Marcel Holtmann wrote:
> why use the description instead the actual key id? I wonder if a single
> socket option and a struct providing the key type and key id might be more
> useful.
If the key becomes invalid in some way, you can call request_key() again if
you have the description to get a ne
The pull request you sent on Tue, 21 May 2019 20:58:17 +0800:
> git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/d53e860fd46f3d95c437bb67518f7374500de467
Thank you!
--
Deet-doot-dot, I am a bot
Am Dienstag, 21. Mai 2019, 12:00:34 CEST schrieb Ondrej Mosnacek:
Hi Ondrej,
> This patch adds new socket options to AF_ALG that allow setting key from
> kernel keyring. For simplicity, each keyring key type (logon, user,
> trusted, encrypted) has its own socket option name and the value is just
From: Eric Biggers
"jitterentropy_rng" doesn't have any other implementations, nor is it
tested by the crypto self-tests. So it was unnecessary to change it to
subsys_initcall. Also it depends on the main clocksource being
initialized, which may happen after subsys_initcall, causing this error:
On Tue, May 21, 2019 at 06:39:00PM +0200, Geert Uytterhoeven wrote:
> Hi Eric,
>
> On Tue, May 7, 2019 at 5:26 AM Linux Kernel Mailing List
> wrote:
> > Commit: c4741b23059794bd99beef0f700103b0d983b3fd
> > Parent: 40153b10d91c9e25f912344ba6ce1f0874400659
> > Refname:refs/heads/master
On Tue, 2019-05-21 at 17:54 +, Christophe Leroy wrote:
> Hi Joe & Andy
[]
> diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
[]
> > @@ -2356,7 +2356,7 @@ static struct talitos_alg_template driver_algs[] = {
> > .base = {
> > .cra_n
Hi Joe & Andy
On 05/21/2019 01:34 PM, Christophe Leroy wrote:
The talitos driver has two ways to perform AEAD depending on the
HW capability. Some HW support both. It is needed to give them
different names to distingish which one it is for instance when
a test fails.
Signed-off-by: Christophe L
Hi Eric,
On Tue, May 7, 2019 at 5:26 AM Linux Kernel Mailing List
wrote:
> Commit: c4741b23059794bd99beef0f700103b0d983b3fd
> Parent: 40153b10d91c9e25f912344ba6ce1f0874400659
> Refname:refs/heads/master
> Web:
> https://git.kernel.org/torvalds/c/c4741b23059794bd99beef0f700103b
Hello,
With the new selftests I get the following failures with Talitos on SEC1
(mpc885).
I don't get those failures with Talitos on SEC2 (mpc8321E), but the
driver is slightly different for SEC1 as it doesn't support S/G operations.
How can I identify what problem to look for based on the
On 5/17/2019 12:29 PM, Sascha Hauer wrote:
> @@ -35,7 +35,7 @@ void caam_dump_sg(const char *level, const char
> *prefix_str, int prefix_type,
>
> buf = it_page + it->offset;
> len = min_t(size_t, tlen, it->length);
> - print_hex_dump(level, prefix_str, pr
On 5/17/2019 12:29 PM, Sascha Hauer wrote:
> The CAAM driver used to put its debug messages inside #ifdef DEBUG and
> then prints the messages at KERN_ERR level. Replace this with proper
> functions printing at KERN_DEBUG level. The #ifdef DEBUG gets
> unnecessary when the right functions are used.
On 5/17/2019 12:29 PM, Sascha Hauer wrote:
> The CAAM driver defines its own debug() macro, but it is unused. Remove
> it.
>
> Signed-off-by: Sascha Hauer
Reviewed-by: Horia Geantă
Thanks,
Horia
On 5/17/2019 12:50 PM, Sascha Hauer wrote:
> On Fri, May 17, 2019 at 11:29:04AM +0200, Sascha Hauer wrote:
>> The CAAM driver used to put its debug messages inside #ifdef DEBUG and
>> then prints the messages at KERN_ERR level. Replace this with proper
>> functions printing at KERN_DEBUG level. The
Hi Linus:
This push fixes the following issues:
- Two long-standing bugs in the powerpc assembly of vmx.
- Stack overrun caused by HASH_MAX_DESCSIZE being too small.
- Regression in caam.
Please pull from
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus
Daniel Axte
For decrypt, req->cryptlen includes the size of the authentication
part while all functions of the driver expect cryptlen to be
the size of the encrypted data.
As it is not expected to change req->cryptlen, this patch
implements local calculation of cryptlen.
Signed-off-by: Christophe Leroy
Fixe
The MPC885 reference manual states:
SEC Lite-initiated 8xx writes can occur only on 32-bit-word boundaries, but
reads can occur on any byte boundary. Writing back a header read from a
non-32-bit-word boundary will yield unpredictable results.
In order to ensure that, cra_alignmask is set to 3 for
Although the HW accepts any size and silently truncates
it to the correct length, the extra tests expects EINVAL
to be returned when the key size is not valid.
Signed-off-by: Christophe Leroy
Fixes: 4de9d0b547b9 ("crypto: talitos - Add ablkcipher algorithms")
---
drivers/crypto/talitos.c | 15 ++
This driver is working well in 'simple cases', but as soon as
more exotic SG lists are provided (dst different from src,
auth part not in a single SG fragment, ...) there are
wrong results, overruns, etc ...
This patch cleans up the AEAD processing by:
- Simplifying the location of 'out of line' I
There is no other file using talitos_submit in the kernel tree,
so it doesn't need to be exported nor made global.
This reverts commit 865d506155b117edc7e668ced373030ce7108ce9.
Signed-off-by: Christophe Leroy
Fixes: 865d506155b1 ("crypto: talitos - export the talitos_submit function")
---
drive
In that mode, hardware ICV verification is not supported.
Signed-off-by: Christophe Leroy
Fixes: 7405c8d7ff97 ("crypto: talitos - templates for AEAD using
HMAC_SNOOP_NO_AFEU")
---
drivers/crypto/talitos.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/talit
This patch rewrites has_ftr_sec1() using IS_ENABLED()
instead of #ifdefs
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.h | 12 +---
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index 95e97951b924..5699d4640
CTR has a blocksize of 1.
Signed-off-by: Christophe Leroy
Fixes: 5e75ae1b3cef ("crypto: talitos - add new crypto modes")
---
drivers/crypto/talitos.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 95f71e18bf55..8b9a52
The talitos driver has two ways to perform AEAD depending on the
HW capability. Some HW support both. It is needed to give them
different names to distingish which one it is for instance when
a test fails.
Signed-off-by: Christophe Leroy
Fixes: 7405c8d7ff97 ("crypto: talitos - templates for AEAD
Selftests report the following:
[2.984845] alg: skcipher: cbc-aes-talitos encryption test failed (wrong
output IV) on test vector 0, cfg="in-place"
[2.995377] : 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41
[3.032673] alg: skcipher: cbc-des-talitos encryption test failed (wr
When data size is not a multiple of the alg's block size,
the SEC generates an error interrupt and dumps the registers.
And for NULL size, the SEC does just nothing and the interrupt
is awaited forever.
This patch ensures the data size is correct before submitting
the request to the SEC engine.
S
This patch drops the license text and replaces it
with an SPDX-License-Identifier tag.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 15 +--
drivers/crypto/talitos.h | 25 +
2 files changed, 2 insertions(+), 38 deletions(-)
diff --git a/drive
The driver assumes that the ICV is as a single piece in the last
element of the scatterlist. This assumption is wrong.
This patch ensures that the ICV is properly handled regardless of
the scatterlist layout.
Fixes: 9c4a79653b35 ("crypto: talitos - Freescale integrated security engine
(SEC) driv
SEC1 doesn't support SHA384/512, so it doesn't require
longer keys.
This patch reduces the max key size when the driver
is built for SEC1 only.
Signed-off-by: Christophe Leroy
Fixes: 03d2c5114c95 ("crypto: talitos - Extend max key length for
SHA384/512-HMAC and AEAD")
---
drivers/crypto/talito
ECB's ivsize must be 0.
Signed-off-by: Christophe Leroy
Fixes: 5e75ae1b3cef ("crypto: talitos - add new crypto modes")
---
drivers/crypto/talitos.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 1e5410f92166..6f6f34754ad8 100644
--
Several test failures have popped up following recent changes to crypto
selftests.
This series fixes (most of) them.
The last three patches are trivial cleanups.
Christophe Leroy (15):
crypto: talitos - fix skcipher failure due to wrong output IV
crypto: talitos - rename alternative AEAD alg
On 5/21/19 1:02 PM, Ondrej Mosnacek wrote:
Hi Marcel,
On Tue, May 21, 2019 at 12:48 PM Marcel Holtmann wrote:
Hi Ondrej,
This patch adds new socket options to AF_ALG that allow setting key from
kernel keyring. For simplicity, each keyring key type (logon, user,
trusted, encrypted) has its ow
Hi Marcel,
On Tue, May 21, 2019 at 12:48 PM Marcel Holtmann wrote:
> Hi Ondrej,
>
> > This patch adds new socket options to AF_ALG that allow setting key from
> > kernel keyring. For simplicity, each keyring key type (logon, user,
> > trusted, encrypted) has its own socket option name and the val
Hi Ondrej,
> This patch adds new socket options to AF_ALG that allow setting key from
> kernel keyring. For simplicity, each keyring key type (logon, user,
> trusted, encrypted) has its own socket option name and the value is just
> the key description string that identifies the key to be used. Th
This patch adds new socket options to AF_ALG that allow setting key from
kernel keyring. For simplicity, each keyring key type (logon, user,
trusted, encrypted) has its own socket option name and the value is just
the key description string that identifies the key to be used. The key
description do
34 matches
Mail list logo