#
92650f93 |
|
30-Nov-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: ccree - Remove ofb Remove the unused OFB implementation. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
588a90ac |
|
27-Oct-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: ccree - Silence gcc format-truncation false positive warnings The heuristics used by gcc triggers false positive truncation warnings in hifn_alg_alloc. The warning triggered by the strings here are clearly false positives (see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95755). Add checks on snprintf calls to silence these warnings, including the one for cra_driver_name even though it does not currently trigger a gcc warning. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
0ee43367 |
|
29-Dec-2022 |
Vladis Dronov <vdronov@redhat.com> |
crypto: xts - drop xts_check_key() xts_check_key() is obsoleted by xts_verify_key(). Over time XTS crypto drivers adopted the newer xts_verify_key() variant, but xts_check_key() is still used by a number of drivers. Switch drivers to use the newer xts_verify_key() and make a couple of cleanups. This allows us to drop xts_check_key() completely and avoid redundancy. Signed-off-by: Vladis Dronov <vdronov@redhat.com> Reviewed-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Nicolai Stange <nstange@suse.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
3d950c34 |
|
02-Mar-2022 |
Jianglei Nie <niejianglei2021@163.com> |
crypto: ccree - Fix use after free in cc_cipher_exit() kfree_sensitive(ctx_p->user.key) will free the ctx_p->user.key. But ctx_p->user.key is still used in the next line, which will lead to a use after free. We can call kfree_sensitive() after dev_dbg() to avoid the uaf. Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support") Signed-off-by: Jianglei Nie <niejianglei2021@163.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b2cd1d81 |
|
25-Jan-2021 |
dingsenjie <dingsenjie@yulong.com> |
crypto: ccree - fix spelling typo of allocated allocted -> allocated Signed-off-by: dingsenjie <dingsenjie@yulong.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
abc6146a |
|
19-Nov-2020 |
Gustavo A. R. Silva <gustavoars@kernel.org> |
crypto: ccree - Fix fall-through warnings for Clang In preparation to enable -Wimplicit-fallthrough for Clang, fix multiple warnings by explicitly adding multiple break statements instead of letting the code fall through to the next case. Link: https://github.com/KSPP/linux/issues/115 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
1d8b41ff |
|
05-Aug-2020 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - remove bitlocker cipher Remove the bitlocker cipher which is not supported by the kernel. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a93492ca |
|
05-Aug-2020 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - remove data unit size support Remove the implementaion of automatic advancement of sector size in IV for storage ciphers as its use is not supproted by the kernel. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
453431a5 |
|
07-Aug-2020 |
Waiman Long <longman@redhat.com> |
mm, treewide: rename kzfree() to kfree_sensitive() As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or something. The "zero" part of the interface isn't even _relevant_. The main reason that kzfree() exists is to clear sensitive information that should not be leaked to other future users of the same memory objects. Rename kzfree() to kfree_sensitive() to follow the example of the recently added kvfree_sensitive() and make the intention of the API more explicit. In addition, memzero_explicit() is used to clear the memory to make sure that it won't get optimized away by the compiler. The renaming is done by using the command sequence: git grep -w --name-only kzfree |\ xargs sed -i 's/kzfree/kfree_sensitive/' followed by some editing of the kfree_sensitive() kerneldoc and adding a kzfree backward compatibility macro in slab.h. [akpm@linux-foundation.org: fs/crypto/inline_crypt.c needs linux/slab.h] [akpm@linux-foundation.org: fix fs/crypto/inline_crypt.c some more] Suggested-by: Joe Perches <joe@perches.com> Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: David Howells <dhowells@redhat.com> Acked-by: Michal Hocko <mhocko@suse.com> Acked-by: Johannes Weiner <hannes@cmpxchg.org> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Joe Perches <joe@perches.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: David Rientjes <rientjes@google.com> Cc: Dan Carpenter <dan.carpenter@oracle.com> Cc: "Jason A . Donenfeld" <Jason@zx2c4.com> Link: http://lkml.kernel.org/r/20200616154311.12314-3-longman@redhat.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
#
f9490708 |
|
21-Jun-2020 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - remove unused field Remove yet another unused field left over from times gone by. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
520f325a |
|
21-Jun-2020 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - adapt ccree essiv support to kcapi The ESSIV support in ccree was added before the kernel generic support and using a slightly different API. Brings the ccree essiv interface into compliance with kernel crypto api one. Since CryptoCell only support 256 bit AES key for ESSIV, also use a fallback if requested a smaller key size. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Libo Wang <libo.wang@arm.com> Cc: Markus Elfring <Markus.Elfring@web.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
9bc6165d |
|
21-Jun-2020 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - fix resource leak on error path Fix a small resource leak on the error path of cipher processing. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Fixes: 63ee04c8b491e ("crypto: ccree - add skcipher support") Cc: Markus Elfring <Markus.Elfring@web.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
8cbb8097 |
|
01-May-2020 |
Eric Biggers <ebiggers@google.com> |
crypto: ccree - use crypto_shash_tfm_digest() Instead of manually allocating a 'struct shash_desc' on the stack and calling crypto_shash_digest(), switch to using the new helper function crypto_shash_tfm_digest() which does this for us. Cc: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
6429ccdd |
|
08-Mar-2020 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - remove ancient TODO remarks Remove left over ancient and now misleading TODO remarks. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f7c8f992 |
|
11-Feb-2020 |
Geert Uytterhoeven <geert+renesas@glider.be> |
crypto: ccree - use devm_k[mz]alloc() for cipher data As the lifetime of the cipher data matches the lifetime of the driver, cipher data can be allocated using the managed allocators. Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
ff4d719a |
|
11-Feb-2020 |
Geert Uytterhoeven <geert+renesas@glider.be> |
crypto: ccree - use devm_k[mz]alloc() for AEAD data As the lifetime of the AEAD data matches the lifetime of the driver, AEAD data can be allocated using the managed allocators. While at it, simplify cc_aead_free() by removing an unneeded cast, and an unneeded check (aead_handle is always valid here). Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c23d7997 |
|
11-Feb-2020 |
Geert Uytterhoeven <geert+renesas@glider.be> |
crypto: ccree - remove struct cc_cipher_handle The cc_cipher_handle structure contains only a single member, and only one instance exists. Simplify the code and reduce memory consumption by moving this member to struct cc_drvdata. Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
1a895f1d |
|
11-Feb-2020 |
Geert Uytterhoeven <geert+renesas@glider.be> |
crypto: ccree - use u32 for SRAM addresses SRAM addresses are small integer offsets into local SRAM. Currently they are stored using a mixture of cc_sram_addr_t (u64), u32, and dma_addr_t types. Settle on u32, and remove the cc_sram_addr_t typedefs. This allows to drop several casts. Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f4274eec |
|
11-Feb-2020 |
Geert Uytterhoeven <geert+renesas@glider.be> |
crypto: ccree - remove unneeded casts Unneeded casts prevent the compiler from performing valuable checks. This is especially true for function pointers. Remove these casts, to prevent silently introducing bugs when a variable's type might be changed in the future. No change in generated code. Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
20f51309 |
|
03-Feb-2020 |
YueHaibing <yuehaibing@huawei.com> |
crypto: ccree - remove set but not used variable 'du_size' Fixes gcc '-Wunused-but-set-variable' warning: drivers/crypto/ccree/cc_cipher.c: In function 'cc_setup_state_desc': drivers/crypto/ccree/cc_cipher.c:536:15: warning: variable 'du_size' set but not used [-Wunused-but-set-variable] commit 5c83e8ec4d51 ("crypto: ccree - fix FDE descriptor sequence") involved this unused variable, so remove it. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
4aaefb62 |
|
29-Jan-2020 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - fix some reported cipher block sizes OFB and CTR modes block sizes were wrongfully reported as the underlying block sizes. Fix it to 1 bytes as they turn the block ciphers into stream ciphers. Also document why our XTS differes from the generic implementation. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
5c83e8ec |
|
15-Jan-2020 |
Ofir Drang <ofir.drang@arm.com> |
crypto: ccree - fix FDE descriptor sequence In FDE mode (xts, essiv and bitlocker) the cryptocell hardware requires that the the XEX key will be loaded after Key1. Signed-off-by: Ofir Drang <ofir.drang@arm.com> Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c7b31c88 |
|
15-Jan-2020 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - turn errors to debug msgs We have several loud error log messages that are already reported via the normal return code mechanism and produce a lot of noise when the new testmgr extra test are enabled. Turn these into debug only messages Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
674f368a |
|
30-Dec-2019 |
Eric Biggers <ebiggers@google.com> |
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to make the ->setkey() functions provide more information about errors. However, no one actually checks for this flag, which makes it pointless. Also, many algorithms fail to set this flag when given a bad length key. Reviewing just the generic implementations, this is the case for aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309, rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably many more in arch/*/crypto/ and drivers/crypto/. Some algorithms can even set this flag when the key is the correct length. For example, authenc and authencesn set it when the key payload is malformed in any way (not just a bad length), the atmel-sha and ccree drivers can set it if a memory allocation fails, and the chelsio driver sets it for bad auth tag lengths, not just bad key lengths. So even if someone actually wanted to start checking this flag (which seems unlikely, since it's been unused for a long time), there would be a lot of work needed to get it working correctly. But it would probably be much better to go back to the drawing board and just define different return values, like -EINVAL if the key is invalid for the algorithm vs. -EKEYREJECTED if the key was rejected by a policy like "no weak keys". That would be much simpler, less error-prone, and easier to test. So just remove this flag. Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
5c925e8b |
|
30-Dec-2019 |
Eric Biggers <ebiggers@google.com> |
crypto: remove CRYPTO_TFM_RES_BAD_BLOCK_LEN The flag CRYPTO_TFM_RES_BAD_BLOCK_LEN is never checked for, and it's only set by one driver. And even that single driver's use is wrong because the driver is setting the flag from ->encrypt() and ->decrypt() with no locking, which is unsafe because ->encrypt() and ->decrypt() can be executed by many threads in parallel on the same tfm. Just remove this flag. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
5620eb6c |
|
09-Nov-2019 |
Ard Biesheuvel <ardb@kernel.org> |
crypto: ccree - update a stale reference to ablkcipher The ccree driver does not use the ablkcipher interface but contains a rudimentary reference to it in the naming of an unrelated macro. Let's rename it to avoid confusion. Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
67caef08 |
|
08-Sep-2019 |
Uri Shir <uri.shir@arm.com> |
crypto: ccree - enable CTS support in AES-XTS In XTS encryption/decryption the plaintext byte size can be >= AES_BLOCK_SIZE. This patch enable the AES-XTS ciphertext stealing implementation in ccree driver. Signed-off-by: Uri Shir <uri.shir@arm.com> Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
00cd6b23 |
|
14-Aug-2019 |
Ard Biesheuvel <ardb@kernel.org> |
crypto: ccree/des - switch to new verification routines Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
50af3272 |
|
28-Apr-2019 |
YueHaibing <yuehaibing@huawei.com> |
crypto: ccree - remove set but not used variable 'du_size' Fixes gcc '-Wunused-but-set-variable' warning: drivers/crypto/ccree/cc_cipher.c: In function cc_setup_key_desc: drivers/crypto/ccree/cc_cipher.c:645:15: warning: variable du_size set but not used [-Wunused-but-set-variable] It is never used since introduction in commit dd8486c75085 ("crypto: ccree - move key load desc. before flow desc.") Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
22e2db68 |
|
26-Apr-2019 |
Colin Ian King <colin.king@canonical.com> |
crypto: ccree - fix spelling mistake "protedcted" -> "protected" There is a spelling mistake in a dev_dbg message, fix it. Signed-off-by: Colin Ian King <colin.king@canonical.com> Acked-By: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
03963cae |
|
18-Apr-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - copyright header update This sacrificial copyright header update is offered to the legal department as atonement for any changes made in this driver files in the course of the current year which have not been duly recorded as such. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a108f931 |
|
18-Apr-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - fix backlog notifications We were doing backlog notification callbacks via a cipher/hash/aead request structure cast to the base structure, which may or may not work based on how the structure is laid in memory and is not safe. Fix it by delegating the backlog notification to the appropriate internal callbacks which are type aware. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
6f17e00f |
|
18-Apr-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - read next IV from HW We were computing the next IV in software instead of reading it from HW on the premise that this can be quicker due to the small size of IVs but this proved to be much more hassle and bug ridden than expected. Move to reading the next IV as computed by the HW. This fixes a number of issue with next IV being wrong for OFB, CTS-CBC and probably most of the other ciphers as well. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
533edf9f |
|
18-Apr-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - adapt CPP descriptor to new HW Adapt the CPP descriptor to new HW interface. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
bee711fa |
|
18-Apr-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - add SM4 protected keys support Add the registration for the SM4 based policy protected keys ciphers. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
52f42c65 |
|
18-Apr-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - add remaining logic for CPP Add the missing logic to set usage policy protections for keys. This enables key policy protection for AES. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f98f6e21 |
|
18-Apr-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - add support for sec disabled mode Add support for the Security Disabled mode under which only pure cryptographic functionality is enabled and protected keys services are unavailable. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
4b1d7deb |
|
18-Apr-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - move MLLI desc. before key load Refactor to move the descriptor copying the MLLI line to SRAM to before the key loading descriptor in preparation to the introduction of CPP later on. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
dd8486c7 |
|
18-Apr-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - move key load desc. before flow desc. Refactor the descriptor setup code in order to move the key loading descriptor to one before last position. This has no effect on current functionality but is needed for later support of Content Protection Policy keys. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
5db46ac2 |
|
14-Mar-2019 |
Arnd Bergmann <arnd@arndb.de> |
crypto: ccree - reduce kernel stack usage with clang Building with clang for a 32-bit architecture runs over the stack frame limit in the setkey function: drivers/crypto/ccree/cc_cipher.c:318:12: error: stack frame size of 1152 bytes in function 'cc_cipher_setkey' [-Werror,-Wframe-larger-than=] The problem is that there are two large variables: the temporary 'tmp' array and the SHASH_DESC_ON_STACK() declaration. Moving the first into the block in which it is used reduces the total frame size to 768 bytes, which seems more reasonable and is under the warning limit. Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support") Signed-off-by: Arnd Bergmann <arnd@arndb.de> Acked-By: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b5be8531 |
|
10-Feb-2019 |
Gustavo A. R. Silva <gustavo@embeddedor.com> |
crypto: ccree - fix missing break in switch statement Add missing break statement in order to prevent the code from falling through to case S_DIN_to_DES. This bug was found thanks to the ongoing efforts to enable -Wimplicit-fallthrough. Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support") Cc: stable@vger.kernel.org Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
231baecd |
|
18-Jan-2019 |
Eric Biggers <ebiggers@google.com> |
crypto: clarify name of WEAK_KEY request flag CRYPTO_TFM_REQ_WEAK_KEY confuses newcomers to the crypto API because it sounds like it is requesting a weak key. Actually, it is requesting that weak keys be forbidden (for algorithms that have the notion of "weak keys"; currently only DES and XTS do). Also it is only one letter away from CRYPTO_TFM_RES_WEAK_KEY, with which it can be easily confused. (This in fact happened in the UX500 driver, though just in some debugging messages.) Therefore, make the intent clear by renaming it to CRYPTO_TFM_REQ_FORBID_WEAK_KEYS. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
2b5ac174 |
|
15-Jan-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - don't copy zero size ciphertext For decryption in CBC mode we need to save the last ciphertext block for use as the next IV. However, we were trying to do this also with zero sized ciphertext resulting in a panic. Fix this by only doing the copy if the ciphertext length is at least of IV size. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c139c72e |
|
15-Jan-2019 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - unmap buffer before copying IV We were copying the last ciphertext block into the IV field for CBC before removing the DMA mapping of the output buffer with the result of the buffer sometime being out-of-sync cache wise and were getting intermittent cases of bad output IV. Fix it by moving the DMA buffer unmapping before the copy. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Fixes: 00904aa0cd59 ("crypto: ccree - fix iv handling") Cc: <stable@vger.kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
1c876a90 |
|
13-Nov-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - add support for CryptoCell 703 Add support for Arm TrustZone CryptoCell 703. The 703 is a variant of the CryptoCell 713 that supports only algorithms certified by the Chinesse Office of the State Commercial Cryptography Administration (OSCCA). Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
9b8d51f8 |
|
29-Oct-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - add SM4 support Add support for SM4 cipher in CryptoCell 713. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f53ad3e1 |
|
24-Jul-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - allow bigger than sector XTS op The ccree driver had a sanity check that we are not asked to encrypt an XTS buffer bigger than a sane sector size since XTS IV needs to include the sector number in the IV so this is not expected in any real use case. Unfortunately, this breaks cryptsetup benchmark test which has a synthetic performance test using 64k buffer of data with the same IV. Remove the sanity check and allow the user to hang themselves and/or run benchmarks if they so wish. Reported-by: Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
e30368f3 |
|
24-Jul-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - zero all of request ctx before use In certain error path req_ctx->iv was being freed despite not being allocated because it was not initialized to NULL. Rather than play whack a mole with the structure various field, zero it before use. This fixes a kernel panic that may occur if an invalid buffer size was requested triggering the bug above. Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support") Reported-by: Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f5c19df9 |
|
24-Jul-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - remove cipher ivgen left overs IV generation is not available via the skcipher interface. Remove the left over support of it from the ablkcipher days. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
76c9e53e |
|
24-Jul-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - drop useless type flag during reg Drop the explicit setting of CRYPTO_ALG_TYPE_AEAD or CRYPTO_ALG_TYPE_SKCIPHER flags during alg registration as they are set anyway by the framework. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
84f366da |
|
01-Jul-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - use CBC-CS3 CTS mode The ccree driver implemented NIST 800-38A CBC-CS2 ciphertext format, which only reverses the last two blocks if the stolen ciphertext amount are none zero. Move it to the kernel chosen format of CBC-CS3 which swaps the final blocks unconditionally and rename it to "cts" now that it complies with the kernel format and passes the self tests. Ironically, the CryptoCell REE HW does just that, so the fix is dropping the code that forced it to use plain CBC if the ciphertext was block aligned. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
d6b609d1 |
|
01-Jul-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - remove dead legacy code Remove legacy code no longer used by anything. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
00904aa0 |
|
01-Jul-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - fix iv handling We were copying our last cipher block into the request for use as IV for all modes of operations. Fix this by discerning the behaviour based on the mode of operation used: copy ciphertext for CBC, update counter for CTR. CC: stable@vger.kernel.org Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support") Reported by: Hadar Gat <hadar.gat@arm.com> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
2c95e6d9 |
|
30-Jun-2018 |
Eric Biggers <ebiggers@google.com> |
crypto: skcipher - remove useless setting of type flags Some skcipher algorithms set .cra_flags = CRYPTO_ALG_TYPE_SKCIPHER. But this is redundant with the C structure type ('struct skcipher_alg'), and crypto_register_skcipher() already sets the type flag automatically, clearing any type flag that was already there. Apparently the useless assignment has just been copy+pasted around. So, remove the useless assignment from all the skcipher algorithms. This patch shouldn't change any actual behavior. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a794d8d8 |
|
23-Apr-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - enable support for hardware keys Enable CryptoCell support for hardware keys. Hardware keys are regular AES keys loaded into CryptoCell internal memory via firmware, often from secure boot ROM or hardware fuses at boot time. As such, they can be used for enc/dec purposes like any other key but cannot (read: extremely hard to) be extracted since since they are not available anywhere in RAM during runtime. The mechanism has some similarities to s390 secure keys although the keys are not wrapped or sealed, but simply loaded offline. The interface was therefore modeled based on the s390 secure keys support. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
27b3b22d |
|
19-Feb-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - add support for older HW revs Add support for the legacy CryptoCell 630 and 710 revs. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
01745706 |
|
15-Feb-2018 |
Fengguang Wu <fengguang.wu@intel.com> |
crypto: ccree - fix memdup.cocci warnings drivers/crypto/ccree/cc_cipher.c:629:15-22: WARNING opportunity for kmemdep Use kmemdup rather than duplicating its implementation Generated by: scripts/coccinelle/api/memdup.cocci Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support") CC: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
63ee04c8 |
|
22-Jan-2018 |
Gilad Ben-Yossef <gilad@benyossef.com> |
crypto: ccree - add skcipher support Add CryptoCell skcipher support Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|