kernel/linux.git/drivers/crypto/caam, branch v4.17.1 Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v4.17.1 2018-03-30T17:33:12+00:00 crypto: caam/qi - don't leak pointers to authenc keys 2018-03-30T17:33:12+00:00 Tudor-Dan Ambarus tudor.ambarus@microchip.com 2018-03-23T10:42:19+00:00 urn:sha1:cc4ccaafcbddb88d661143c779af08d4ed8798ae In caam/qi's aead_setkey we save pointers to the authenc keys in a local variable of type struct crypto_authenc_keys and we don't zeroize it after use. Fix this and don't leak pointers to the authenc keys. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> crypto: caam - don't leak pointers to authenc keys 2018-03-30T17:33:11+00:00 Tudor-Dan Ambarus tudor.ambarus@microchip.com 2018-03-23T10:42:18+00:00 urn:sha1:61dab9726050b0ffa826f1b540e9518768914b76 In caam's aead_setkey we save pointers to the authenc keys in a local variable of type struct crypto_authenc_keys and we don't zeroize it after use. Fix this and don't leak pointers to the authenc keys. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> crypto: caam - do not use mem and emi_slow clock for imx7x 2018-03-02T16:03:40+00:00 Rui Miguel Silva rui.silva@linaro.org 2018-02-22T14:22:48+00:00 urn:sha1:699e491bac84a2069c7abeacf2f4367ecb19fa9c I.MX7x only use two clocks for the CAAM module, so make sure we do not try to use the mem and the emi_slow clock when running in that imx7d and imx7s machine type. Cc: "Horia Geantă" <horia.geanta@nxp.com> Cc: Aymen Sghaier <aymen.sghaier@nxp.com> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: Lukas Auer <lukas.auer@aisec.fraunhofer.de> Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> crypto: caam - Fix null dereference at error path 2018-03-02T16:03:39+00:00 Rui Miguel Silva rui.silva@linaro.org 2018-02-22T14:22:47+00:00 urn:sha1:b85149f6f5d5a9279f29a73b2e95342f4d465e73 caam_remove already removes the debugfs entry, so we need to remove the one immediately before calling caam_remove. This fix a NULL dereference at error paths is caam_probe fail. Fixes: 67c2315def06 ("crypto: caam - add Queue Interface (QI) backend support") Tested-by: Ryan Harkin <ryan.harkin@linaro.org> Cc: "Horia Geantă" <horia.geanta@nxp.com> Cc: Aymen Sghaier <aymen.sghaier@nxp.com> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: Lukas Auer <lukas.auer@aisec.fraunhofer.de> Cc: <stable@vger.kernel.org> # 4.12+ Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> crypto: caam/qi - add GCM support 2018-02-15T15:26:55+00:00 Horia Geantă horia.geanta@nxp.com 2018-01-29T08:38:37+00:00 urn:sha1:d3e41b50b46b5ee26793c9c28ccc2d3e45f4f9cc Add support for AES working in Galois Counter Mode. The following algorithms are added: gcm(aes) rfc4106(gcm(aes)) rfc4543(gcm(aes)) There is a limitation related to IV size, similar to the one present in SW implementation (crypto/gcm.c): The only IV size allowed is 12 bytes. It will be padded by HW to the right with 0x0000_0001 (up to 16 bytes - AES block size), according to the GCM specification. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> crypto: caam - prepare for gcm(aes) support over QI interface 2018-02-15T15:26:53+00:00 Horia Geantă horia.geanta@nxp.com 2018-01-29T08:38:36+00:00 urn:sha1:87ec3a0b1c2de80ffca532abb5d7acd18dc905e3 Update gcm(aes) descriptors (generic, rfc4106 and rfc4543) such that they would also work when submitted via the QI interface. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> crypto: caam/qi - return -EBADMSG for ICV check failure 2018-02-15T15:26:53+00:00 Horia Geantă horia.geanta@nxp.com 2018-01-29T08:38:35+00:00 urn:sha1:cb3078f35b16b5346a90317d2d4ce2a577429d8a Crypto drivers are expected to return -EBADMSG in case of ICV check (authentication) failure. In this case it also makes sense to suppress the error message in the QI dequeue callback. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> crypto: caam - fix endless loop when DECO acquire fails 2018-02-08T11:38:13+00:00 Horia Geantă horia.geanta@nxp.com 2018-02-05T09:15:52+00:00 urn:sha1:225ece3e7dad4cfc44cca38ce7a3a80f255ea8f1 In case DECO0 cannot be acquired - i.e. run_descriptor_deco0() fails with -ENODEV, caam_probe() enters an endless loop: run_descriptor_deco0 ret -ENODEV -> instantiate_rng -ENODEV, overwritten by -EAGAIN ret -EAGAIN -> caam_probe -EAGAIN results in endless loop It turns out the error path in instantiate_rng() is incorrect, the checks are done in the wrong order. Cc: <stable@vger.kernel.org> # 3.13+ Fixes: 1005bccd7a4a6 ("crypto: caam - enable instantiation of all RNG4 state handles") Reported-by: Bryan O'Donoghue <pure.logic@nexus-software.ie> Suggested-by: Auer Lukas <lukas.auer@aisec.fraunhofer.de> Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> crypto: caam - add Derived Key Protocol (DKP) support 2017-12-28T06:56:48+00:00 Horia Geantă horia.geanta@nxp.com 2017-12-19T10:16:07+00:00 urn:sha1:7e0880b9fbbe7d21e29347020bef0b7329cb0e9d Offload split key generation in CAAM engine, using DKP. DKP is supported starting with Era 6. Note that the way assoclen is transmitted from the job descriptor to the shared descriptor changes - DPOVRD register is used instead of MATH3 (where available), since DKP protocol thrashes the MATH registers. The replacement of MDHA split key generation with DKP has the side effect of the crypto engine writing the authentication key, and thus the DMA mapping direction for the buffer holding the key has to change from DMA_TO_DEVICE to DMA_BIDIRECTIONAL. There are two cases: -key is inlined in descriptor - descriptor buffer mapping changes -key is referenced - key buffer mapping changes Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> crypto: caam - save Era in driver's private data 2017-12-28T06:56:47+00:00 Horia Geantă horia.geanta@nxp.com 2017-12-19T10:16:06+00:00 urn:sha1:9fe712df08ea805868789bb6800f2226f5fd5285 Save Era in driver's private data for further usage, like deciding whether an erratum applies or a feature is available based on its value. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>