strategy as I40E.
Signed-off-by: NAndy Zhou <azhou@nicira.com>
Acked-by: NAlexander Duyck <alexander.h.duyck@intel.com>
Tested-by: NAaron Brown <aaron.f.brown@intel.com>
Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>

After grabbing the mailbox lock and detecting an error, the lock must be
released before the error code can be returned.
Signed-off-by: NMatthew Vick <matthew.vick@intel.com>
Tested-by: NAaron Brown <aaron.f.brown@intel.com>
Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>