GitHub/moto-9609/android_kernel_motorola_exynos9610.git
9 years agocrypto: blkcipher - Include crypto/aead.h
Herbert Xu [Mon, 11 May 2015 09:47:49 +0000 (17:47 +0800)]
crypto: blkcipher - Include crypto/aead.h

All users of AEAD should include crypto/aead.h instead of
include/linux/crypto.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - Include internal/aead.h
Herbert Xu [Mon, 11 May 2015 09:47:48 +0000 (17:47 +0800)]
crypto: talitos - Include internal/aead.h

All AEAD implementations must include internal/aead.h in order
to access required helpers.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: qat - Include internal/aead.h
Herbert Xu [Mon, 11 May 2015 09:47:46 +0000 (17:47 +0800)]
crypto: qat - Include internal/aead.h

All AEAD implementations must include internal/aead.h in order
to access required helpers.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: nx - Include internal/aead.h
Herbert Xu [Mon, 11 May 2015 09:47:45 +0000 (17:47 +0800)]
crypto: nx - Include internal/aead.h

All AEAD implementations must include internal/aead.h in order
to access required helpers.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: ixp4xx - Include internal/aead.h
Herbert Xu [Mon, 11 May 2015 09:47:44 +0000 (17:47 +0800)]
crypto: ixp4xx - Include internal/aead.h

All AEAD implementations must include internal/aead.h in order
to access required helpers.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: caam - Include internal/aead.h
Herbert Xu [Mon, 11 May 2015 09:47:43 +0000 (17:47 +0800)]
crypto: caam - Include internal/aead.h

All AEAD implementations must include internal/aead.h in order
to access required helpers.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: authencesn - Include internal/aead.h
Herbert Xu [Mon, 11 May 2015 09:47:42 +0000 (17:47 +0800)]
crypto: authencesn - Include internal/aead.h

All AEAD implementations must include internal/aead.h in order
to access required helpers.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: authenc - Include internal/aead.h
Herbert Xu [Mon, 11 May 2015 09:47:41 +0000 (17:47 +0800)]
crypto: authenc - Include internal/aead.h

All AEAD implementations must include internal/aead.h in order
to access required helpers.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: api - Add crypto_grab_spawn primitive
Herbert Xu [Mon, 11 May 2015 09:47:39 +0000 (17:47 +0800)]
crypto: api - Add crypto_grab_spawn primitive

This patch adds a new primitive crypto_grab_spawn which is meant
to replace crypto_init_spawn and crypto_init_spawn2.  Under the
new scheme the user no longer has to worry about reference counting
the alg object before it is subsumed by the spawn.

It is pretty much an exact copy of crypto_grab_aead.

Prior to calling this function spawn->frontend and spawn->inst
must have been set.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: arm/aes - streamline AES-192 code path
Ard Biesheuvel [Fri, 8 May 2015 08:46:22 +0000 (10:46 +0200)]
crypto: arm/aes - streamline AES-192 code path

This trims off a couple of instructions of the total size of the
core AES transform by reordering the final branch in the AES-192
code path with the rounds that are performed regardless of whether
the branch is taken or not. Other than the slight size reduction,
this has no performance benefit.

Fix up a comment regarding the prototype of this function while
we're at it.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: arm/sha512 - accelerated SHA-512 using ARM generic ASM and NEON
Ard Biesheuvel [Fri, 8 May 2015 08:46:21 +0000 (10:46 +0200)]
crypto: arm/sha512 - accelerated SHA-512 using ARM generic ASM and NEON

This replaces the SHA-512 NEON module with the faster and more
versatile implementation from the OpenSSL project. It consists
of both a NEON and a generic ASM version of the core SHA-512
transform, where the NEON version reverts to the ASM version
when invoked in non-process context.

This patch is based on the OpenSSL upstream version b1a5d1c65208
of sha512-armv4.pl, which can be found here:

  https://git.openssl.org/gitweb/?p=openssl.git;h=b1a5d1c65208

Performance relative to the generic implementation (measured
using tcrypt.ko mode=306 sec=1 running on a Cortex-A57 under
KVM):

  input size block size asm neon old neon

  16 16 1.39 2.54 2.21
  64 16 1.32 2.33 2.09
  64 64 1.38 2.53 2.19
  256 16 1.31 2.28 2.06
  256 64 1.38 2.54 2.25
  256 256 1.40 2.77 2.39
  1024 16 1.29 2.22 2.01
  1024 256 1.40 2.82 2.45
  1024 1024 1.41 2.93 2.53
  2048 16 1.33 2.21 2.00
  2048 256 1.40 2.84 2.46
  2048 1024 1.41 2.96 2.55
  2048 2048 1.41 2.98 2.56
  4096 16 1.34 2.20 1.99
  4096 256 1.40 2.84 2.46
  4096 1024 1.41 2.97 2.56
  4096 4096 1.41 3.01 2.58
  8192 16 1.34 2.19 1.99
  8192 256 1.40 2.85 2.47
  8192 1024 1.41 2.98 2.56
  8192 4096 1.41 2.71 2.59
  8192 8192 1.51 3.51 2.69

Acked-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: qat - add driver version
Allan, Bruce W [Fri, 8 May 2015 00:00:42 +0000 (17:00 -0700)]
crypto: qat - add driver version

Signed-off-by: Bruce Allan <bruce.w.allan@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: nx - add hardware 842 crypto comp alg
Dan Streetman [Thu, 7 May 2015 17:49:21 +0000 (13:49 -0400)]
crypto: nx - add hardware 842 crypto comp alg

Add crypto compression alg for 842 hardware compression and decompression,
using the alg name "842" and driver_name "842-nx".

This uses only the PowerPC coprocessor hardware for 842 compression.  It
also uses the hardware for decompression, but if the hardware fails it will
fall back to the 842 software decompression library, so that decompression
never fails (for valid 842 compressed buffers).  A header must be used in
most cases, due to the hardware's restrictions on the buffers being
specifically aligned and sized.

Due to the header this driver adds, compressed buffers it creates cannot be
directly passed to the 842 software library for decompression.  However,
compressed buffers created by the software 842 library can be passed to
this driver for hardware 842 decompression (with the exception of buffers
containing the "short data" template, as lib/842/842.h explains).

Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: nx - simplify pSeries nx842 driver
Dan Streetman [Thu, 7 May 2015 17:49:20 +0000 (13:49 -0400)]
crypto: nx - simplify pSeries nx842 driver

Simplify the pSeries NX-842 driver: do not expect incoming buffers to be
exactly page-sized; do not break up input buffers to compress smaller
blocks; do not use any internal headers in the compressed data blocks;
remove the software decompression implementation; implement the pSeries
nx842_constraints.

This changes the pSeries NX-842 driver to perform constraints-based
compression so that it only needs to compress one entire input block at a
time.  This removes the need for it to split input data blocks into
multiple compressed data sections in the output buffer, and removes the
need for any extra header info in the compressed data; all that is moved
(in a later patch) into the main crypto 842 driver.  Additionally, the
842 software decompression implementation is no longer needed here, as
the crypto 842 driver will use the generic software 842 decompression
function as a fallback if any hardware 842 driver fails.

Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: nx - add PowerNV platform NX-842 driver
Dan Streetman [Thu, 7 May 2015 17:49:19 +0000 (13:49 -0400)]
crypto: nx - add PowerNV platform NX-842 driver

Add driver for NX-842 hardware on the PowerNV platform.

This allows the use of the 842 compression hardware coprocessor on
the PowerNV platform.

Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: nx - add nx842 constraints
Dan Streetman [Thu, 7 May 2015 17:49:18 +0000 (13:49 -0400)]
crypto: nx - add nx842 constraints

Add "constraints" for the NX-842 driver.  The constraints are used to
indicate what the current NX-842 platform driver is capable of.  The
constraints tell the NX-842 user what alignment, min and max length, and
length multiple each provided buffers should conform to.  These are
required because the 842 hardware requires buffers to meet specific
constraints that vary based on platform - for example, the pSeries
max length is much lower than the PowerNV max length.

Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: nx - add NX-842 platform frontend driver
Dan Streetman [Thu, 7 May 2015 17:49:17 +0000 (13:49 -0400)]
crypto: nx - add NX-842 platform frontend driver

Add NX-842 frontend that allows using either the pSeries platform or
PowerNV platform driver (to be added by later patch) for the NX-842
hardware.  Update the MAINTAINERS file to include the new filenames.
Update Kconfig files to clarify titles and descriptions, and correct
dependencies.

Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: nx - rename nx-842.c to nx-842-pseries.c
Dan Streetman [Thu, 7 May 2015 17:49:16 +0000 (13:49 -0400)]
crypto: nx - rename nx-842.c to nx-842-pseries.c

Move the entire NX-842 driver for the pSeries platform from the file
nx-842.c to nx-842-pseries.c.  This is required by later patches that
add NX-842 support for the PowerNV platform.

This patch does not alter the content of the pSeries NX-842 driver at
all, it only changes the filename.

Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: 842 - change 842 alg to use software
Dan Streetman [Thu, 7 May 2015 17:49:15 +0000 (13:49 -0400)]
crypto: 842 - change 842 alg to use software

Change the crypto 842 compression alg to use the software 842 compression
and decompression library.  Add the crypto driver_name as "842-generic".
Remove the fallback to LZO compression.

Previously, this crypto compression alg attemped 842 compression using
PowerPC hardware, and fell back to LZO compression and decompression if
the 842 PowerPC hardware was unavailable or failed.  This should not
fall back to any other compression method, however; users of this crypto
compression alg can fallback if desired, and transparent fallback tricks
callers into thinking they are getting 842 compression when they actually
get LZO compression - the failure of the 842 hardware should not be
transparent to the caller.

The crypto compression alg for a hardware device also should not be located
in crypto/ so this is now a software-only implementation that uses the 842
software compression/decompression library.

Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agolib: add software 842 compression/decompression
Dan Streetman [Thu, 7 May 2015 17:49:14 +0000 (13:49 -0400)]
lib: add software 842 compression/decompression

Add 842-format software compression and decompression functions.
Update the MAINTAINERS 842 section to include the new files.

The 842 compression function can compress any input data into the 842
compression format.  The 842 decompression function can decompress any
standard-format 842 compressed data - specifically, either a compressed
data buffer created by the 842 software compression function, or a
compressed data buffer created by the 842 hardware compressor (located
in PowerPC coprocessors).

The 842 compressed data format is explained in the header comments.

This is used in a later patch to provide a full software 842 compression
and decompression crypto interface.

Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agopowerpc: Add ICSWX instruction
Dan Streetman [Thu, 7 May 2015 17:49:13 +0000 (13:49 -0400)]
powerpc: Add ICSWX instruction

Add the asm ICSWX and ICSWEPX opcodes.  Add definitions for the
Coprocessor Request structures needed to use the icswx calls to
coprocessors.  Add icswx() function to perform the ICSWX asm
using the provided Coprocessor Command Word value and
Coprocessor Request Block structure.

This is required for communication with the NX-842 coprocessor on
a PowerNV system.

Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agopowerpc: export of_get_ibm_chip_id function
Dan Streetman [Thu, 7 May 2015 17:49:12 +0000 (13:49 -0400)]
powerpc: export of_get_ibm_chip_id function

Export the of_get_ibm_chip_id() function.  This will be used by the
PowerNV NX-842 driver.

Signed-off-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: testmgr - add test cases for CRC32
Ard Biesheuvel [Mon, 4 May 2015 09:00:17 +0000 (11:00 +0200)]
crypto: testmgr - add test cases for CRC32

This adds a couple of test cases for CRC32 (not CRC32c) to
ensure that the generic and arch specific implementations
are in sync.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Steve Capper <steve.capper@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: testmgr - Wrap the LHS in expressions of the form !x == y
David Howells [Tue, 28 Apr 2015 14:36:36 +0000 (15:36 +0100)]
crypto: testmgr - Wrap the LHS in expressions of the form !x == y

In the test manager, there are a number of if-statements with expressions of
the form !x == y that incur warnings with gcc-5 of the following form:

../crypto/testmgr.c: In function '__test_aead':
../crypto/testmgr.c:523:12: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
   if (!ret == template[i].fail) {
            ^

By converting the 'fail' member of struct aead_testvec and struct
cipher_testvec to a bool, we can get rid of the warnings.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: pcomp - Constify (de)compression parameters
David Howells [Tue, 28 Apr 2015 14:36:30 +0000 (15:36 +0100)]
crypto: pcomp - Constify (de)compression parameters

In testmgr, struct pcomp_testvec takes a non-const 'params' field, which is
pointed to a const deflate_comp_params or deflate_decomp_params object.  With
gcc-5 this incurs the following warnings:

In file included from ../crypto/testmgr.c:44:0:
../crypto/testmgr.h:28736:13: warning: initialization discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
   .params = &deflate_comp_params,
             ^
../crypto/testmgr.h:28748:13: warning: initialization discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
   .params = &deflate_comp_params,
             ^
../crypto/testmgr.h:28776:13: warning: initialization discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
   .params = &deflate_decomp_params,
             ^
../crypto/testmgr.h:28800:13: warning: initialization discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
   .params = &deflate_decomp_params,
             ^

Fix this by making the parameters pointer const and constifying the things
that use it.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: qat - do not duplicate string containing firmware name
Allan, Bruce W [Mon, 27 Apr 2015 20:58:27 +0000 (13:58 -0700)]
crypto: qat - do not duplicate string containing firmware name

Use ADF_DH895XCC_FW instead of duplicating the string "qat_895xcc.bin"
when referring to the DH895xCC firmware.

Signed-off-by: Bruce Allan <bruce.w.allan@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: nx - Fixing SHA update bug
Leonidas Da Silva Barbosa [Thu, 23 Apr 2015 20:41:43 +0000 (17:41 -0300)]
crypto: nx - Fixing SHA update bug

Bug happens when a data size less than SHA block size is passed.
Since first attempt will be saved in buffer, second round attempt
get into two step to calculate op.inlen and op.outlen. The issue
resides in this step. A  wrong value of op.inlen and outlen was being
calculated.

This patch fix this eliminate the nx_sha_build_sg_list, that is
useless in SHA's algorithm context. Instead we call nx_build_sg_list
directly and pass a previous calculated max_sg_len to it.

Signed-off-by: Leonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: nx - Fixing NX data alignment with nx_sg list
Leonidas Da Silva Barbosa [Thu, 23 Apr 2015 20:40:30 +0000 (17:40 -0300)]
crypto: nx - Fixing NX data alignment with nx_sg list

In NX we need to pass always a 16 multiple size nx_sg_list to
co processor. Trim function handle with this assuring all nx_sg_lists
are 16 multiple size, although data was not being considerated when
crop was done. It was causing an unalignment between size of the list
and data, corrupting csbcpb fields returning a -23 H_ST_PARM error, or
invalid operation.

This patch fix this recalculating how much data should be put back
in to_process variable what assures the size of sg_list will be
correct with size of the data.

Signed-off-by: Leonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: sha1-mb - Remove pointless cast
firo yang [Thu, 23 Apr 2015 10:12:10 +0000 (18:12 +0800)]
crypto: sha1-mb - Remove pointless cast

Since kzalloc() returns a void pointer, we don't need to cast the
return value in arch/x86/crypto/sha-mb/sha1_mb.c::sha1_mb_mod_init().

Signed-off-by: Firo Yang <firogm@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: aead - Fix corner case in crypto_lookup_aead
Herbert Xu [Thu, 23 Apr 2015 08:37:46 +0000 (16:37 +0800)]
crypto: aead - Fix corner case in crypto_lookup_aead

When the user explicitly states that they don't care whether the
algorithm has been tested (type = CRYPTO_ALG_TESTED and mask = 0),
there is a corner case where we may erroneously return ENOENT.

This patch fixes it by correcting the logic in the test.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: skcipher - Fix corner case in crypto_lookup_skcipher
Herbert Xu [Thu, 23 Apr 2015 08:34:47 +0000 (16:34 +0800)]
crypto: skcipher - Fix corner case in crypto_lookup_skcipher

When the user explicitly states that they don't care whether the
algorithm has been tested (type = CRYPTO_ALG_TESTED and mask = 0),
there is a corner case where we may erroneously return ENOENT.

This patch fixes it by correcting the logic in the test.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: api - Fix build error when modules are disabled
Herbert Xu [Thu, 23 Apr 2015 06:48:05 +0000 (14:48 +0800)]
crypto: api - Fix build error when modules are disabled

The commit 59afdc7b32143528524455039e7557a46b60e4c8 ("crypto:
api - Move module sig ifdef into accessor function") broke the
build when modules are completely disabled because we directly
dereference module->name.

This patch fixes this by using the accessor function module_name.

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agomac802154: Include crypto/aead.h
Herbert Xu [Wed, 22 Apr 2015 07:06:33 +0000 (15:06 +0800)]
mac802154: Include crypto/aead.h

All users of AEAD should include crypto/aead.h instead of
include/linux/crypto.h.

This patch also removes a bogus inclusion of algapi.h which should
only be used by algorithm/driver implementors and not crypto users.

Instead linux/crypto.h is added which is necessary because mac802154
also uses blkcipher in addition to aead.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>
9 years agomac80211: Include crypto/aead.h
Herbert Xu [Wed, 22 Apr 2015 07:06:32 +0000 (15:06 +0800)]
mac80211: Include crypto/aead.h

All users of AEAD should include crypto/aead.h instead of
include/linux/crypto.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>
9 years agocrypto: testmgr - Include crypto/aead.h
Herbert Xu [Wed, 22 Apr 2015 07:06:31 +0000 (15:06 +0800)]
crypto: testmgr - Include crypto/aead.h

All users of AEAD should include crypto/aead.h instead of
include/linux/crypto.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>
9 years agocrypto: tcrypt - Include crypto/aead.h
Herbert Xu [Wed, 22 Apr 2015 07:06:30 +0000 (15:06 +0800)]
crypto: tcrypt - Include crypto/aead.h

All users of AEAD should include crypto/aead.h instead of
include/linux/crypto.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>
9 years agocrypto: algif_aead - Include crypto/aead.h
Herbert Xu [Wed, 22 Apr 2015 07:06:28 +0000 (15:06 +0800)]
crypto: algif_aead - Include crypto/aead.h

All users of AEAD should include crypto/aead.h instead of
include/linux/crypto.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>
9 years agocrypto: arm64/aes-ce-ccm - Include crypto/internal/aead.h
Herbert Xu [Wed, 22 Apr 2015 07:06:27 +0000 (15:06 +0800)]
crypto: arm64/aes-ce-ccm - Include crypto/internal/aead.h

All implementers of AEAD should include crypto/internal/aead.h
instead of include/linux/crypto.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>
9 years agocrypto: api - Remove linux/fips.h from internal.h
Herbert Xu [Wed, 22 Apr 2015 05:25:59 +0000 (13:25 +0800)]
crypto: api - Remove linux/fips.h from internal.h

Now that all fips_enabled users are including linux/fips.h directly
instead of getting it through internal.h, we can remove the fips.h
inclusions from internal.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: testmgr - Include linux/fips.h for fips_enabled
Herbert Xu [Wed, 22 Apr 2015 05:25:58 +0000 (13:25 +0800)]
crypto: testmgr - Include linux/fips.h for fips_enabled

All users of fips_enabled should include linux/fips.h directly
instead of getting it through internal.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: tcrypt - Include linux/fips.h for fips_enabled
Herbert Xu [Wed, 22 Apr 2015 05:25:57 +0000 (13:25 +0800)]
crypto: tcrypt - Include linux/fips.h for fips_enabled

All users of fips_enabled should include linux/fips.h directly
instead of getting it through internal.h which is reserved for
internal crypto API implementors.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: fips - Move fips_enabled sysctl into fips.c
Herbert Xu [Wed, 22 Apr 2015 05:25:56 +0000 (13:25 +0800)]
crypto: fips - Move fips_enabled sysctl into fips.c

There is currently a large ifdef FIPS code section in proc.c.
Ostensibly it's there because the fips_enabled sysctl sits under
/proc/sys/crypto.  However, no other crypto sysctls exist.

In fact, the whole ethos of the crypto API is against such user
interfaces so this patch moves all the FIPS sysctl code over to
fips.c.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: fips - Remove bogus inclusion of internal.h
Herbert Xu [Wed, 22 Apr 2015 05:25:54 +0000 (13:25 +0800)]
crypto: fips - Remove bogus inclusion of internal.h

The header file internal.h is only meant for internal crypto API
implementors such as rng.c.  So fips has no business in including
it.

This patch removes that inclusions and instead adds inclusions of
the actual features used by fips.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: api - Include linux/fips.h
Herbert Xu [Wed, 22 Apr 2015 05:25:53 +0000 (13:25 +0800)]
crypto: api - Include linux/fips.h

All users of fips_enabled should include linux/fips.h directly
instead of getting it through internal.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: caam - Remove bogus references to crypto API internals
Herbert Xu [Wed, 22 Apr 2015 03:56:34 +0000 (11:56 +0800)]
crypto: caam - Remove bogus references to crypto API internals

The caam driver includes algorithm types that it doesn't even
use, such as struct rng_alg which has recently been moved to an
internal header file and consequently broke the build of caam.

This patch removes these bogus references.

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: drbg - Remove FIPS ifdef from drbg_healthcheck_sanity
Herbert Xu [Wed, 22 Apr 2015 03:42:35 +0000 (11:42 +0800)]
crypto: drbg - Remove FIPS ifdef from drbg_healthcheck_sanity

This patch removes the unnecessary CRYPTO_FIPS ifdef from
drbg_healthcheck_sanity so that the code always gets checked
by the compiler.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Stephan Mueller <smueller@chronox.de>
9 years agocrypto: api - Move module sig ifdef into accessor function
Herbert Xu [Wed, 22 Apr 2015 03:28:46 +0000 (11:28 +0800)]
crypto: api - Move module sig ifdef into accessor function

Currently we're hiding mod->sig_ok under an ifdef in open code.
This patch adds a module_sig_ok accessor function and removes that
ifdef.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Rusty Russell <rusty@rustcorp.com.au>
9 years agocrypto: tcrypt - Handle async return from crypto_ahash_init
Herbert Xu [Wed, 22 Apr 2015 03:02:27 +0000 (11:02 +0800)]
crypto: tcrypt - Handle async return from crypto_ahash_init

The function crypto_ahash_init can also be asynchronous just
like update and final.  So all callers must be able to handle
an async return.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: rng - Zero seed in crypto_rng_reset
Herbert Xu [Tue, 21 Apr 2015 02:46:49 +0000 (10:46 +0800)]
crypto: rng - Zero seed in crypto_rng_reset

If we allocate a seed on behalf ot the user in crypto_rng_reset,
we must ensure that it is zeroed afterwards or the RNG may be
compromised.

Reported-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: algif_rng - Remove obsolete const-removal cast
Herbert Xu [Tue, 21 Apr 2015 02:46:47 +0000 (10:46 +0800)]
crypto: algif_rng - Remove obsolete const-removal cast

Now that crypto_rng_reset takes a const argument, we no longer
need to cast away the const qualifier.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: rng - Remove old low-level rng interface
Herbert Xu [Tue, 21 Apr 2015 02:46:46 +0000 (10:46 +0800)]
crypto: rng - Remove old low-level rng interface

Now that all rng implementations have switched over to the new
interface, we can remove the old low-level interface.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: krng - Convert to new rng interface
Herbert Xu [Tue, 21 Apr 2015 02:46:45 +0000 (10:46 +0800)]
crypto: krng - Convert to new rng interface

This patch ocnverts the KRNG implementation to the new low-level
rng interface.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: ansi_cprng - Convert to new rng interface
Herbert Xu [Tue, 21 Apr 2015 02:46:44 +0000 (10:46 +0800)]
crypto: ansi_cprng - Convert to new rng interface

This patch ocnverts the ANSI CPRNG implementation to the new
low-level rng interface.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
9 years agocrypto: ansi_cprng - Remove bogus inclusion of internal.h
Herbert Xu [Tue, 21 Apr 2015 02:46:43 +0000 (10:46 +0800)]
crypto: ansi_cprng - Remove bogus inclusion of internal.h

The file internal.h is only meant to be used by internel API
implementation and not algorithm implementations.  In fact it
isn't even needed here so this patch removes it.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
9 years agocrypto: drbg - Convert to new rng interface
Herbert Xu [Tue, 21 Apr 2015 02:46:41 +0000 (10:46 +0800)]
crypto: drbg - Convert to new rng interface

This patch converts the DRBG implementation to the new low-level
rng interface.

This allows us to get rid of struct drbg_gen by using the new RNG
API instead.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Stephan Mueller <smueller@chronox.de>
9 years agocrypto: rng - Add multiple algorithm registration interface
Herbert Xu [Tue, 21 Apr 2015 02:46:40 +0000 (10:46 +0800)]
crypto: rng - Add multiple algorithm registration interface

This patch adds the helpers that allow the registration and removal
of multiple RNG algorithms.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: rng - Add crypto_rng_set_entropy
Herbert Xu [Tue, 21 Apr 2015 02:46:39 +0000 (10:46 +0800)]
crypto: rng - Add crypto_rng_set_entropy

This patch adds the function crypto_rng_set_entropy.  It is only
meant to be used by testmgr when testing RNG implementations by
providing fixed entropy data in order to verify test vectors.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: rng - Convert low-level crypto_rng to new style
Herbert Xu [Tue, 21 Apr 2015 02:46:38 +0000 (10:46 +0800)]
crypto: rng - Convert low-level crypto_rng to new style

This patch converts the low-level crypto_rng interface to the
"new" style.

This allows existing implementations to be converted over one-
by-one.  Once that is complete we can then remove the old rng
interface.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: rng - Mark crypto_rng_reset seed as const
Herbert Xu [Tue, 21 Apr 2015 02:46:37 +0000 (10:46 +0800)]
crypto: rng - Mark crypto_rng_reset seed as const

There is no reason why crypto_rng_reset should modify the seed
so this patch marks it as const.  Since our algorithms don't
export a const seed function yet we have to go through some
contortions for now.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: rng - Introduce crypto_rng_generate
Herbert Xu [Mon, 20 Apr 2015 05:39:04 +0000 (13:39 +0800)]
crypto: rng - Introduce crypto_rng_generate

This patch adds the new top-level function crypto_rng_generate
which generates random numbers with additional input.  It also
extends the mid-level rng_gen_random function to take additional
data as input.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: rng - Convert crypto_rng to new style crypto_type
Herbert Xu [Mon, 20 Apr 2015 05:39:03 +0000 (13:39 +0800)]
crypto: rng - Convert crypto_rng to new style crypto_type

This patch converts the top-level crypto_rng to the "new" style.
It was the last algorithm type added before we switched over
to the new way of doing things exemplified by shash.

All users will automatically switch over to the new interface.

Note that this patch does not touch the low-level interface to
rng implementations.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: pcomp - Use crypto_alg_extsize helper
Herbert Xu [Mon, 20 Apr 2015 05:39:02 +0000 (13:39 +0800)]
crypto: pcomp - Use crypto_alg_extsize helper

This patch replaces crypto_pcomp_extsize function with
crypto_alg_extsize.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: shash - Use crypto_alg_extsize helper
Herbert Xu [Mon, 20 Apr 2015 05:39:01 +0000 (13:39 +0800)]
crypto: shash - Use crypto_alg_extsize helper

This patch replaces crypto_shash_extsize function with
crypto_alg_extsize.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: api - Add crypto_alg_extsize helper
Herbert Xu [Mon, 20 Apr 2015 05:39:00 +0000 (13:39 +0800)]
crypto: api - Add crypto_alg_extsize helper

This patch adds a crypto_alg_extsize helper that can be used
by algorithm types such as pcompress and shash.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: drbg - Do not seed RNG in drbg_kcapi_init
Herbert Xu [Mon, 20 Apr 2015 03:29:15 +0000 (11:29 +0800)]
crypto: drbg - Do not seed RNG in drbg_kcapi_init

Initialising the RNG in drbg_kcapi_init is a waste of precious
entropy because all users will immediately seed the RNG after
the allocation.

In fact, all users should seed the RNG before using it.  So there
is no point in doing the seeding in drbg_kcapi_init.

This patch removes the initial seeding and the user must seed
the RNG explicitly (as they all currently do).

This patch also changes drbg_kcapi_reset to allow reseeding.
That is, if you call it after a successful initial seeding, then
it will not reset the internal state of the DRBG before mixing
the new input and entropy.

If you still wish to reset the internal state, you can always
free the DRBG and allocate a new one.

Finally this patch removes locking from drbg_uninstantiate because
it's now only called from the destruction path which must not be
executed in parallel with normal operations.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Stephan Mueller <smueller@chronox.de>
9 years agocrypto: drbg - Initialise mutex in drbg_healthcheck_sanity
Herbert Xu [Mon, 20 Apr 2015 03:26:48 +0000 (11:26 +0800)]
crypto: drbg - Initialise mutex in drbg_healthcheck_sanity

As we moved the mutex init out of drbg_instantiate and into cra_init
we need to explicitly initialise the mutex in drbg_healthcheck_sanity.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Stephan Mueller <smueller@chronox.de>
9 years agocrypto: drbg - leave cipher handles operational
Stephan Mueller [Sat, 18 Apr 2015 17:37:00 +0000 (19:37 +0200)]
crypto: drbg - leave cipher handles operational

As the DRBG does not operate on shadow copies of the DRBG instance
any more, the cipher handles only need to be allocated once during
initalization time and deallocated during uninstantiate time.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: drbg - replace spinlock with mutex
Stephan Mueller [Sat, 18 Apr 2015 17:36:17 +0000 (19:36 +0200)]
crypto: drbg - replace spinlock with mutex

The creation of a shadow copy is intended to only hold a short term
lock. But the drawback is that parallel users have a very similar DRBG
state which only differs by a high-resolution time stamp.

The DRBG will now hold a long term lock. Therefore, the lock is changed
to a mutex which implies that the DRBG can only be used in process
context.

The lock now guards the instantiation as well as the entire DRBG
generation operation. Therefore, multiple callers are fully serialized
when generating a random number.

As the locking is changed to use a long-term lock to avoid such similar
DRBG states, the entire creation and maintenance of a shadow copy can be
removed.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: drbg - fix drbg_generate return val check
Stephan Mueller [Sat, 18 Apr 2015 17:35:45 +0000 (19:35 +0200)]
crypto: drbg - fix drbg_generate return val check

The drbg_generate returns 0 in success case. That means that
drbg_generate_long will always only generate drbg_max_request_bytes at
most. Longer requests will be truncated to drbg_max_request_bytes.

Reported-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - Update DT bindings with SEC1
LEROY Christophe [Fri, 17 Apr 2015 14:32:22 +0000 (16:32 +0200)]
crypto: talitos - Update DT bindings with SEC1

This patch updates the documentation by including SEC1 into SEC2/3 doc

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - Add fsl,sec1.0 compatible
LEROY Christophe [Fri, 17 Apr 2015 14:32:20 +0000 (16:32 +0200)]
crypto: talitos - Add fsl,sec1.0 compatible

We add a specific compatible for SEC1, to handle the differences
between SEC1 and SEC2+

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - SEC1 bugs on 0 data hash
LEROY Christophe [Fri, 17 Apr 2015 14:32:18 +0000 (16:32 +0200)]
crypto: talitos - SEC1 bugs on 0 data hash

SEC1 bugs on 0 data hash, so we submit an already padded block representing 0 data

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - implement scatter/gather copy for SEC1
LEROY Christophe [Fri, 17 Apr 2015 14:32:15 +0000 (16:32 +0200)]
crypto: talitos - implement scatter/gather copy for SEC1

SEC1 doesn't support scatter/gather, SEC1 doesn't handle link tables.
Therefore, for SEC1 we have to do it by SW. For that, we reserve
space at the end of the extended descriptor, in lieu of the space
reserved for the link tables on SEC2, and we perform sg_copy() when
preparing the descriptors

We also adapt the max buffer size which is only 32k on SEC1 while it
is 64k on SEC2+

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - adapt interrupts and reset functions to SEC1
LEROY Christophe [Fri, 17 Apr 2015 14:32:13 +0000 (16:32 +0200)]
crypto: talitos - adapt interrupts and reset functions to SEC1

This patch adapts the interrupts handling and reset function for
SEC1. On SEC1, registers are almost similar to SEC2+, but bits
are sometimes located at different places. So we need to define
TALITOS1 and TALITOS2 versions of some fields, and manage according
to whether it is SEC1 or SEC2.

On SEC1, only one interrupt vector is dedicated to the SEC, so only
interrupt_4ch is needed.

On SEC1, interrupts are enabled by clearing related bits in IMR,
while on SEC2, interrupts are enabled by seting the bits in IMR.

SEC1 also performs parity verification in the DES Unit. We have
to disable this feature because the test vectors provided in
the kernel have parity errors.

In reset functions, only SEC2 supports continuation after error.
For SEC1, we have to reset in all cases.

For errors handling, SEC2+ names have been kept, but displayed
text have been amended to reflect exact meaning on SEC1.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - base address for Execution Units
LEROY Christophe [Fri, 17 Apr 2015 14:32:11 +0000 (16:32 +0200)]
crypto: talitos - base address for Execution Units

SEC 1.0, 1.2 and 2.x+ have different EU base addresses, so we need to
define pointers for each EU in the driver private data structure.
The proper address is set by the probe function depending on the
SEC type, in order to provide access to the proper address.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - adaptation of talitos_submit() for SEC1
LEROY Christophe [Fri, 17 Apr 2015 14:32:09 +0000 (16:32 +0200)]
crypto: talitos - adaptation of talitos_submit() for SEC1

SEC1 descriptor is a bit different to SEC2+ descriptor.
talitos_submit() will have to copy hdr field into hdr1 field and
send the descriptor starting at hdr1 up to next_desc.
For SEC2, it remains unchanged and next_desc is just ignored.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - fill in talitos descriptor iaw SEC1 or SEC2+
LEROY Christophe [Fri, 17 Apr 2015 14:32:07 +0000 (16:32 +0200)]
crypto: talitos - fill in talitos descriptor iaw SEC1 or SEC2+

talitos descriptor is slightly different for SEC1 and SEC2+, so
lets the helper function that fills the descriptor take into account
the type of SEC.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - Add a feature to tag SEC1
LEROY Christophe [Fri, 17 Apr 2015 14:32:05 +0000 (16:32 +0200)]
crypto: talitos - Add a feature to tag SEC1

We add a new feature in the features field, to mark compatible
"fsl,sec1.0"
We also define a helper function called has_ftr_sec1() to help
functions quickly determine if they are running on SEC1 or SEC2+.
When only SEC1 or SEC2 is compiled in, has_ftr_sec1() return
trivial corresponding value. If both are compiled in, feature
field is checked.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - add sub-choice in talitos CONFIG for SEC1
LEROY Christophe [Fri, 17 Apr 2015 14:32:03 +0000 (16:32 +0200)]
crypto: talitos - add sub-choice in talitos CONFIG for SEC1

This patch adds a CONFIG option to select SEC1, SEC2+ or both.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - enhanced talitos_desc struct for SEC1
LEROY Christophe [Fri, 17 Apr 2015 14:32:01 +0000 (16:32 +0200)]
crypto: talitos - enhanced talitos_desc struct for SEC1

This patch enhances the talitos_desc struct with fields for SEC1.
SEC1 has only one header field, and has a 'next_desc' field in
addition.
This mixed descriptor will continue to fit SEC2, and for SEC1
we will recopy hdr value into hdr1 value in talitos_submit()

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - helper function for ptr len
LEROY Christophe [Fri, 17 Apr 2015 14:31:59 +0000 (16:31 +0200)]
crypto: talitos - helper function for ptr len

This patch adds a helper function for reads and writes of the len
param of the talitos descriptor. This will help implement
SEC1 later.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - remove param 'extent' in map_single_talitos_ptr()
LEROY Christophe [Fri, 17 Apr 2015 14:31:57 +0000 (16:31 +0200)]
crypto: talitos - remove param 'extent' in map_single_talitos_ptr()

map_single_talitos_ptr() is always called with extent == 0, so lets remove this unused parameter

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - Add a helper function to clear j_extent field
LEROY Christophe [Fri, 17 Apr 2015 14:31:55 +0000 (16:31 +0200)]
crypto: talitos - Add a helper function to clear j_extent field

j_extent field is specific to SEC2 so we add a helper function to clear it
so that SEC1 can redefine that function as nop

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - talitos_ptr renamed ptr for more lisibility
LEROY Christophe [Fri, 17 Apr 2015 14:31:53 +0000 (16:31 +0200)]
crypto: talitos - talitos_ptr renamed ptr for more lisibility

Linux CodyingStyle recommends to use short variables for local
variables. ptr is just good enough for those 3 lines functions.
It helps keep single lines shorter than 80 characters.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - Refactor the sg in/out chain allocation
LEROY Christophe [Fri, 17 Apr 2015 14:31:51 +0000 (16:31 +0200)]
crypto: talitos - Refactor the sg in/out chain allocation

This patch refactors the handling of the input and output data that is quite
similar in several functions

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: talitos - Use zero entry to init descriptors ptrs to zero
LEROY Christophe [Fri, 17 Apr 2015 14:31:49 +0000 (16:31 +0200)]
crypto: talitos - Use zero entry to init descriptors ptrs to zero

Do use zero_entry value to init the descriptors ptrs to zero instead of
writing 0 in each field

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocryoto: drbg - clear all temporary memory
Stephan Mueller [Fri, 17 Apr 2015 12:54:08 +0000 (14:54 +0200)]
cryoto: drbg - clear all temporary memory

The buffer uses for temporary data must be cleared entirely. In AES192
the used buffer is drbg_statelen(drbg) + drbg_blocklen(drbg) as
documented in the comment above drbg_ctr_df.

This patch ensures that the temp buffer is completely wiped.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: mv_cesa - ensure backlog is initialised
Colin Ian King [Tue, 14 Apr 2015 16:51:29 +0000 (11:51 -0500)]
crypto: mv_cesa - ensure backlog is initialised

backlog is not initialised so in the case where
cpg->eng_st != ENGINE_IDLE it is never initialised and
hence which could lead to an illegal memory dereference
in the statement:

  backlog->complete(backlog, -EINPROGRESS);

Discovered with cppcheck static analsys:
[drivers/crypto/mv_cesa.c:616]:
   (error) Uninitialized variable: backlog

Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9 years agocrypto: fix broken crypto_register_instance() module handling
Herbert Xu [Thu, 16 Apr 2015 03:07:13 +0000 (11:07 +0800)]
crypto: fix broken crypto_register_instance() module handling

Commit 9c521a200bc3 ("crypto: api - remove instance when test failed")
tried to grab a module reference count before the module was even set.

Worse, it then goes on to free the module reference count after it is
set so you quickly end up with a negative module reference count which
prevents people from using any instances belonging to that module.

This patch moves the module initialisation before the reference
count.

Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
9 years agoMerge branch 'akpm' (patches from Andrew)
Linus Torvalds [Wed, 15 Apr 2015 23:39:15 +0000 (16:39 -0700)]
Merge branch 'akpm' (patches from Andrew)

Merge second patchbomb from Andrew Morton:

 - the rest of MM

 - various misc bits

 - add ability to run /sbin/reboot at reboot time

 - printk/vsprintf changes

 - fiddle with seq_printf() return value

* akpm: (114 commits)
  parisc: remove use of seq_printf return value
  lru_cache: remove use of seq_printf return value
  tracing: remove use of seq_printf return value
  cgroup: remove use of seq_printf return value
  proc: remove use of seq_printf return value
  s390: remove use of seq_printf return value
  cris fasttimer: remove use of seq_printf return value
  cris: remove use of seq_printf return value
  openrisc: remove use of seq_printf return value
  ARM: plat-pxa: remove use of seq_printf return value
  nios2: cpuinfo: remove use of seq_printf return value
  microblaze: mb: remove use of seq_printf return value
  ipc: remove use of seq_printf return value
  rtc: remove use of seq_printf return value
  power: wakeup: remove use of seq_printf return value
  x86: mtrr: if: remove use of seq_printf return value
  linux/bitmap.h: improve BITMAP_{LAST,FIRST}_WORD_MASK
  MAINTAINERS: CREDITS: remove Stefano Brivio from B43
  .mailmap: add Ricardo Ribalda
  CREDITS: add Ricardo Ribalda Delgado
  ...

9 years agoparisc: remove use of seq_printf return value
Joe Perches [Wed, 15 Apr 2015 23:18:28 +0000 (16:18 -0700)]
parisc: remove use of seq_printf return value

The seq_printf return value, because it's frequently misused,
will eventually be converted to void.

See: commit 1f33c41c03da ("seq_file: Rename seq_overflow() to
     seq_has_overflowed() and make public")

Signed-off-by: Joe Perches <joe@perches.com>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: Helge Deller <deller@gmx.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
9 years agolru_cache: remove use of seq_printf return value
Joe Perches [Wed, 15 Apr 2015 23:18:25 +0000 (16:18 -0700)]
lru_cache: remove use of seq_printf return value

The seq_printf return value, because it's frequently misused,
will eventually be converted to void.

See: commit 1f33c41c03da ("seq_file: Rename seq_overflow() to
     seq_has_overflowed() and make public")

Signed-off-by: Joe Perches <joe@perches.com>
Cc: Lars Ellenberg <drbd-dev@lists.linbit.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
9 years agotracing: remove use of seq_printf return value
Joe Perches [Wed, 15 Apr 2015 23:18:22 +0000 (16:18 -0700)]
tracing: remove use of seq_printf return value

The seq_printf return value, because it's frequently misused,
will eventually be converted to void.

See: commit 1f33c41c03da ("seq_file: Rename seq_overflow() to
     seq_has_overflowed() and make public")

Miscellanea:

o Remove unused return value from trace_lookup_stack

Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Steven Rostedt <rostedt@goodmis.org>
Cc: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
9 years agocgroup: remove use of seq_printf return value
Joe Perches [Wed, 15 Apr 2015 23:18:20 +0000 (16:18 -0700)]
cgroup: remove use of seq_printf return value

The seq_printf return value, because it's frequently misused,
will eventually be converted to void.

See: commit 1f33c41c03da ("seq_file: Rename seq_overflow() to
     seq_has_overflowed() and make public")

Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
9 years agoproc: remove use of seq_printf return value
Joe Perches [Wed, 15 Apr 2015 23:18:17 +0000 (16:18 -0700)]
proc: remove use of seq_printf return value

The seq_printf return value, because it's frequently misused,
will eventually be converted to void.

See: commit 1f33c41c03da ("seq_file: Rename seq_overflow() to
     seq_has_overflowed() and make public")

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
9 years agos390: remove use of seq_printf return value
Joe Perches [Wed, 15 Apr 2015 23:18:14 +0000 (16:18 -0700)]
s390: remove use of seq_printf return value

The seq_printf return value, because it's frequently misused,
will eventually be converted to void.

See: commit 1f33c41c03da ("seq_file: Rename seq_overflow() to
     seq_has_overflowed() and make public")

Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Sebastian Ott <sebott@linux.vnet.ibm.com>
Cc: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Cc: Peter Oberparleiter <oberpar@linux.vnet.ibm.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
9 years agocris fasttimer: remove use of seq_printf return value
Joe Perches [Wed, 15 Apr 2015 23:18:11 +0000 (16:18 -0700)]
cris fasttimer: remove use of seq_printf return value

The seq_printf return value, because it's frequently misused,
will eventually be converted to void.

See: commit 1f33c41c03da ("seq_file: Rename seq_overflow() to
     seq_has_overflowed() and make public")

Miscellanea:

o Coalesce formats, realign arguments

Signed-off-by: Joe Perches <joe@perches.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
9 years agocris: remove use of seq_printf return value
Joe Perches [Wed, 15 Apr 2015 23:18:08 +0000 (16:18 -0700)]
cris: remove use of seq_printf return value

The seq_printf return value, because it's frequently misused,
will eventually be converted to void.

See: commit 1f33c41c03da ("seq_file: Rename seq_overflow() to
     seq_has_overflowed() and make public")

Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Jesper Nilsson <jesper.nilsson@axis.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
9 years agoopenrisc: remove use of seq_printf return value
Joe Perches [Wed, 15 Apr 2015 23:18:05 +0000 (16:18 -0700)]
openrisc: remove use of seq_printf return value

The seq_printf return value, because it's frequently misused,
will eventually be converted to void.

See: commit 1f33c41c03da ("seq_file: Rename seq_overflow() to
     seq_has_overflowed() and make public")

Signed-off-by: Joe Perches <joe@perches.com>
Cc: Jonas Bonn <jonas@southpole.se>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
9 years agoARM: plat-pxa: remove use of seq_printf return value
Joe Perches [Wed, 15 Apr 2015 23:18:02 +0000 (16:18 -0700)]
ARM: plat-pxa: remove use of seq_printf return value

The seq_printf return value, because it's frequently misused,
(as it is here, it doesn't return # of chars emitted) will
eventually be converted to void.

See: commit 1f33c41c03da ("seq_file: Rename seq_overflow() to
     seq_has_overflowed() and make public")

Signed-off-by: Joe Perches <joe@perches.com>
Cc: Russell King <linux@arm.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>