[PATCH] crypto: qat - Don't attempt to register algorithm multiple times
When multiple devices are present in the system the driver attempts
to register the same algorithm many times.
Signed-off-by: Tadeusz Struk
---
drivers/crypto/qat/qat_common/qat_asym_algs.c | 13 ++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/qat/qat_common/qat_asym_algs.c
b/drivers/crypto/qat/qat_common/qat_asym_algs.c
index 557a740..3e3c5c8 100644
--- a/drivers/crypto/qat/qat_common/qat_asym_algs.c
+++ b/drivers/crypto/qat/qat_common/qat_asym_algs.c
@@ -58,6 +58,8 @@
#include "adf_common_drv.h"
#include "qat_crypto.h"
+static atomic_t active_devs;
+
struct qat_rsa_input_params {
union {
struct {
@@ -629,11 +631,16 @@ static struct akcipher_alg rsa = {
int qat_asym_algs_register(void)
{
- rsa.base.cra_flags = 0;
- return crypto_register_akcipher(&rsa);
+ if (atomic_add_return(1, &active_devs) == 1) {
+ rsa.base.cra_flags = 0;
+ return crypto_register_akcipher(&rsa);
+ }
+
+ return 0;
}
void qat_asym_algs_unregister(void)
{
- crypto_unregister_akcipher(&rsa);
+ if (atomic_sub_return(1, &active_devs) == 0)
+ crypto_unregister_akcipher(&rsa);
}
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] crypto: qat - fix invalid check for RSA keylen in fips mode
The condition checking allowed key length was invalid.
Reported-by: Dan Carpenter
Signed-off-by: Tadeusz Struk
---
drivers/crypto/qat/qat_common/qat_asym_algs.c |4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/qat/qat_common/qat_asym_algs.c
b/drivers/crypto/qat/qat_common/qat_asym_algs.c
index 13a76a0..557a740 100644
--- a/drivers/crypto/qat/qat_common/qat_asym_algs.c
+++ b/drivers/crypto/qat/qat_common/qat_asym_algs.c
@@ -443,7 +443,7 @@ int qat_rsa_get_n(void *context, size_t hdrlen, unsigned
char tag,
ctx->key_sz = vlen;
ret = -EINVAL;
/* In FIPS mode only allow key size 2K & 3K */
- if (fips_enabled && (ctx->key_sz != 256 || ctx->key_sz != 384)) {
+ if (fips_enabled && (ctx->key_sz != 256 && ctx->key_sz != 384)) {
pr_err("QAT: RSA: key size not allowed in FIPS mode\n");
goto err;
}
@@ -510,7 +510,7 @@ int qat_rsa_get_d(void *context, size_t hdrlen, unsigned
char tag,
goto err;
/* In FIPS mode only allow key size 2K & 3K */
- if (fips_enabled && (vlen != 256 || vlen != 384)) {
+ if (fips_enabled && (vlen != 256 && vlen != 384)) {
pr_err("QAT: RSA: key size not allowed in FIPS mode\n");
goto err;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] crypto: rsa - fix invalid check for keylen in fips mode
The condition checking allowed key length was invalid.
Reported-by: Dan Carpenter
Signed-off-by: Tadeusz Struk
---
crypto/rsa_helper.c |4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/rsa_helper.c b/crypto/rsa_helper.c
index 3e8e0a9..8d96ce9 100644
--- a/crypto/rsa_helper.c
+++ b/crypto/rsa_helper.c
@@ -28,7 +28,7 @@ int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
return -ENOMEM;
/* In FIPS mode only allow key size 2K & 3K */
- if (fips_enabled && (mpi_get_size(key->n) != 256 ||
+ if (fips_enabled && (mpi_get_size(key->n) != 256 &&
mpi_get_size(key->n) != 384)) {
pr_err("RSA: key size not allowed in FIPS mode\n");
mpi_free(key->n);
@@ -62,7 +62,7 @@ int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
return -ENOMEM;
/* In FIPS mode only allow key size 2K & 3K */
- if (fips_enabled && (mpi_get_size(key->d) != 256 ||
+ if (fips_enabled && (mpi_get_size(key->d) != 256 &&
mpi_get_size(key->d) != 384)) {
pr_err("RSA: key size not allowed in FIPS mode\n");
mpi_free(key->d);
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: crypto: qat - Add support for RSA algorithm
On Mon, Jul 20, 2015 at 09:13:32AM -0700, Tadeusz Struk wrote:
> On 07/20/2015 08:12 AM, Dan Carpenter wrote:
> > The patch a990532023b9: "crypto: qat - Add support for RSA algorithm"
> > from Jul 15, 2015, leads to the following Smatch warning:
> >
> > drivers/crypto/qat/qat_common/qat_asym_algs.c:446 qat_rsa_get_n()
> > warn: was && intended here instead of ||?
> >
> > drivers/crypto/qat/qat_common/qat_asym_algs.c
> >444 ret = -EINVAL;
> >445 /* In FIPS mode only allow key size 2K & 3K */
> >446 if (fips_enabled && (ctx->key_sz != 256 || ctx->key_sz !=
> > 384)) {
> >
> >
> >
> > Looks like the static checker is correct.
>
> The logic is if fips_enabled we want to accept only key size 2K (256 bytes)
> or 3K (384 bytes)
> so the condition looks ok to me. Maybe the comment above is misleading?
Logically ->key_sz can't be both 256 and 384 at the same time. What you
are describing is &&. This seems like an important function, my guess
is we have never tested it with fips_enabled?
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: crypto: qat - Add support for RSA algorithm
On 07/20/2015 08:12 AM, Dan Carpenter wrote:
> The patch a990532023b9: "crypto: qat - Add support for RSA algorithm"
> from Jul 15, 2015, leads to the following Smatch warning:
>
> drivers/crypto/qat/qat_common/qat_asym_algs.c:446 qat_rsa_get_n()
> warn: was && intended here instead of ||?
>
> drivers/crypto/qat/qat_common/qat_asym_algs.c
>444 ret = -EINVAL;
>445 /* In FIPS mode only allow key size 2K & 3K */
>446 if (fips_enabled && (ctx->key_sz != 256 || ctx->key_sz !=
> 384)) {
>
>
> Looks like the static checker is correct.
The logic is if fips_enabled we want to accept only key size 2K (256 bytes) or
3K (384 bytes)
so the condition looks ok to me. Maybe the comment above is misleading?
regards,
T
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: crypto: qat - Add support for RSA algorithm
Also: drivers/crypto/qat/qat_common/qat_asym_algs.c:513 qat_rsa_get_d() warn: was && intended here instead of ||? regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
re: crypto: qat - Add support for RSA algorithm
Hello Tadeusz Struk,
The patch a990532023b9: "crypto: qat - Add support for RSA algorithm"
from Jul 15, 2015, leads to the following Smatch warning:
drivers/crypto/qat/qat_common/qat_asym_algs.c:446 qat_rsa_get_n()
warn: was && intended here instead of ||?
drivers/crypto/qat/qat_common/qat_asym_algs.c
444 ret = -EINVAL;
445 /* In FIPS mode only allow key size 2K & 3K */
446 if (fips_enabled && (ctx->key_sz != 256 || ctx->key_sz != 384))
{
Looks like the static checker is correct.
447 pr_err("QAT: RSA: key size not allowed in FIPS mode\n");
448 goto err;
449 }
450 /* invalid key size provided */
451 if (!qat_rsa_enc_fn_id(ctx->key_sz))
452 goto err;
453
454 ret = -ENOMEM;
455 ctx->n = dma_zalloc_coherent(dev, ctx->key_sz, &ctx->dma_n,
GFP_KERNEL);
456 if (!ctx->n)
457 goto err;
458
459 memcpy(ctx->n, ptr, ctx->key_sz);
460 return 0;
461 err:
462 ctx->key_sz = 0;
463 ctx->n = NULL;
464 return ret;
465 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v11] crypto: Add Allwinner Security System crypto accelerator
On Mon, Jul 20, 2015 at 10:18:36AM +0200, Maxime Ripard wrote: > On Mon, Jul 20, 2015 at 04:10:50PM +0800, Herbert Xu wrote: > > On Fri, Jul 17, 2015 at 04:39:37PM +0200, LABBE Corentin wrote: > > > Hello > > > > > > This is the driver for the Security System included in Allwinner SoC A20. > > > The Security System (SS for short) is a hardware cryptographic > > > accelerator that > > > support AES/MD5/SHA1/DES/3DES/PRNG algorithms. > > > It could be found on others Allwinner SoC: > > > - A10, A10s, A13, A31 and A33 manual give the same datasheet for SS than > > > A20 > > > - A23 speak about a security system but without precisions > > > - A80 and A83T datasheet speak about a security system with more functions > > > (SHA224/SHA256/RSA/CRC), they will be supported in a separate driver. > > > > All applied. Thanks a lot! > > All applied, DT bits included? Yes. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v11] crypto: Add Allwinner Security System crypto accelerator
On Mon, Jul 20, 2015 at 04:10:50PM +0800, Herbert Xu wrote: > On Fri, Jul 17, 2015 at 04:39:37PM +0200, LABBE Corentin wrote: > > Hello > > > > This is the driver for the Security System included in Allwinner SoC A20. > > The Security System (SS for short) is a hardware cryptographic accelerator > > that > > support AES/MD5/SHA1/DES/3DES/PRNG algorithms. > > It could be found on others Allwinner SoC: > > - A10, A10s, A13, A31 and A33 manual give the same datasheet for SS than A20 > > - A23 speak about a security system but without precisions > > - A80 and A83T datasheet speak about a security system with more functions > > (SHA224/SHA256/RSA/CRC), they will be supported in a separate driver. > > All applied. Thanks a lot! All applied, DT bits included? Maxime -- Maxime Ripard, Free Electrons Embedded Linux, Kernel and Android engineering http://free-electrons.com signature.asc Description: Digital signature
Re: [PATCH v11] crypto: Add Allwinner Security System crypto accelerator
On Fri, Jul 17, 2015 at 04:39:37PM +0200, LABBE Corentin wrote: > Hello > > This is the driver for the Security System included in Allwinner SoC A20. > The Security System (SS for short) is a hardware cryptographic accelerator > that > support AES/MD5/SHA1/DES/3DES/PRNG algorithms. > It could be found on others Allwinner SoC: > - A10, A10s, A13, A31 and A33 manual give the same datasheet for SS than A20 > - A23 speak about a security system but without precisions > - A80 and A83T datasheet speak about a security system with more functions > (SHA224/SHA256/RSA/CRC), they will be supported in a separate driver. All applied. Thanks a lot! -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 1/4] crypto: caam - fix ERA property reading
On Fri, Jul 17, 2015 at 04:54:51PM +0300, Horia Geantă wrote: > From: Alex Porosanu > > In order to ensure that the ERA property is properly read from DT > on all platforms, of_property_read* function needs to be used. > > Signed-off-by: Alex Porosanu > Signed-off-by: Horia Geantă All applied. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
