Re: [PATCH 1/4] ASN.1: Fix handling of CHOICE in ASN.1 compiler

2015-08-05 Thread David Howells
James Morris wrote: > What are the security implications of these bugs? I've fed them various bits of butchered ASN.1 and observed the effects as well as checking what happens in the code. I don't think there are any security implications. I've outlined my reasoning in each patch description.

Re: [PATCH 1/4] ASN.1: Fix handling of CHOICE in ASN.1 compiler

2015-08-05 Thread James Morris
On Wed, 5 Aug 2015, David Howells wrote: > Fix the handling of CHOICE types in the ASN.1 compiler to make SEQUENCE and > SET elements in a CHOICE be correctly rendered as skippable and conditional > as appropriate. What are the security implications of these bugs? It's pretty late in the -rc cyc

[PATCH v2] crypto: talitos: Prevent panic in probe error path

2015-08-05 Thread Aaron Sierra
The probe error path for this driver, for all intents and purposes, is the talitos_remove() function due to the common "goto err_out". Without this patch applied, talitos_remove() will panic under these two conditions: 1. If the RNG device hasn't been registered via talitos_register_rng() prio

[PATCH v2 05/14] crypto: caam - Change kmalloc to kzalloc to avoid residual data

2015-08-05 Thread Victoria Milhoan
Since fields must be ORed in to operate correctly using any order of operations, changed allocations of the combination of extended descriptor structs + hardware scatterlists to use kzalloc() instead of kmalloc(), so as to ensure that residue data would not be ORed in with the correct data. Signed

[PATCH v2 03/14] crypto: caam - Enable and disable clocks on Freescale i.MX platforms

2015-08-05 Thread Victoria Milhoan
ARM-based systems may disable clocking to the CAAM device on the Freescale i.MX platform for power management purposes. This patch enables the required clocks when the CAAM module is initialized and disables the required clocks when the CAAM module is shut down. Signed-off-by: Victoria Milhoan -

[PATCH v2 04/14] crypto: caam - Modify Freescale CAAM driver Scatter Gather entry definition

2015-08-05 Thread Victoria Milhoan
Modify the Scatter-Gather entry definitions for the Freescale CAAM driver to include support for both 64- and 32-bit DMA pointers. Signed-off-by: Victoria Milhoan --- drivers/crypto/caam/desc.h | 25 + drivers/crypto/caam/sg_sw_sec4.h | 1 - 2 files changed, 21 ins

[PATCH v2 06/14] crypto: caam - Correct DMA unmap size in ahash_update_ctx()

2015-08-05 Thread Victoria Milhoan
This change fixes: [ cut here ] WARNING: CPU: 0 PID: 456 at lib/dma-debug.c:1103 check_unmap+0x438/0x958() caam_jr 2101000.jr0: DMA-API: device driver frees DMA memory with different size [device address=0x3a241080] [map ] Modules linked in: tcrypt(+) CPU: 0 PID: 4

[PATCH v2 07/14] crypto: caam - Use local sg pointers to walk the scatterlist

2015-08-05 Thread Victoria Milhoan
Avoid moving the head of the scatterlist entry by using temporary pointers to walk the scatterlist. Signed-off-by: Victoria Milhoan --- drivers/crypto/caam/sg_sw_sec4.h | 24 +--- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/drivers/crypto/caam/sg_sw_sec4.h

[PATCH v2 10/14] ARM: dts: mx6qdl: Add CAAM device node

2015-08-05 Thread Victoria Milhoan
Add CAAM device node to the i.MX6 device tree. Signed-off-by: Victoria Milhoan --- arch/arm/boot/dts/imx6qdl.dtsi | 29 + 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/arch/arm/boot/dts/imx6qdl.dtsi b/arch/arm/boot/dts/imx6qdl.dtsi index e6d1359..b5c8

[PATCH v2 01/14] crypto: caam - Add cache coherency support

2015-08-05 Thread Victoria Milhoan
Freescale i.MX6 ARM platforms do not support hardware cache coherency. This patch adds cache coherency support to the CAAM driver. Signed-off-by: Victoria Milhoan --- drivers/crypto/caam/caamhash.c | 2 +- drivers/crypto/caam/caamrng.c | 4 drivers/crypto/caam/jr.c | 18 +++

[PATCH v2 12/14] crypto: caam - Enable MXC devices to select CAAM driver in Kconfig

2015-08-05 Thread Victoria Milhoan
From: Steve Cornelius Allow CAAM to be selected in the kernel for Freescale i.MX devices if ARCH_MXC is enabled. Signed-off-by: Steve Cornelius Signed-off-by: Victoria Milhoan --- drivers/crypto/caam/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/ca

[PATCH v2 14/14] crypto: caam - Detect hardware features during algorithm registration

2015-08-05 Thread Victoria Milhoan
Register only algorithms supported by CAAM hardware, using the CHA version and instantiation registers to identify hardware capabilities. Signed-off-by: Victoria Milhoan --- drivers/crypto/caam/caamalg.c | 68 ++ drivers/crypto/caam/caamhash.c | 38 ++

[PATCH v2 08/14] crypto: caam - Added clocks and clock-names properties to SEC4.0 device tree binding

2015-08-05 Thread Victoria Milhoan
The clocks and clock-names properties describe input clocks that may be required for enablement of CAAM. Signed-off-by: Victoria Milhoan --- Documentation/devicetree/bindings/crypto/fsl-sec4.txt | 17 + 1 file changed, 17 insertions(+) diff --git a/Documentation/devicetree/bindi

[PATCH v2 09/14] ARM: clk-imx6q: Add CAAM clock support

2015-08-05 Thread Victoria Milhoan
Add CAAM clock support to the i.MX6 clocking infrastructure. Signed-off-by: Victoria Milhoan --- drivers/clk/imx/clk-imx6q.c | 3 +++ include/dt-bindings/clock/imx6qdl-clock.h | 5 - 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/clk/imx/clk-imx6q.c b/dri

[PATCH v2 13/14] ARM: imx_v6_v7_defconfig: Select CAAM

2015-08-05 Thread Victoria Milhoan
Select CAAM for i.MX6 devices. Signed-off-by: Victoria Milhoan --- arch/arm/configs/imx_v6_v7_defconfig | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/arm/configs/imx_v6_v7_defconfig b/arch/arm/configs/imx_v6_v7_defconfig index b47863d..7569b39 100644 --- a/arch/arm/

[PATCH v2 02/14] crypto: caam - Add setbits32/clrbits32/clrsetbits primitives for ARM compatibility

2015-08-05 Thread Victoria Milhoan
Add set/clear 32-bit primitives for compatibility with ARM devices since the primitives were previously only defined for the Power architecture. Signed-off-by: Victoria Milhoan --- drivers/crypto/caam/ctrl.c | 6 +++--- drivers/crypto/caam/regs.h | 23 +++ 2 files changed, 2

[PATCH v2 00/14] crypto: caam - Add i.MX6 support to the Freescale CAAM driver

2015-08-05 Thread Victoria Milhoan
This patch series adds i.MX6 support to the Freescale CAAM driver. Modifications include: - explicit cache coherency support in the driver - register I/O primitive support - scatter/gather entry modifications - clocking support - i.MX6 device tree support for CAAM - DMA fixes - algorithm registra

[PATCH v2 11/14] ARM: dts: mx6sx: Add CAAM device node

2015-08-05 Thread Victoria Milhoan
Add CAAM device node to the i.MX6SX device tree. Signed-off-by: Victoria Milhoan --- arch/arm/boot/dts/imx6sx.dtsi | 28 1 file changed, 28 insertions(+) diff --git a/arch/arm/boot/dts/imx6sx.dtsi b/arch/arm/boot/dts/imx6sx.dtsi index 708175d..20851cb 100644 --- a/a

Re: [PATCH] crypto: talitos: Prevent panic in probe error path

2015-08-05 Thread Aaron Sierra
- Original Message - > From: "Herbert Xu" > Sent: Tuesday, August 4, 2015 7:08:13 PM > > On Tue, Aug 04, 2015 at 09:43:50AM -0500, Aaron Sierra wrote: > > > > You are correct about the leak and I regret introducing that (I am > > also leaking priv->rng), but I disagree with your dismissa

[GIT PULL] ASN.1 fixes

2015-08-05 Thread David Howells
available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git tags/asn1-fixes-20150805 for you to fetch changes up to 233ce79db4b23a174bcf30bde5d6ad913d5f46d3: ASN.1: Handle 'ANY OPTIONA

[PATCH 3/4] ASN.1: Fix non-match detection failure on data overrun

2015-08-05 Thread David Howells
If the ASN.1 decoder is asked to parse a sequence of objects, non-optional matches get skipped if there's no more data to be had rather than a data-overrun error being reported. This is due to the code segment that decides whether to skip optional matches (ie. matches that could get ignored becaus

[PATCH 4/4] ASN.1: Handle 'ANY OPTIONAL' in grammar

2015-08-05 Thread David Howells
An ANY object in an ASN.1 grammar that is marked OPTIONAL should be skipped if there is no more data to be had. This can be tested by editing X.509 certificates or PKCS#7 messages to remove the NULL from subobjects that look like the following: SEQUENCE { OBJECT(2a864886f70d0101

[PATCH 2/4] ASN.1: Fix actions on CHOICE elements with IMPLICIT tags

2015-08-05 Thread David Howells
In an ASN.1 description where there is a CHOICE construct that contains elements with IMPLICIT tags that refer to constructed types, actions to be taken on those elements should be conditional on the corresponding element actually being matched. Currently, however, such actions are performed uncon

[PATCH 1/4] ASN.1: Fix handling of CHOICE in ASN.1 compiler

2015-08-05 Thread David Howells
Fix the handling of CHOICE types in the ASN.1 compiler to make SEQUENCE and SET elements in a CHOICE be correctly rendered as skippable and conditional as appropriate. For example, in the following ASN.1: Foo ::= SEQUENCE { w1 INTEGER, w2 Bar, w3 OBJECT IDENTIFIER } Bar ::= CHOICE