Re: [PATCH -next] crypto: ccp - Make function sev_get_firmware() static

On 09/25/2018 09:35 AM, Wei Yongjun wrote: > Fixes the following sparse warning: > > drivers/crypto/ccp/psp-dev.c:444:5: warning: > symbol 'sev_get_firmware' was not declared. Should it be static? > > Signed-off-by: Wei Yongjun This appears to have been introduced by (cryptodev-2.6) commit

Re: [PATCH] crypto: ccp: Check for NULL PSP pointer at module unload

pointer. Add a pointer check of the psp_data field in the sp_device struct in psp_dev_destroy() and return immediately if it is NULL. Cc: # 4.16.x- Fixes: 2a6170dfe755 ("crypto: ccp: Add Platform Security Processor (PSP) device support") Signed-off-by: Tom Lendacky Acked-by: G

Re: [PATCH v1 5/5] crypto: ccp: Add support for new CCP/PSP device ID

On 07/03/2018 12:12 PM, Tom Lendacky wrote: Add a new CCP/PSP PCI device ID and new PSP register offsets. Signed-off-by: Tom Lendacky Acked-by: Gary R Hook --- drivers/crypto/ccp/sp-pci.c | 29 - 1 file changed, 24 insertions(+), 5 deletions(-) diff --git

Re: [PATCH v1 1/5] crypto: ccp: Fix command completion detection race

ecure Encrypted Virtualization (SEV) command support") Cc: # 4.16.x- Signed-off-by: Tom Lendacky --- Reviewed-by: Brijesh Singh Acked-by: Gary R Hook   drivers/crypto/ccp/psp-dev.c |    4 ++--   1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/ccp/p

Re: [PATCH v1 4/5] crypto: ccp: Support register differences between PSP devices

-by: Gary R Hook --- drivers/crypto/ccp/psp-dev.c | 24 drivers/crypto/ccp/psp-dev.h |9 - drivers/crypto/ccp/sp-dev.h |7 ++- drivers/crypto/ccp/sp-pci.c |7 ++- 4 files changed, 24 insertions(+), 23 deletions(-) diff --git a/drivers

Re: [PATCH v1 3/5] crypto: ccp: Remove unused #defines

On 07/03/2018 12:11 PM, Tom Lendacky wrote: Remove some unused #defines for register offsets that are not used. This will lessen the changes required when register offsets change between versions of the device. Signed-off-by: Tom Lendacky Acked-by: Gary R Hook --- drivers/crypto/ccp/psp

Re: [PATCH v1 2/5] crypto: ccp: Add psp enabled message when initialization succeeds

On 07/03/2018 12:11 PM, Tom Lendacky wrote: Add a dev_notice() message to the PSP initialization to report when the PSP initialization has succeeded and the PSP is enabled. Signed-off-by: Tom Lendacky Acked-by: Gary R Hook --- drivers/crypto/ccp/psp-dev.c |2 ++ 1 file changed, 2

Re: [PATCH v1 1/5] crypto: ccp: Fix command completion detection race

pport") Cc: # 4.16.x- Signed-off-by: Tom Lendacky Acked-by: Gary R Hook --- drivers/crypto/ccp/psp-dev.c |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c index ff478d8..973d683 100644 --- a/drivers/cryp

[PATCH] crypto: doc - Document remaining members in struct crypto_alg

Add missing comments for union members ablkcipher, blkcipher, cipher, and compress. This silences complaints when building the htmldocs. Fixes: 0d7f488f0305a (crypto: doc - cipher data structures) Signed-off-by: Gary R Hook <gary.h...@amd.com> --- include/linux/crypto.h |8

[PATCH] crypto/ccp - Fill the result buffer only on digest, finup, and final ops

Any change to the result buffer should only happen on final, finup and digest operations. Changes to the buffer for update, import, export, etc, are not allowed. Fixes: 66d7b9f6175e ("crypto: testmgr - test misuse of result in ahash") Signed-off-by: Gary R Hook <gary.h...@amd.

[PATCH] crypto/ccp: Validate buffer lengths for copy operations

The CCP driver copies data between scatter/gather lists and DMA buffers. The length of the requested copy operation must be checked against the available destination buffer length. Reported-by: Maciej S. Szmigiero <m...@maciej.szmigiero.name> Signed-off-by: Gary R Hook <gary.h...@amd.co

Re: Why are we testing an intermediate result in ahash?

On 03/05/2018 12:31 PM, Kamil Konieczny wrote: On 05.03.2018 18:47, Gary R Hook wrote: On 03/05/2018 03:57 AM, Kamil Konieczny wrote: On 02.03.2018 22:11, Gary R Hook wrote: Commit 466d7b9f6 (cryptodev-2.6) added code to testmgr to populate, for async hash operations, the result buffer

Re: [PATCH] crypto: ccp: Use memdup_user() rather than duplicating its implementation

Signed-off-by: Markus Elfring <elfr...@users.sourceforge.net> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/psp-dev.c | 15 +-- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c

Re: Why are we testing an intermediate result in ahash?

On 03/05/2018 03:57 AM, Kamil Konieczny wrote: On 02.03.2018 22:11, Gary R Hook wrote: Commit 466d7b9f6 (cryptodev-2.6) added code to testmgr to populate, for async hash operations, the result buffer with a known value and to test the buffer against that value at intermediate steps

Re: Why are we testing an intermediate result in ahash?

On 03/05/2018 03:50 AM, Herbert Xu wrote: On Fri, Mar 02, 2018 at 03:11:52PM -0600, Gary R Hook wrote: Commit 466d7b9f6 (cryptodev-2.6) added code to testmgr to populate, for async hash operations, the result buffer with a known value and to test the buffer against that value at intermediate

Re: [PATCH 2/3] crypto: ccp - return an actual key size from RSA max_size callback

On 03/02/2018 05:58 PM, Maciej S. Szmigiero wrote: On 03.03.2018 00:49, Hook, Gary wrote: On 3/2/2018 5:15 PM, Maciej S. Szmigiero wrote: Thanks. However, what about the first patch from this series? Without it, while it no longer should cause a buffer overflow, in-kernel X.509 certificate

Why are we testing an intermediate result in ahash?

Commit 466d7b9f6 (cryptodev-2.6) added code to testmgr to populate, for async hash operations, the result buffer with a known value and to test the buffer against that value at intermediate steps. If the result buffer changes the operation is failed. My question is: why? What problem does

Re: [PATCH 3/3] crypto: ccp - protect RSA implementation from too large input data

On 02/24/2018 10:03 AM, Maciej S. Szmigiero wrote: CCP RSA implementation uses a hardware input buffer which size depends only on the current RSA key length. Key modulus and a message to be processed is then copied to this buffer based on their own lengths. Since the price for providing too

Re: [PATCH 2/3] crypto: ccp - return an actual key size from RSA max_size callback

Acked-by: Gary R Hook <gary.h...@amd.com> Fixes: ceeec0afd684 ("crypto: ccp - Add support for RSA on the CCP") Cc: sta...@vger.kernel.org --- drivers/crypto/ccp/ccp-crypto-rsa.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/ccp/ccp-c

Re: Can a driver->probe be called for two devices at the same time (WAS: Re: [PATCH] crypto/ccp: don't disable interrupts while setting up debugfs)

On 02/27/2018 01:36 PM, Sebastian Andrzej Siewior wrote: On 2018-02-27 19:40:34 [+0100], Greg Kroah-Hartman wrote: On Tue, Feb 27, 2018 at 06:33:14PM +0100, Sebastian Andrzej Siewior wrote: On 2018-02-27 11:08:56 [-0600], Gary R Hook wrote: That issue remains unclear to me: Are probes of PCI

Re: Can a driver->probe be called for two devices at the same time (WAS: Re: [PATCH] crypto/ccp: don't disable interrupts while setting up debugfs)

On 02/27/2018 11:33 AM, Sebastian Andrzej Siewior wrote: On 2018-02-27 11:08:56 [-0600], Gary R Hook wrote: That issue remains unclear to me: Are probes of PCI devices guaranteed to be serialized? Observations on my CCPs says that they occur in order, but I don't know for certain

Re: [PATCH] crypto/ccp: don't disable interrupts while setting up debugfs

On 02/26/2018 02:35 AM, Sebastian Andrzej Siewior wrote: On 2018-02-25 21:04:27 [-0500], Hook, Gary wrote: On 2/23/2018 5:33 PM, Sebastian Andrzej Siewior wrote: I don't why we need take a single write lock and disable interrupts while setting up debugfs. This is what what happens when we try

Re: [PATCH v2] hwrng: Clean up RNG list when last hwrng is unregistered

On 01/07/2018 11:05 PM, Herbert Xu wrote: On Fri, Jan 05, 2018 at 11:28:23AM -0600, Gary R Hook wrote: It may not have been obvious from the title but this fixes a bug which will impact the use of any HW RNG that is the only RNG registered. The breakage of rmmod/modprobe -r that this fix

Re: [PATCH v2] hwrng: Clean up RNG list when last hwrng is unregistered

On 12/15/2017 01:55 PM, Gary R Hook wrote: Commit 142a27f0a731 added support for a "best" RNG, and in doing so introduced a hang from rmmod/modprobe -r when the last RNG on the list was unloaded. When the hwrng list is depleted, return the global variables to their original state and

Re: [PATCH] iommu/amd - Set the device table entry PPR bit for IOMMU V2 devices

Please ignore; sent to the wrong list. Mea culpa. On 12/20/2017 10:57 AM, Gary R Hook wrote: The AMD IOMMU specification Rev 3.00 (December 2016) introduces a new Enhanced PPR Handling Support (EPHSup) bit in the MMIO register offset 0030h (IOMMU Extended Feature Register). When EPHSup=1

[PATCH] iommu/amd - Set the device table entry PPR bit for IOMMU V2 devices

to support PPR for a particular endpoint device. Please see https://support.amd.com/TechDocs/48882_IOMMU.pdf for this revision of the AMD IOMMU specification. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/iommu/amd_iommu.c | 20 +++- drivers/iommu/amd_iommu_t

Re: [PATCH v2] hwrng: Clean up RNG list when last hwrng is unregistered

On 12/17/2017 03:49 AM, PrasannaKumar Muralidharan wrote: On 17 December 2017 at 14:53, PrasannaKumar Muralidharan <prasannatsmku...@gmail.com> wrote: Hi Gary, Some minor comments below. On 16 December 2017 at 01:25, Gary R Hook <gary.h...@amd.com> wrote: Commit 142a27f0a731 a

[PATCH v2] hwrng: Clean up RNG list when last hwrng is unregistered

ct. Fixes: 142a27f0a731 ("hwrng: core - Reset user selected rng by writing "" to rng_current") Signed-off-by: Gary R Hook <gary.h...@amd.com> --- Changes since v1: fix misspelled word in subject drivers/char/hw_random/core.c |4 1 file changed, 4 insertions(+) diff -

[PATCH] hwrng: Clean up RNG list when last hwrng is unregisterd

ct. Fixes: 142a27f0a731 ("hwrng: core - Reset user selected rng by writing "" to rng_current") Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/char/hw_random/core.c |4 1 file changed, 4 insertions(+) diff --git a/drivers/char/hw_random/core.c b/drivers/char

Re: [Part2 PATCH v8 13/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

.@gondor.apana.org.au> Cc: Gary Hook <gary.h...@amd.com> Cc: Tom Lendacky <thomas.lenda...@amd.com> Cc: linux-crypto@vger.kernel.org Cc: k...@vger.kernel.org Cc: linux-ker...@vger.kernel.org Improvements-by: Borislav Petkov <b...@suse.de> Signed-off-by: Brijesh Singh <

Re: [Part2 PATCH v8 12/38] crypto: ccp: Add Platform Security Processor (PSP) device support

Cc: linux-ker...@vger.kernel.org Improvements-by: Borislav Petkov <b...@suse.de> Signed-off-by: Brijesh Singh <brijesh.si...@amd.com> Reviewed-by: Borislav Petkov <b...@suse.de> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/Kconfig | 11 + dri

Re: [Part2 PATCH v6 15/38] crypto: ccp: Implement SEV_PLATFORM_STATUS ioctl command

-by: Borislav Petkov <b...@suse.de> Signed-off-by: Brijesh Singh <brijesh.si...@amd.com> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/psp-dev.c | 24 1 file changed, 24 insertions(+) diff --git a/drivers/crypto/ccp/psp-dev.c b/driv

Re: [Part2 PATCH v6.1 16/38] crypto: ccp: Implement SEV_PEK_GEN ioctl command

tkov <b...@suse.de> Cc: Herbert Xu <herb...@gondor.apana.org.au> Cc: Gary Hook <gary.h...@amd.com> Cc: Tom Lendacky <thomas.lenda...@amd.com> Cc: linux-crypto@vger.kernel.org Cc: k...@vger.kernel.org Cc: linux-ker...@vger.kernel.org Signed-off-by: Brijesh Singh <brije

Re: [Part2 PATCH v6.1 19/38] crypto: ccp: Implement SEV_PEK_CERT_IMPORT ioctl command

tkov <b...@suse.de> Cc: Herbert Xu <herb...@gondor.apana.org.au> Cc: Gary Hook <gary.h...@amd.com> Cc: Tom Lendacky <thomas.lenda...@amd.com> Cc: linux-crypto@vger.kernel.org Cc: k...@vger.kernel.org Cc: linux-ker...@vger.kernel.org Signed-off-by: Brijesh Singh <brijes

Re: [Part2 PATCH v6.1 20/38] crypto: ccp: Implement SEV_PDH_CERT_EXPORT ioctl command

Cc: Borislav Petkov <b...@suse.de> Cc: Herbert Xu <herb...@gondor.apana.org.au> Cc: Gary Hook <gary.h...@amd.com> Cc: Tom Lendacky <thomas.lenda...@amd.com> Cc: linux-crypto@vger.kernel.org Cc: k...@vger.kernel.org Cc: linux-ker...@vger.kernel.org Signed-off-by: Brijesh Singh &l

Re: [Part2 PATCH v6.1 18/38] crypto: ccp: Implement SEV_PEK_CSR ioctl command

tkov <b...@suse.de> Cc: Herbert Xu <herb...@gondor.apana.org.au> Cc: Gary Hook <gary.h...@amd.com> Cc: Tom Lendacky <thomas.lenda...@amd.com> Cc: linux-crypto@vger.kernel.org Cc: k...@vger.kernel.org Cc: linux-ker...@vger.kernel.org Signed-off-by: Brijesh Singh <brijesh.si

Re: [Part2 PATCH v6 14/38] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command

-by: Borislav Petkov <b...@suse.de> Signed-off-by: Brijesh Singh <brijesh.si...@amd.com> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/psp-dev.c | 28 +++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/drivers/crypto

Re: [Part2 PATCH v6 17/38] crypto: ccp: Implement SEV_PDH_GEN ioctl command

v Petkov <b...@suse.de> Cc: Herbert Xu <herb...@gondor.apana.org.au> Cc: Gary Hook <gary.h...@amd.com> Cc: Tom Lendacky <thomas.lenda...@amd.com> Cc: linux-crypto@vger.kernel.org Cc: k...@vger.kernel.org Cc: linux-ker...@vger.kernel.org Signed-off-by: Brijesh Singh <brije

Re: [Part2 PATCH v6 12/38] crypto: ccp: Add Platform Security Processor (PSP) device support

Cc: linux-ker...@vger.kernel.org Improvements-by: Borislav Petkov <b...@suse.de> Signed-off-by: Brijesh Singh <brijesh.si...@amd.com> Reviewed-by: Borislav Petkov <b...@suse.de> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/Kconfig | 11 + dri

Re: [Part2 PATCH v6 09/38] crypto: ccp: Build the AMD secure processor driver only with AMD CPU support

rijesh Singh <brijesh.si...@amd.com> Cc: Brijesh Singh <brijesh.si...@amd.com> Cc: Tom Lendacky <thomas.lenda...@amd.com> Cc: Gary Hook <gary.h...@amd.com> Cc: Herbert Xu <herb...@gondor.apana.org.au> Cc: "David S. Miller" <da...@davemloft.net> Cc: linux-crypto@vge

Re: [Part2 PATCH v6 11/38] crypto: ccp: Define SEV key management command id

er.kernel.org Cc: linux-ker...@vger.kernel.org Improvements-by: Borislav Petkov <b...@suse.de> Signed-off-by: Brijesh Singh <brijesh.si...@amd.com> Reviewed-by: Borislav Petkov <b...@suse.de> Acked-by: Gary R Hook <gary.h...@amd.com> --- include/linux/psp-sev.h | 494

Re: [Part2 PATCH v6 10/38] crypto: ccp: Define SEV userspace ioctl and command id

Signed-off-by: Brijesh Singh <brijesh.si...@amd.com> Reviewed-by: Borislav Petkov <b...@suse.de> Acked-by: Gary R Hook <gary.h...@amd.com> --- include/uapi/linux/psp-sev.h | 113 +++ 1 file changed, 113 insertions(+) create mode 100644 i

Re: [PATCH] crypto: ccp: remove unused variable qim

de the same function as v3") Signed-off-by: Colin Ian King <colin.k...@canonical.com> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-dev-v5.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/c

Re: [RFC Part2 PATCH v3 02/26] crypto: ccp: Add Platform Security Processor (PSP) device support

On 09/07/2017 05:19 PM, Brijesh Singh wrote: Hi Boris, On 09/07/2017 09:27 AM, Borislav Petkov wrote: ... The commit message above reads better to me as the help text than what you have here. Also, in order to make it easier for the user, I think we'll need a CONFIG_AMD_MEM_ENCRYPT_SEV or

[PATCH] crypto:ccp - invoke the DMA callback in a standard way

From: amd <a...@sosxen2.amd.com> Use the provided mechanism in dmaengine.h to invoke the completion callback. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-dmaengine.c |4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/cr

[PATCH] crypto: ccp - unmap pages and remove unmap objects in callback

From: amd <a...@sosxen2.amd.com> Clean up the mapped pages and the unmap object once we are done with it. This enables the final clean-up of the object once the transfer is complete. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-dmaengine.c |1 + 1

Re: [PATCH] crypto: ccp - Fix XTS-AES-128 support on v5 CCPs

On 08/18/2017 11:02 PM, Herbert Xu wrote: On Fri, Aug 18, 2017 at 11:41:04AM -0500, Gary R Hook wrote: On Tue, Jul 25, 2017 at 02:12:11PM -0500, Gary R Hook wrote: Version 5 CCPs have some new requirements for XTS-AES: the type field must be specified, and the key requires 512 bits, with each

Re: [PATCH] crypto: ccp - Fix XTS-AES support on a version 5 CCP

On 08/18/2017 11:19 AM, Gary R Hook wrote: On 07/17/2017 04:48 PM, Lendacky, Thomas wrote: On 7/17/2017 3:08 PM, Gary R Hook wrote: Version 5 CCPs have differing requirements for XTS-AES: key components are stored in a 512-bit vector. The context must be little-endian justified. AES-256

Re: [PATCH] crypto: ccp - Fix XTS-AES-128 support on v5 CCPs

On Tue, Jul 25, 2017 at 02:12:11PM -0500, Gary R Hook wrote: > Version 5 CCPs have some new requirements for XTS-AES: the type field > must be specified, and the key requires 512 bits, with each part > occupying 256 bits and padded with zeroes. > > cc: <sta...@vger.kernel.org>

Re: [PATCH] crypto: ccp - Fix XTS-AES support on a version 5 CCP

On 07/17/2017 04:48 PM, Lendacky, Thomas wrote: On 7/17/2017 3:08 PM, Gary R Hook wrote: Version 5 CCPs have differing requirements for XTS-AES: key components are stored in a 512-bit vector. The context must be little-endian justified. AES-256 is supported now, so propagate the cipher size

Re: [PATCH v5 02/19] crypto: ccp: use -EAGAIN for transient busy indication

On 08/14/2017 10:21 AM, Gilad Ben-Yossef wrote: Replace -EBUSY with -EAGAIN when reporting transient busy indication in the absence of backlog. Signed-off-by: Gilad Ben-Yossef <gi...@benyossef.com> Reviewed-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-crypt

Re: crypto: ccp: use dma_mapping_error to check map error

Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-ops.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c index c0dfdac..ca83d19 100644 --- a/drivers/crypto/ccp/ccp-ops.c +++ b/drivers/crypto/c

Re: [PATCH v4 02/19] crypto: ccm: use -EAGAIN for transient busy indication

On 08/08/2017 07:03 AM, Gilad Ben-Yossef wrote: Replace -EBUSY with -EAGAIN when reporting transient busy indication in the absence of backlog. Signed-off-by: Gilad Ben-Yossef Could we use "ccp" in the subject line, please? --- drivers/crypto/ccp/ccp-crypto-main.c | 8

Re: [PATCH] crypto: ccp - avoid uninitialized variable warning

if (sb_count) cmd_q->ccp->vdata->perform->sbfree(cmd_q, op.sb_key, sb_count); return ret; Reviewed-by: Gary R Hook <gary.h...@amd.com>

Re: [PATCH] crypto: ccp - avoid uninitialized variable warning

On 08/01/2017 03:35 PM, Arnd Bergmann wrote: On Tue, Aug 1, 2017 at 4:52 PM, Gary R Hook <gary.h...@amd.com> wrote: On 07/31/2017 03:49 PM, Arnd Bergmann wrote: The added support for version 5 CCPs introduced a false-positive warning in the RSA implementation: drivers/crypto/ccp/ccp

Re: [PATCH] crypto: ccp - select CONFIG_CRYPTO_RSA

select CRYPTO_AUTHENC + select CRYPTO_RSA help Support for using the cryptographic API with the AMD Cryptographic Coprocessor. This module supports offload of SHA and AES algorithms. Reviewed by: Gary R Hook <gary.h...@amd.com>

Re: [PATCH] crypto: ccp - avoid uninitialized variable warning

On 07/31/2017 03:49 PM, Arnd Bergmann wrote: The added support for version 5 CCPs introduced a false-positive warning in the RSA implementation: drivers/crypto/ccp/ccp-ops.c: In function 'ccp_run_rsa_cmd': drivers/crypto/ccp/ccp-ops.c:1856:3: error: 'sb_count' may be used uninitialized in this

Re: [PATCH v3 0/3] Update support for XTS-AES on AMD CCPs

t comments - Remove unnecessary variable - Delay a change (that belongs in the CCP v5 patch) Changes since v1: - rework the validation of the unit-size; move to a separate patch - expand the key buffer to accommodate 256-bit keys - use xts_check_key() in the crypto layer --- Gary

[PATCH v3 0/3] Update support for XTS-AES on AMD CCPs

- Remove unnecessary variable - Delay a change (that belongs in the CCP v5 patch) Changes since v1: - rework the validation of the unit-size; move to a separate patch - expand the key buffer to accommodate 256-bit keys - use xts_check_key() in the crypto layer --- Gary R Hook (3): crypto

[PATCH v3 1/3] crypto: ccp - Add a call to xts_check_key()

Vet the key using the available standard function Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-crypto-aes-xts.c |9 - 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/ccp-crypto-aes-xts.c b/drivers/crypto/ccp/ccp-cryp

[PATCH v3 2/3] crypto: ccp - Rework the unit-size check for XTS-AES

The CCP supports a limited set of unit-size values. Change the check for this parameter such that acceptable values match the enumeration. Then clarify the conditions under which we must use the fallback implementation. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/c

[PATCH v3 3/3] crypto: ccp - Add XTS-AES-256 support for CCP version 5

Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-crypto-aes-xts.c | 26 ++ drivers/crypto/ccp/ccp-crypto.h |2 +- drivers/crypto/ccp/ccp-ops.c|2 ++ 3 files changed, 25 insertions(+), 5 deletions(-) diff

[PATCH] crypto: ccp - Fix XTS-AES-128 support on v5 CCPs

Version 5 CCPs have some new requirements for XTS-AES: the type field must be specified, and the key requires 512 bits, with each part occupying 256 bits and padded with zeroes. cc: <sta...@vger.kernel.org> # 4.9.x+ Signed-off-by: Gary R Hook <gh...@amd.com> --- drivers/crypto/cc

[PATCH v2 4/4] crypto: ccp - Add XTS-AES-256 support for CCP version 5

Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-crypto-aes-xts.c | 16 +--- drivers/crypto/ccp/ccp-crypto.h |2 +- drivers/crypto/ccp/ccp-ops.c|3 +++ 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/drivers/

[PATCH v2 0/4] Update support for XTS-AES on AMD CCPs

xts_check_key() in the crypto layer --- Gary R Hook (4): crypto: ccp - Add a call to xts_check_key() crypto: ccp - Enable XTS-AES-128 support on all CCPs crypto: ccp - Rework the unit-size check for XTS-AES crypto: ccp - Add XTS-AES-256 support for CCP version 5 drivers/crypto

[PATCH v2 3/4] crypto: ccp - Rework the unit-size check for XTS-AES

The CCP supports a limited set of unit-size values. Change the check for this parameter such that acceptable values match the enumeration. Then clarify the conditions under which we must use the fallback implementation. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/c

[PATCH v2 1/4] crypto: ccp - Add a call to xts_check_key()

Vet the key using the available standard function Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-crypto-aes-xts.c |9 - 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/ccp-crypto-aes-xts.c b/drivers/crypto/ccp/ccp-cryp

[PATCH v2 2/4] crypto: ccp - Enable XTS-AES-128 support on all CCPs

Version 5 CCPs have some new requirements for XTS-AES: the type field must be specified, and the key requires 512 bits, with each part occupying 256 bits and padded with zeroes. Signed-off-by: Gary R Hook <gh...@amd.com> --- drivers/crypto/ccp/ccp-dev-v5.c |2 ++ drivers/crypto/ccp/ccp

Re: [PATCH] crypto: ccp - Fix XTS-AES support on a version 5 CCP

On 07/17/2017 04:48 PM, Lendacky, Thomas wrote: On 7/17/2017 3:08 PM, Gary R Hook wrote: Version 5 CCPs have differing requirements for XTS-AES: key components are stored in a 512-bit vector. The context must be little-endian justified. AES-256 is supported now, so propagate the cipher size

Re: Poor RNG performance on Ryzen

On 07/21/2017 09:47 AM, Theodore Ts'o wrote: On Fri, Jul 21, 2017 at 01:39:13PM +0200, Oliver Mangold wrote: Better, but obviously there is still much room for improvement by reducing the number of calls to RDRAND. Hmm, is there some way we can easily tell we are running on Ryzen? Or do we

Re: [PATCH] crypto: ccp - Fix XTS-AES support on a version 5 CCP

On 07/18/2017 01:28 AM, Stephan Müller wrote: Am Montag, 17. Juli 2017, 22:08:27 CEST schrieb Gary R Hook: Hi Gary, Version 5 CCPs have differing requirements for XTS-AES: key components are stored in a 512-bit vector. The context must be little-endian justified. AES-256 is supported now, so

[PATCH 4/4] csrypto: ccp - Expand RSA support for a v5 ccp

A version 5 CCP can handle an RSA modulus up to 16k bits. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-crypto-rsa.c |5 - drivers/crypto/ccp/ccp-crypto.h |1 + drivers/crypto/ccp/ccp-dev-v3.c |1 + drivers/crypto/ccp/ccp-dev-v5.c

[PATCH 3/4] crypto: ccp - Add support for RSA on the CCP

Wire up the CCP as an RSA cipher provider. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/Makefile |1 drivers/crypto/ccp/ccp-crypto-main.c | 19 ++ drivers/crypto/ccp/ccp-crypto-rsa.c | 296 ++ drivers/crypto/c

[PATCH 1/4] crypto: ccp - Fix base RSA function for version 5 CCPs

Version 5 devices have requirements for buffer lengths, as well as parameter format (e.g. bits vs. bytes). Fix the base CCP driver code to meet requirements all supported versions. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-dev-v5.c | 10 +++-- drivers/cryp

[PATCH 2/4] crypto: Add akcipher_set_reqsize() function

Signed-off-by: Gary R Hook <gary.h...@amd.com> --- 0 files changed diff --git a/include/crypto/internal/akcipher.h b/include/crypto/internal/akcipher.h index 479a0078f0f7..805686ba2be4 100644 --- a/include/crypto/internal/akcipher.h +++ b/include/crypto/internal/akcipher.h @@ -38,6

[PATCH 0/4] Enable RSA Support on the CCP

This series accomplishes the following: - Fix RSA support in the base CCP driver - Add the akcipher_set_reqsize() function - Enable RSA support in the crypto layer - Allow for a larger RSA modulus in a version 5 CCP --- Gary R Hook (4): crypto: ccp - Fix base RSA function for version

[PATCH] crypto: ccp - Fix XTS-AES support on a version 5 CCP

Version 5 CCPs have differing requirements for XTS-AES: key components are stored in a 512-bit vector. The context must be little-endian justified. AES-256 is supported now, so propagate the cipher size to the command descriptor. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/

[PATCH] crypto: ccp - Update copyright dates for 2017.

Some updates this year have not had copyright dates changed in modified files. Correct this for 2017. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-crypto-aes-galois.c |2 +- drivers/crypto/ccp/ccp-crypto-des3.c |2 +- drivers/crypto/ccp/ccp-

Re: [PATCH v3 RESEND 5/5] crypto: ccp - remove ccp_present() check from device initialize

On 06/29/2017 11:54 AM, Singh, Brijesh wrote: Since SP device driver supports multiples devices (e.g CCP, PSP), we should not fail the driver init just because CCP device is not found. Signed-off-by: Brijesh Singh <brijesh.si...@amd.com> Acked-by: Gary R Hook <gary.h..

Re: [PATCH v3 RESEND 4/5] crypto: ccp - rename ccp driver initialize files as sp device

other than renaming file and structures Signed-off-by: Brijesh Singh <brijesh.si...@amd.com> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/Makefile| 4 +- drivers/crypto/ccp/ccp-dev.h | 6 -- drivers/c

Re: [PATCH v3 RESEND 2/5] crypto: ccp - Introduce the AMD Secure Processor device

-by: Brijesh Singh <brijesh.si...@amd.com> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/Kconfig| 6 +- drivers/crypto/ccp/Kconfig| 21 +++-- drivers/crypto/ccp/Makefile | 4 +- drivers/crypto/ccp/ccp-dev-v3.c | 4 +- drivers/crypto/cc

Re: [PATCH v3 RESEND 3/5] crypto: cpp - Abstract interrupt registeration

will be invoked upon interrupt. Signed-off-by: Brijesh Singh <brijesh.si...@amd.com> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-dev-v3.c | 6 +-- drivers/crypto/ccp/ccp-dev-v5.c | 7 ++- drivers/crypto/ccp/ccp-dev.c | 3 +- drivers/crypto/ccp/ccp-dev.

Re: [PATCH v3 RESEND 1/5] crypto: ccp - Use devres interface to allocate PCI/iomap and cleanup

com> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-dev-v3.c | 7 +++ drivers/crypto/ccp/ccp-dev.c | 61 drivers/crypto/ccp/ccp-dev.h | 6 ++ drivers/crypto/ccp/ccp-pci.c | 114 +- driver

Re: [PATCH] crypto: ccp-platform: print error message on platform_get_irq failure

On 06/30/2017 12:59 AM, Gustavo A. R. Silva wrote: Print error message on platform_get_irq failure before return. Signed-off-by: Gustavo A. R. Silva --- drivers/crypto/ccp/ccp-platform.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git

[PATCH v3] crypto: ccp - Provide an error path for debugfs setup failure

Changes since v2: - On failure remove only the DebugFS heirarchy for this device Changes since v1: - Remove unneeded local variable Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-debugfs.c | 15 ++- 1 file changed, 10 insertions(+), 5 del

Re: [PATCH 2] crypto: ccp - Provide a roll-back method for debugfs setup

On 06/27/2017 08:57 AM, Hook, Gary wrote: Changes since v1: - Remove unneeded local variable My apologies for this patch... Pretty sure that the first version won't pass review anyway because of this. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-deb

[PATCH] crypto: ccp - Change all references to use the JOB ID macro

Use the CCP_NEW_JOBID() macro when assigning an identifier Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-ops.c |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c index c0dfda

[PATCH] crypto: ccp - Fix some line spacing

Add/remove blank lines as appropriate. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-dev.c |1 + include/linux/ccp.h |1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c

[PATCH 2] crypto: ccp - Provide a roll-back method for debugfs setup

Changes since v1: - Remove unneeded local variable Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-debugfs.c | 17 - 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/ccp/ccp-debugfs.c b/drivers/crypto/ccp/ccp-deb

Re: [PATCH 3/4] crypto: ccp - Add support for RSA on the CCP

On 06/22/2017 12:15 AM, Stephan Müller wrote: Am Donnerstag, 22. Juni 2017, 00:48:01 CEST schrieb Gary R Hook: Hi Gary, Thanks, Stephen. Good catch(es). I will re-work this, but it looks like my changes should wait until after the patch set posted by Brijesh (Introduce AMD Secure Processor

[PATCH 4/4] crypto: ccp - Expand RSA support for a v5 ccp

A V5 device can accommodate larger keys, as well as read the keys directly from memory instead of requiring them to be in a local storage block. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-crypto-rsa.c |5 - drivers/crypto/ccp/ccp-crypto.h

[PATCH 3/4] crypto: ccp - Add support for RSA on the CCP

Wire up the v3 CCP as a cipher provider. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/Makefile |1 drivers/crypto/ccp/ccp-crypto-main.c | 21 ++ drivers/crypto/ccp/ccp-crypto-rsa.c | 286 ++ drivers/crypto/c

[PATCH 1/4] crypto: ccp - Fix base RSA function for version 5 CCPs

Version 5 devices have requirements for buffer lengths, as well as parameter format (e.g. bits vs. bytes). Fix the base CCP driver code to meet requirements all supported versions. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-dev-v5.c | 10 ++-- drivers/cryp

[PATCH 2/4] crypto: Add akcipher_set_reqsize() function

Signed-off-by: Gary R Hook <gary.h...@amd.com> --- include/crypto/internal/akcipher.h |6 ++ 1 file changed, 6 insertions(+) diff --git a/include/crypto/internal/akcipher.h b/include/crypto/internal/akcipher.h index 479a0078f0f7..805686ba2be4 100644 --- a/include/crypto/in

[PATCH 0/4] Enable full RSA support on CCPs

The following series enables RSA operations on version 5 devices, adds a set-reqsize function (to provide uniformity with other cipher APIs), implements akcipher enablement in the crypto layer, and makes a tweak for expanded v5 device capabilities. --- Gary R Hook (4): crypto: ccp - Fix

[PATCH] crypto: ccp - Provide a roll-back method for debugfs setup

Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-debugfs.c | 18 +- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/ccp/ccp-debugfs.c b/drivers/crypto/ccp/ccp-debugfs.c index 3cd6c83754e0..99aba1622613 100644 --- a/d

[PATCH] crypto: ccp - Release locks before returning

krobot warning: make sure that all error return paths release locks. Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-debugfs.c |7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/ccp/ccp-debugfs.c b/drivers/crypto/c

Re: [PATCH v2 9/9] crypto: ccp - Use IPAD/OPAD constant

On 5/19/2017 1:53 AM, Corentin Labbe wrote: This patch simply replace all occurrence of HMAC IPAD/OPAD value by their define. Signed-off-by: Corentin Labbe <clabbe.montj...@gmail.com> Acked-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/ccp-crypto-sha.c | 5 ++

[PATCH V2] crypto: ccp - Add debugfs entries for CCP information

: - Correct polarity of test when destroying devices at module unload Signed-off-by: Gary R Hook <gary.h...@amd.com> --- drivers/crypto/ccp/Makefile |3 drivers/crypto/ccp/ccp-debugfs.c | 345 ++ drivers/crypto/ccp/ccp-dev-v5.c | 28 +++ drivers/

[PATCH] crypto: ccp - Add debugfs entries for CCP information

se @@ -956,6 +973,9 @@ static int ccp5_init(struct ccp_device *ccp) if (ret) goto e_hwrng; + /* Set up debugfs entries */ + ccp5_debugfs_setup(ccp); + return 0; e_hwrng: @@ -992,6 +1012,12 @@ static void ccp5_destroy(struct ccp_device *ccp)

  1   2   3   >