[PATCH] hw_random: octeon-rng: Use devm_hwrng_register
Use resource managed function devm_hwrng_register instead of
hwrng_register to make the error-path simpler. Also, remove
octeon_rng_remove as it is now redundant.
Signed-off-by: Vaishali Thakkar
---
drivers/char/hw_random/octeon-rng.c | 12 +---
1 file changed, 1 insertion(+), 11 deletions(-)
diff --git a/drivers/char/hw_random/octeon-rng.c
b/drivers/char/hw_random/octeon-rng.c
index 6234a4a..8c78aa0 100644
--- a/drivers/char/hw_random/octeon-rng.c
+++ b/drivers/char/hw_random/octeon-rng.c
@@ -96,7 +96,7 @@ static int octeon_rng_probe(struct platform_device *pdev)
rng->ops = ops;
platform_set_drvdata(pdev, &rng->ops);
- ret = hwrng_register(&rng->ops);
+ ret = devm_hwrng_register(&pdev->dev, &rng->ops);
if (ret)
return -ENOENT;
@@ -105,21 +105,11 @@ static int octeon_rng_probe(struct platform_device *pdev)
return 0;
}
-static int octeon_rng_remove(struct platform_device *pdev)
-{
- struct hwrng *rng = platform_get_drvdata(pdev);
-
- hwrng_unregister(rng);
-
- return 0;
-}
-
static struct platform_driver octeon_rng_driver = {
.driver = {
.name = "octeon_rng",
},
.probe = octeon_rng_probe,
- .remove = octeon_rng_remove,
};
module_platform_driver(octeon_rng_driver);
--
1.9.1
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Contact Us For Unsecured Guaranteed Loans Today!!!?
Do you need a genuine Loan to settle your bills and start up a good business? Kindly contact us now with your details to get a good Loan at a low rate of 3% per Annu, Quick send your details via: guarloa...@gmail.com -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 4/8] crypto: akcipher - Changes to asymmetric key API
On 09/09/2015 12:13 PM, Stephan Mueller wrote: >> >Also a question regarding .get_len: for RSA with padding the minimum >> >dest buffer length depends on the input. What is that call supposed >> >to return in that case? > I would guess that the destination buffer minimum size should be RSA size > minus the minimum padding size. This way, the caller is always sure to get > all > data without error. I think it should always be the size of modulo. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 4/8] crypto: akcipher - Changes to asymmetric key API
Am Mittwoch, 9. September 2015, 20:53:23 schrieb Andrzej Zaborowski: Hi Andrzej, > >Also a question regarding .get_len: for RSA with padding the minimum >dest buffer length depends on the input. What is that call supposed >to return in that case? I would guess that the destination buffer minimum size should be RSA size minus the minimum padding size. This way, the caller is always sure to get all data without error. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 4/8] crypto: akcipher - Changes to asymmetric key API
Hi, On 9 September 2015 at 18:41, Stephan Mueller wrote: > Am Mittwoch, 9. September 2015, 09:29:28 schrieb Tadeusz Struk: + * @key: BER encoded public key >>> >>> DER encoded? >> >>It is BER (Basic Encoding Rules), which is also valid DER (Distinguished >>Encoding Rules) > > I was just mentioning that since the ASN.1 structure now is equivalent to > OpenSSL and what DER specifies. I just wanted to suggest to allow readers to > establish a connection between OpenSSL DER encoded keys and the keys we use > here. Shouldn't the BER/DER requirement be only mentioned in rsa.c? For other asymmetric key ciphers there may, in theory, be a completely different established key encoding and no point in using DER on top. Also a question regarding .get_len: for RSA with padding the minimum dest buffer length depends on the input. What is that call supposed to return in that case? Best regards -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 6/8] crypto: rsa - update accoring to akcipher API changes
On 09/09/2015 09:35 AM, Stephan Mueller wrote:
>> +if (sg_is_last(req->dst)) {
>> >+ ret = mpi_read_buffer(c, sg_virt(req->dst), dst_len,
>> >+ &req->out_len, &sign);
>> >+ } else {
>> >+ void *ptr = kmalloc(dst_len, GFP_KERNEL);
>> >+
>> >+ if (!ptr)
>> >+ goto err_free_m;
>> >+
>> >+ ret = mpi_read_buffer(c, ptr, dst_len, &req->out_len, &sign);
>> >+ scatterwalk_map_and_copy(ptr, req->dst, 0, dst_len, 1);
>> >+ kfree(ptr);
> Just a question: this code is present 4 times, can that be put into a
> separate
> inline?
>
I have put it like this because it is easier to read.
All 4 functions use different variable names according to the spec.
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
Am Mittwoch, 9. September 2015, 10:16:16 schrieb Tadeusz Struk: Hi Tadeusz, >On 09/09/2015 10:05 AM, Stephan Mueller wrote: >>> Yes, sorry, you are right. sg_len() will only return positive numbers or >>> >>> >zero. rsa.c checks it in all four operations: >>> >if (unlikely(!pkey->n || !pkey->d || !src_len)) >> >> Great, I am not disputing the check for 0, I just want an unsigned int, >> because sg->length is unsigned int too. :-) > >I see, maybe we can check for negative numbers in PF_ALG? My request for turning the implementation of sg_len and the callers of it to use unsigned int is simply to avoid overflows of the counter. Note, I usually am very zealous about using the correct data types, especially with integers. I have seen way to many security related bugs by overflowing a signed integer. Surely, PF_ALG will ensure that user space will only provide buffers up to a max number (PAGE_SIZE * ALG_MAX_PAGES is the maximum user space can provide at all considering my current user space approach). So, we have at most 65536 bytes from user space in one request. This boundary is to allow at most ALG_MAX_PAGES individual SGL members (i.e. at most ALG_MAX_PAGES individual calls to splice) but also tries to squeeze the data coming with sendmsg into one page. But, surely we can discuss these limits once I post algif_akcipher. Considering that, I do not feel that the code we discuss here should have a check for the maximum size of the SGL. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
On 09/09/2015 10:05 AM, Stephan Mueller wrote: >> Yes, sorry, you are right. sg_len() will only return positive numbers or >> >zero. rsa.c checks it in all four operations: >> >if (unlikely(!pkey->n || !pkey->d || !src_len)) > Great, I am not disputing the check for 0, I just want an unsigned int, > because sg->length is unsigned int too. :-) I see, maybe we can check for negative numbers in PF_ALG? -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
Am Mittwoch, 9. September 2015, 10:02:17 schrieb Tadeusz Struk: Hi Tadeusz, >On 09/09/2015 09:56 AM, Stephan Mueller wrote: But in the rsa.c enc/dec/verify/sign functions, there should be such check, >> I would guess. >>> > >>> >There is see line 419: >>> >return pkey->n ? mpi_get_size(pkey->n) : -EINVAL; >> >> I feel we are not talking about the same issue. I refer to your patch in >> rsa.c: >> >> + int src_len = sg_len(req->src), dst_len = sg_len(req->dst); >> >> ===> can be negative according to your statement >> >> ... >> >> + void *ptr = kmalloc(dst_len, GFP_KERNEL); >> >> ===> with a negative number, I guess we have a problem here. > >Yes, sorry, you are right. sg_len() will only return positive numbers or >zero. rsa.c checks it in all four operations: >if (unlikely(!pkey->n || !pkey->d || !src_len)) Great, I am not disputing the check for 0, I just want an unsigned int, because sg->length is unsigned int too. :-) Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
On 09/09/2015 09:56 AM, Stephan Mueller wrote: >>> But in the rsa.c enc/dec/verify/sign functions, there should be such check, >>> >> I would guess. >> > >> >There is see line 419: >> >return pkey->n ? mpi_get_size(pkey->n) : -EINVAL; > I feel we are not talking about the same issue. I refer to your patch in > rsa.c: > > + int src_len = sg_len(req->src), dst_len = sg_len(req->dst); > > ===> can be negative according to your statement > > ... > > + void *ptr = kmalloc(dst_len, GFP_KERNEL); > > ===> with a negative number, I guess we have a problem here. Yes, sorry, you are right. sg_len() will only return positive numbers or zero. rsa.c checks it in all four operations: if (unlikely(!pkey->n || !pkey->d || !src_len)) -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
Am Mittwoch, 9. September 2015, 09:51:40 schrieb Tadeusz Struk: Hi Tadeusz, >On 09/09/2015 09:49 AM, Stephan Mueller wrote: >> But, shouldn't there be an overflow check? Maybe not here, but in the >> cases >> where the function is invoked. There is a kmalloc(src_len) without a >> check >> for negative values. >>> > >>> >Right, but because testmgr.c calls setkey before this I skipped the >>> >check. >> >> But in the rsa.c enc/dec/verify/sign functions, there should be such check, >> I would guess. > >There is see line 419: >return pkey->n ? mpi_get_size(pkey->n) : -EINVAL; I feel we are not talking about the same issue. I refer to your patch in rsa.c: + int src_len = sg_len(req->src), dst_len = sg_len(req->dst); ===> can be negative according to your statement ... + void *ptr = kmalloc(dst_len, GFP_KERNEL); ===> with a negative number, I guess we have a problem here. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
Am Mittwoch, 9. September 2015, 09:31:00 schrieb Tadeusz Struk: Hi Tadeusz, >On 09/09/2015 09:27 AM, Stephan Mueller wrote: >>> +int sg_len(struct scatterlist *sg) >> >> unsigned int? > >No, because it can return -EINVAL if you call it before you set the key. Just re-reading the code: where would the -EINVAL be generated? Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
On 09/09/2015 09:49 AM, Stephan Mueller wrote: >>> >> But, shouldn't there be an overflow check? Maybe not here, but in the >>> >> cases >>> >> where the function is invoked. There is a kmalloc(src_len) without a >>> >> check >>> >> for negative values. >> > >> >Right, but because testmgr.c calls setkey before this I skipped the check. > But in the rsa.c enc/dec/verify/sign functions, there should be such check, I > would guess. There is see line 419: return pkey->n ? mpi_get_size(pkey->n) : -EINVAL; -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
Am Mittwoch, 9. September 2015, 09:46:36 schrieb Tadeusz Struk: Hi Tadeusz, >On 09/09/2015 09:39 AM, Stephan Mueller wrote: >>> No, because it can return -EINVAL if you call it before you set the key. >> >> I see. >> >> But, shouldn't there be an overflow check? Maybe not here, but in the cases >> where the function is invoked. There is a kmalloc(src_len) without a check >> for negative values. > >Right, but because testmgr.c calls setkey before this I skipped the check. But in the rsa.c enc/dec/verify/sign functions, there should be such check, I would guess. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
On 09/09/2015 09:39 AM, Stephan Mueller wrote: >> No, because it can return -EINVAL if you call it before you set the key. > I see. > > But, shouldn't there be an overflow check? Maybe not here, but in the cases > where the function is invoked. There is a kmalloc(src_len) without a check > for > negative values. Right, but because testmgr.c calls setkey before this I skipped the check. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 4/8] crypto: akcipher - Changes to asymmetric key API
On 09/09/2015 09:41 AM, Stephan Mueller wrote: >> >It is BER (Basic Encoding Rules), which is also valid DER (Distinguished >> >Encoding Rules) > I was just mentioning that since the ASN.1 structure now is equivalent to > OpenSSL and what DER specifies. I just wanted to suggest to allow readers to > establish a connection between OpenSSL DER encoded keys and the keys we use Since DER is a valid BER it will work for both. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 4/8] crypto: akcipher - Changes to asymmetric key API
Am Mittwoch, 9. September 2015, 09:29:28 schrieb Tadeusz Struk: Hi Tadeusz, >>> + * @key: BER encoded public key >> >> DER encoded? > >It is BER (Basic Encoding Rules), which is also valid DER (Distinguished >Encoding Rules) I was just mentioning that since the ASN.1 structure now is equivalent to OpenSSL and what DER specifies. I just wanted to suggest to allow readers to establish a connection between OpenSSL DER encoded keys and the keys we use here. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
Am Mittwoch, 9. September 2015, 09:31:00 schrieb Tadeusz Struk: Hi Tadeusz, >On 09/09/2015 09:27 AM, Stephan Mueller wrote: >>> +int sg_len(struct scatterlist *sg) >> >> unsigned int? > >No, because it can return -EINVAL if you call it before you set the key. I see. But, shouldn't there be an overflow check? Maybe not here, but in the cases where the function is invoked. There is a kmalloc(src_len) without a check for negative values. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 6/8] crypto: rsa - update accoring to akcipher API changes
Am Mittwoch, 9. September 2015, 09:15:32 schrieb Tadeusz Struk:
Hi Tadeusz,
>Rsa updates to reflect the API changes.
>
>Signed-off-by: Tadeusz Struk
>---
> crypto/Makefile | 12 ++-
> crypto/rsa.c | 188
>++--- crypto/rsa_helper.c |
>42 -
> crypto/rsakey.asn1|5 -
> crypto/rsaprivkey.asn1| 11 ++
> crypto/rsapubkey.asn1 |4 +
> include/crypto/internal/rsa.h |7 +-
> 7 files changed, 220 insertions(+), 49 deletions(-)
> delete mode 100644 crypto/rsakey.asn1
> create mode 100644 crypto/rsaprivkey.asn1
> create mode 100644 crypto/rsapubkey.asn1
>
>diff --git a/crypto/Makefile b/crypto/Makefile
>index 65e91da..d897e0b 100644
>--- a/crypto/Makefile
>+++ b/crypto/Makefile
>@@ -31,8 +31,16 @@ obj-$(CONFIG_CRYPTO_HASH2) += crypto_hash.o
> obj-$(CONFIG_CRYPTO_PCOMP2) += pcompress.o
> obj-$(CONFIG_CRYPTO_AKCIPHER2) += akcipher.o
>
>-$(obj)/rsakey-asn1.o: $(obj)/rsakey-asn1.c $(obj)/rsakey-asn1.h
>-clean-files += rsakey-asn1.c rsakey-asn1.h
>+$(obj)/rsapubkey-asn1.o: $(obj)/rsapubkey-asn1.c $(obj)/rsapubkey-asn1.h
>+$(obj)/rsaprivkey-asn1.o: $(obj)/rsaprivkey-asn1.c $(obj)/rsaprivkey-asn1.h
>+clean-files += rsapubkey-asn1.c rsapubkey-asn1.h
>+clean-files += rsaprivkey-asn1.c rsaprivkey-asn1.h
>+
>+rsa_generic-y := rsapubkey-asn1.o
>+rsa_generic-y += rsaprivkey-asn1.o
>+rsa_generic-y += rsa.o
>+rsa_generic-y += rsa_helper.o
>+obj-$(CONFIG_CRYPTO_RSA) += rsa_generic.o
>
> cryptomgr-y := algboss.o testmgr.o
>
>diff --git a/crypto/rsa.c b/crypto/rsa.c
>index 93feae2..f5b956c 100644
>--- a/crypto/rsa.c
>+++ b/crypto/rsa.c
>@@ -13,6 +13,7 @@
> #include
> #include
> #include
>+#include
>
> /*
> * RSAEP function [RFC3447 sec 5.1.1]
>@@ -80,34 +81,57 @@ static int rsa_enc(struct akcipher_request *req)
> struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
> const struct rsa_key *pkey = rsa_get_key(tfm);
> MPI m, c = mpi_alloc(0);
>+ int src_len = sg_len(req->src), dst_len = sg_len(req->dst);
unsigned int?
> int ret = 0;
> int sign;
>
> if (!c)
> return -ENOMEM;
>
>- if (unlikely(!pkey->n || !pkey->e)) {
>+ if (unlikely(!pkey->n || !pkey->e || !src_len)) {
> ret = -EINVAL;
> goto err_free_c;
> }
>
>- if (req->dst_len < mpi_get_size(pkey->n)) {
>- req->dst_len = mpi_get_size(pkey->n);
>+ if (dst_len < mpi_get_size(pkey->n)) {
>+ req->out_len = mpi_get_size(pkey->n);
> ret = -EOVERFLOW;
> goto err_free_c;
> }
>
>- m = mpi_read_raw_data(req->src, req->src_len);
>- if (!m) {
>- ret = -ENOMEM;
>- goto err_free_c;
>+ ret = -ENOMEM;
>+ if (sg_is_last(req->src)) {
>+ m = mpi_read_raw_data(sg_virt(req->src), src_len);
>+ } else {
>+ void *ptr = kmalloc(src_len, GFP_KERNEL);
>+
>+ if (!ptr)
>+ goto err_free_c;
>+
>+ scatterwalk_map_and_copy(ptr, req->src, 0, src_len, 0);
>+ m = mpi_read_raw_data(ptr, src_len);
>+ kfree(ptr);
> }
>+ if (!m)
>+ goto err_free_c;
>
> ret = _rsa_enc(pkey, c, m);
> if (ret)
> goto err_free_m;
>
>- ret = mpi_read_buffer(c, req->dst, req->dst_len, &req->dst_len,
&sign);
>+ if (sg_is_last(req->dst)) {
>+ ret = mpi_read_buffer(c, sg_virt(req->dst), dst_len,
>+&req->out_len, &sign);
>+ } else {
>+ void *ptr = kmalloc(dst_len, GFP_KERNEL);
>+
>+ if (!ptr)
>+ goto err_free_m;
>+
>+ ret = mpi_read_buffer(c, ptr, dst_len, &req->out_len, &sign);
>+ scatterwalk_map_and_copy(ptr, req->dst, 0, dst_len, 1);
>+ kfree(ptr);
Just a question: this code is present 4 times, can that be put into a separate
inline?
>+ }
> if (ret)
> goto err_free_m;
>
>@@ -128,34 +152,57 @@ static int rsa_dec(struct akcipher_request *req)
> struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
> const struct rsa_key *pkey = rsa_get_key(tfm);
> MPI c, m = mpi_alloc(0);
>+ int src_len = sg_len(req->src), dst_len = sg_len(req->dst);
unsigned int?
> int ret = 0;
> int sign;
>
> if (!m)
> return -ENOMEM;
>
>- if (unlikely(!pkey->n || !pkey->d)) {
>+ if (unlikely(!pkey->n || !pkey->d || !src_len)) {
> ret = -EINVAL;
> goto err_free_m;
> }
>
>- if (req->dst_len < mpi_get_size(pkey->n)) {
>- req->dst_len = mpi_get_size(pkey->n);
>+ if (dst_len < mpi_get_size(pkey->n)) {
>+ req->out_len = mpi_get_size(pkey->n);
> ret = -EOVERFLOW;
> goto err_free_m;
> }
>
>- c = mpi_read_raw_data(req->src, req->src_len
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
On 09/09/2015 09:27 AM, Stephan Mueller wrote: >> +int sg_len(struct scatterlist *sg) > unsigned int? No, because it can return -EINVAL if you call it before you set the key. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 4/8] crypto: akcipher - Changes to asymmetric key API
Hi Stephan,
On 09/09/2015 09:25 AM, Stephan Mueller wrote:
>> >+#if 0
>> > static int do_test_rsa(struct crypto_akcipher *tfm,
>> > struct akcipher_testvec *vecs)
>> > {
>> >@@ -1975,6 +1976,7 @@ static int alg_test_akcipher(const struct
>> >alg_test_desc
>> >*desc, crypto_free_akcipher(tfm);
>> >return err;
>> > }
>> >+#endif
> Just to check: is the ifdef 0 intentional?
Yes, it is otherwise it will break the build. It is enabled in subsequent patch.
>> + * @key:BER encoded public key
> DER encoded?
>
It is BER (Basic Encoding Rules), which is also valid DER (Distinguished
Encoding Rules)
Regards
T
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] lib/scatterlist: Add sg_len helper
Am Mittwoch, 9. September 2015, 09:15:26 schrieb Tadeusz Struk:
Hi Tadeusz,
>Add sg_len function which returns the total number of bytes in sg.
>
>Signed-off-by: Tadeusz Struk
>---
> include/linux/scatterlist.h |1 +
> lib/scatterlist.c | 18 ++
> 2 files changed, 19 insertions(+)
>
>diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h
>index 9b1ef0c..7c82fc1 100644
>--- a/include/linux/scatterlist.h
>+++ b/include/linux/scatterlist.h
>@@ -246,6 +246,7 @@ static inline void *sg_virt(struct scatterlist *sg)
> }
>
> int sg_nents(struct scatterlist *sg);
>+int sg_len(struct scatterlist *sg);
> int sg_nents_for_len(struct scatterlist *sg, u64 len);
> struct scatterlist *sg_next(struct scatterlist *);
> struct scatterlist *sg_last(struct scatterlist *s, unsigned int);
>diff --git a/lib/scatterlist.c b/lib/scatterlist.c
>index d105a9f..71324bb 100644
>--- a/lib/scatterlist.c
>+++ b/lib/scatterlist.c
>@@ -57,6 +57,24 @@ int sg_nents(struct scatterlist *sg)
> EXPORT_SYMBOL(sg_nents);
>
> /**
>+ * sg_len - return total size of bytes in the scatterlist
>+ * @sg: The scatterlist
>+ *
>+ * Description:
>+ * Allows to know how the total size of bytes in sg, taking into acount
>+ * chaining as well
>+ **/
>+int sg_len(struct scatterlist *sg)
unsigned int?
>+{
>+ int len;
>+
>+ for (len = 0; sg; sg = sg_next(sg))
>+ len += sg->length;
>+ return len;
>+}
>+EXPORT_SYMBOL(sg_len);
>+
>+/**
> * sg_nents_for_len - return total count of entries in scatterlist
> *needed to satisfy the supplied length
> * @sg: The scatterlist
>
>--
>To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
>the body of a message to majord...@vger.kernel.org
>More majordomo info at http://vger.kernel.org/majordomo-info.html
Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 4/8] crypto: akcipher - Changes to asymmetric key API
Am Mittwoch, 9. September 2015, 09:15:20 schrieb Tadeusz Struk:
Hi Tadeusz,
>Setkey function has been split into set_priv_key and set_pub_key.
>Akcipher requests takes sgl for src and dst instead of void *.
>Users of the API need to be disabled so that the build works fine
>after this patch.
>They will be enabled in subsequent patches.
>
>Signed-off-by: Tadeusz Struk
>---
> crypto/Makefile|5 --
> crypto/testmgr.c |4 +
> drivers/crypto/qat/qat_common/Makefile |2 -
> include/crypto/akcipher.h | 99
>++-- 4 files changed, 71 insertions(+), 39
>deletions(-)
>
>diff --git a/crypto/Makefile b/crypto/Makefile
>index e2c5981..65e91da 100644
>--- a/crypto/Makefile
>+++ b/crypto/Makefile
>@@ -34,11 +34,6 @@ obj-$(CONFIG_CRYPTO_AKCIPHER2) += akcipher.o
> $(obj)/rsakey-asn1.o: $(obj)/rsakey-asn1.c $(obj)/rsakey-asn1.h
> clean-files += rsakey-asn1.c rsakey-asn1.h
>
>-rsa_generic-y := rsakey-asn1.o
>-rsa_generic-y += rsa.o
>-rsa_generic-y += rsa_helper.o
>-obj-$(CONFIG_CRYPTO_RSA) += rsa_generic.o
>-
> cryptomgr-y := algboss.o testmgr.o
>
> obj-$(CONFIG_CRYPTO_MANAGER2) += cryptomgr.o
>diff --git a/crypto/testmgr.c b/crypto/testmgr.c
>index 35c2de1..2f2b66e 100644
>--- a/crypto/testmgr.c
>+++ b/crypto/testmgr.c
>@@ -1835,6 +1835,7 @@ static int alg_test_drbg(const struct alg_test_desc
>*desc, const char *driver,
>
> }
>
>+#if 0
> static int do_test_rsa(struct crypto_akcipher *tfm,
> struct akcipher_testvec *vecs)
> {
>@@ -1975,6 +1976,7 @@ static int alg_test_akcipher(const struct alg_test_desc
>*desc, crypto_free_akcipher(tfm);
> return err;
> }
>+#endif
Just to check: is the ifdef 0 intentional?
>
> static int alg_test_null(const struct alg_test_desc *desc,
>const char *driver, u32 type, u32 mask)
>@@ -3611,7 +3613,7 @@ static const struct alg_test_desc alg_test_descs[] = {
> }
> }, {
> .alg = "rsa",
>- .test = alg_test_akcipher,
>+ .test = alg_test_null,
> .fips_allowed = 1,
> .suite = {
> .akcipher = {
>diff --git a/drivers/crypto/qat/qat_common/Makefile
>b/drivers/crypto/qat/qat_common/Makefile index df20a9d..ba5abdb 100644
>--- a/drivers/crypto/qat/qat_common/Makefile
>+++ b/drivers/crypto/qat/qat_common/Makefile
>@@ -13,8 +13,6 @@ intel_qat-objs := adf_cfg.o \
> adf_hw_arbiter.o \
> qat_crypto.o \
> qat_algs.o \
>- qat_rsakey-asn1.o \
>- qat_asym_algs.o \
> qat_uclo.o \
> qat_hal.o
>
>diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h
>index 69d163e..7380e25 100644
>--- a/include/crypto/akcipher.h
>+++ b/include/crypto/akcipher.h
>@@ -13,28 +13,25 @@
> #ifndef _CRYPTO_AKCIPHER_H
> #define _CRYPTO_AKCIPHER_H
> #include
>+#include
>
> /**
> * struct akcipher_request - public key request
> *
> * @base: Common attributes for async crypto requests
>- * @src: Pointer to memory containing the input parameters
>- *The format of the parameter(s) is expeted to be Octet String
>- * @dst: Pointer to memory whare the result will be stored
>- * @src_len: Size of the input parameter
>- * @dst_len: Size of the output buffer. It needs to be at leaset
>- *as big as the expected result depending on the operation
>- *After operation it will be updated with the acctual size of
the
>- *result. In case of error, where the dst_len was insufficient,
>+ * @src: Source data
>+ * @dst: Destination data
>+ * @out_len: Size of the result. After operation it will be updated with
>+ *the acctual size of the data stored in the dst.
>+ *In case of error, where the dst sgl size was insufficient,
> *it will be updated to the size required for the operation.
> * @__ctx:Start of private context data
> */
> struct akcipher_request {
> struct crypto_async_request base;
>- void *src;
>- void *dst;
>- unsigned int src_len;
>- unsigned int dst_len;
>+ struct scatterlist *src;
>+ struct scatterlist *dst;
>+ unsigned int out_len;
> void *__ctx[] CRYPTO_MINALIGN_ATTR;
> };
>
>@@ -67,8 +64,13 @@ struct crypto_akcipher {
> *algorithm. In case of error, where the dst_len was
insufficient,
> *the req->dst_len will be updated to the size required for the
> *operation
>- * @setkey: Function invokes the algorithm specific set key function,
which
>- *knows how to decode and interpret the BER encoded key
>+ * @set_pub_key: Function invokes the algorithm specific set public key
>+ *function, which knows how to decode and interpret
>+ *the BER encoded public key
>+ * @set_priv_key: Function invokes the algorithm specific set private key
>+ *function, which knows how to decode and interpret
>+
[PATCH 7/8] crypto: qat - update accoring to akcipher API changes
QAT updates to reflect akcipher API changes.
Signed-off-by: Tadeusz Struk
---
drivers/crypto/qat/qat_common/Makefile| 12 +
drivers/crypto/qat/qat_common/qat_asym_algs.c | 225 +++--
drivers/crypto/qat/qat_common/qat_rsakey.asn1 |5
drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1 | 11 +
drivers/crypto/qat/qat_common/qat_rsapubkey.asn1 |4
5 files changed, 189 insertions(+), 68 deletions(-)
delete mode 100644 drivers/crypto/qat/qat_common/qat_rsakey.asn1
create mode 100644 drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1
create mode 100644 drivers/crypto/qat/qat_common/qat_rsapubkey.asn1
diff --git a/drivers/crypto/qat/qat_common/Makefile
b/drivers/crypto/qat/qat_common/Makefile
index ba5abdb..9e9e196 100644
--- a/drivers/crypto/qat/qat_common/Makefile
+++ b/drivers/crypto/qat/qat_common/Makefile
@@ -1,5 +1,10 @@
-$(obj)/qat_rsakey-asn1.o: $(obj)/qat_rsakey-asn1.c $(obj)/qat_rsakey-asn1.h
-clean-files += qat_rsakey-asn1.c qat_rsakey-asn1.h
+$(obj)/qat_rsapubkey-asn1.o: $(obj)/qat_rsapubkey-asn1.c \
+$(obj)/qat_rsapubkey-asn1.h
+$(obj)/qat_rsaprivkey-asn1.o: $(obj)/qat_rsaprivkey-asn1.c \
+ $(obj)/qat_rsaprivkey-asn1.h
+
+clean-files += qat_rsapubkey-asn1.c qat_rsapubkey-asn1.h
+clean-files += qat_rsaprivkey-asn1.c qat_rsapvivkey-asn1.h
obj-$(CONFIG_CRYPTO_DEV_QAT) += intel_qat.o
intel_qat-objs := adf_cfg.o \
@@ -13,6 +18,9 @@ intel_qat-objs := adf_cfg.o \
adf_hw_arbiter.o \
qat_crypto.o \
qat_algs.o \
+ qat_rsapubkey-asn1.o \
+ qat_rsaprivkey-asn1.o \
+ qat_asym_algs.o \
qat_uclo.o \
qat_hal.o
diff --git a/drivers/crypto/qat/qat_common/qat_asym_algs.c
b/drivers/crypto/qat/qat_common/qat_asym_algs.c
index 7de765d..d0c6e9c 100644
--- a/drivers/crypto/qat/qat_common/qat_asym_algs.c
+++ b/drivers/crypto/qat/qat_common/qat_asym_algs.c
@@ -51,7 +51,9 @@
#include
#include
#include
-#include "qat_rsakey-asn1.h"
+#include
+#include "qat_rsapubkey-asn1.h"
+#include "qat_rsaprivkey-asn1.h"
#include "icp_qat_fw_pke.h"
#include "adf_accel_devices.h"
#include "adf_transport.h"
@@ -106,6 +108,7 @@ struct qat_rsa_request {
dma_addr_t phy_in;
dma_addr_t phy_out;
char *src_align;
+ char *dst_align;
struct icp_qat_fw_pke_request req;
struct qat_rsa_ctx *ctx;
int err;
@@ -118,7 +121,6 @@ static void qat_rsa_cb(struct icp_qat_fw_pke_resp *resp)
struct device *dev = &GET_DEV(req->ctx->inst->accel_dev);
int err = ICP_QAT_FW_PKE_RESP_PKE_STAT_GET(
resp->pke_resp_hdr.comn_resp_flags);
- char *ptr = areq->dst;
err = (err == ICP_QAT_FW_COMN_STATUS_FLAG_OK) ? 0 : -EINVAL;
@@ -129,24 +131,44 @@ static void qat_rsa_cb(struct icp_qat_fw_pke_resp *resp)
dma_unmap_single(dev, req->in.enc.m, req->ctx->key_sz,
DMA_TO_DEVICE);
- dma_unmap_single(dev, req->out.enc.c, req->ctx->key_sz,
-DMA_FROM_DEVICE);
+ areq->out_len = req->ctx->key_sz;
+ if (req->dst_align) {
+ char *ptr = req->dst_align;
+
+ while (!(*ptr) && areq->out_len) {
+ areq->out_len--;
+ ptr++;
+ }
+
+ if (areq->out_len != req->ctx->key_sz)
+ memmove(req->dst_align, ptr, areq->out_len);
+
+ scatterwalk_map_and_copy(req->dst_align, areq->dst, 0,
+areq->out_len, 1);
+
+ dma_free_coherent(dev, req->ctx->key_sz, req->dst_align,
+ req->out.enc.c);
+ } else {
+ char *ptr = sg_virt(areq->dst);
+
+ while (!(*ptr) && areq->out_len) {
+ areq->out_len--;
+ ptr++;
+ }
+
+ if (sg_virt(areq->dst) != ptr && areq->out_len)
+ memmove(sg_virt(areq->dst), ptr, areq->out_len);
+
+ dma_unmap_single(dev, req->out.enc.c, req->ctx->key_sz,
+DMA_FROM_DEVICE);
+ }
+
dma_unmap_single(dev, req->phy_in, sizeof(struct qat_rsa_input_params),
DMA_TO_DEVICE);
dma_unmap_single(dev, req->phy_out,
sizeof(struct qat_rsa_output_params),
DMA_TO_DEVICE);
- areq->dst_len = req->ctx->key_sz;
- /* Need to set the corect length of the output */
- while (!(*ptr) && areq->dst_len) {
- areq->dst_len--;
- ptr++;
- }
-
- if (areq->dst_len != req->ctx->key_sz)
- memmove(areq->dst, ptr, areq->dst_len);
-
akcipher_request_complete(areq, err);
}
@@ -224,13 +246,14 @@ static int qat_rsa_enc(struct akcipher_request *req)
struct qat_rsa_request *qat_req =
[PATCH 6/8] crypto: rsa - update accoring to akcipher API changes
Rsa updates to reflect the API changes.
Signed-off-by: Tadeusz Struk
---
crypto/Makefile | 12 ++-
crypto/rsa.c | 188 ++---
crypto/rsa_helper.c | 42 -
crypto/rsakey.asn1|5 -
crypto/rsaprivkey.asn1| 11 ++
crypto/rsapubkey.asn1 |4 +
include/crypto/internal/rsa.h |7 +-
7 files changed, 220 insertions(+), 49 deletions(-)
delete mode 100644 crypto/rsakey.asn1
create mode 100644 crypto/rsaprivkey.asn1
create mode 100644 crypto/rsapubkey.asn1
diff --git a/crypto/Makefile b/crypto/Makefile
index 65e91da..d897e0b 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -31,8 +31,16 @@ obj-$(CONFIG_CRYPTO_HASH2) += crypto_hash.o
obj-$(CONFIG_CRYPTO_PCOMP2) += pcompress.o
obj-$(CONFIG_CRYPTO_AKCIPHER2) += akcipher.o
-$(obj)/rsakey-asn1.o: $(obj)/rsakey-asn1.c $(obj)/rsakey-asn1.h
-clean-files += rsakey-asn1.c rsakey-asn1.h
+$(obj)/rsapubkey-asn1.o: $(obj)/rsapubkey-asn1.c $(obj)/rsapubkey-asn1.h
+$(obj)/rsaprivkey-asn1.o: $(obj)/rsaprivkey-asn1.c $(obj)/rsaprivkey-asn1.h
+clean-files += rsapubkey-asn1.c rsapubkey-asn1.h
+clean-files += rsaprivkey-asn1.c rsaprivkey-asn1.h
+
+rsa_generic-y := rsapubkey-asn1.o
+rsa_generic-y += rsaprivkey-asn1.o
+rsa_generic-y += rsa.o
+rsa_generic-y += rsa_helper.o
+obj-$(CONFIG_CRYPTO_RSA) += rsa_generic.o
cryptomgr-y := algboss.o testmgr.o
diff --git a/crypto/rsa.c b/crypto/rsa.c
index 93feae2..f5b956c 100644
--- a/crypto/rsa.c
+++ b/crypto/rsa.c
@@ -13,6 +13,7 @@
#include
#include
#include
+#include
/*
* RSAEP function [RFC3447 sec 5.1.1]
@@ -80,34 +81,57 @@ static int rsa_enc(struct akcipher_request *req)
struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
const struct rsa_key *pkey = rsa_get_key(tfm);
MPI m, c = mpi_alloc(0);
+ int src_len = sg_len(req->src), dst_len = sg_len(req->dst);
int ret = 0;
int sign;
if (!c)
return -ENOMEM;
- if (unlikely(!pkey->n || !pkey->e)) {
+ if (unlikely(!pkey->n || !pkey->e || !src_len)) {
ret = -EINVAL;
goto err_free_c;
}
- if (req->dst_len < mpi_get_size(pkey->n)) {
- req->dst_len = mpi_get_size(pkey->n);
+ if (dst_len < mpi_get_size(pkey->n)) {
+ req->out_len = mpi_get_size(pkey->n);
ret = -EOVERFLOW;
goto err_free_c;
}
- m = mpi_read_raw_data(req->src, req->src_len);
- if (!m) {
- ret = -ENOMEM;
- goto err_free_c;
+ ret = -ENOMEM;
+ if (sg_is_last(req->src)) {
+ m = mpi_read_raw_data(sg_virt(req->src), src_len);
+ } else {
+ void *ptr = kmalloc(src_len, GFP_KERNEL);
+
+ if (!ptr)
+ goto err_free_c;
+
+ scatterwalk_map_and_copy(ptr, req->src, 0, src_len, 0);
+ m = mpi_read_raw_data(ptr, src_len);
+ kfree(ptr);
}
+ if (!m)
+ goto err_free_c;
ret = _rsa_enc(pkey, c, m);
if (ret)
goto err_free_m;
- ret = mpi_read_buffer(c, req->dst, req->dst_len, &req->dst_len, &sign);
+ if (sg_is_last(req->dst)) {
+ ret = mpi_read_buffer(c, sg_virt(req->dst), dst_len,
+ &req->out_len, &sign);
+ } else {
+ void *ptr = kmalloc(dst_len, GFP_KERNEL);
+
+ if (!ptr)
+ goto err_free_m;
+
+ ret = mpi_read_buffer(c, ptr, dst_len, &req->out_len, &sign);
+ scatterwalk_map_and_copy(ptr, req->dst, 0, dst_len, 1);
+ kfree(ptr);
+ }
if (ret)
goto err_free_m;
@@ -128,34 +152,57 @@ static int rsa_dec(struct akcipher_request *req)
struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
const struct rsa_key *pkey = rsa_get_key(tfm);
MPI c, m = mpi_alloc(0);
+ int src_len = sg_len(req->src), dst_len = sg_len(req->dst);
int ret = 0;
int sign;
if (!m)
return -ENOMEM;
- if (unlikely(!pkey->n || !pkey->d)) {
+ if (unlikely(!pkey->n || !pkey->d || !src_len)) {
ret = -EINVAL;
goto err_free_m;
}
- if (req->dst_len < mpi_get_size(pkey->n)) {
- req->dst_len = mpi_get_size(pkey->n);
+ if (dst_len < mpi_get_size(pkey->n)) {
+ req->out_len = mpi_get_size(pkey->n);
ret = -EOVERFLOW;
goto err_free_m;
}
- c = mpi_read_raw_data(req->src, req->src_len);
- if (!c) {
- ret = -ENOMEM;
- goto err_free_m;
+ ret = -ENOMEM;
+ if (sg_is_last(req->src)) {
+ c = mpi_read_raw_data(sg_virt(req->src), src_len);
+ } else {
+ void *ptr
[PATCH 8/8] crypto: testmgr - update test mgr according to API changes
Signed-off-by: Tadeusz Struk
---
crypto/testmgr.c | 44 +---
crypto/testmgr.h | 36 +++-
2 files changed, 48 insertions(+), 32 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 2f2b66e..f268707 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1835,7 +1835,6 @@ static int alg_test_drbg(const struct alg_test_desc
*desc, const char *driver,
}
-#if 0
static int do_test_rsa(struct crypto_akcipher *tfm,
struct akcipher_testvec *vecs)
{
@@ -1845,34 +1844,33 @@ static int do_test_rsa(struct crypto_akcipher *tfm,
struct tcrypt_result result;
unsigned int out_len_max, out_len = 0;
int err = -ENOMEM;
+ struct scatterlist src, dst, src_tab[2];
req = akcipher_request_alloc(tfm, GFP_KERNEL);
if (!req)
return err;
init_completion(&result.completion);
- err = crypto_akcipher_setkey(tfm, vecs->key, vecs->key_len);
- if (err)
- goto free_req;
- akcipher_request_set_crypt(req, vecs->m, outbuf_enc, vecs->m_size,
- out_len);
- /* expect this to fail, and update the required buf len */
- crypto_akcipher_encrypt(req);
- out_len = req->dst_len;
- if (!out_len) {
- err = -EINVAL;
+ if (vecs->public_key_vec)
+ err = crypto_akcipher_set_pub_key(tfm, vecs->key,
+ vecs->key_len);
+ else
+ err = crypto_akcipher_set_priv_key(tfm, vecs->key,
+ vecs->key_len);
+ if (err)
goto free_req;
- }
- out_len_max = out_len;
- err = -ENOMEM;
+ out_len_max = crypto_akcipher_get_len(tfm);
outbuf_enc = kzalloc(out_len_max, GFP_KERNEL);
if (!outbuf_enc)
goto free_req;
- akcipher_request_set_crypt(req, vecs->m, outbuf_enc, vecs->m_size,
- out_len);
+ sg_init_table(src_tab, 2);
+ sg_set_buf(&src_tab[0], vecs->m, 8);
+ sg_set_buf(&src_tab[1], vecs->m + 8, vecs->m_size - 8);
+ sg_init_one(&dst, outbuf_enc, out_len_max);
+ akcipher_request_set_crypt(req, src_tab, &dst);
akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
tcrypt_complete, &result);
@@ -1882,13 +1880,13 @@ static int do_test_rsa(struct crypto_akcipher *tfm,
pr_err("alg: rsa: encrypt test failed. err %d\n", err);
goto free_all;
}
- if (out_len != vecs->c_size) {
+ if (req->out_len != vecs->c_size) {
pr_err("alg: rsa: encrypt test failed. Invalid output len\n");
err = -EINVAL;
goto free_all;
}
/* verify that encrypted message is equal to expected */
- if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) {
+ if (memcmp(vecs->c, sg_virt(req->dst), vecs->c_size)) {
pr_err("alg: rsa: encrypt test failed. Invalid output\n");
err = -EINVAL;
goto free_all;
@@ -1903,9 +1901,10 @@ static int do_test_rsa(struct crypto_akcipher *tfm,
err = -ENOMEM;
goto free_all;
}
+ sg_init_one(&src, vecs->c, vecs->c_size);
+ sg_init_one(&dst, outbuf_dec, out_len_max);
init_completion(&result.completion);
- akcipher_request_set_crypt(req, outbuf_enc, outbuf_dec, vecs->c_size,
- out_len);
+ akcipher_request_set_crypt(req, &src, &dst);
/* Run RSA decrypt - m = c^d mod n;*/
err = wait_async_op(&result, crypto_akcipher_decrypt(req));
@@ -1913,7 +1912,7 @@ static int do_test_rsa(struct crypto_akcipher *tfm,
pr_err("alg: rsa: decrypt test failed. err %d\n", err);
goto free_all;
}
- out_len = req->dst_len;
+ out_len = req->out_len;
if (out_len != vecs->m_size) {
pr_err("alg: rsa: decrypt test failed. Invalid output len\n");
err = -EINVAL;
@@ -1976,7 +1975,6 @@ static int alg_test_akcipher(const struct alg_test_desc
*desc,
crypto_free_akcipher(tfm);
return err;
}
-#endif
static int alg_test_null(const struct alg_test_desc *desc,
const char *driver, u32 type, u32 mask)
@@ -3613,7 +3611,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}, {
.alg = "rsa",
- .test = alg_test_null,
+ .test = alg_test_akcipher,
.fips_allowed = 1,
.suite = {
.akcipher = {
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 64b8a80..e10582d 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -149,7 +149,8 @@ static struct akcipher_testvec
[PATCH 3/8] crypto: qat - check status returned from crypto_unregister_akcipher
Add status check returned from crypto_unregister_akcipher.
Signed-off-by: Tadeusz Struk
---
drivers/crypto/qat/qat_common/adf_common_drv.h |2 +-
drivers/crypto/qat/qat_common/adf_init.c |6 ++
drivers/crypto/qat/qat_common/qat_asym_algs.c |7 +--
3 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/qat/qat_common/adf_common_drv.h
b/drivers/crypto/qat/qat_common/adf_common_drv.h
index 7836dff..6882c52 100644
--- a/drivers/crypto/qat/qat_common/adf_common_drv.h
+++ b/drivers/crypto/qat/qat_common/adf_common_drv.h
@@ -168,7 +168,7 @@ void qat_algs_exit(void);
int qat_algs_register(void);
int qat_algs_unregister(void);
int qat_asym_algs_register(void);
-void qat_asym_algs_unregister(void);
+int qat_asym_algs_unregister(void);
int qat_hal_init(struct adf_accel_dev *accel_dev);
void qat_hal_deinit(struct icp_qat_fw_loader_handle *handle);
diff --git a/drivers/crypto/qat/qat_common/adf_init.c
b/drivers/crypto/qat/qat_common/adf_init.c
index ac37a89..e9d52a8 100644
--- a/drivers/crypto/qat/qat_common/adf_init.c
+++ b/drivers/crypto/qat/qat_common/adf_init.c
@@ -272,13 +272,11 @@ int adf_dev_stop(struct adf_accel_dev *accel_dev)
clear_bit(ADF_STATUS_STARTING, &accel_dev->status);
clear_bit(ADF_STATUS_STARTED, &accel_dev->status);
- if (!list_empty(&accel_dev->crypto_list) && qat_algs_unregister())
+ if (!list_empty(&accel_dev->crypto_list) &&
+ (qat_algs_unregister() || qat_asym_algs_unregister()))
dev_err(&GET_DEV(accel_dev),
"Failed to unregister crypto algs\n");
- if (!list_empty(&accel_dev->crypto_list))
- qat_asym_algs_unregister();
-
list_for_each(list_itr, &service_table) {
service = list_entry(list_itr, struct service_hndl, list);
if (!test_bit(accel_dev->accel_id, &service->start_status))
diff --git a/drivers/crypto/qat/qat_common/qat_asym_algs.c
b/drivers/crypto/qat/qat_common/qat_asym_algs.c
index e87f510..7de765d 100644
--- a/drivers/crypto/qat/qat_common/qat_asym_algs.c
+++ b/drivers/crypto/qat/qat_common/qat_asym_algs.c
@@ -643,10 +643,13 @@ int qat_asym_algs_register(void)
return ret;
}
-void qat_asym_algs_unregister(void)
+int qat_asym_algs_unregister(void)
{
+ int ret = 0;
+
mutex_lock(&algs_lock);
if (--active_devs == 0)
- crypto_unregister_akcipher(&rsa);
+ ret = crypto_unregister_akcipher(&rsa);
mutex_unlock(&algs_lock);
+ return ret;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 1/8] crypto: akcipher - return status from crypto_unregister_alg
Return status from crypto_unregister_alg to the caller.
Signed-off-by: Tadeusz Struk
---
crypto/akcipher.c |4 ++--
include/crypto/internal/akcipher.h |4 +++-
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/crypto/akcipher.c b/crypto/akcipher.c
index 528ae6a..9cd84f7 100644
--- a/crypto/akcipher.c
+++ b/crypto/akcipher.c
@@ -107,9 +107,9 @@ int crypto_register_akcipher(struct akcipher_alg *alg)
}
EXPORT_SYMBOL_GPL(crypto_register_akcipher);
-void crypto_unregister_akcipher(struct akcipher_alg *alg)
+int crypto_unregister_akcipher(struct akcipher_alg *alg)
{
- crypto_unregister_alg(&alg->base);
+ return crypto_unregister_alg(&alg->base);
}
EXPORT_SYMBOL_GPL(crypto_unregister_akcipher);
diff --git a/include/crypto/internal/akcipher.h
b/include/crypto/internal/akcipher.h
index 9a2bda1..9ea7bc9 100644
--- a/include/crypto/internal/akcipher.h
+++ b/include/crypto/internal/akcipher.h
@@ -55,6 +55,8 @@ int crypto_register_akcipher(struct akcipher_alg *alg);
* Function unregisters an implementation of a public key verify algorithm
*
* @alg: algorithm definition
+ *
+ * Return: zero on success; error code in case of error
*/
-void crypto_unregister_akcipher(struct akcipher_alg *alg);
+int crypto_unregister_akcipher(struct akcipher_alg *alg);
#endif
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 2/8] crypto: rsa - check status returned from crypto_unregister_akcipher
Add status check returned from crypto_unregister_akcipher function.
Signed-off-by: Tadeusz Struk
---
crypto/rsa.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/rsa.c b/crypto/rsa.c
index 466003e..93feae2 100644
--- a/crypto/rsa.c
+++ b/crypto/rsa.c
@@ -329,7 +329,7 @@ static int rsa_init(void)
static void rsa_exit(void)
{
- crypto_unregister_akcipher(&rsa);
+ WARN_ON(crypto_unregister_akcipher(&rsa));
}
module_init(rsa_init);
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 0/8] crypto: Updates to akcipher API
This series introduce updates to the akcipher API. setkey function has been split into set_pub_key and set_priv_key. Input and output buffers are now sgl instread of void * It also includes some minor updates like status check from crypto_unregister_akcipher which was not checked before. --- Tadeusz Struk (8): crypto: akcipher - return status from crypto_unregister_alg crypto: rsa - check status returned from crypto_unregister_akcipher crypto: qat - check status returned from crypto_unregister_akcipher crypto: akcipher - Changes to asymmetric key API lib/scatterlist: Add sg_len helper crypto: rsa - update accoring to akcipher API changes crypto: qat - update accoring to akcipher API changes crypto: testmgr - update test mgr crypto/Makefile |9 + crypto/akcipher.c |4 crypto/rsa.c | 191 ++--- crypto/rsa_helper.c | 42 +++- crypto/rsakey.asn1|5 crypto/rsaprivkey.asn1| 11 + crypto/rsapubkey.asn1 |4 crypto/testmgr.c | 40 ++-- crypto/testmgr.h | 36 ++- drivers/crypto/qat/qat_common/Makefile| 12 + drivers/crypto/qat/qat_common/adf_common_drv.h|2 drivers/crypto/qat/qat_common/adf_init.c |6 - drivers/crypto/qat/qat_common/qat_asym_algs.c | 232 +++-- drivers/crypto/qat/qat_common/qat_rsakey.asn1 |5 drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1 | 11 + drivers/crypto/qat/qat_common/qat_rsapubkey.asn1 |4 include/crypto/akcipher.h | 99 ++--- include/crypto/internal/akcipher.h|4 include/crypto/internal/rsa.h |7 - include/linux/scatterlist.h |1 lib/scatterlist.c | 17 ++ 21 files changed, 552 insertions(+), 190 deletions(-) delete mode 100644 crypto/rsakey.asn1 create mode 100644 crypto/rsaprivkey.asn1 create mode 100644 crypto/rsapubkey.asn1 delete mode 100644 drivers/crypto/qat/qat_common/qat_rsakey.asn1 create mode 100644 drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1 create mode 100644 drivers/crypto/qat/qat_common/qat_rsapubkey.asn1 -- Signature -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 5/8] lib/scatterlist: Add sg_len helper
Add sg_len function which returns the total number of bytes in sg.
Signed-off-by: Tadeusz Struk
---
include/linux/scatterlist.h |1 +
lib/scatterlist.c | 18 ++
2 files changed, 19 insertions(+)
diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h
index 9b1ef0c..7c82fc1 100644
--- a/include/linux/scatterlist.h
+++ b/include/linux/scatterlist.h
@@ -246,6 +246,7 @@ static inline void *sg_virt(struct scatterlist *sg)
}
int sg_nents(struct scatterlist *sg);
+int sg_len(struct scatterlist *sg);
int sg_nents_for_len(struct scatterlist *sg, u64 len);
struct scatterlist *sg_next(struct scatterlist *);
struct scatterlist *sg_last(struct scatterlist *s, unsigned int);
diff --git a/lib/scatterlist.c b/lib/scatterlist.c
index d105a9f..71324bb 100644
--- a/lib/scatterlist.c
+++ b/lib/scatterlist.c
@@ -57,6 +57,24 @@ int sg_nents(struct scatterlist *sg)
EXPORT_SYMBOL(sg_nents);
/**
+ * sg_len - return total size of bytes in the scatterlist
+ * @sg: The scatterlist
+ *
+ * Description:
+ * Allows to know how the total size of bytes in sg, taking into acount
+ * chaining as well
+ **/
+int sg_len(struct scatterlist *sg)
+{
+ int len;
+
+ for (len = 0; sg; sg = sg_next(sg))
+ len += sg->length;
+ return len;
+}
+EXPORT_SYMBOL(sg_len);
+
+/**
* sg_nents_for_len - return total count of entries in scatterlist
*needed to satisfy the supplied length
* @sg:The scatterlist
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 4/8] crypto: akcipher - Changes to asymmetric key API
Setkey function has been split into set_priv_key and set_pub_key.
Akcipher requests takes sgl for src and dst instead of void *.
Users of the API need to be disabled so that the build works fine
after this patch.
They will be enabled in subsequent patches.
Signed-off-by: Tadeusz Struk
---
crypto/Makefile|5 --
crypto/testmgr.c |4 +
drivers/crypto/qat/qat_common/Makefile |2 -
include/crypto/akcipher.h | 99 ++--
4 files changed, 71 insertions(+), 39 deletions(-)
diff --git a/crypto/Makefile b/crypto/Makefile
index e2c5981..65e91da 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -34,11 +34,6 @@ obj-$(CONFIG_CRYPTO_AKCIPHER2) += akcipher.o
$(obj)/rsakey-asn1.o: $(obj)/rsakey-asn1.c $(obj)/rsakey-asn1.h
clean-files += rsakey-asn1.c rsakey-asn1.h
-rsa_generic-y := rsakey-asn1.o
-rsa_generic-y += rsa.o
-rsa_generic-y += rsa_helper.o
-obj-$(CONFIG_CRYPTO_RSA) += rsa_generic.o
-
cryptomgr-y := algboss.o testmgr.o
obj-$(CONFIG_CRYPTO_MANAGER2) += cryptomgr.o
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 35c2de1..2f2b66e 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1835,6 +1835,7 @@ static int alg_test_drbg(const struct alg_test_desc
*desc, const char *driver,
}
+#if 0
static int do_test_rsa(struct crypto_akcipher *tfm,
struct akcipher_testvec *vecs)
{
@@ -1975,6 +1976,7 @@ static int alg_test_akcipher(const struct alg_test_desc
*desc,
crypto_free_akcipher(tfm);
return err;
}
+#endif
static int alg_test_null(const struct alg_test_desc *desc,
const char *driver, u32 type, u32 mask)
@@ -3611,7 +3613,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}, {
.alg = "rsa",
- .test = alg_test_akcipher,
+ .test = alg_test_null,
.fips_allowed = 1,
.suite = {
.akcipher = {
diff --git a/drivers/crypto/qat/qat_common/Makefile
b/drivers/crypto/qat/qat_common/Makefile
index df20a9d..ba5abdb 100644
--- a/drivers/crypto/qat/qat_common/Makefile
+++ b/drivers/crypto/qat/qat_common/Makefile
@@ -13,8 +13,6 @@ intel_qat-objs := adf_cfg.o \
adf_hw_arbiter.o \
qat_crypto.o \
qat_algs.o \
- qat_rsakey-asn1.o \
- qat_asym_algs.o \
qat_uclo.o \
qat_hal.o
diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h
index 69d163e..7380e25 100644
--- a/include/crypto/akcipher.h
+++ b/include/crypto/akcipher.h
@@ -13,28 +13,25 @@
#ifndef _CRYPTO_AKCIPHER_H
#define _CRYPTO_AKCIPHER_H
#include
+#include
/**
* struct akcipher_request - public key request
*
* @base: Common attributes for async crypto requests
- * @src: Pointer to memory containing the input parameters
- * The format of the parameter(s) is expeted to be Octet String
- * @dst: Pointer to memory whare the result will be stored
- * @src_len: Size of the input parameter
- * @dst_len: Size of the output buffer. It needs to be at leaset
- * as big as the expected result depending on the operation
- * After operation it will be updated with the acctual size of the
- * result. In case of error, where the dst_len was insufficient,
+ * @src: Source data
+ * @dst: Destination data
+ * @out_len: Size of the result. After operation it will be updated with
+ * the acctual size of the data stored in the dst.
+ * In case of error, where the dst sgl size was insufficient,
* it will be updated to the size required for the operation.
* @__ctx: Start of private context data
*/
struct akcipher_request {
struct crypto_async_request base;
- void *src;
- void *dst;
- unsigned int src_len;
- unsigned int dst_len;
+ struct scatterlist *src;
+ struct scatterlist *dst;
+ unsigned int out_len;
void *__ctx[] CRYPTO_MINALIGN_ATTR;
};
@@ -67,8 +64,13 @@ struct crypto_akcipher {
* algorithm. In case of error, where the dst_len was insufficient,
* the req->dst_len will be updated to the size required for the
* operation
- * @setkey:Function invokes the algorithm specific set key function, which
- * knows how to decode and interpret the BER encoded key
+ * @set_pub_key: Function invokes the algorithm specific set public key
+ * function, which knows how to decode and interpret
+ * the BER encoded public key
+ * @set_priv_key: Function invokes the algorithm specific set private key
+ * function, which knows how to decode and interpret
+ * the BER encoded private key
+ * @get_len: Function returns minimum dest buffer size for a given key.
* @init: Initialize the cryptographic transformation objec
[PATCH] crypto: sun4i-ss Fix a possible driver hang with ciphers
The sun4i_ss_opti_poll function cipher data until the output miter have
a length of 0.
If the crypto API client, give more SGs than necessary this could result
in an infinite loop.
Fix it by checking for remaining bytes, just like sun4i_ss_cipher_poll().
Signed-off-by: LABBE Corentin
---
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
index e070c31..a19ee12 100644
--- a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
+++ b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
@@ -104,7 +104,7 @@ static int sun4i_ss_opti_poll(struct ablkcipher_request
*areq)
sg_miter_next(&mo);
oo = 0;
}
- } while (mo.length > 0);
+ } while (oleft > 0);
if (areq->info) {
for (i = 0; i < 4 && i < ivsize / 4; i++) {
--
2.4.6
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: USB HID devices not linked to RNG
Am Dienstag, 8. September 2015, 22:40:07 schrieb Dmitry Torokhov:
Hi Dmitry,
>
>All input devices add randomness, however I think for mouse
>add_input_randomness() will drop majority of events since they are
>likely have the same value (well, depends on which direction you are
>moving the mouse)...
I agree that such mechanism is present, but it is implemented by
add_input_randomness:
/* ignore autorepeat and the like */
if (value == last_value)
return;
So, when we install a probe at the entry into add_input_randomness, we should
see invocations.
The problem now is that add_input_randomness is not called at all.
Simply use the following code as a systemtap script, load it and move a USB
mouse or type on a USB keyboard:
probe kernel.function("add_input_randomness") {
printf("add_input_randomness triggered\n");
}
Expected behavior: tons of printouts should be received (as it is the case
with PS/2 mice and keyboards).
Actual behavior: no printout when moving USB HID.
Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2] crypto: vmx - VMX crypto should depend on CONFIG_VSX
This code uses FP (floating point), Altivec and VSX (Vector-Scalar Extension). It can just depend on CONFIG_VSX though, because that already depends on FP and Altivec. Otherwise we get lots of link errors such as: drivers/built-in.o: In function `.p8_aes_setkey': aes.c:(.text+0x2d325c): undefined reference to `.enable_kernel_altivec' aes.c:(.text+0x2d326c): undefined reference to `.enable_kernel_vsx' Signed-off-by: Michael Ellerman --- v2: Spell out VSX, and CC linux-crypto. drivers/crypto/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 07bc7aa6b224..d234719065a5 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -461,7 +461,7 @@ config CRYPTO_DEV_QCE config CRYPTO_DEV_VMX bool "Support for VMX cryptographic acceleration instructions" - depends on PPC64 + depends on PPC64 && VSX help Support for VMX cryptographic acceleration instructions. -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
