On Thu, Dec 21, 2017 at 12:09 AM, Eric Biggers wrote:
> On Mon, Dec 18, 2017 at 11:36:01AM -0800, syzbot wrote:
>> Hello,
>>
>> syzkaller hit the following crash on
>> 6084b576dca2e898f5c101baef151f7bfdbb606d
>>
Dear CheahKC,
On Wed, Dec 20, 2017 at 10:17 PM, Cheah Kok Cheong wrote:
> On Wed, Dec 20, 2017 at 09:20:48PM +0100, Philippe Ombredanne wrote:
>> On Wed, Dec 20, 2017 at 9:15 PM, Cheah Kok Cheong wrote:
>> > Remove FSF address otherwise checkpatch will
Am Mittwoch, 20. Dezember 2017, 21:09:26 CET schrieb Corentin Labbe:
Hi Corentin,
> This patch implement a generic way to get statistics about all crypto
> usages.
>
> Signed-off-by: Corentin Labbe
> ---
> crypto/Kconfig | 11 +++
> crypto/ahash.c
On Wed, Dec 20, 2017 at 08:09:25PM +, Corentin Labbe wrote:
> Each crypto algorithm "cra_name" can have multiple implementation called
> "cra_driver_name".
> If two different implementation have the same cra_driver_name, nothing
> can easily differentiate them.
> Furthermore the mechanism for
Am Mittwoch, 20. Dezember 2017, 21:09:25 CET schrieb Corentin Labbe:
Hi Corentin,
> Each crypto algorithm "cra_name" can have multiple implementation called
> "cra_driver_name".
> If two different implementation have the same cra_driver_name, nothing
> can easily differentiate them.
>
On Wednesday, December 20, 2017 5:08:37 PM PST Junaid Shahid wrote:
> +.macro READ_PARTIAL_BLOCK DPTR DLEN XMM1 XMMDst
> +cmp $8, \DLEN
> +jl _read_lt8_\@
> +mov (\DPTR), %rax
> +MOVQ_R64_XMM %rax, \XMMDst
Just noticed that these two can be replaced with:
+
The aesni_gcm_enc/dec functions can access memory after the end of
the AAD buffer if the AAD length is not a multiple of 4 bytes.
It didn't matter with rfc4106-gcm-aesni as in that case the AAD was
always followed by the 8 byte IV, but that is no longer the case with
generic-gcm-aesni. This can
The aesni_gcm_enc/dec functions can access memory before the start of
the data buffer if the length of the data buffer is less than 16 bytes.
This is because they perform the read via a single 16-byte load. This
can potentially result in accessing a page that is not mapped and thus
causing the
Changelog:
v3:
- Fixed a bug in READ_PARTIAL_BLOCK when used for reading the AAD
- Some refactoring per CR feedback
v2:
- Also fixed issue 2 described below
v1:
- Fixed issue 1 described below
The aesni_gcm_enc/dec functions can access memory before the start or end of
the supplied src
On Mon, Dec 18, 2017 at 11:36:01AM -0800, syzbot wrote:
> Hello,
>
> syzkaller hit the following crash on
> 6084b576dca2e898f5c101baef151f7bfdbb606d
> git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached
> Raw console
On 12/20/2017 12:09 PM, Corentin Labbe wrote:
> This patch implement a generic way to get statistics about all crypto
> usages.
>
> Signed-off-by: Corentin Labbe
> ---
> crypto/Kconfig | 11 +++
> crypto/ahash.c | 18 +
> crypto/algapi.c
On 12/20/2017 12:09 PM, Corentin Labbe wrote:
> Add an example tool for getting easily crypto statistics.
>
> Signed-off-by: Corentin Labbe
> ---
> tools/crypto/cryptostat | 40
> 1 file changed, 40 insertions(+)
> create mode
On Mon, Dec 18, 2017 at 11:36:01AM -0800, syzbot wrote:
> Hello,
>
> syzkaller hit the following crash on
> 6084b576dca2e898f5c101baef151f7bfdbb606d
> git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached
FYI, in
On Wed, Dec 20, 2017 at 12:51:01PM -0800, syzbot wrote:
> Hello,
>
> syzkaller hit the following crash on
> 6084b576dca2e898f5c101baef151f7bfdbb606d
> git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached
> Raw console
On Tue, Dec 19, 2017 at 11:48:01PM -0800, syzbot wrote:
> Hello,
>
> syzkaller hit the following crash on
> 032b4cc8ff84490c4bc7c4ef8c91e6d83a637538
> git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached
> Raw console
On Mon, Dec 18, 2017 at 07:25:41AM +0100, Stephan Mueller wrote:
> Am Montag, 18. Dezember 2017, 06:50:01 CET schrieb syzbot:
>
> Hi,
>
> > Hello,
> >
> > syzkaller hit the following crash on
> > 41d8c16909ebda40f7b4982a7f5e2ad102705ade
> >
From: Eric Biggers
pcrypt is using the old way of freeing instances, where the ->free()
method specified in the 'struct crypto_template' is passed a pointer to
the 'struct crypto_instance'. But the crypto_instance is being
kfree()'d directly, which is incorrect because the
On Wednesday, December 20, 2017 1:12:54 PM PST Eric Biggers wrote:
> >
> > We do need both registers, though we could certainly swap their usage to
> > make
> > r12 the temp register. The reason we need the second register is because we
> > need to keep the original length to perform the pshufb
On Wed, Dec 20, 2017 at 09:52:05PM +0100, Arnd Bergmann wrote:
> diff --git a/crypto/aes_generic.c b/crypto/aes_generic.c
> index ca554d57d01e..35f973ba9878 100644
> --- a/crypto/aes_generic.c
> +++ b/crypto/aes_generic.c
> @@ -1331,6 +1331,20 @@ EXPORT_SYMBOL_GPL(crypto_aes_set_key);
>
On Wed, Dec 20, 2017 at 10:14 PM, Ard Biesheuvel
wrote:
> On 20 December 2017 at 20:52, Arnd Bergmann wrote:
>
> You can use the tcrypt.ko module to benchmark AES.
>
> modprobe tcrypt mode=200 sec=1
Ok, that's what I was looking for. I don't think I'll
On Wed, Dec 20, 2017 at 09:20:48PM +0100, Philippe Ombredanne wrote:
> On Wed, Dec 20, 2017 at 9:15 PM, Cheah Kok Cheong wrote:
> > Remove FSF address otherwise checkpatch will flag my next patch.
> >
> > Signed-off-by: Cheah Kok Cheong
> > ---
> >
On 20 December 2017 at 20:52, Arnd Bergmann wrote:
> While testing other changes, I discovered that gcc-7.2.1 produces badly
> optimized code for aes_encrypt/aes_decrypt. This is especially true when
> CONFIG_UBSAN_SANITIZE_ALL is enabled, where it leads to extremely
> large stack
On Wed, Dec 20, 2017 at 11:35:44AM -0800, Junaid Shahid wrote:
> On Wednesday, December 20, 2017 12:42:10 AM PST Eric Biggers wrote:
> > > -_get_AAD_rest0\num_initial_blocks\operation:
> > > - /* finalize: shift out the extra bytes we read, and align
> > > - left. since pslldq can only shift by an
On Wed, Dec 20, 2017 at 11:28:27AM -0800, Junaid Shahid wrote:
> > > + # adjust the shuffle mask pointer to be able to shift either 0 or 8
> > > + # bytes depending on whether the last block is <8 bytes or not
> > > +mov \DLEN, \TMP1
> > > +and $8, \TMP1
> > > + lea
While testing other changes, I discovered that gcc-7.2.1 produces badly
optimized code for aes_encrypt/aes_decrypt. This is especially true when
CONFIG_UBSAN_SANITIZE_ALL is enabled, where it leads to extremely
large stack usage that in turn might cause kernel stack overflows:
On Wed, Dec 20, 2017 at 9:15 PM, Cheah Kok Cheong wrote:
> Remove FSF address otherwise checkpatch will flag my next patch.
>
> Signed-off-by: Cheah Kok Cheong
> ---
> kernel/padata.c | 4
> 1 file changed, 4 deletions(-)
>
> diff --git
It is already included in module.h, see
commit f50169324df4 ("module.h: split out the EXPORT_SYMBOL into export.h")
for their relationship.
Signed-off-by: Cheah Kok Cheong
---
kernel/padata.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/kernel/padata.c
Remove FSF address otherwise checkpatch will flag my next patch.
Signed-off-by: Cheah Kok Cheong
---
kernel/padata.c | 4
1 file changed, 4 deletions(-)
diff --git a/kernel/padata.c b/kernel/padata.c
index 57c0074..9d91909 100644
--- a/kernel/padata.c
+++
This patch implement a generic way to get statistics about all crypto
usages.
Signed-off-by: Corentin Labbe
---
crypto/Kconfig | 11 +++
crypto/ahash.c | 18 +
crypto/algapi.c| 186 +
Each crypto algorithm "cra_name" can have multiple implementation called
"cra_driver_name".
If two different implementation have the same cra_driver_name, nothing
can easily differentiate them.
Furthermore the mechanism for getting a crypto algorithm with its
implementation name
Add an example tool for getting easily crypto statistics.
Signed-off-by: Corentin Labbe
---
tools/crypto/cryptostat | 40
1 file changed, 40 insertions(+)
create mode 100755 tools/crypto/cryptostat
diff --git
Hello
This patch is a try to implement a generic crypto driver statistics.
The goal is to have an "ifconfig" for crypto device.
Some driver tried to implement this via a debugfs interface.
My proposed way is to embed this in the crypto framework by registering
a /sys/kernel/crypto tree and
On Wednesday, November 29, 2017 5:34:30 PM CET Herbert Xu wrote:
> On Sun, Nov 12, 2017 at 03:24:32PM +0100, Pierre Ducroquet wrote:
> > If crypto_get_default_rng returns an error, the
> > function ecc_gen_privkey should return an error.
> > Instead, it currently tries to use the default_rng
> >
On Wednesday, December 20, 2017 12:42:10 AM PST Eric Biggers wrote:
> > -_get_AAD_rest0\num_initial_blocks\operation:
> > - /* finalize: shift out the extra bytes we read, and align
> > - left. since pslldq can only shift by an immediate, we use
> > - vpshufb and an array of shuffle masks */
On Wednesday, December 20, 2017 12:36:16 AM PST Eric Biggers wrote:
>
> Did you run the self-tests (boot with CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
> unset)? The second patch causes them to start failing:
>
> [1.169640] alg: aead: Test 7 failed on encryption for rfc4106-gcm-aesni
> [
Please ignore; sent to the wrong list. Mea culpa.
On 12/20/2017 10:57 AM, Gary R Hook wrote:
The AMD IOMMU specification Rev 3.00 (December 2016) introduces a
new Enhanced PPR Handling Support (EPHSup) bit in the MMIO register
offset 0030h (IOMMU Extended Feature Register).
When EPHSup=1, the
All hardware crypto devices have their CONFIG names using the following
convention:
CRYPTO_DEV_name_algo
This patch apply this conventions on STM32 CONFIG names.
Signed-off-by: Corentin Labbe
---
drivers/crypto/stm32/Kconfig | 6 +++---
drivers/crypto/stm32/Makefile | 6
This patch corrects the type of the size argument in __dump_byte_array()
from unsigned long to size_t as done only in drivers/staging/ccree/ssi_driver.c
This fix also a build error:
drivers/staging/ccree/ssi_driver.c:82:6: error: conflicting types for
'__dump_byte_array'
Fixes: 3f268f5d6669
The AMD IOMMU specification Rev 3.00 (December 2016) introduces a
new Enhanced PPR Handling Support (EPHSup) bit in the MMIO register
offset 0030h (IOMMU Extended Feature Register).
When EPHSup=1, the IOMMU hardware requires the PPR bit of the
device table entry (DTE) to be set in order to
On Wed, Dec 20, 2017 at 12:49 PM, Stephan Mueller wrote:
> Am Mittwoch, 20. Dezember 2017, 11:15:38 CET schrieb Dmitry Vyukov:
>
> Hi Dmitry,
>
>>
>> What will be its meaning? How will it differ from fix?
>
> Maybe a short clarification would help: what is the meaning of the
Am Mittwoch, 20. Dezember 2017, 11:15:38 CET schrieb Dmitry Vyukov:
Hi Dmitry,
>
> What will be its meaning? How will it differ from fix?
Maybe a short clarification would help: what is the meaning of the syz fix
marker? Depending on this answer, all that I am thinking of is to mark bug
Add new uld driver for Inline TLS support. Register ULP for chtls.
Setsockopt to program key on chip. support AES GCM key size 128.
Signed-off-by: Atul Gupta
---
v3: made some functions static
---
drivers/crypto/chelsio/chtls/chtls_main.c | 584
Entry for Inline TLS as another driver dependent on cxgb4 and chcr
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/Kconfig| 10 ++
drivers/crypto/chelsio/Makefile | 1 +
drivers/crypto/chelsio/chtls/Makefile | 4
3 files changed, 15
TLS handler for record transmit and receive.
Create Inline TLS work request and post to FW.
Signed-off-by: Atul Gupta
---
v3: made some functions static and initialized few variables
---
drivers/crypto/chelsio/chtls/chtls_io.c | 1867 +++
1
CPL handlers for TLS session, record transmit and receive.
Signed-off-by: Atul Gupta
---
v3: made some functions static and removed un-needed semicolon
---
drivers/crypto/chelsio/chtls/chtls_cm.c | 2045 +++
net/ipv4/tcp_minisocks.c
Read FW capability. Read key area size. Dump the TLS record count.
Signed-off-by: Atul Gupta
---
drivers/net/ethernet/chelsio/cxgb4/cxgb4_debugfs.c | 18 +++-
drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c| 32 +--
drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.h
Define macro for TLS Key context
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chcr_algo.h | 42 +
drivers/crypto/chelsio/chcr_core.h | 55 +-
2 files changed, 96 insertions(+), 1 deletion(-)
diff
Program the tx and rx key on chip.
Signed-off-by: Atul Gupta
---
v3: made some functions static
---
drivers/crypto/chelsio/chtls/chtls_hw.c | 394
1 file changed, 394 insertions(+)
create mode 100644
Key area size in hw-config file. CPL struct for TLS request
and response. Work request for Inline TLS.
Signed-off-by: Atul Gupta
---
drivers/net/ethernet/chelsio/cxgb4/t4_msg.h | 121 ++-
drivers/net/ethernet/chelsio/cxgb4/t4_regs.h | 2 +
Inline TLS state, connection management. Supporting macros definition.
Signed-off-by: Atul Gupta
---
drivers/crypto/chelsio/chtls/chtls.h| 480
drivers/crypto/chelsio/chtls/chtls_cm.h | 203 ++
2 files changed, 683
RFC series for Chelsio Inline TLS driver (chtls.ko)
Driver use the ULP infrastructure to register chtls as Inline TLS ULP.
Chtls use TCP Sockets to transmit and receive TLS record. TCP proto_ops
is extended to offload TLS record.
T6 adapter provides the following features:
-TLS record
On Wed, Dec 20, 2017 at 10:55 AM, Stephan Mueller wrote:
> Am Mittwoch, 20. Dezember 2017, 10:50:10 CET schrieb Dmitry Vyukov:
>
> Hi Dmitry,
>
>> On Wed, Dec 20, 2017 at 10:29 AM, Stephan Mueller
> wrote:
>> > Am Mittwoch, 20. Dezember 2017, 10:19:43
Am Mittwoch, 20. Dezember 2017, 10:50:10 CET schrieb Dmitry Vyukov:
Hi Dmitry,
On Wed, Dec 20, 2017 at 10:29 AM, Stephan Mueller
wrote:
> Am Mittwoch, 20. Dezember 2017, 10:19:43 CET schrieb Dmitry Vyukov:
>
> Hi Dmitry,
>
>> > This issue vanishes after applying the
Am Mittwoch, 20. Dezember 2017, 10:50:10 CET schrieb Dmitry Vyukov:
Hi Dmitry,
> On Wed, Dec 20, 2017 at 10:29 AM, Stephan Mueller
wrote:
> > Am Mittwoch, 20. Dezember 2017, 10:19:43 CET schrieb Dmitry Vyukov:
> >
> > Hi Dmitry,
> >
> >> > This issue vanishes after
Am Mittwoch, 20. Dezember 2017, 10:50:10 CET schrieb Dmitry Vyukov:
Hi Dmitry,
On Wed, Dec 20, 2017 at 10:29 AM, Stephan Mueller
wrote:
> Am Mittwoch, 20. Dezember 2017, 10:19:43 CET schrieb Dmitry Vyukov:
>
> Hi Dmitry,
>
>> > This issue vanishes after applying the
On Wed, Dec 20, 2017 at 10:29 AM, Stephan Mueller wrote:
> Am Mittwoch, 20. Dezember 2017, 10:19:43 CET schrieb Dmitry Vyukov:
>
> Hi Dmitry,
>> >
>> > This issue vanishes after applying the patch "[PATCH v2] crypto: AF_ALG -
>> > limit mask and type".
>>
>> Hi Stephan,
>>
>>
On Tue, 2017-06-27 at 10:55 +0300, Gilad Ben-Yossef wrote:
> Add the crypto API *_ON_STACK to $declaration_macros.
>
> Resolves the following false warning:
>
> WARNING: Missing a blank line after declarations
> + int err;
> + SHASH_DESC_ON_STACK(desc,
On Wed, Dec 20, 2017 at 08:31:19AM +, Gilad Ben-Yossef wrote:
> Add the crypto API *_ON_STACK to $declaration_macros.
>
> Resolves the following false warning:
>
> WARNING: Missing a blank line after declarations
> + int err;
> +
Am Mittwoch, 20. Dezember 2017, 10:19:43 CET schrieb Dmitry Vyukov:
Hi Dmitry,
> >
> > This issue vanishes after applying the patch "[PATCH v2] crypto: AF_ALG -
> > limit mask and type".
>
> Hi Stephan,
>
> syzbot does not understand arbitrary English prose, it only understands
this:
> > Once
On Wed, Dec 20, 2017 at 10:17 AM, Stephan Müller wrote:
> Am Mittwoch, 20. Dezember 2017, 08:48:01 CET schrieb syzbot:
>
> Hi,
>
>> Hello,
>>
>> syzkaller hit the following crash on
>> 032b4cc8ff84490c4bc7c4ef8c91e6d83a637538
>>
Am Mittwoch, 20. Dezember 2017, 08:48:01 CET schrieb syzbot:
Hi,
> Hello,
>
> syzkaller hit the following crash on
> 032b4cc8ff84490c4bc7c4ef8c91e6d83a637538
> git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached
>
On Tue, Dec 19, 2017 at 08:42:59PM -0800, Junaid Shahid wrote:
> The aesni_gcm_enc/dec functions can access memory after the end of
> the AAD buffer if the AAD length is not a multiple of 4 bytes.
> It didn't matter with rfc4106-gcm-aesni as in that case the AAD was
> always followed by the 8 byte
On Tue, Dec 19, 2017 at 08:42:58PM -0800, Junaid Shahid wrote:
> The aesni_gcm_enc/dec functions can access memory before the start of
> the data buffer if the length of the data buffer is less than 16 bytes.
> This is because they perform the read via a single 16-byte load. This
> can potentially
Add the crypto API *_ON_STACK to $declaration_macros.
Resolves the following false warning:
WARNING: Missing a blank line after declarations
+ int err;
+ SHASH_DESC_ON_STACK(desc, ctx_p->shash_tfm);
Signed-off-by: Gilad Ben-Yossef
64 matches
Mail list logo