Re: [bug] sha1-avx2 and read beyond
On Mon, Jul 03, 2017 at 08:33:44PM +0800, Herbert Xu wrote: > On Sat, Jun 24, 2017 at 12:56:52AM +, Albrekht, Ilya wrote: > > Hello all, > > > > I'm sorry for late reply (I was out of office for a month). > > > > It's been a while since we touched this code. We are going to do our best > > to support it. I'll be back to the office earlier next week and will figure > > out the fix ASAP. > > Any update on this? For the time being I'm going to disable this: ---8<--- Subject: crypto: sha1-ssse3 - Disable avx2 It has been reported that sha1-avx2 can cause page faults by reading beyond the end of the input. This patch disables it until it can be fixed. Cc:Fixes: 7c1da8d0d046 ("crypto: sha - SHA1 transform x86_64 AVX2") Reported-by: Jan Stancek Signed-off-by: Herbert Xu diff --git a/arch/x86/crypto/sha1_ssse3_glue.c b/arch/x86/crypto/sha1_ssse3_glue.c index fc61739..f960a04 100644 --- a/arch/x86/crypto/sha1_ssse3_glue.c +++ b/arch/x86/crypto/sha1_ssse3_glue.c @@ -201,7 +201,7 @@ asmlinkage void sha1_transform_avx2(u32 *digest, const char *data, static bool avx2_usable(void) { - if (avx_usable() && boot_cpu_has(X86_FEATURE_AVX2) + if (false && avx_usable() && boot_cpu_has(X86_FEATURE_AVX2) && boot_cpu_has(X86_FEATURE_BMI1) && boot_cpu_has(X86_FEATURE_BMI2)) return true; -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
[PATCH v5] crypto: sun4i-ss: support the Security System PRNG
The Security System has a PRNG, this patch adds support for it via crypto_rng. Signed-off-by: Corentin Labbe--- Change since v4 - Fixed some spelling issue in Kconfig and patch description Changes since v3 (note: the v3 miss changes and version tag sorry) - Replaced all len values with bits / BITS_PER_LONG or BITS_PER_BYTE Changes since v2 - converted to crypto_rng Changes since v1: - Replaced all spin_lock_bh by simple spin_lock - Removed handling of size not modulo 4 which will never happen - Added add_random_ready_callback() drivers/crypto/Kconfig | 8 + drivers/crypto/sunxi-ss/Makefile| 1 + drivers/crypto/sunxi-ss/sun4i-ss-core.c | 30 ++ drivers/crypto/sunxi-ss/sun4i-ss-prng.c | 56 + drivers/crypto/sunxi-ss/sun4i-ss.h | 11 +++ 5 files changed, 106 insertions(+) create mode 100644 drivers/crypto/sunxi-ss/sun4i-ss-prng.c diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index ab82536d64e2..99245f9c9d58 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -618,6 +618,14 @@ config CRYPTO_DEV_SUN4I_SS To compile this driver as a module, choose M here: the module will be called sun4i-ss. +config CRYPTO_DEV_SUN4I_SS_PRNG + bool "Support for Allwinner Security System PRNG" + depends on CRYPTO_DEV_SUN4I_SS + select CRYPTO_RNG + help + Select this option if you want to provide kernel-side support for + the Pseudo-Random Number Generator found in the Security System. + config CRYPTO_DEV_ROCKCHIP tristate "Rockchip's Cryptographic Engine driver" depends on OF && ARCH_ROCKCHIP diff --git a/drivers/crypto/sunxi-ss/Makefile b/drivers/crypto/sunxi-ss/Makefile index 8f4c7a273141..ccb893219079 100644 --- a/drivers/crypto/sunxi-ss/Makefile +++ b/drivers/crypto/sunxi-ss/Makefile @@ -1,2 +1,3 @@ obj-$(CONFIG_CRYPTO_DEV_SUN4I_SS) += sun4i-ss.o sun4i-ss-y += sun4i-ss-core.o sun4i-ss-hash.o sun4i-ss-cipher.o +sun4i-ss-$(CONFIG_CRYPTO_DEV_SUN4I_SS_PRNG) += sun4i-ss-prng.o diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-core.c b/drivers/crypto/sunxi-ss/sun4i-ss-core.c index 02ad8256e900..1547cbe13dc2 100644 --- a/drivers/crypto/sunxi-ss/sun4i-ss-core.c +++ b/drivers/crypto/sunxi-ss/sun4i-ss-core.c @@ -213,6 +213,23 @@ static struct sun4i_ss_alg_template ss_algs[] = { } } }, +#ifdef CONFIG_CRYPTO_DEV_SUN4I_SS_PRNG +{ + .type = CRYPTO_ALG_TYPE_RNG, + .alg.rng = { + .base = { + .cra_name = "stdrng", + .cra_driver_name= "sun4i_ss_rng", + .cra_priority = 300, + .cra_ctxsize= 0, + .cra_module = THIS_MODULE, + }, + .generate = sun4i_ss_prng_generate, + .seed = sun4i_ss_prng_seed, + .seedsize = SS_SEED_LEN / BITS_PER_BYTE, + } +}, +#endif }; static int sun4i_ss_probe(struct platform_device *pdev) @@ -355,6 +372,13 @@ static int sun4i_ss_probe(struct platform_device *pdev) goto error_alg; } break; + case CRYPTO_ALG_TYPE_RNG: + err = crypto_register_rng(_algs[i].alg.rng); + if (err) { + dev_err(ss->dev, "Fail to register %s\n", + ss_algs[i].alg.rng.base.cra_name); + } + break; } } platform_set_drvdata(pdev, ss); @@ -369,6 +393,9 @@ static int sun4i_ss_probe(struct platform_device *pdev) case CRYPTO_ALG_TYPE_AHASH: crypto_unregister_ahash(_algs[i].alg.hash); break; + case CRYPTO_ALG_TYPE_RNG: + crypto_unregister_rng(_algs[i].alg.rng); + break; } } if (ss->reset) @@ -393,6 +420,9 @@ static int sun4i_ss_remove(struct platform_device *pdev) case CRYPTO_ALG_TYPE_AHASH: crypto_unregister_ahash(_algs[i].alg.hash); break; + case CRYPTO_ALG_TYPE_RNG: + crypto_unregister_rng(_algs[i].alg.rng); + break; } } diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-prng.c b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c new file mode 100644 index ..0d01d1624252 --- /dev/null +++ b/drivers/crypto/sunxi-ss/sun4i-ss-prng.c @@ -0,0 +1,56 @@ +#include "sun4i-ss.h" + +int sun4i_ss_prng_seed(struct crypto_rng *tfm, const u8 *seed, + unsigned int slen) +{ + struct sun4i_ss_alg_template *algt; +
Re: [PATCH v4] crypto: sun4i-ss: support the Security System PRNG
On Mon, Jun 26, 2017 at 02:36:43PM +0200, Frans Klaver wrote: > Hi, > > On Mon, Jun 26, 2017 at 2:20 PM, Corentin Labbe >wrote: > > The Security System have a PRNG, this patch add support for it via > > crypto_rng. > > s,have,has, > s,add,adds, > > > > > Signed-off-by: Corentin Labbe > > --- > > > > Changes since v3 (note: the v3 miss changes and version tag sorry) > > - Replaced all len values with bits / BITS_PER_LONG or BITS_PER_BYTE > > > > Changes since v2 > > - converted to crypto_rng > > > > Changes since v1: > > - Replaced all spin_lock_bh by simple spin_lock > > - Removed handling of size not modulo 4 which will never happen > > - Added add_random_ready_callback() > > > > drivers/crypto/Kconfig | 8 + > > drivers/crypto/sunxi-ss/Makefile| 1 + > > drivers/crypto/sunxi-ss/sun4i-ss-core.c | 30 ++ > > drivers/crypto/sunxi-ss/sun4i-ss-prng.c | 56 > > + > > drivers/crypto/sunxi-ss/sun4i-ss.h | 11 +++ > > 5 files changed, 106 insertions(+) > > create mode 100644 drivers/crypto/sunxi-ss/sun4i-ss-prng.c > > > > diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig > > index ab82536d64e2..bde0b102eb70 100644 > > --- a/drivers/crypto/Kconfig > > +++ b/drivers/crypto/Kconfig > > @@ -618,6 +618,14 @@ config CRYPTO_DEV_SUN4I_SS > > To compile this driver as a module, choose M here: the module > > will be called sun4i-ss. > > > > +config CRYPTO_DEV_SUN4I_SS_PRNG > > + bool "Support for Allwinner Security System PRNG" > > + depends on CRYPTO_DEV_SUN4I_SS > > + select CRYPTO_RNG > > + help > > + Select this option if you to provides kernel-side support for > > + the Pseudo-Random Number Generator found in the Security System. > > This sentence does not parse. "Select this option if you want to > provide kernel-side for ...". Alternatively: "This option enables > kernel-side support for ..." > > Frans Thanks, I will change it.
Re: [PATCH v3 RESEND 5/5] crypto: ccp - remove ccp_present() check from device initialize
On 06/29/2017 11:54 AM, Singh, Brijesh wrote: Since SP device driver supports multiples devices (e.g CCP, PSP), we should not fail the driver init just because CCP device is not found. Signed-off-by: Brijesh SinghAcked-by: Gary R Hook --- drivers/crypto/ccp/sp-dev.c | 12 1 file changed, 12 deletions(-) diff --git a/drivers/crypto/ccp/sp-dev.c b/drivers/crypto/ccp/sp-dev.c index edbf1bd9..a017233 100644 --- a/drivers/crypto/ccp/sp-dev.c +++ b/drivers/crypto/ccp/sp-dev.c @@ -244,12 +244,6 @@ static int __init sp_mod_init(void) if (ret) return ret; - /* Don't leave the driver loaded if init failed */ - if (ccp_present() != 0) { - sp_pci_exit(); - return -ENODEV; - } - return 0; #endif @@ -260,12 +254,6 @@ static int __init sp_mod_init(void) if (ret) return ret; - /* Don't leave the driver loaded if init failed */ - if (ccp_present() != 0) { - sp_platform_exit(); - return -ENODEV; - } - return 0; #endif -- 2.9.4
Re: [PATCH v3 RESEND 4/5] crypto: ccp - rename ccp driver initialize files as sp device
On 06/29/2017 11:54 AM, Singh, Brijesh wrote: CCP device initializes is now integerated into higher level SP device, to avoid the confusion lets rename the ccp driver initialization files (ccp-platform.c->sp-platform.c, ccp-pci.c->sp-pci.c). The patch does not make any functional changes other than renaming file and structures Signed-off-by: Brijesh SinghAcked-by: Gary R Hook --- drivers/crypto/ccp/Makefile| 4 +- drivers/crypto/ccp/ccp-dev.h | 6 -- drivers/crypto/ccp/sp-dev.c| 12 ++-- drivers/crypto/ccp/{ccp-pci.c => sp-pci.c} | 80 +++--- .../crypto/ccp/{ccp-platform.c => sp-platform.c} | 78 ++--- 5 files changed, 87 insertions(+), 93 deletions(-) rename drivers/crypto/ccp/{ccp-pci.c => sp-pci.c} (71%) rename drivers/crypto/ccp/{ccp-platform.c => sp-platform.c} (66%) diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile index d2f1b52..5f2adc5 100644 --- a/drivers/crypto/ccp/Makefile +++ b/drivers/crypto/ccp/Makefile @@ -1,12 +1,12 @@ obj-$(CONFIG_CRYPTO_DEV_CCP_DD) += ccp.o -ccp-objs := sp-dev.o ccp-platform.o +ccp-objs := sp-dev.o sp-platform.o ccp-$(CONFIG_CRYPTO_DEV_SP_CCP) += ccp-dev.o \ ccp-ops.o \ ccp-dev-v3.o \ ccp-dev-v5.o \ ccp-dmaengine.o \ ccp-debugfs.o -ccp-$(CONFIG_PCI) += ccp-pci.o +ccp-$(CONFIG_PCI) += sp-pci.o obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) += ccp-crypto.o ccp-crypto-objs := ccp-crypto-main.o \ diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h index 193f309..b959e24 100644 --- a/drivers/crypto/ccp/ccp-dev.h +++ b/drivers/crypto/ccp/ccp-dev.h @@ -626,12 +626,6 @@ struct ccp5_desc { struct dword7 dw7; }; -int ccp_pci_init(void); -void ccp_pci_exit(void); - -int ccp_platform_init(void); -void ccp_platform_exit(void); - void ccp_add_device(struct ccp_device *ccp); void ccp_del_device(struct ccp_device *ccp); diff --git a/drivers/crypto/ccp/sp-dev.c b/drivers/crypto/ccp/sp-dev.c index 44e76e5..edbf1bd9 100644 --- a/drivers/crypto/ccp/sp-dev.c +++ b/drivers/crypto/ccp/sp-dev.c @@ -240,13 +240,13 @@ static int __init sp_mod_init(void) #ifdef CONFIG_X86 int ret; - ret = ccp_pci_init(); + ret = sp_pci_init(); if (ret) return ret; /* Don't leave the driver loaded if init failed */ if (ccp_present() != 0) { - ccp_pci_exit(); + sp_pci_exit(); return -ENODEV; } @@ -256,13 +256,13 @@ static int __init sp_mod_init(void) #ifdef CONFIG_ARM64 int ret; - ret = ccp_platform_init(); + ret = sp_platform_init(); if (ret) return ret; /* Don't leave the driver loaded if init failed */ if (ccp_present() != 0) { - ccp_platform_exit(); + sp_platform_exit(); return -ENODEV; } @@ -275,11 +275,11 @@ static int __init sp_mod_init(void) static void __exit sp_mod_exit(void) { #ifdef CONFIG_X86 - ccp_pci_exit(); + sp_pci_exit(); #endif #ifdef CONFIG_ARM64 - ccp_platform_exit(); + sp_platform_exit(); #endif } diff --git a/drivers/crypto/ccp/ccp-pci.c b/drivers/crypto/ccp/sp-pci.c similarity index 71% rename from drivers/crypto/ccp/ccp-pci.c rename to drivers/crypto/ccp/sp-pci.c index b29a093..9859aa6 100644 --- a/drivers/crypto/ccp/ccp-pci.c +++ b/drivers/crypto/ccp/sp-pci.c @@ -1,5 +1,5 @@ /* - * AMD Cryptographic Coprocessor (CCP) driver + * AMD Secure Processor device driver * * Copyright (C) 2013,2016 Advanced Micro Devices, Inc. * @@ -28,35 +28,35 @@ #define MSIX_VECTORS2 -struct ccp_pci { +struct sp_pci { int msix_count; struct msix_entry msix_entry[MSIX_VECTORS]; }; -static int ccp_get_msix_irqs(struct sp_device *sp) +static int sp_get_msix_irqs(struct sp_device *sp) { - struct ccp_pci *ccp_pci = sp->dev_specific; + struct sp_pci *sp_pci = sp->dev_specific; struct device *dev = sp->dev; struct pci_dev *pdev = to_pci_dev(dev); int v, ret; - for (v = 0; v < ARRAY_SIZE(ccp_pci->msix_entry); v++) - ccp_pci->msix_entry[v].entry = v; + for (v = 0; v < ARRAY_SIZE(sp_pci->msix_entry); v++) + sp_pci->msix_entry[v].entry = v; - ret = pci_enable_msix_range(pdev, ccp_pci->msix_entry, 1, v); + ret = pci_enable_msix_range(pdev, sp_pci->msix_entry, 1, v); if (ret < 0) return ret; - ccp_pci->msix_count = ret; + sp_pci->msix_count = ret; sp->use_tasklet = true; - sp->psp_irq = ccp_pci->msix_entry[0].vector; - sp->ccp_irq = (ccp_pci->msix_count > 1) ? ccp_pci->msix_entry[1].vector - : ccp_pci->msix_entry[0].vector; +
Re: [PATCH v3 RESEND 2/5] crypto: ccp - Introduce the AMD Secure Processor device
On 06/29/2017 11:54 AM, Singh, Brijesh wrote: The CCP device is part of the AMD Secure Processor. In order to expand the usage of the AMD Secure Processor, create a framework that allows functional components of the AMD Secure Processor to be initialized and handled appropriately. Signed-off-by: Brijesh SinghAcked-by: Gary R Hook --- drivers/crypto/Kconfig| 6 +- drivers/crypto/ccp/Kconfig| 21 +++-- drivers/crypto/ccp/Makefile | 4 +- drivers/crypto/ccp/ccp-dev-v3.c | 4 +- drivers/crypto/ccp/ccp-dev-v5.c | 5 +- drivers/crypto/ccp/ccp-dev.c | 106 +- drivers/crypto/ccp/ccp-dev.h | 21 + drivers/crypto/ccp/ccp-pci.c | 81 +++-- drivers/crypto/ccp/ccp-platform.c | 70 --- drivers/crypto/ccp/sp-dev.c | 180 ++ drivers/crypto/ccp/sp-dev.h | 120 + include/linux/ccp.h | 7 +- 12 files changed, 461 insertions(+), 164 deletions(-) create mode 100644 drivers/crypto/ccp/sp-dev.c create mode 100644 drivers/crypto/ccp/sp-dev.h diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 0528a62..148b516 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -513,11 +513,11 @@ config CRYPTO_DEV_ATMEL_SHA will be called atmel-sha. config CRYPTO_DEV_CCP - bool "Support for AMD Cryptographic Coprocessor" + bool "Support for AMD Secure Processor" depends on ((X86 && PCI) || (ARM64 && (OF_ADDRESS || ACPI))) && HAS_IOMEM help - The AMD Cryptographic Coprocessor provides hardware offload support - for encryption, hashing and related operations. + The AMD Secure Processor provides hardware offload support for memory + encryption in virtualization and cryptographic hashing and related operations. if CRYPTO_DEV_CCP source "drivers/crypto/ccp/Kconfig" diff --git a/drivers/crypto/ccp/Kconfig b/drivers/crypto/ccp/Kconfig index 2238f77..15b63fd 100644 --- a/drivers/crypto/ccp/Kconfig +++ b/drivers/crypto/ccp/Kconfig @@ -1,22 +1,29 @@ config CRYPTO_DEV_CCP_DD - tristate "Cryptographic Coprocessor device driver" - depends on CRYPTO_DEV_CCP + tristate "Secure Processor device driver" default m + help + Provides AMD Secure Processor device driver. + If you choose 'M' here, this module will be called ccp. + +config CRYPTO_DEV_SP_CCP + bool "Cryptographic Coprocessor device" + default y + depends on CRYPTO_DEV_CCP_DD select HW_RANDOM select DMA_ENGINE select DMADEVICES select CRYPTO_SHA1 select CRYPTO_SHA256 help - Provides the interface to use the AMD Cryptographic Coprocessor - which can be used to offload encryption operations such as SHA, - AES and more. If you choose 'M' here, this module will be called - ccp. + Provides the support for AMD Cryptographic Coprocessor (CCP) device + which can be used to offload encryption operations such as SHA, AES + and more. config CRYPTO_DEV_CCP_CRYPTO tristate "Encryption and hashing offload support" - depends on CRYPTO_DEV_CCP_DD default m + depends on CRYPTO_DEV_CCP_DD + depends on CRYPTO_DEV_SP_CCP select CRYPTO_HASH select CRYPTO_BLKCIPHER select CRYPTO_AUTHENC diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile index 59493fd..d2f1b52 100644 --- a/drivers/crypto/ccp/Makefile +++ b/drivers/crypto/ccp/Makefile @@ -1,9 +1,9 @@ obj-$(CONFIG_CRYPTO_DEV_CCP_DD) += ccp.o -ccp-objs := ccp-dev.o \ +ccp-objs := sp-dev.o ccp-platform.o +ccp-$(CONFIG_CRYPTO_DEV_SP_CCP) += ccp-dev.o \ ccp-ops.o \ ccp-dev-v3.o \ ccp-dev-v5.o \ - ccp-platform.o \ ccp-dmaengine.o \ ccp-debugfs.o ccp-$(CONFIG_PCI) += ccp-pci.o diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c index 52aa88b..57179034 100644 --- a/drivers/crypto/ccp/ccp-dev-v3.c +++ b/drivers/crypto/ccp/ccp-dev-v3.c @@ -359,8 +359,7 @@ static void ccp_irq_bh(unsigned long data) static irqreturn_t ccp_irq_handler(int irq, void *data) { - struct device *dev = data; - struct ccp_device *ccp = dev_get_drvdata(dev); + struct ccp_device *ccp = (struct ccp_device *)data; ccp_disable_queue_interrupts(ccp); if (ccp->use_tasklet) @@ -597,6 +596,5 @@ const struct ccp_vdata ccpv3 = { .version = CCP_VERSION(3, 0), .setup = NULL, .perform = _actions, - .bar = 2, .offset = 0x2, }; diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c index b10d2d2..8ed2b37 100644 --- a/drivers/crypto/ccp/ccp-dev-v5.c +++ b/drivers/crypto/ccp/ccp-dev-v5.c @@ -769,8 +769,7
Re: [PATCH v3 RESEND 3/5] crypto: cpp - Abstract interrupt registeration
On 06/29/2017 11:54 AM, Singh, Brijesh wrote: The CCP and PSP devices part of AMD Secure Procesor may share the same interrupt. Hence we expand the SP device to register a common interrupt handler and provide functions to CCP and PSP devices to register their interrupt callback which will be invoked upon interrupt. Signed-off-by: Brijesh SinghAcked-by: Gary R Hook --- drivers/crypto/ccp/ccp-dev-v3.c | 6 +-- drivers/crypto/ccp/ccp-dev-v5.c | 7 ++- drivers/crypto/ccp/ccp-dev.c | 3 +- drivers/crypto/ccp/ccp-dev.h | 2 - drivers/crypto/ccp/ccp-pci.c | 103 +++- drivers/crypto/ccp/ccp-platform.c | 57 ++-- drivers/crypto/ccp/sp-dev.c | 107 ++ drivers/crypto/ccp/sp-dev.h | 16 +- 8 files changed, 186 insertions(+), 115 deletions(-) diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c index 57179034..695fde8 100644 --- a/drivers/crypto/ccp/ccp-dev-v3.c +++ b/drivers/crypto/ccp/ccp-dev-v3.c @@ -453,7 +453,7 @@ static int ccp_init(struct ccp_device *ccp) iowrite32(ccp->qim, ccp->io_regs + IRQ_STATUS_REG); /* Request an irq */ - ret = ccp->get_irq(ccp); + ret = sp_request_ccp_irq(ccp->sp, ccp_irq_handler, ccp->name, ccp); if (ret) { dev_err(dev, "unable to allocate an IRQ\n"); goto e_pool; @@ -510,7 +510,7 @@ static int ccp_init(struct ccp_device *ccp) if (ccp->cmd_q[i].kthread) kthread_stop(ccp->cmd_q[i].kthread); - ccp->free_irq(ccp); + sp_free_ccp_irq(ccp->sp, ccp); e_pool: for (i = 0; i < ccp->cmd_q_count; i++) @@ -549,7 +549,7 @@ static void ccp_destroy(struct ccp_device *ccp) if (ccp->cmd_q[i].kthread) kthread_stop(ccp->cmd_q[i].kthread); - ccp->free_irq(ccp); + sp_free_ccp_irq(ccp->sp, ccp); for (i = 0; i < ccp->cmd_q_count; i++) dma_pool_destroy(ccp->cmd_q[i].dma_pool); diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c index 8ed2b37..b0391f0 100644 --- a/drivers/crypto/ccp/ccp-dev-v5.c +++ b/drivers/crypto/ccp/ccp-dev-v5.c @@ -880,7 +880,7 @@ static int ccp5_init(struct ccp_device *ccp) dev_dbg(dev, "Requesting an IRQ...\n"); /* Request an irq */ - ret = ccp->get_irq(ccp); + ret = sp_request_ccp_irq(ccp->sp, ccp5_irq_handler, ccp->name, ccp); if (ret) { dev_err(dev, "unable to allocate an IRQ\n"); goto e_pool; @@ -986,7 +986,7 @@ static int ccp5_init(struct ccp_device *ccp) kthread_stop(ccp->cmd_q[i].kthread); e_irq: - ccp->free_irq(ccp); + sp_free_ccp_irq(ccp->sp, ccp); e_pool: for (i = 0; i < ccp->cmd_q_count; i++) @@ -1036,7 +1036,7 @@ static void ccp5_destroy(struct ccp_device *ccp) if (ccp->cmd_q[i].kthread) kthread_stop(ccp->cmd_q[i].kthread); - ccp->free_irq(ccp); + sp_free_ccp_irq(ccp->sp, ccp); for (i = 0; i < ccp->cmd_q_count; i++) { cmd_q = >cmd_q[i]; @@ -1105,7 +1105,6 @@ static const struct ccp_actions ccp5_actions = { .init = ccp5_init, .destroy = ccp5_destroy, .get_free_slots = ccp5_get_free_slots, - .irqhandler = ccp5_irq_handler, }; const struct ccp_vdata ccpv5a = { diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c index 8a1674a..7c751bf 100644 --- a/drivers/crypto/ccp/ccp-dev.c +++ b/drivers/crypto/ccp/ccp-dev.c @@ -599,8 +599,7 @@ int ccp_dev_init(struct sp_device *sp) goto e_err; } - ccp->get_irq = sp->get_irq; - ccp->free_irq = sp->free_irq; + ccp->use_tasklet = sp->use_tasklet; ccp->io_regs = sp->io_map + ccp->vdata->offset; if (ccp->vdata->setup) diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h index ca44821..193f309 100644 --- a/drivers/crypto/ccp/ccp-dev.h +++ b/drivers/crypto/ccp/ccp-dev.h @@ -351,8 +351,6 @@ struct ccp_device { /* Bus specific device information */ void *dev_specific; - int (*get_irq)(struct ccp_device *ccp); - void (*free_irq)(struct ccp_device *ccp); unsigned int qim; unsigned int irq; bool use_tasklet; diff --git a/drivers/crypto/ccp/ccp-pci.c b/drivers/crypto/ccp/ccp-pci.c index ab2df96..b29a093 100644 --- a/drivers/crypto/ccp/ccp-pci.c +++ b/drivers/crypto/ccp/ccp-pci.c @@ -28,67 +28,37 @@ #define MSIX_VECTORS2 -struct ccp_msix { - u32 vector; - char name[16]; -}; - struct ccp_pci { int msix_count; - struct ccp_msix msix[MSIX_VECTORS]; + struct msix_entry msix_entry[MSIX_VECTORS]; }; -static int ccp_get_msix_irqs(struct ccp_device
Re: [PATCH v3 RESEND 1/5] crypto: ccp - Use devres interface to allocate PCI/iomap and cleanup
On 06/29/2017 11:54 AM, Singh, Brijesh wrote: Update pci and platform files to use devres interface to allocate the PCI and iomap resources. Also add helper functions to consolicate module init, exit and power mangagement code duplication. Signed-off-by: Brijesh SinghAcked-by: Gary R Hook --- drivers/crypto/ccp/ccp-dev-v3.c | 7 +++ drivers/crypto/ccp/ccp-dev.c | 61 drivers/crypto/ccp/ccp-dev.h | 6 ++ drivers/crypto/ccp/ccp-pci.c | 114 +- drivers/crypto/ccp/ccp-platform.c | 56 ++- 5 files changed, 106 insertions(+), 138 deletions(-) diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c index 367c2e3..52aa88b 100644 --- a/drivers/crypto/ccp/ccp-dev-v3.c +++ b/drivers/crypto/ccp/ccp-dev-v3.c @@ -586,6 +586,13 @@ static const struct ccp_actions ccp3_actions = { .irqhandler = ccp_irq_handler, }; +const struct ccp_vdata ccpv3_platform = { + .version = CCP_VERSION(3, 0), + .setup = NULL, + .perform = _actions, + .offset = 0, +}; + const struct ccp_vdata ccpv3 = { .version = CCP_VERSION(3, 0), .setup = NULL, diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c index 2506b50..abb3d68 100644 --- a/drivers/crypto/ccp/ccp-dev.c +++ b/drivers/crypto/ccp/ccp-dev.c @@ -538,8 +538,69 @@ bool ccp_queues_suspended(struct ccp_device *ccp) return ccp->cmd_q_count == suspended; } + +int ccp_dev_suspend(struct ccp_device *ccp, pm_message_t state) +{ + unsigned long flags; + unsigned int i; + + spin_lock_irqsave(>cmd_lock, flags); + + ccp->suspending = 1; + + /* Wake all the queue kthreads to prepare for suspend */ + for (i = 0; i < ccp->cmd_q_count; i++) + wake_up_process(ccp->cmd_q[i].kthread); + + spin_unlock_irqrestore(>cmd_lock, flags); + + /* Wait for all queue kthreads to say they're done */ + while (!ccp_queues_suspended(ccp)) + wait_event_interruptible(ccp->suspend_queue, +ccp_queues_suspended(ccp)); + + return 0; +} + +int ccp_dev_resume(struct ccp_device *ccp) +{ + unsigned long flags; + unsigned int i; + + spin_lock_irqsave(>cmd_lock, flags); + + ccp->suspending = 0; + + /* Wake up all the kthreads */ + for (i = 0; i < ccp->cmd_q_count; i++) { + ccp->cmd_q[i].suspended = 0; + wake_up_process(ccp->cmd_q[i].kthread); + } + + spin_unlock_irqrestore(>cmd_lock, flags); + + return 0; +} #endif +int ccp_dev_init(struct ccp_device *ccp) +{ + ccp->io_regs = ccp->io_map + ccp->vdata->offset; + + if (ccp->vdata->setup) + ccp->vdata->setup(ccp); + + return ccp->vdata->perform->init(ccp); +} + +void ccp_dev_destroy(struct ccp_device *ccp) +{ + if (!ccp) + return; + + ccp->vdata->perform->destroy(ccp); +} + static int __init ccp_mod_init(void) { #ifdef CONFIG_X86 diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h index a70154a..df2e76e 100644 --- a/drivers/crypto/ccp/ccp-dev.h +++ b/drivers/crypto/ccp/ccp-dev.h @@ -652,6 +652,11 @@ void ccp_dmaengine_unregister(struct ccp_device *ccp); void ccp5_debugfs_setup(struct ccp_device *ccp); void ccp5_debugfs_destroy(void); +int ccp_dev_init(struct ccp_device *ccp); +void ccp_dev_destroy(struct ccp_device *ccp); +int ccp_dev_suspend(struct ccp_device *ccp, pm_message_t state); +int ccp_dev_resume(struct ccp_device *ccp); + /* Structure for computation functions that are device-specific */ struct ccp_actions { int (*aes)(struct ccp_op *); @@ -679,6 +684,7 @@ struct ccp_vdata { const unsigned int offset; }; +extern const struct ccp_vdata ccpv3_platform; extern const struct ccp_vdata ccpv3; extern const struct ccp_vdata ccpv5a; extern const struct ccp_vdata ccpv5b; diff --git a/drivers/crypto/ccp/ccp-pci.c b/drivers/crypto/ccp/ccp-pci.c index e880d4cf4..490ad0a 100644 --- a/drivers/crypto/ccp/ccp-pci.c +++ b/drivers/crypto/ccp/ccp-pci.c @@ -150,28 +150,13 @@ static void ccp_free_irqs(struct ccp_device *ccp) ccp->irq = 0; } -static int ccp_find_mmio_area(struct ccp_device *ccp) -{ - struct device *dev = ccp->dev; - struct pci_dev *pdev = to_pci_dev(dev); - resource_size_t io_len; - unsigned long io_flags; - - io_flags = pci_resource_flags(pdev, ccp->vdata->bar); - io_len = pci_resource_len(pdev, ccp->vdata->bar); - if ((io_flags & IORESOURCE_MEM) && - (io_len >= (ccp->vdata->offset + 0x800))) - return ccp->vdata->bar; - - return -EIO; -} - static int ccp_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id) { struct ccp_device *ccp; struct ccp_pci *ccp_pci; struct device *dev = >dev; -
Re: [PATCH v3 01/28] crypto: change backlog return code to -EIOCBQUEUED
On Mon, Jul 3, 2017 at 3:35 PM, Herbert Xuwrote: > On Sun, Jul 02, 2017 at 05:41:43PM +0300, Gilad Ben-Yossef wrote: >> The crypto API was using the -EBUSY return value to indicate >> both a hard failure to submit a crypto operation into a >> transformation provider when the latter was busy and the backlog >> mechanism was not enabled as well as a notification that the operation >> was queued into the backlog when the backlog mechanism was enabled. >> >> Having the same return code indicate two very different conditions >> depending on a flag is both error prone and requires extra runtime >> check like the following to discern between the cases: >> >> if (err == -EINPROGRESS || >> (err == -EBUSY && (ahash_request_flags(req) & >> CRYPTO_TFM_REQ_MAY_BACKLOG))) >> >> This patch changes the return code used to indicate a crypto op >> was queued in the backlog to -EIOCBQUEUED, thus resolving both >> issues. >> >> Signed-off-by: Gilad Ben-Yossef > > So you're changing the success case from EBUSY to EIOCBQUEUED. > This results in a lot of churn as you have to change every single > driver and caller. > > How about changing the error case to use something other than > EBUSY instead? That was indeed my first thought - I wanted to change EBUSY to EAGAIN. It might even be a more descriptive error message since the failure is transient. What stopped me was that I saw the algif interface passes this EBUSY value to user space. I don't know of any software that depends on this value but I'm really averse to changing user space API. Of course, we can just plant a (ret != AGAIN : ? EBUSY) in the algif interface return to user space code path but that felt like a kludge to me. And it doesn't really save any churn, I think - I'd still have to visit all the places that use the flags value to distinguish between the two EBUSY use cases and I need to visit most places that check for EBUSY as backlog indication because I'm replacing the check with the generic replacement, so it doesn't look like in the end it will be a smaller change. Having said that, if you prefer me to replace the error case I'd happily do that. Thanks, Gilad -- Gilad Ben-Yossef Chief Coffee Drinker "If you take a class in large-scale robotics, can you end up in a situation where the homework eats your dog?" -- Jean-Baptiste Queru
Re: [PATCH v3 01/28] crypto: change backlog return code to -EIOCBQUEUED
On Sun, Jul 02, 2017 at 05:41:43PM +0300, Gilad Ben-Yossef wrote: > The crypto API was using the -EBUSY return value to indicate > both a hard failure to submit a crypto operation into a > transformation provider when the latter was busy and the backlog > mechanism was not enabled as well as a notification that the operation > was queued into the backlog when the backlog mechanism was enabled. > > Having the same return code indicate two very different conditions > depending on a flag is both error prone and requires extra runtime > check like the following to discern between the cases: > > if (err == -EINPROGRESS || > (err == -EBUSY && (ahash_request_flags(req) & > CRYPTO_TFM_REQ_MAY_BACKLOG))) > > This patch changes the return code used to indicate a crypto op > was queued in the backlog to -EIOCBQUEUED, thus resolving both > issues. > > Signed-off-by: Gilad Ben-YossefSo you're changing the success case from EBUSY to EIOCBQUEUED. This results in a lot of churn as you have to change every single driver and caller. How about changing the error case to use something other than EBUSY instead? Thanks, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [bug] sha1-avx2 and read beyond
On Sat, Jun 24, 2017 at 12:56:52AM +, Albrekht, Ilya wrote: > Hello all, > > I'm sorry for late reply (I was out of office for a month). > > It's been a while since we touched this code. We are going to do our best to > support it. I'll be back to the office earlier next week and will figure out > the fix ASAP. Any update on this? Thanks, -- Email: Herbert XuHome Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH 00/10] Fix alignment issues in staging/ccree
On Mon, Jul 03, 2017 at 10:19:31AM +0300, Gilad Ben-Yossef wrote: > but for the few cases where its a complex expression that can be > broken down like this one: > > WARNING: line over 80 characters > #93: FILE: drivers/staging/ccree/ssi_buffer_mgr.c:437: > + (AES_BLOCK_SIZE + areq_ctx->ccm_hdr_size), > > It would be great if you fix those. Do you mean to fix them by just breaking the line after the ternary operator? Is that OK according to the code style rules? If not, then the two warnings in ssi_aead_handle_config_buf can be fixed by simply having a local variable: const unsigned int buflen = AES_BLOCK_SIZE + areq_ctx->ccm_hdr_size; but I'm not sure if the same can be done in ssi_buffer_mgr_map_hash_request_update for (update_data_len - *curr_buf_cnt) as it's not always the case that update_data_len is greater than *curr_buf_cnt. Even if it's safe to always calculate it I'm not entierly sure what to call the variable. Other then those two functions I don't think that there are any more lines that can be fixed without renaming functions / variables or by rewriting them to decrease the indentation depth, as you wrote. -- Simon
[PATCH] crypto: change hwrng device default permissions to 0444
Currently /dev/hwrng uses default device node permissions which is 0600. So by default the device node is not accessible by an ordinary user. Some distros do rewrite the device node permissions via udev rule, others don't. This patch provides 0444 as the new mode value and so makes the device node accessible for all users without the need to have udev rules rewriting the access rights. Signed-off-by: Harald Freudenberger--- drivers/char/hw_random/core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/char/hw_random/core.c b/drivers/char/hw_random/core.c index 503a41d..4093db5 100644 --- a/drivers/char/hw_random/core.c +++ b/drivers/char/hw_random/core.c @@ -285,6 +285,7 @@ static struct miscdevice rng_miscdev = { .minor = HWRNG_MINOR, .name = RNG_MODULE_NAME, .nodename = "hwrng", + .mode = 0444, .fops = _chrdev_ops, .groups = rng_dev_groups, }; -- 2.7.4
[RFT PATCH] crypto: arm64/ghash - add NEON accelerated fallback for 64-bit PMULL
Implement a NEON fallback for systems that do support NEON but have no support for the optional 64x64->128 polynomial multiplication instruction that is part of the ARMv8 Crypto Extensions. It is based on the paper "Fast Software Polynomial Multiplication on ARM Processors Using the NEON Engine" by Danilo Camara, Conrado Gouvea, Julio Lopez and Ricardo Dahab (https://hal.inria.fr/hal-01506572) On a low-end core such as the Cortex-A53 found in the Raspberry Pi3, the NEON based implementation is ~2.8x faster than the table based one, and is time invariant as well, making it less vulnerable to timing attacks. When combined with the bit-sliced NEON implementation of AES-CTR, the AES-GCM performance increases by 75% (from 58 to 33 cycles per byte). Signed-off-by: Ard Biesheuvel--- Note that this is the arm64 counterpart of the patch "crypto: arm/ghash - add NEON accelerated fallback for vmull.p64" Raw numbers for a 1.2 Ghz Cortex-A53 (Raspberry Pi3) after the patch. This patch applies onto the patch "crypto: arm64/gcm - implement native driver using v8 Crypto Extensions" which can be found here: http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg26385.html arch/arm64/crypto/ghash-ce-core.S | 161 +--- arch/arm64/crypto/ghash-ce-glue.c | 36 - 2 files changed, 170 insertions(+), 27 deletions(-) diff --git a/arch/arm64/crypto/ghash-ce-core.S b/arch/arm64/crypto/ghash-ce-core.S index cb22459eba85..8a789f6154fc 100644 --- a/arch/arm64/crypto/ghash-ce-core.S +++ b/arch/arm64/crypto/ghash-ce-core.S @@ -1,7 +1,7 @@ /* * Accelerated GHASH implementation with ARMv8 PMULL instructions. * - * Copyright (C) 2014 Linaro Ltd. + * Copyright (C) 2014 - 2017 Linaro Ltd. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 as published @@ -11,24 +11,119 @@ #include #include - SHASH .reqv0 - SHASH2 .reqv1 - T1 .reqv2 - T2 .reqv3 - MASK.reqv4 - XL .reqv5 - XM .reqv6 - XH .reqv7 - IN1 .reqv7 + SHASH .reqv0 + SHASH2 .reqv1 + T1 .reqv2 + T2 .reqv3 + MASK.reqv4 + XL .reqv5 + XM .reqv6 + XH .reqv7 + IN1 .reqv7 + + k00_16 .reqv8 + k32_48 .reqv9 + + t3 .reqv10 + t4 .reqv11 + t5 .reqv12 + t6 .reqv13 + t7 .reqv14 + t8 .reqv15 + t9 .reqv16 + + perm1 .reqv17 + perm2 .reqv18 + perm3 .reqv19 + perm4 .reqv20 .text .arch armv8-a+crypto - /* -* void pmull_ghash_update(int blocks, u64 dg[], const char *src, -* struct ghash_key const *k, const char *head) -*/ -ENTRY(pmull_ghash_update) + .macro __pmull_p64, rd, rn, rm, i + .ifb\i + pmull \rd\().1q, \rn\().1d, \rm\().1d + .else + pmull2 \rd\().1q, \rn\().2d, \rm\().2d + .endif + .endm + + .macro __pmull_p8, rq, ad, bd, i + .ifb\i + ext t4.8b, \ad\().8b, \ad\().8b, #1 // A1 + ext t8.8b, \bd\().8b, \bd\().8b, #1 // B1 + ext t5.8b, \ad\().8b, \ad\().8b, #2 // A2 + ext t7.8b, \bd\().8b, \bd\().8b, #2 // B2 + ext t6.8b, \ad\().8b, \ad\().8b, #3 // A3 + ext t9.8b, \bd\().8b, \bd\().8b, #3 // B3 + ext t3.8b, \bd\().8b, \bd\().8b, #4 // B4 + + pmull t4.8h, t4.8b, \bd\().8b // F = A1*B + pmull t8.8h, \ad\().8b, t8.8b // E = A*B1 + pmull t5.8h, t5.8b, \bd\().8b // H = A2*B + pmull t7.8h, \ad\().8b, t7.8b // G = A*B2 + pmull t6.8h, t6.8b, \bd\().8b // J = A3*B + pmull t9.8h, \ad\().8b, t9.8b // I = A*B3 + pmull t3.8h, \ad\().8b, t3.8b // K = A*B4 + pmull \rq\().8h, \ad\().8b, \bd\().8b // D = A*B + .else + tbl t4.16b, {\ad\().16b}, perm1.16b // A1 + tbl t8.16b, {\bd\().16b}, perm1.16b // B1 + tbl t5.16b, {\ad\().16b}, perm2.16b // A2 + tbl t7.16b, {\bd\().16b}, perm2.16b
[PATCH 2/3] crypto: hwrng remember rng chosen by user
When a user chooses a rng source via sysfs attribute this rng should be sticky, even when other sources with better quality to register. This patch introduces a simple way to remember the user's choise. Signed-off-by: Harald Freudenberger--- drivers/char/hw_random/core.c | 10 -- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/drivers/char/hw_random/core.c b/drivers/char/hw_random/core.c index e9dda16..ffd4e36 100644 --- a/drivers/char/hw_random/core.c +++ b/drivers/char/hw_random/core.c @@ -28,6 +28,8 @@ #define RNG_MODULE_NAME"hw_random" static struct hwrng *current_rng; +/* the current rng has been explicitly chosen by user via sysfs */ +static int cur_rng_set_by_user; static struct task_struct *hwrng_fill; /* list of registered rngs, sorted decending by quality */ static LIST_HEAD(rng_list); @@ -304,6 +306,7 @@ static ssize_t hwrng_attr_current_store(struct device *dev, list_for_each_entry(rng, _list, list) { if (sysfs_streq(rng->name, buf)) { err = 0; + cur_rng_set_by_user = 1; if (rng != current_rng) err = set_current_rng(rng); break; @@ -444,10 +447,12 @@ int hwrng_register(struct hwrng *rng) old_rng = current_rng; err = 0; - if (!old_rng || (rng->quality > old_rng->quality)) { + if (!old_rng || + (!cur_rng_set_by_user && rng->quality > old_rng->quality)) { /* * Set new rng as current as the new rng source -* provides better entropy quality. +* provides better entropy quality and was not +* chosen by userspace. */ err = set_current_rng(rng); if (err) @@ -479,6 +484,7 @@ void hwrng_unregister(struct hwrng *rng) list_del(>list); if (current_rng == rng) { drop_current_rng(); + cur_rng_set_by_user = 0; /* rng_list is sorted by quality, use the best (=first) one */ if (!list_empty(_list)) { struct hwrng *new_rng; -- 2.7.4
[PATCH 0/3] crypto hwrng consider quality value, remember user choice
The hwrng core implementation currently doesn't consider the quality field of the struct hwrng. So the first registered rng is the winner and further rng sources even with much better quality are ignored. The behavior should be that always the best rng with the highest quality rate should be used as current rng source. Only if the user explicitly chooses a rng source (via writing a rng name to /sys/class/misc/hw_random/rng_current) the decision for the best quality should be suppressed. This set of patches makes hwrng always hold a list of registered rng sources sorted decreasing by quality. On registration of a new hwrng source the list is updated and if the current rng source was not chosen by user and the new rng provides better quality set as new current rng source. Similar on unregistration of an rng, if it was the current used rng source the one with the next highest quality is used. If a rng source has been set via sysfs from userland as long as this one doesn't unregister it is kept as current rng regardless of registration of 'better' rng sources. Patch 1 introduces the sorted list of registered rngs and the always use the best quality behavior. Patch 2 makes hwrng remember that the user has selected an rng via echo to /sys/class/misc/hw_random/rng_current. Patch 3 adds a new sysfs attribute file 'rng_selected' to the rng core. This file shows the chosen rng name if a selection from userspace took place otherwise 'none'. Patch 3 is just a simple implementation of an possible improvement and may act as a starting point for further discussions. For example, the implementation could be reworked to accept also currently not known rng sources and upon appearing instantly select this user chosen rng. However, this would require to hold an string buffer and this would introduce some string length limit on the rng name. Another idea is that there should be a possibility to unselect the user's choice. An echo 'none' to rng_current may be a way to remove the selection and the hwrng may act by using the quality best rng. Harald Freudenberger (3): crypto: hwrng use rng source with best quality crypto: hwrng remember rng chosen by user crypto: hwrng add sysfs attribute to show user selected rng drivers/char/hw_random/core.c | 43 +-- 1 file changed, 37 insertions(+), 6 deletions(-) -- 2.7.4
[PATCH 3/3] crypto: hwrng add sysfs attribute to show user selected rng
This patch introduces a new sysfs attribute file 'rng_selected' which shows the the rng chosen by userspace. If a rng source is chosen by user via echo some valid string to rng_current there should be a way to signal this choice to userspace. The new attribute file 'rng_selected' shows either the name of the rng chosen or 'none'. Signed-off-by: Harald Freudenberger--- drivers/char/hw_random/core.c | 22 +- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/drivers/char/hw_random/core.c b/drivers/char/hw_random/core.c index ffd4e36..6a6276a 100644 --- a/drivers/char/hw_random/core.c +++ b/drivers/char/hw_random/core.c @@ -28,8 +28,8 @@ #define RNG_MODULE_NAME"hw_random" static struct hwrng *current_rng; -/* the current rng has been explicitly chosen by user via sysfs */ -static int cur_rng_set_by_user; +/* the rng explicitly selected by user via sysfs */ +static struct hwrng *selected_rng; static struct task_struct *hwrng_fill; /* list of registered rngs, sorted decending by quality */ static LIST_HEAD(rng_list); @@ -306,7 +306,7 @@ static ssize_t hwrng_attr_current_store(struct device *dev, list_for_each_entry(rng, _list, list) { if (sysfs_streq(rng->name, buf)) { err = 0; - cur_rng_set_by_user = 1; + selected_rng = rng; if (rng != current_rng) err = set_current_rng(rng); break; @@ -355,16 +355,28 @@ static ssize_t hwrng_attr_available_show(struct device *dev, return strlen(buf); } +static ssize_t hwrng_attr_selected_show(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + return snprintf(buf, PAGE_SIZE, "%s\n", + selected_rng ? selected_rng->name : "none"); +} + static DEVICE_ATTR(rng_current, S_IRUGO | S_IWUSR, hwrng_attr_current_show, hwrng_attr_current_store); static DEVICE_ATTR(rng_available, S_IRUGO, hwrng_attr_available_show, NULL); +static DEVICE_ATTR(rng_selected, S_IRUGO, + hwrng_attr_selected_show, + NULL); static struct attribute *rng_dev_attrs[] = { _attr_rng_current.attr, _attr_rng_available.attr, + _attr_rng_selected.attr, NULL }; @@ -448,7 +460,7 @@ int hwrng_register(struct hwrng *rng) old_rng = current_rng; err = 0; if (!old_rng || - (!cur_rng_set_by_user && rng->quality > old_rng->quality)) { + (!selected_rng && rng->quality > old_rng->quality)) { /* * Set new rng as current as the new rng source * provides better entropy quality and was not @@ -484,7 +496,7 @@ void hwrng_unregister(struct hwrng *rng) list_del(>list); if (current_rng == rng) { drop_current_rng(); - cur_rng_set_by_user = 0; + selected_rng = NULL; /* rng_list is sorted by quality, use the best (=first) one */ if (!list_empty(_list)) { struct hwrng *new_rng; -- 2.7.4
[PATCH 1/3] crypto: hwrng use rng source with best quality
This patch rewoks the hwrng to always use the rng source with best entropy quality. On registation and unregistration the hwrng now tries to choose the best (= highest quality value) rng source. The handling of the internal list of registered rng sources is now always sorted by quality and the top most rng chosen. Signed-off-by: Harald Freudenberger--- drivers/char/hw_random/core.c | 25 +++-- 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/drivers/char/hw_random/core.c b/drivers/char/hw_random/core.c index 503a41d..e9dda16 100644 --- a/drivers/char/hw_random/core.c +++ b/drivers/char/hw_random/core.c @@ -29,6 +29,7 @@ static struct hwrng *current_rng; static struct task_struct *hwrng_fill; +/* list of registered rngs, sorted decending by quality */ static LIST_HEAD(rng_list); /* Protects rng_list and current_rng */ static DEFINE_MUTEX(rng_mutex); @@ -417,6 +418,7 @@ int hwrng_register(struct hwrng *rng) { int err = -EINVAL; struct hwrng *old_rng, *tmp; + struct list_head *rng_list_ptr; if (!rng->name || (!rng->data_read && !rng->read)) goto out; @@ -432,14 +434,25 @@ int hwrng_register(struct hwrng *rng) init_completion(>cleanup_done); complete(>cleanup_done); + /* rng_list is sorted by decreasing quality */ + list_for_each(rng_list_ptr, _list) { + tmp = list_entry(rng_list_ptr, struct hwrng, list); + if (tmp->quality < rng->quality) + break; + } + list_add_tail(>list, rng_list_ptr); + old_rng = current_rng; err = 0; - if (!old_rng) { + if (!old_rng || (rng->quality > old_rng->quality)) { + /* +* Set new rng as current as the new rng source +* provides better entropy quality. +*/ err = set_current_rng(rng); if (err) goto out_unlock; } - list_add_tail(>list, _list); if (old_rng && !rng->init) { /* @@ -466,12 +479,12 @@ void hwrng_unregister(struct hwrng *rng) list_del(>list); if (current_rng == rng) { drop_current_rng(); + /* rng_list is sorted by quality, use the best (=first) one */ if (!list_empty(_list)) { - struct hwrng *tail; - - tail = list_entry(rng_list.prev, struct hwrng, list); + struct hwrng *new_rng; - set_current_rng(tail); + new_rng = list_entry(rng_list.next, struct hwrng, list); + set_current_rng(new_rng); } } -- 2.7.4
Re: [PATCH 00/10] Fix alignment issues in staging/ccree
Hi, On Sun, Jul 2, 2017 at 2:25 AM, Simon Sandströmwrote: > Fixes a total of 195 alignment issues in staging/ccree reported by > checkpatch.pl. Adds a few "line over 80 characters" warnings as a > result of the realignments, but I could try to get rid of them in the > same patchset if needed. For the large majority of warnings there is nothing you can due ti the indentation depth, but for the few cases where its a complex expression that can be broken down like this one: WARNING: line over 80 characters #93: FILE: drivers/staging/ccree/ssi_buffer_mgr.c:437: + (AES_BLOCK_SIZE + areq_ctx->ccm_hdr_size), It would be great if you fix those. Otherwise it looks good to me. Thanks for doing it! Gilad > > -- Simon > > --- > > Simon Sandström (10): > staging: ccree: Fix alignment issues in ssi_aead.c > staging: ccree: Fix alignment issues in ssi_buffer_mgr.c > staging: ccree: Fix alignment issues in ssi_cipher.c > staging: ccree: Fix alignment issues in ssi_driver.c > staging: ccree: Fix alignment issues in ssi_fips_local.c > staging: ccree: Fix alignment issues in ssi_hash.c > staging: ccree: Fix alignment issues in ssi_ivgen.c > staging: ccree: Fix alignment issues in ssi_request_mgr.c > staging: ccree: Fix alignment issues in ssi_sram_mgr.c > staging: ccree: Fix alignment issues in ssi_sysfs.c > > drivers/staging/ccree/ssi_aead.c| 67 > drivers/staging/ccree/ssi_buffer_mgr.c | 295 > ++-- > drivers/staging/ccree/ssi_cipher.c | 75 > drivers/staging/ccree/ssi_driver.c | 40 ++--- > drivers/staging/ccree/ssi_fips_local.c | 3 +- > drivers/staging/ccree/ssi_hash.c| 116 +++-- > drivers/staging/ccree/ssi_ivgen.c | 3 +- > drivers/staging/ccree/ssi_request_mgr.c | 42 +++-- > drivers/staging/ccree/ssi_sram_mgr.c| 6 +- > drivers/staging/ccree/ssi_sysfs.c | 59 --- > 10 files changed, 372 insertions(+), 334 deletions(-) > > -- > 2.11.0 > -- Gilad Ben-Yossef Chief Coffee Drinker "If you take a class in large-scale robotics, can you end up in a situation where the homework eats your dog?" -- Jean-Baptiste Queru