[PATCH v6 1/5] random: Blocking API for accessing nonblocking_pool

The added API calls provide a synchronous function call get_blocking_random_bytes where the caller is blocked until the nonblocking_pool is initialized. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- drivers/char/random.c

[PATCH v6 4/5] crypto: drbg - use Jitter RNG to obtain seed

d-off-by: Stephan Mueller --- crypto/drbg.c | 46 -- include/crypto/drbg.h | 1 + 2 files changed, 41 insertions(+), 6 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 2b2738e..1224c0c 100644 --- a/crypto/drbg.c +++ b/crypto/d

Re: [PATCH v5 1/5] random: Async and sync API for accessing nonblocking_pool

Am Montag, 11. Mai 2015, 14:57:14 schrieb Herbert Xu: Hi Herbert, > >There are two problems with this patch: > >1) The interface is way too complicated for a once off wait used >only during boot. Really there is no need for cancellations. I will remove that in the next installment. But that mean

[PATCH v5 2/5] crypto: drbg - prepare for async seeding

for the initial seeding operation as well as by the asynchronous seeding call. The memory must be zeroized every time the DRBG seeding call succeeds to avoid entropy data lingering in memory. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/d

[PATCH v5 1/5] random: Async and sync API for accessing nonblocking_pool

random number gathering operation. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- drivers/char/random.c | 104 + include/linux/random.h | 20 ++ 2 files changed, 124 insertions(+) diff

[PATCH v5 4/5] crypto: drbg - use Jitter RNG to obtain seed

d-off-by: Stephan Mueller --- crypto/drbg.c | 46 -- include/crypto/drbg.h | 1 + 2 files changed, 41 insertions(+), 6 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 693dac4..6e2b272 100644 --- a/crypto/drbg.c +++ b/crypto/d

[PATCH v5 5/5] crypto: add jitterentropy RNG

kernel. The RNG only needs a high-resolution time stamp. Further design details, the cryptographic assessment and large array of test results are documented at http://www.chronox.de/jent.html. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/Kc

[PATCH v5 0/5] Seeding DRBG with more entropy

underlying hardware is not suitable for the Jitter RNG (e.g. has a too coarse timer). [1] http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg13891.html [2] http://www.chronox.de/jent.html Stephan Mueller (5): random: Async and sync API for accessing nonblocking_pool crypto: drbg

[PATCH v5 3/5] crypto: drbg - add async seeding operation

actual seeding of the DRBG. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/drbg.c | 41 + include/crypto/drbg.h | 1 + 2 files changed, 42 insertions(+) diff --git a/crypto/drbg.c b/c

Re: [PATCH v4 0/6] Seeding DRBG with more entropy

Am Sonntag, 3. Mai 2015, 16:58:34 schrieb Theodore Ts'o: Hi Theodore, >On Sun, May 03, 2015 at 05:33:00PM +0200, Stephan Mueller wrote: >> The patch set adds an in-kernel /dev/random equivalent that was discussed >> with Ted Ts'o last July -- see [2] and [3]. A te

[PATCH v4 6/6] crypto: add jitterentropy RNG

kernel. The RNG only needs a high-resolution time stamp. Further design details, the cryptographic assessment and large array of test results are documented at http://www.chronox.de/jent.html. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/Kc

[PATCH v4 2/6] random: Async and sync API for accessing kernel_pool

is invoked once the request is completed. A third API call, get_blocking_random_bytes_cancel, is provided to cancel the random number gathering operation. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- drivers/char/random.c

[PATCH v4 0/6] Seeding DRBG with more entropy

13891.html [2] https://lkml.org/lkml/2014/4/27/174 [3] http://comments.gmane.org/gmane.linux.kernel/1701117 [4] http://www.chronox.de/jent.html Stephan Mueller (6): random: Addition of kernel_pool random: Async and sync API for accessing kernel_pool crypto: drbg - prepare for async seeding c

[PATCH v4 1/6] random: Addition of kernel_pool

arris Signed-off-by: Stephan Mueller --- drivers/char/random.c | 52 ++- 1 file changed, 39 insertions(+), 13 deletions(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index 9cd6968..0b139dc 100644 --- a/drivers/char/random.c +++ b/drivers

[PATCH v4 3/6] crypto: drbg - prepare for async seeding

for the initial seeding operation as well as by the asynchronous seeding call. The memory must be zeroized every time the DRBG seeding call succeeds to avoid entropy data lingering in memory. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/d

[PATCH v4 5/6] crypto: drbg - use Jitter RNG to obtain seed

d-off-by: Stephan Mueller --- crypto/drbg.c | 46 -- include/crypto/drbg.h | 1 + 2 files changed, 41 insertions(+), 6 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 693dac4..6e2b272 100644 --- a/crypto/drbg.c +++ b/crypto/d

[PATCH v4 4/6] crypto: drbg - add async seeding operation

actual seeding of the DRBG. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/drbg.c | 41 + include/crypto/drbg.h | 1 + 2 files changed, 42 insertions(+) diff --git a/crypto/drbg.c b/c

Re: [PATCH RFC 1/2] crypto: add PKE API

Am Donnerstag, 30. April 2015, 15:36:52 schrieb Tadeusz Struk: Hi Tadeusz, >Add Public Key Encryption API. > >Signed-off-by: Tadeusz Struk >--- > crypto/Kconfig |6 + > crypto/Makefile|1 > crypto/crypto_user.c | 23 + > crypto/pke.c | 114

Re: [PATCH v3 4/6] crypto: drbg - add async seeding operation

Am Freitag, 1. Mai 2015, 11:13:31 schrieb Herbert Xu: Hi Herbert, >On Tue, Apr 28, 2015 at 05:00:03AM +0200, Stephan Mueller wrote: >> @@ -1081,6 +1115,11 @@ static int drbg_seed(struct drbg_state *drbg, struct >> drbg_string *pers,> >>

[PATCH v3 2/6] random: Async and sync API for accessing kernel_pool

is invoked once the request is completed. A third API call, get_blocking_random_bytes_cancel, is provided to cancel the random number gathering operation. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- drivers/char/random.c

[PATCH v3 3/6] crypto: drbg - prepare for async seeding

for the initial seeding operation as well as by the asynchronous seeding call. The memory must be zeroized every time the DRBG seeding call succeeds to avoid entropy data lingering in memory. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/d

[PATCH v3 0/6] Seeding DRBG with more entropy

s not suitable for the Jitter RNG (e.g. has a too coarse timer). [1] http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg13891.html [2] https://lkml.org/lkml/2014/4/27/174 [3] http://comments.gmane.org/gmane.linux.kernel/1701117 [4] http://www.chronox.de/jent.html Stephan Muell

[PATCH v3 1/6] random: Addition of kernel_pool

arris Signed-off-by: Stephan Mueller --- drivers/char/random.c | 52 ++- 1 file changed, 39 insertions(+), 13 deletions(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index 9cd6968..0b139dc 100644 --- a/drivers/char/random.c +++ b/drivers

[PATCH v3 4/6] crypto: drbg - add async seeding operation

actual seeding of the DRBG. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/drbg.c | 46 ++ include/crypto/drbg.h | 1 + 2 files changed, 47 insertions(+) diff --git a/crypto/drbg.c b/c

[PATCH v3 6/6] crypto: add jitterentropy RNG

kernel. The RNG only needs a high-resolution time stamp. Further design details, the cryptographic assessment and large array of test results are documented at http://www.chronox.de/jent.html. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/Kc

[PATCH v3 5/6] crypto: drbg - use Jitter RNG to obtain seed

d-off-by: Stephan Mueller --- crypto/drbg.c | 46 -- include/crypto/drbg.h | 1 + 2 files changed, 41 insertions(+), 6 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 13dd626..fe081e1 100644 --- a/crypto/drbg.c +++ b/crypto/d

Re: [BUG/PATCH] kernel RNG and its secrets

Am Montag, 27. April 2015, 22:34:30 schrieb Daniel Borkmann: Hi Daniel, > On 04/27/2015 09:10 PM, Stephan Mueller wrote: > ... > > > I posted the issue on the clang mailing list on April 10 -- no word so > > far. I would interpret this as a sign that it is a no-is

Re: [BUG/PATCH] kernel RNG and its secrets

Am Freitag, 10. April 2015, 16:50:22 schrieb Stephan Mueller: Hi Stephan, >Am Freitag, 10. April 2015, 16:46:04 schrieb Daniel Borkmann: > >Hi Daniel, > >>On 04/10/2015 04:36 PM, Stephan Mueller wrote: >>> Am Freitag, 10. April 2015, 16:26:00 schrieb Hannes Fre

Re: [PATCH v2 1/6] random: Addition of kernel_pool

Am Montag, 27. April 2015, 14:56:09 schrieb Herbert Xu: Hi Herbert, >On Sat, Apr 25, 2015 at 05:40:41PM +0200, Stephan Mueller wrote: >> +if (p->entropy_count <= >> +p->poolinfo->poolfracbits / 4) {

[PATCH v2 1/6] random: Addition of kernel_pool

arris Signed-off-by: Stephan Mueller --- drivers/char/random.c | 52 ++- 1 file changed, 39 insertions(+), 13 deletions(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index 9cd6968..2868754 100644 --- a/drivers/char/random.c +++ b/drivers

[PATCH v2 2/6] random: Async and sync API for accessing kernel_pool

is invoked once the request is completed. A third API call, get_blocking_random_bytes_cancel, is provided to cancel the random number gathering operation. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- drivers/char/random.c

[PATCH v2 4/6] crypto: drbg - add async seeding operation

actual seeding of the DRBG. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/drbg.c | 46 ++ include/crypto/drbg.h | 1 + 2 files changed, 47 insertions(+) diff --git a/crypto/drbg.c b/c

[PATCH v2 5/6] crypto: drbg - use Jitter RNG to obtain seed

d-off-by: Stephan Mueller --- crypto/drbg.c | 46 -- include/crypto/drbg.h | 1 + 2 files changed, 41 insertions(+), 6 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 13dd626..fe081e1 100644 --- a/crypto/drbg.c +++ b/crypto/d

[PATCH v2 3/6] crypto: drbg - prepare for async seeding

for the initial seeding operation as well as by the asynchronous seeding call. The memory must be zeroized every time the DRBG seeding call succeeds to avoid entropy data lingering in memory. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/d

[PATCH v2 0/6] Seeding DRBG with more entropy

http://comments.gmane.org/gmane.linux.kernel/1701117 [4] http://www.chronox.de/jent.html Stephan Mueller (6): random: Addition of kernel_pool random: Async and sync API for accessing kernel_pool crypto: drbg - prepare for async seeding crypto: drbg - add async seeding operation crypto: drbg - use Jitte

[PATCH v2 6/6] crypto: add jitterentropy RNG

kernel. The RNG only needs a high-resolution time stamp. Further design details, the cryptographic assessment and large array of test results are documented at http://www.chronox.de/jent.html. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/Kc

Re: [PATCH 6/6] crypto: add jitterentropy RNG

Am Donnerstag, 23. April 2015, 16:18:31 schrieb Paul Bolle: Hi Paul, > On Thu, 2015-04-23 at 16:08 +0200, Stephan Mueller wrote: > > Other patches that are in the kernel that I wrote (e.g. > > the crypto/drbg.c) have the same license as above, but use > > MODULE_LICENSE(&

Re: [PATCH 6/6] crypto: add jitterentropy RNG

Am Donnerstag, 23. April 2015, 16:05:08 schrieb Paul Bolle: Hi Paul, > A nit only, I'm afraid: this patch adds a license mismatch. > > On Wed, 2015-04-22 at 21:25 +0200, Stephan Mueller wrote: > > --- /dev/null > > +++ b/crypto/jitterentr

[PATCH 5/6] crypto: drbg - use Jitter RNG to obtain seed

d-off-by: Stephan Mueller --- crypto/drbg.c | 44 ++-- include/crypto/drbg.h | 1 + 2 files changed, 39 insertions(+), 6 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index cdc23c8..c98941a 100644 --- a/crypto/drbg.c +++ b/crypto/d

[PATCH 6/6] crypto: add jitterentropy RNG

kernel. The RNG only needs a high-resolution time stamp. Further design details, the cryptographic assessment and large array of test results are documented at http://www.chronox.de/jent.html. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/Kc

[PATCH 2/6] random: Async and sync API for accessing kernel_pool

is invoked once the request is completed. A third API call, get_blocking_random_bytes_cancel, is provided to cancel the random number gathering operation. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- drivers/char/random.c

[PATCH 0/6] Seeding DRBG with more entropy

.mail-archive.com/linux-crypto@vger.kernel.org/msg13891.html [2] https://lkml.org/lkml/2014/4/27/174 [3] http://comments.gmane.org/gmane.linux.kernel/1701117 [4] http://www.chronox.de/jent.html Stephan Mueller (6): random: Addition of kernel_pool random: Async and sync API for accessing kernel

[PATCH 1/6] random: Addition of kernel_pool

arris Signed-off-by: Stephan Mueller --- drivers/char/random.c | 52 ++- 1 file changed, 39 insertions(+), 13 deletions(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index 9cd6968..2868754 100644 --- a/drivers/char/random.c +++ b/drivers

[PATCH 3/6] crypto: drbg - prepare for async seeding

for the initial seeding operation as well as by the asynchronous seeding call. The memory must be zeroized every time the DRBG seeding call succeeds to avoid entropy data lingering in memory. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/d

[PATCH 4/6] crypto: drbg - add async seeding operation

actual seeding of the DRBG. CC: Andreas Steffen CC: Theodore Ts'o CC: Sandy Harris Signed-off-by: Stephan Mueller --- crypto/drbg.c | 46 ++ include/crypto/drbg.h | 1 + 2 files changed, 47 insertions(+) diff --git a/crypto/drbg.c b/c

Re: [PATCH 0/2] crypto: add new driver for Marvell CESA

Am Donnerstag, 9. April 2015, 16:58:41 schrieb Boris Brezillon: Hi Boris, >Hello, > >This is an attempt to replace the mv_cesa driver by a new one to address >some limitations of the existing driver. >From a performance and CPU load point of view the most important >limitation is the lack of DMA

[PATCH v4] crypto: remove instance when test failed

: Stephan Mueller --- crypto/algapi.c | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/crypto/algapi.c b/crypto/algapi.c index f1d0307..1907d5b 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -522,7 +522,10 @@ int crypto_register_instance(struct crypto_template

Re: [PATCH v3] crypto: remove instance when test failed

Am Donnerstag, 9. April 2015, 17:40:35 schrieb Herbert Xu: Hi Herbert, >On Thu, Apr 09, 2015 at 11:22:19AM +0200, Stephan Mueller wrote: >> I tested it and this approach does not work. >> >> If I see that right, the reason for that is the following: The suggestion >>

Re: [PATCH v3] crypto: remove instance when test failed

Am Donnerstag, 9. April 2015, 15:41:41 schrieb Herbert Xu: Hi Herbert, >On Thu, Apr 09, 2015 at 09:36:03AM +0200, Stephan Mueller wrote: >> diff --git a/crypto/algapi.c b/crypto/algapi.c >> index f1d0307..cfca1de 100644 >> --- a/crypto/algapi.c >> +++ b/crypto/al

[PATCH v3] crypto: remove instance when test failed

: Stephan Mueller --- crypto/algapi.c | 12 1 file changed, 12 insertions(+) diff --git a/crypto/algapi.c b/crypto/algapi.c index f1d0307..cfca1de 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -533,6 +533,13 @@ int crypto_register_instance(struct crypto_template *tmpl

Re: [PATCH v2] crypto: remove instance when test failed

Am Freitag, 3. April 2015, 23:52:46 schrieb Herbert Xu: Hi Herbert, > On Fri, Apr 03, 2015 at 05:17:13PM +0200, Stephan Mueller wrote: > > Wpuldn't crypto_del_alg suffer from the same issue? I see that the > > cra_refcnt is checked. But I guess there would be the same kind

Re: [PATCH v2] crypto: remove instance when test failed

Am Freitag, 3. April 2015, 17:58:28 schrieb Herbert Xu: Hi Herbert, > On Thu, Apr 02, 2015 at 07:05:27PM +0200, Stephan Mueller wrote: > > diff --git a/crypto/algapi.c b/crypto/algapi.c > > index 83b04e0..215c604 100644 > > --- a/crypto/algapi.c > > +++ b/crypto/

[PATCH v2] crypto: remove instance when test failed

: Stephan Mueller --- crypto/algapi.c | 4 1 file changed, 4 insertions(+) diff --git a/crypto/algapi.c b/crypto/algapi.c index 83b04e0..215c604 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -545,6 +545,10 @@ unlock: goto err; crypto_wait_for_test(larval

[PATCH v3 09/20] crypto: mark CAST5 helper ciphers

Flag all CAST5 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/cast5_avx_glue.c | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arch/x86/crypto/cast5_avx_glue.c b/arch/x86

[PATCH v3 08/20] crypto: mark AES-NI Camellia helper ciphers

Flag all AES-NI Camellia helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/camellia_aesni_avx2_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v3 06/20] crypto: mark ghash clmulni helper ciphers

Flag all ash clmulni helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/ghash-clmulni-intel_glue.c | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/x86/crypto/ghash-clmulni

[PATCH v3 05/20] crypto: mark AES-NI helper ciphers

Flag all AES-NI helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/aesni-intel_glue.c | 23 +++ 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/arch/x86/crypto/aesni

[PATCH v3 07/20] crypto: mark GHASH ARMv8 vmull.p64 helper ciphers

Flag all GHASH ARMv8 vmull.p64 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/arm/crypto/ghash-ce-glue.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/arm/crypto/ghash-ce-glue.c b

[PATCH v3 02/20] crypto: testmgr to use CRYPTO_ALG_INTERNAL

Allocate the ciphers irrespectively if they are marked as internal or not. As all ciphers, including the internal ciphers will be processed by the testmgr, it needs to be able to allocate those ciphers. Signed-off-by: Stephan Mueller --- crypto/testmgr.c | 14 +++--- 1 file changed, 7

[PATCH v3 03/20] crypto: cryptd to process CRYPTO_ALG_INTERNAL

The cryptd is used as a wrapper around internal ciphers. Therefore, the cryptd must process the internal cipher by marking cryptd as internal if the underlying cipher is an internal cipher. Signed-off-by: Stephan Mueller --- crypto/ablk_helper.c | 3 ++- crypto/cryptd.c | 49

[PATCH v3 20/20] crypto: mark Multi buffer SHA1 helper cipher

Flag all Multi buffer SHA1 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/sha-mb/sha1_mb.c | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/x86/crypto/sha-mb/sha1_mb.c b/arch

[PATCH v3 12/20] crypto: mark Serpent AVX2 helper ciphers

Flag all Serpent AVX2 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/serpent_avx2_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v3 18/20] crypto: mark 64 bit ARMv8 AES helper ciphers

Flag all 64 bit ARMv8 AES helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/arm64/crypto/aes-glue.c | 12 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/arch/arm64/crypto/aes-glue.c b/arch

[PATCH v3 04/20] crypto: /proc/crypto: identify internal ciphers

With ciphers that now cannot be accessed via the kernel crypto API, callers shall be able to identify the ciphers that are not callable. The /proc/crypto file is added a boolean field identifying that such internal ciphers. Signed-off-by: Stephan Mueller --- crypto/proc.c | 3 +++ 1 file

[PATCH v3 19/20] crypto: mcryptd to process CRYPTO_ALG_INTERNAL

The mcryptd is used as a wrapper around internal ciphers. Therefore, the mcryptd must process the internal cipher by marking mcryptd as internal if the underlying cipher is an internal cipher. Signed-off-by: Stephan Mueller --- crypto/mcryptd.c | 25 +++-- 1 file changed, 23

[PATCH v3 15/20] crypto: mark Twofish AVX helper ciphers

Flag all Twofish AVX helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/twofish_avx_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v3 11/20] crypto: mark CAST6 helper ciphers

Flag all CAST6 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/cast6_avx_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto/cast6_avx_glue.c b/arch

[PATCH v3 13/20] crypto: mark Serpent AVX helper ciphers

Flag all Serpent AVX helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/serpent_avx_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v3 17/20] crypto: mark ARMv8 AES helper ciphers

Flag all ARMv8 AES helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/arm/crypto/aes-ce-glue.c | 12 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/arch/arm/crypto/aes-ce-glue.c b/arch/arm

[PATCH v3 16/20] crypto: mark NEON bit sliced AES helper ciphers

Flag all NEON bit sliced AES helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/arm/crypto/aesbs-glue.c | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arch/arm/crypto/aesbs-glue.c b/arch/arm

[PATCH v3 10/20] crypto: mark AVX Camellia helper ciphers

Flag all AVX Camellia helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/camellia_aesni_avx_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v3 01/20] crypto: prevent helper ciphers from being used

rectly. A new cipher type flag is added: CRYPTO_ALG_INTERNAL. This flag shall be used to mark helper ciphers. These ciphers can only be used if the caller invoke the cipher with CRYPTO_ALG_INTERNAL in the type and mask field. Signed-off-by: Stephan Mueller --- crypto/api.c | 10 +

[PATCH v3 00/20] crypto: restrict usage of helper ciphers

. Changes v3: * Allow a caller to specify type & CRYPTO_ALG_INTERNAL and !(mask & CRYPTO_ALG_INTERNAL) when caller requests a cipher and does not care whether it is marked as internal or not (suggested by Herbert Xu) Stephan Mueller (20): crypto: prevent helper ciphers from being used

[PATCH v3 14/20] crypto: mark Serpent SSE2 helper ciphers

Flag all Serpent SSE2 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/serpent_sse2_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

Re: [PATCH v2 02/20] crypto: testmgr to use CRYPTO_ALG_INTERNAL

Am Dienstag, 31. März 2015, 00:10:34 schrieb Herbert Xu: Hi Herbert, > On Fri, Mar 27, 2015 at 11:50:42PM +0100, Stephan Mueller wrote: > > If a cipher allocation fails with -ENOENT, the testmgr now retries > > to allocate the cipher with CRYPTO_ALG_INTERNAL flag. > >

[PATCH] crypto: remove instance when test failed

: Stephan Mueller --- crypto/algapi.c | 4 1 file changed, 4 insertions(+) diff --git a/crypto/algapi.c b/crypto/algapi.c index 83b04e0..c029afe 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -545,6 +545,10 @@ unlock: goto err; crypto_wait_for_test(larval

[PATCH v2 16/20] crypto: mark NEON bit sliced AES helper ciphers

Flag all NEON bit sliced AES helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/arm/crypto/aesbs-glue.c | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arch/arm/crypto/aesbs-glue.c b/arch/arm

[PATCH v2 17/20] crypto: mark ARMv8 AES helper ciphers

Flag all ARMv8 AES helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/arm/crypto/aes-ce-glue.c | 12 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/arch/arm/crypto/aes-ce-glue.c b/arch/arm

[PATCH v2 20/20] crypto: mark Multi buffer SHA1 helper cipher

Flag all Multi buffer SHA1 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/sha-mb/sha1_mb.c | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/x86/crypto/sha-mb/sha1_mb.c b/arch

[PATCH v2 18/20] crypto: mark 64 bit ARMv8 AES helper ciphers

Flag all 64 bit ARMv8 AES helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/arm64/crypto/aes-glue.c | 12 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/arch/arm64/crypto/aes-glue.c b/arch

[PATCH v2 09/20] crypto: mark CAST5 helper ciphers

Flag all CAST5 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/cast5_avx_glue.c | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arch/x86/crypto/cast5_avx_glue.c b/arch/x86

[PATCH v2 15/20] crypto: mark Twofish AVX helper ciphers

Flag all Twofish AVX helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/twofish_avx_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v2 11/20] crypto: mark CAST6 helper ciphers

Flag all CAST6 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/cast6_avx_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto/cast6_avx_glue.c b/arch

[PATCH v2 19/20] crypto: mcryptd to process CRYPTO_ALG_INTERNAL

The mcryptd is used as a wrapper around internal ciphers. Therefore, the mcryptd must process the internal cipher by marking mcryptd as internal if the underlying cipher is an internal cipher. Signed-off-by: Stephan Mueller --- crypto/mcryptd.c | 25 +++-- 1 file changed, 23

[PATCH v2 10/20] crypto: mark AVX Camellia helper ciphers

Flag all AVX Camellia helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/camellia_aesni_avx_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v2 07/20] crypto: mark GHASH ARMv8 vmull.p64 helper ciphers

Flag all GHASH ARMv8 vmull.p64 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/arm/crypto/ghash-ce-glue.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/arm/crypto/ghash-ce-glue.c b

[PATCH v2 08/20] crypto: mark AES-NI Camellia helper ciphers

Flag all AES-NI Camellia helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/camellia_aesni_avx2_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v2 06/20] crypto: mark ghash clmulni helper ciphers

Flag all ash clmulni helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/ghash-clmulni-intel_glue.c | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/x86/crypto/ghash-clmulni

[PATCH v2 12/20] crypto: mark Serpent AVX2 helper ciphers

Flag all Serpent AVX2 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/serpent_avx2_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v2 13/20] crypto: mark Serpent AVX helper ciphers

Flag all Serpent AVX helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/serpent_avx_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v2 03/20] crypto: cryptd to process CRYPTO_ALG_INTERNAL

The cryptd is used as a wrapper around internal ciphers. Therefore, the cryptd must process the internal cipher by marking cryptd as internal if the underlying cipher is an internal cipher. Signed-off-by: Stephan Mueller --- crypto/ablk_helper.c | 3 ++- crypto/cryptd.c | 49

[PATCH v2 14/20] crypto: mark Serpent SSE2 helper ciphers

Flag all Serpent SSE2 helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/serpent_sse2_glue.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/x86/crypto

[PATCH v2 05/20] crypto: mark AES-NI helper ciphers

Flag all AES-NI helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/x86/crypto/aesni-intel_glue.c | 23 +++ 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/arch/x86/crypto/aesni

[PATCH v2 02/20] crypto: testmgr to use CRYPTO_ALG_INTERNAL

If a cipher allocation fails with -ENOENT, the testmgr now retries to allocate the cipher with CRYPTO_ALG_INTERNAL flag. As all ciphers, including the internal ciphers will be processed by the testmgr, it needs to be able to allocate those ciphers. Signed-off-by: Stephan Mueller --- crypto

[PATCH v2 00/20] crypto: restrict usage of helper ciphers

. Stephan Mueller (20): crypto: prevent helper ciphers from being used crypto: testmgr to use CRYPTO_ALG_INTERNAL crypto: cryptd to process CRYPTO_ALG_INTERNAL crypto: /proc/crypto: identify internal ciphers crypto: mark AES-NI helper ciphers crypto: mark ghash clmulni helper ciphers crypto

[PATCH v2 04/20] crypto: /proc/crypto: identify internal ciphers

With ciphers that now cannot be accessed via the kernel crypto API, callers shall be able to identify the ciphers that are not callable. The /proc/crypto file is added a boolean field identifying that such internal ciphers. Signed-off-by: Stephan Mueller --- crypto/proc.c | 3 +++ 1 file

[PATCH v2 01/20] crypto: prevent helper ciphers from being used

rectly. A new cipher type flag is added: CRYPTO_ALG_INTERNAL. This flag shall be used to mark helper ciphers. These ciphers can only be used if the caller invoke the cipher with CRYPTO_ALG_INTERNAL in the type and mask field. Signed-off-by: Stephan Mueller --- crypto/api.c | 6 +

Re: [PATCH 01/16] crypto: prevent helper ciphers from being used

Am Donnerstag, 19. März 2015, 18:16:30 schrieb Herbert Xu: Hi Herbert, >On Thu, Mar 19, 2015 at 07:57:36AM +0100, Stephan Mueller wrote: >> diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c >> index db201bca..2cd83ad 100644 >> --- a/crypto/ablkcipher.c >>

[PATCH 00/16] crypto: restrict usage of helper ciphers

ciphers to prevent them from being called by users. The testing also includes the invocation of normal crypto operations from user space via AF_ALG and libkcapi showing that all of them work unaffected. [1] http://comments.gmane.org/gmane.linux.kernel.cryptoapi/13705 Stephan Mueller (16): crypto

[PATCH 14/16] crypto: mark ARMv8 AES helper ciphers

Flag all ARMv8 AES helper ciphers as internal ciphers to prevent them from being called by normal users. Signed-off-by: Stephan Mueller --- arch/arm/crypto/aes-ce-glue.c | 12 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/arch/arm/crypto/aes-ce-glue.c b/arch/arm

<    1   2   3   4   5   6   7   8   9   10   >