summaryrefslogtreecommitdiff
path: root/drivers/crypto/talitos.c
AgeCommit message (Collapse)AuthorFilesLines
2016-04-20crypto: talitos - fix AEAD tcrypt testsHoria Geant?1-16/+30
After conversion to new AEAD interface, tcrypt tests fail as follows: [...] [ 1.145414] alg: aead: Test 1 failed on encryption for authenc-hmac-sha1-cbc-aes-talitos [ 1.153564] 00000000: 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67 [ 1.160041] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1.166509] 00000020: 00 00 00 00 [...] Fix them by providing the correct cipher in & cipher out pointers, i.e. must skip over associated data in src and dst S/G. While here, fix a problem with the HW S/G table index usage: tbl_off must be updated after the pointer to the table entries is set. Cc: <stable@vger.kernel.org> # 4.3+ Fixes: aeb4c132f33d ("crypto: talitos - Convert to new AEAD interface") Reported-by: Jonas Eymann <J.Eymann@gmx.net> Signed-off-by: Horia Geant? <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-20crypto: talitos - fix crash in talitos_cra_init()Jonas Eymann1-14/+27
Conversion of talitos driver to the new AEAD interface hasn't been properly tested. AEAD algorithms crash in talitos_cra_init as follows: [...] [ 1.141095] talitos ffe30000.crypto: hwrng [ 1.145381] Unable to handle kernel paging request for data at address 0x00000058 [ 1.152913] Faulting instruction address: 0xc02accc0 [ 1.157910] Oops: Kernel access of bad area, sig: 11 [#1] [ 1.163315] SMP NR_CPUS=2 P1020 RDB [ 1.166810] Modules linked in: [ 1.169875] CPU: 0 PID: 1007 Comm: cryptomgr_test Not tainted 4.4.6 #1 [ 1.176415] task: db5ec200 ti: db4d6000 task.ti: db4d6000 [ 1.181821] NIP: c02accc0 LR: c02acd18 CTR: c02acd04 [ 1.186793] REGS: db4d7d30 TRAP: 0300 Not tainted (4.4.6) [ 1.192457] MSR: 00029000 <CE,EE,ME> CR: 95009359 XER: e0000000 [ 1.198585] DEAR: 00000058 ESR: 00000000 GPR00: c017bdc0 db4d7de0 db5ec200 df424b48 00000000 00000000 df424bfc db75a600 GPR08: df424b48 00000000 db75a628 db4d6000 00000149 00000000 c0044cac db5acda0 GPR16: 00000000 00000000 00000000 00000000 00000000 00000000 00000400 df424940 GPR24: df424900 00003083 00000400 c0180000 db75a640 c03e9f84 df424b40 df424b48 [ 1.230978] NIP [c02accc0] talitos_cra_init+0x28/0x6c [ 1.236039] LR [c02acd18] talitos_cra_init_aead+0x14/0x28 [ 1.241443] Call Trace: [ 1.243894] [db4d7de0] [c03e9f84] 0xc03e9f84 (unreliable) [ 1.249322] [db4d7df0] [c017bdc0] crypto_create_tfm+0x5c/0xf0 [ 1.255083] [db4d7e10] [c017beec] crypto_alloc_tfm+0x98/0xf8 [ 1.260769] [db4d7e40] [c0186a20] alg_test_aead+0x28/0xc8 [ 1.266181] [db4d7e60] [c0186718] alg_test+0x260/0x2e0 [ 1.271333] [db4d7ee0] [c0183860] cryptomgr_test+0x30/0x54 [ 1.276843] [db4d7ef0] [c0044d80] kthread+0xd4/0xd8 [ 1.281741] [db4d7f40] [c000e4a4] ret_from_kernel_thread+0x5c/0x64 [ 1.287930] Instruction dump: [ 1.290902] 38600000 4e800020 81230028 7c681b78 81490010 38e9ffc0 3929ffe8 554a073e [ 1.298691] 2b8a000a 7d474f9e 812a0008 91230030 <80e90058> 39270060 7c0004ac 7cc04828 Cc: <stable@vger.kernel.org> # 4.3+ Fixes: aeb4c132f33d ("crypto: talitos - Convert to new AEAD interface") Signed-off-by: Jonas Eymann <J.Eymann@gmx.net> Fix typo - replaced parameter of __crypto_ahash_alg(): s/tfm/alg Remove checkpatch warnings. Add commit message. Signed-off-by: Horia Geant? <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-04crypto: talitos - add new crypto modesLEROY Christophe1-0/+83
This patch adds the following algorithms to the talitos driver: * ecb(aes) * ctr(aes) * ecb(des) * cbc(des) * ecb(des3_ede) Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17crypto: talitos - check return value of sg_nents_for_lenLABBE Corentin1-7/+34
The sg_nents_for_len() function could fail, this patch add a check for its return value. Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-16crypto: talitos - Fix timing leak in ESP ICV verificationDavid Gstir1-1/+1
Using non-constant time memcmp() makes the verification of the authentication tag in the decrypt path vulnerable to timing attacks. Fix this by using crypto_memneq() instead. Cc: stable@vger.kernel.org Signed-off-by: David Gstir <david@sigma-star.at> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-10-01crypto: talitos - dma_map_sg can handle chained SGLABBE Corentin1-86/+18
The talitos driver use two dma_map_sg path according to SG are chained or not. Since dma_map_sg can handle both case, clean the code with all references to sg chained. Thus removing talitos_map_sg, talitos_unmap_sg_chain and sg_count functions. Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-09-02Merge branch 'for-4.3/sg' of git://git.kernel.dk/linux-blockLinus Torvalds1-1/+1
Pull SG updates from Jens Axboe: "This contains a set of scatter-gather related changes/fixes for 4.3: - Add support for limited chaining of sg tables even for architectures that do not set ARCH_HAS_SG_CHAIN. From Christoph. - Add sg chain support to target_rd. From Christoph. - Fixup open coded sg->page_link in crypto/omap-sham. From Christoph. - Fixup open coded crypto ->page_link manipulation. From Dan. - Also from Dan, automated fixup of manual sg_unmark_end() manipulations. - Also from Dan, automated fixup of open coded sg_phys() implementations. - From Robert Jarzmik, addition of an sg table splitting helper that drivers can use" * 'for-4.3/sg' of git://git.kernel.dk/linux-block: lib: scatterlist: add sg splitting function scatterlist: use sg_phys() crypto/omap-sham: remove an open coded access to ->page_link scatterlist: remove open coded sg_unmark_end instances crypto: replace scatterwalk_sg_chain with sg_chain target/rd: always chain S/G list scatterlist: allow limited chaining without ARCH_HAS_SG_CHAIN
2015-08-17crypto: replace scatterwalk_sg_chain with sg_chainDan Williams1-1/+1
Signed-off-by: Dan Williams <dan.j.williams@intel.com> [hch: split from a larger patch by Dan] Signed-off-by: Christoph Hellwig <hch@lst.de> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Jens Axboe <axboe@fb.com>
2015-08-17crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flagHerbert Xu1-1/+0
This patch removes the CRYPTO_ALG_AEAD_NEW flag now that everyone has been converted. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-08-10crypto: talitos - Prevent panic in probe error pathAaron Sierra1-2/+11
The probe error path for this driver, for all intents and purposes, is the talitos_remove() function due to the common "goto err_out". Without this patch applied, talitos_remove() will panic under these two conditions: 1. If the RNG device hasn't been registered via talitos_register_rng() prior to entry into talitos_remove(), then the attempt to unregister the RNG "device" will cause a panic. 2. If the priv->chan array has not been allocated prior to entry into talitos_remove(), then the per-channel FIFO cleanup will panic because of the dereference of that NULL "array". Both of the above scenarios occur if talitos_probe_irq() fails. This patch resolves issue #1 by introducing a boolean to mask the hwrng_unregister() call in talitos_unregister_rng() if RNG device registration was unsuccessful. It resolves issue #2 by checking that priv->chan is not NULL in the per-channel FIFO cleanup for loop. Signed-off-by: Aaron Sierra <asierra@xes-inc.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-08-04crypto: talitos - Convert to new AEAD interfaceHerbert Xu1-329/+277
This patch converts talitos to the new AEAD interface. IV generation has been removed since it's equivalent to a software implementation. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-05-13crypto: talitos - static code checker fixesHoria Geant?1-7/+5
-change req_ctx->nbuf from u64 to unsigned int to silence checker warnings; this is safe since nbuf value is <= HASH_MAX_BLOCK_SIZE -remove unused value read from TALITOS_CCPSR; there is no requirement to read upper 32b before reading lower 32b of a 64b register; SEC RM mentions: "reads can always be done by byte, word, or dword" -remove unused return value of sg_to_link_tbl() -change "len" parameter of map_single_talitos_ptr() and to_talitos_ptr_len() to unsigned int; later, cpu_to_be16 will __force downcast the value to unsigned short without any checker warning Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-05-13crypto: talitos - avoid out of bound scatterlist iteratorHoria Geant?1-2/+2
Check return value of scatterlist_sg_next(), i.e. don't rely solely on number of bytes to be processed or number of scatterlist entries. Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-05-13Revert "crypto: talitos - convert to use be16_add_cpu()"Horia Geant?1-1/+2
This reverts commit 7291a932c6e27d9768e374e9d648086636daf61c. The conversion to be16_add_cpu() is incorrect in case cryptlen is negative due to premature (i.e. before addition / subtraction) implicit conversion of cryptlen (int -> u16) leading to sign loss. Cc: <stable@vger.kernel.org> # 3.10+ Cc: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-05-13crypto: talitos - avoid memleak in talitos_alg_alloc()Horia Geant?1-0/+1
Cc: <stable@vger.kernel.org> # 3.2+ Fixes: 1d11911a8c57 ("crypto: talitos - fix warning: 'alg' may be used uninitialized in this function") Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-05-13crypto: talitos - fix size calculation in talitos_edesc_alloc()Dan Carpenter1-2/+2
The + operation has higher precedence than ?: so we need parentheses here. Otherwise we may end up allocating a max of only one "cryptlen" instead of two. Fixes: 6f65f6ac5fb3 ('crypto: talitos - implement scatter/gather copy for SEC1') Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-05-13crypto: talitos - Include internal/aead.hHerbert Xu1-1/+1
All AEAD implementations must include internal/aead.h in order to access required helpers. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - Add fsl,sec1.0 compatibleLEROY Christophe1-0/+7
We add a specific compatible for SEC1, to handle the differences between SEC1 and SEC2+ Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - SEC1 bugs on 0 data hashLEROY Christophe1-0/+24
SEC1 bugs on 0 data hash, so we submit an already padded block representing 0 data Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - implement scatter/gather copy for SEC1LEROY Christophe1-37/+101
SEC1 doesn't support scatter/gather, SEC1 doesn't handle link tables. Therefore, for SEC1 we have to do it by SW. For that, we reserve space at the end of the extended descriptor, in lieu of the space reserved for the link tables on SEC2, and we perform sg_copy() when preparing the descriptors We also adapt the max buffer size which is only 32k on SEC1 while it is 64k on SEC2+ Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - adapt interrupts and reset functions to SEC1LEROY Christophe1-55/+172
This patch adapts the interrupts handling and reset function for SEC1. On SEC1, registers are almost similar to SEC2+, but bits are sometimes located at different places. So we need to define TALITOS1 and TALITOS2 versions of some fields, and manage according to whether it is SEC1 or SEC2. On SEC1, only one interrupt vector is dedicated to the SEC, so only interrupt_4ch is needed. On SEC1, interrupts are enabled by clearing related bits in IMR, while on SEC2, interrupts are enabled by seting the bits in IMR. SEC1 also performs parity verification in the DES Unit. We have to disable this feature because the test vectors provided in the kernel have parity errors. In reset functions, only SEC2 supports continuation after error. For SEC1, we have to reset in all cases. For errors handling, SEC2+ names have been kept, but displayed text have been amended to reflect exact meaning on SEC1. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - base address for Execution UnitsLEROY Christophe1-28/+55
SEC 1.0, 1.2 and 2.x+ have different EU base addresses, so we need to define pointers for each EU in the driver private data structure. The proper address is set by the probe function depending on the SEC type, in order to provide access to the proper address. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - adaptation of talitos_submit() for SEC1LEROY Christophe1-4/+19
SEC1 descriptor is a bit different to SEC2+ descriptor. talitos_submit() will have to copy hdr field into hdr1 field and send the descriptor starting at hdr1 up to next_desc. For SEC2, it remains unchanged and next_desc is just ignored. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - fill in talitos descriptor iaw SEC1 or SEC2+LEROY Christophe1-38/+67
talitos descriptor is slightly different for SEC1 and SEC2+, so lets the helper function that fills the descriptor take into account the type of SEC. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - Add a feature to tag SEC1LEROY Christophe1-0/+3
We add a new feature in the features field, to mark compatible "fsl,sec1.0" We also define a helper function called has_ftr_sec1() to help functions quickly determine if they are running on SEC1 or SEC2+. When only SEC1 or SEC2 is compiled in, has_ftr_sec1() return trivial corresponding value. If both are compiled in, feature field is checked. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - helper function for ptr lenLEROY Christophe1-7/+17
This patch adds a helper function for reads and writes of the len param of the talitos descriptor. This will help implement SEC1 later. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - remove param 'extent' in map_single_talitos_ptr()LEROY Christophe1-11/+10
map_single_talitos_ptr() is always called with extent == 0, so lets remove this unused parameter Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - Add a helper function to clear j_extent fieldLEROY Christophe1-3/+8
j_extent field is specific to SEC2 so we add a helper function to clear it so that SEC1 can redefine that function as nop Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - talitos_ptr renamed ptr for more lisibilityLEROY Christophe1-10/+10
Linux CodyingStyle recommends to use short variables for local variables. ptr is just good enough for those 3 lines functions. It helps keep single lines shorter than 80 characters. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - Refactor the sg in/out chain allocationLEROY Christophe1-78/+81
This patch refactors the handling of the input and output data that is quite similar in several functions Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - Use zero entry to init descriptors ptrs to zeroLEROY Christophe1-6/+2
Do use zero_entry value to init the descriptors ptrs to zero instead of writing 0 in each field Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-03-06crypto: talitos - Remove MD5_BLOCK_SIZEMartin Hicks1-4/+2
This is properly defined in the md5 header file. Signed-off-by: Martin Hicks <mort@bork.org> Acked-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-03-06crypto: talitos - Simplify per-channel initializationMartin Hicks1-8/+3
There were multiple loops in a row, for each separate step of the initialization of the channels. Simplify to a single loop. Signed-off-by: Martin Hicks <mort@bork.org> Acked-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-01-26crypto: replace scatterwalk_sg_next with sg_nextCristian Stoica1-4/+4
Modify crypto drivers to use the generic SG helper since both of them are equivalent and the one from crypto is redundant. See also: 468577abe37ff7b453a9ac613e0ea155349203ae reverted in b2ab4a57b018aafbba35bff088218f5cc3d2142e Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2014-10-20crypto: drop owner assignment from platform_driversWolfram Sang1-1/+0
A platform_driver does not need to set an owner, it will be populated by the driver core. Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
2014-02-09crypto: talitos: init the priv->alg_list more earlier in talitos_probe()Kevin Hao1-2/+2
In function talitos_probe(), it will jump to err_out when getting an error in talitos_probe_irq(). Then the uninitialized list head priv->alg_list will be used in function talitos_remove(). In this case we would get a call trace like the following. So move up the initialization of priv->alg_list. Unable to handle kernel paging request for data at address 0x00000000 Faulting instruction address: 0xc0459ff4 Oops: Kernel access of bad area, sig: 11 [#1] SMP NR_CPUS=8 P1020 RDB Modules linked in: CPU: 1 PID: 1 Comm: swapper/0 Tainted: G W 3.13.0-08789-g54c0a4b46150 #33 task: cf050000 ti: cf04c000 task.ti: cf04c000 NIP: c0459ff4 LR: c0459fd4 CTR: c02f2438 REGS: cf04dcb0 TRAP: 0300 Tainted: G W (3.13.0-08789-g54c0a4b46150) MSR: 00029000 <CE,EE,ME> CR: 82000028 XER: 20000000 DEAR: 00000000 ESR: 00000000 GPR00: c045ac28 cf04dd60 cf050000 cf2579c0 00021000 00000000 c02f35b0 0000014e GPR08: c07e702c cf104300 c07e702c 0000014e 22000024 00000000 c0002a3c 00000000 GPR16: 00000000 00000000 00000000 00000000 00000000 00000000 c082e4e0 000000df GPR24: 00000000 00100100 00200200 cf257a2c cf0efe10 cf2579c0 cf0efe10 00000000 NIP [c0459ff4] talitos_remove+0x3c/0x1c8 LR [c0459fd4] talitos_remove+0x1c/0x1c8 Call Trace: [cf04dd60] [c07485d8] __func__.13331+0x1241c8/0x1391c0 (unreliable) [cf04dd90] [c045ac28] talitos_probe+0x244/0x998 [cf04dde0] [c0306a74] platform_drv_probe+0x28/0x68 [cf04ddf0] [c0304d38] really_probe+0x78/0x250 [cf04de10] [c030505c] __driver_attach+0xc8/0xcc [cf04de30] [c0302e98] bus_for_each_dev+0x6c/0xb8 [cf04de60] [c03043cc] bus_add_driver+0x168/0x220 [cf04de80] [c0305798] driver_register+0x88/0x130 [cf04de90] [c0002458] do_one_initcall+0x14c/0x198 [cf04df00] [c079f904] kernel_init_freeable+0x138/0x1d4 [cf04df30] [c0002a50] kernel_init+0x14/0x124 [cf04df40] [c000ec40] ret_from_kernel_thread+0x5c/0x64 Signed-off-by: Kevin Hao <haokexin@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-12-30crypto: talitos - Remove redundant dev_set_drvdataSachin Kamat1-2/+0
Driver core sets it to NULL upon probe failure or release. Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-12-05crypto: talitos - fix locating offending descriptor in error pathHoria Geanta1-6/+15
Commit 3e721aeb3df3816e283ab18e327cd4652972e213 ("crypto: talitos - handle descriptor not found in error path") tried to address the fact that CDPR (Current Descriptor Pointer Register) is unreliable. As it turns out, there are still issues in the function detecting the offending descriptor: -only 32 bits of the descriptor address are read, however the address is 36-bit - since reset_channel() initializes channels with EAE (extended address) bit set -reading CDPR can return zero in cur_desc; when searching the channel fifo for this address, cur_desc == dma_desc (= 0) case might happen, leading to an oops when trying to return desc->hdr (desc is zero) -read channel's .tail only once; the tail is a moving target; use a local variable for the end of search condition Signed-off-by: Lei Xu <Lei.Xu@freescale.com> Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Tested-by: Kalyani Chowdhury <Kalyani.Chowdhury@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-11-28crypto: talitos - fix aead sglen for case 'dst != src'Horia Geanta1-24/+23
For aead case when source and destination buffers are different, there is an incorrect assumption that the source length includes the ICV length. Fix this, since it leads to an oops when using sg_count() to find the number of nents in the scatterlist: Unable to handle kernel paging request for data at address 0x00000004 Faulting instruction address: 0xf2265a28 Oops: Kernel access of bad area, sig: 11 [#1] SMP NR_CPUS=8 P2020 RDB Modules linked in: talitos(+) CPU: 1 PID: 2187 Comm: cryptomgr_test Not tainted 3.11.0 #12 task: c4e72e20 ti: ef634000 task.ti: ef634000 NIP: f2265a28 LR: f2266ad8 CTR: c000c900 REGS: ef635bb0 TRAP: 0300 Not tainted (3.11.0) MSR: 00029000 <CE,EE,ME> CR: 42042084 XER: 00000000 DEAR: 00000004, ESR: 00000000 GPR00: f2266e10 ef635c60 c4e72e20 00000001 00000014 ef635c69 00000001 c11f3082 GPR08: 00000010 00000000 00000002 2f635d58 22044084 00000000 00000000 c0755c80 GPR16: c4bf1000 ef784000 00000000 00000000 00000020 00000014 00000010 ef2f6100 GPR24: ef2f6200 00000024 ef143210 ef2f6000 00000000 ef635d58 00000000 2f635d58 NIP [f2265a28] sg_count+0x1c/0xb4 [talitos] LR [f2266ad8] talitos_edesc_alloc+0x12c/0x410 [talitos] Call Trace: [ef635c60] [c0552068] schedule_timeout+0x148/0x1ac (unreliable) [ef635cc0] [f2266e10] aead_edesc_alloc+0x54/0x64 [talitos] [ef635ce0] [f22680f0] aead_encrypt+0x24/0x70 [talitos] [ef635cf0] [c024b948] __test_aead+0x494/0xf68 [ef635e20] [c024d54c] test_aead+0x64/0xcc [ef635e40] [c024d604] alg_test_aead+0x50/0xc4 [ef635e60] [c024c838] alg_test+0x10c/0x2e4 [ef635ee0] [c0249d1c] cryptomgr_test+0x4c/0x54 [ef635ef0] [c005d598] kthread+0xa8/0xac [ef635f40] [c000e3bc] ret_from_kernel_thread+0x5c/0x64 Instruction dump: 81230024 552807fe 0f080000 5523003a 4bffff24 39000000 2c040000 99050000 408100a0 7c691b78 38c00001 38600000 <80e90004> 38630001 8109000c 70ea0002 ---[ end trace 4498123cd8478591 ]--- Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-11-28crypto: talitos - corrrectly handle zero-length assoc dataHoria Geanta1-5/+16
talitos does not handle well zero-length assoc data. From dmesg: talitos ffe30000.crypto: master data transfer error talitos ffe30000.crypto: gather return/length error Check whether assoc data is provided by inspecting assoclen, not assoc pointer. This is needed in order to pass testmgr tests. Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-11-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6Linus Torvalds1-27/+8
Pull crypto update from Herbert Xu: - Made x86 ablk_helper generic for ARM - Phase out chainiv in favour of eseqiv (affects IPsec) - Fixed aes-cbc IV corruption on s390 - Added constant-time crypto_memneq which replaces memcmp - Fixed aes-ctr in omap-aes - Added OMAP3 ROM RNG support - Add PRNG support for MSM SoC's - Add and use Job Ring API in caam - Misc fixes [ NOTE! This pull request was sent within the merge window, but Herbert has some questionable email sending setup that makes him public enemy #1 as far as gmail is concerned. So most of his emails seem to be trapped by gmail as spam, resulting in me not seeing them. - Linus ] * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (49 commits) crypto: s390 - Fix aes-cbc IV corruption crypto: omap-aes - Fix CTR mode counter length crypto: omap-sham - Add missing modalias padata: make the sequence counter an atomic_t crypto: caam - Modify the interface layers to use JR API's crypto: caam - Add API's to allocate/free Job Rings crypto: caam - Add Platform driver for Job Ring hwrng: msm - Add PRNG support for MSM SoC's ARM: DT: msm: Add Qualcomm's PRNG driver binding document crypto: skcipher - Use eseqiv even on UP machines crypto: talitos - Simplify key parsing crypto: picoxcell - Simplify and harden key parsing crypto: ixp4xx - Simplify and harden key parsing crypto: authencesn - Simplify key parsing crypto: authenc - Export key parsing helper function crypto: mv_cesa: remove deprecated IRQF_DISABLED hwrng: OMAP3 ROM Random Number Generator support crypto: sha256_ssse3 - also test for BMI2 crypto: mv_cesa - Remove redundant of_match_ptr crypto: sahara - Remove redundant of_match_ptr ...
2013-10-16crypto: talitos - Simplify key parsingMathias Krause1-27/+8
Use the common helper function crypto_authenc_extractkeys() for key parsing. Cc: Kim Phillips <kim.phillips@freescale.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: Mathias Krause <mathias.krause@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-10-10drivers: clean-up prom.h implicit includesRob Herring1-0/+2
Powerpc is a mess of implicit includes by prom.h. Add the necessary explicit includes to drivers in preparation of prom.h cleanup. Signed-off-by: Rob Herring <rob.herring@calxeda.com> Acked-by: Grant Likely <grant.likely@linaro.org>
2013-07-09crypto: talitos: use sg_pcopy_to_buffer()Akinobu Mita1-59/+1
Use sg_pcopy_to_buffer() which is better than the function previously used. Because it doesn't do kmap/kunmap for skipped pages. Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: "James E.J. Bottomley" <JBottomley@parallels.com> Cc: Douglas Gilbert <dgilbert@interlog.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Horia Geanta <horia.geanta@freescale.com> Cc: Imre Deak <imre.deak@intel.com> Cc: Tejun Heo <tj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-03-21Revert "crypto: talitos - add IPsec ESN support"Horia Geanta1-28/+2
This reverts commit e763eb699be723fb41af818118068c6b3afdaf8d. Current IPsec ESN implementation for authencesn(cbc(aes), hmac(sha)) (separate encryption and integrity algorithms) does not conform to RFC4303. ICV is generated by hashing the sequence SPI, SeqNum-High, SeqNum-Low, IV, Payload instead of SPI, SeqNum-Low, IV, Payload, SeqNum-High. Cc: <stable@vger.kernel.org> # 3.8, 3.7 Reported-by: Chaoxing Lin <Chaoxing.Lin@ultra-3eti.com> Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Reviewed-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2012-10-15crypto: talitos - convert to use be16_add_cpu()Wei Yongjun1-2/+1
Convert cpu_to_be16(be16_to_cpu(E1) + E2) to use be16_add_cpu(). dpatch engine is used to auto generate this patch. (https://github.com/weiyj/dpatch) Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2012-08-28crypto: talitos - add IPsec ESN supportHoria Geanta1-2/+28
Support for ESNs (extended sequence numbers). Tested with strongswan on a P2020RDB back-to-back setup. Extracted from /etc/ipsec.conf: esp=aes-sha1-esn-modp4096! Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2012-08-28crypto: talitos - support for assoc data provided as scatterlistHoria Geanta1-51/+125
Generate a link table in case assoc data is a scatterlist. While at it, add support for handling non-contiguous assoc data and iv. Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2012-08-28crypto: talitos - change type and name for [src|dst]_is_chainedHoria Geanta1-21/+20
It's more natural to think of these vars as bool rather than int. Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2012-08-28crypto: talitos - prune unneeded descriptor allocation paramHoria Geanta1-7/+6
talitos_edesc_alloc does not need hash_result param. Checking whether dst scatterlist is NULL or not is all that is required. Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>