kernel/linux.git/drivers/crypto/ccp, branch v5.15.7

crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()

2021-09-24T07:58:41+00:00

There are three bugs in this code: 1) If we ccp_init_data() fails for &src then we need to free aad. Use goto e_aad instead of goto e_ctx. 2) The label to free the &final_wa was named incorrectly as "e_tag" but it should have been "e_final_wa". One error path leaked &final_wa. 3) The &tag was leaked on one error path. In that case, I added a free before the goto because the resource was local to that block. Fixes: 36cf515b9bbe ("crypto: ccp - Enable support for AES GCM on v5 CCPs") Reported-by: "minihanshen(沈明航)" Signed-off-by: Dan Carpenter Reviewed-by: John Allen Tested-by: John Allen Signed-off-by: Herbert Xu

crypto: ccp - Add support for new CCP/PSP device ID

2021-08-27T08:30:18+00:00

Add a new CCP/PSP PCI device ID and corresponding entry in the dev_vdata struct. Signed-off-by: John Allen Signed-off-by: Herbert Xu

crypto: ccp - shutdown SEV firmware on kexec

2021-08-06T11:45:25+00:00

The commit 97f9ac3db6612 ("crypto: ccp - Add support for SEV-ES to the PSP driver") added support to allocate Trusted Memory Region (TMR) used during the SEV-ES firmware initialization. The TMR gets locked during the firmware initialization and unlocked during the shutdown. While the TMR is locked, access to it is disallowed. Currently, the CCP driver does not shutdown the firmware during the kexec reboot, leaving the TMR memory locked. Register a callback to shutdown the SEV firmware on the kexec boot. Fixes: 97f9ac3db6612 ("crypto: ccp - Add support for SEV-ES to the PSP driver") Reported-by: Lucas Nussbaum Tested-by: Lucas Nussbaum Cc: Cc: Tom Lendacky Cc: Joerg Roedel Cc: Herbert Xu Cc: David Rientjes Signed-off-by: Brijesh Singh Acked-by: Tom Lendacky Signed-off-by: Herbert Xu

crypto: ccp - Use list_move_tail instead of list_del/list_add_tail in ccp-dmaengine.c

2021-06-17T07:07:30+00:00

Using list_move_tail() instead of list_del() + list_add_tail() in ccp-dmaengine.c. Reported-by: Hulk Robot Signed-off-by: Baokun Li Signed-off-by: Herbert Xu

crypto: ccp: ccp-dev: Fix a little doc-rot

2021-05-28T07:11:45+00:00

Fixes the following W=1 kernel build warning(s): drivers/crypto/ccp/ccp-dev.c:476: warning: Function parameter or member 'sp' not described in 'ccp_alloc_struct' drivers/crypto/ccp/ccp-dev.c:476: warning: Excess function parameter 'dev' description in 'ccp_alloc_struct' drivers/crypto/ccp/ccp-dev.c:476: warning: Function parameter or member 'sp' not described in 'ccp_alloc_struct' drivers/crypto/ccp/ccp-dev.c:476: warning: Excess function parameter 'dev' description in 'ccp_alloc_struct' Cc: Tom Lendacky Cc: John Allen Cc: Herbert Xu Cc: "David S. Miller" Cc: Gary R Hook Cc: linux-crypto@vger.kernel.org Signed-off-by: Lee Jones Signed-off-by: Herbert Xu

crypto: ccp - Fix a resource leak in an error handling path

2021-05-23T00:52:41+00:00

If an error occurs after calling 'sp_get_irqs()', 'sp_free_irqs()' must be called as already done in the error handling path. Fixes: f4d18d656f88 ("crypto: ccp - Abstract interrupt registeration") Signed-off-by: Christophe JAILLET Acked-by: John Allen Signed-off-by: Herbert Xu

crypto: ccp - Annotate SEV Firmware file names

2021-05-14T11:07:55+00:00

Annotate the firmware files CCP might need using MODULE_FIRMWARE(). This will get them included into an initrd when CCP is also included there. Otherwise the CCP module will not find its firmware when loaded before the root-fs is mounted. This can cause problems when the pre-loaded SEV firmware is too old to support current SEV and SEV-ES virtualization features. Fixes: e93720606efd ("crypto: ccp - Allow SEV firmware to be chosen based on Family and Model") Cc: stable@vger.kernel.org # v4.20+ Acked-by: Tom Lendacky Signed-off-by: Joerg Roedel Signed-off-by: Herbert Xu

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

2021-05-01T17:14:08+00:00

Pull kvm updates from Paolo Bonzini: "This is a large update by KVM standards, including AMD PSP (Platform Security Processor, aka "AMD Secure Technology") and ARM CoreSight (debug and trace) changes. ARM: - CoreSight: Add support for ETE and TRBE - Stage-2 isolation for the host kernel when running in protected mode - Guest SVE support when running in nVHE mode - Force W^X hypervisor mappings in nVHE mode - ITS save/restore for guests using direct injection with GICv4.1 - nVHE panics now produce readable backtraces - Guest support for PTP using the ptp_kvm driver - Performance improvements in the S2 fault handler x86: - AMD PSP driver changes - Optimizations and cleanup of nested SVM code - AMD: Support for virtual SPEC_CTRL - Optimizations of the new MMU code: fast invalidation, zap under read lock, enable/disably dirty page logging under read lock - /dev/kvm API for AMD SEV live migration (guest API coming soon) - support SEV virtual machines sharing the same encryption context - support SGX in virtual machines - add a few more statistics - improved directed yield heuristics - Lots and lots of cleanups Generic: - Rework of MMU notifier interface, simplifying and optimizing the architecture-specific code - a handful of "Get rid of oprofile leftovers" patches - Some selftests improvements" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (379 commits) KVM: selftests: Speed up set_memory_region_test selftests: kvm: Fix the check of return value KVM: x86: Take advantage of kvm_arch_dy_has_pending_interrupt() KVM: SVM: Skip SEV cache flush if no ASIDs have been used KVM: SVM: Remove an unnecessary prototype declaration of sev_flush_asids() KVM: SVM: Drop redundant svm_sev_enabled() helper KVM: SVM: Move SEV VMCB tracking allocation to sev.c KVM: SVM: Explicitly check max SEV ASID during sev_hardware_setup() KVM: SVM: Unconditionally invoke sev_hardware_teardown() KVM: SVM: Enable SEV/SEV-ES functionality by default (when supported) KVM: SVM: Condition sev_enabled and sev_es_enabled on CONFIG_KVM_AMD_SEV=y KVM: SVM: Append "_enabled" to module-scoped SEV/SEV-ES control variables KVM: SEV: Mask CPUID[0x8000001F].eax according to supported features KVM: SVM: Move SEV module params/variables to sev.c KVM: SVM: Disable SEV/SEV-ES if NPT is disabled KVM: SVM: Free sev_asid_bitmap during init if SEV setup fails KVM: SVM: Zero out the VMCB array used to track SEV ASID association x86/sev: Drop redundant and potentially misleading 'sev_enabled' KVM: x86: Move reverse CPUID helpers to separate header file KVM: x86: Rename GPR accessors to make mode-aware variants the defaults ...

ccp: ccp - add support for Green Sardine

2021-04-22T07:31:31+00:00

Add a new PCI device entry for Green Sardine APU. Signed-off-by: Devaraj Rangasamy Tested-by: Babulu Ellune Signed-off-by: Rijo Thomas Signed-off-by: Herbert Xu

crypto: ccp - Make ccp_dev_suspend and ccp_dev_resume void functions

2021-04-22T07:31:31+00:00

Since ccp_dev_suspend() and ccp_dev_resume() only return 0 which causes ret to equal 0 in sp_suspend and sp_resume, making the if condition impossible to use. it might be a more appropriate fix to have these be void functions and eliminate the if condition in sp_suspend() and sp_resume(). Signed-off-by: Tian Tao Cc: Herbert Xu Cc: "David S. Miller" Cc: Tom Lendacky Acked-by: Tom Lendacky Acked-by: John Allen Signed-off-by: Herbert Xu