From a7e6e5d8b221e57fed9fda6ec81153fda773c073 Mon Sep 17 00:00:00 2001 From: raveendra padasalagi Date: Fri, 23 Jun 2017 14:34:08 +0530 Subject: [PATCH 1/6] crypto: brcm - Fix SHA3-512 algorithm failure In Broadcom SPU driver, due to missing break statement in spu2_hash_xlate() while mapping SPU2 equivalent SHA3-512 value, -EINVAL is chosen and hence leading to failure of SHA3-512 algorithm. This patch fixes the same. Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver") Signed-off-by: Raveendra Padasalagi Reviewed-by: Ray Jui Reviewed-by: Scott Branden Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu --- drivers/crypto/bcm/spu2.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/crypto/bcm/spu2.c b/drivers/crypto/bcm/spu2.c index ef04c9748317..bf7ac621c591 100644 --- a/drivers/crypto/bcm/spu2.c +++ b/drivers/crypto/bcm/spu2.c @@ -302,6 +302,7 @@ spu2_hash_xlate(enum hash_alg hash_alg, enum hash_mode hash_mode, break; case HASH_ALG_SHA3_512: *spu2_type = SPU2_HASH_TYPE_SHA3_512; + break; case HASH_ALG_LAST: default: err = -EINVAL; From 440bf347569b5f05db1836b1d6b5160a3c4e11d9 Mon Sep 17 00:00:00 2001 From: Srikanth Jampala Date: Fri, 23 Jun 2017 16:03:51 +0530 Subject: [PATCH 2/6] crypto: cavium/nitrox - Change in firmware path. Moved the firmware to "cavium" subdirectory as suggested by Kyle McMartin. Signed-off-by: Srikanth Jampala Signed-off-by: Herbert Xu --- drivers/crypto/cavium/nitrox/nitrox_main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/cavium/nitrox/nitrox_main.c b/drivers/crypto/cavium/nitrox/nitrox_main.c index ae44a464cd2d..9ccefb9b7232 100644 --- a/drivers/crypto/cavium/nitrox/nitrox_main.c +++ b/drivers/crypto/cavium/nitrox/nitrox_main.c @@ -18,8 +18,9 @@ #define SE_GROUP 0 #define DRIVER_VERSION "1.0" +#define FW_DIR "cavium/" /* SE microcode */ -#define SE_FW "cnn55xx_se.fw" +#define SE_FW FW_DIR "cnn55xx_se.fw" static const char nitrox_driver_name[] = "CNN55XX"; From a2069aacbe58a8408a5bb0e0a722e1726456519b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20T=C3=A9nart?= Date: Fri, 23 Jun 2017 16:05:25 +0200 Subject: [PATCH 3/6] crypto: inside-secure - do not parse the dma mask from dt Remove the dma mask parsing from dt as this should not be encoded into the engine device tree node. Keep the fallback value for now, which should work for the boards already supported upstream. Signed-off-by: Antoine Tenart Acked-by: Arnd Bergmann Signed-off-by: Herbert Xu --- drivers/crypto/inside-secure/safexcel.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/drivers/crypto/inside-secure/safexcel.c b/drivers/crypto/inside-secure/safexcel.c index e7f87ac12685..1fabd4aee81b 100644 --- a/drivers/crypto/inside-secure/safexcel.c +++ b/drivers/crypto/inside-secure/safexcel.c @@ -773,7 +773,6 @@ static int safexcel_probe(struct platform_device *pdev) struct device *dev = &pdev->dev; struct resource *res; struct safexcel_crypto_priv *priv; - u64 dma_mask; int i, ret; priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL); @@ -802,9 +801,7 @@ static int safexcel_probe(struct platform_device *pdev) return -EPROBE_DEFER; } - if (of_property_read_u64(dev->of_node, "dma-mask", &dma_mask)) - dma_mask = DMA_BIT_MASK(64); - ret = dma_set_mask_and_coherent(dev, dma_mask); + ret = dma_set_mask_and_coherent(dev, DMA_BIT_MASK(64)); if (ret) goto err_clk; From 6eb8844bf4bea2ec05155ecd3bd78df7010dce94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20T=C3=A9nart?= Date: Fri, 23 Jun 2017 16:52:18 +0200 Subject: [PATCH 4/6] Documentation/bindings: crypto: remove the dma-mask property The dma-mask property is broken and was removed in the device trees having a safexcel-eip197 node and in the safexcel cryptographic driver. This patch removes the dma-mask property from the documentation as well. Signed-off-by: Antoine Tenart Acked-by: Arnd Bergmann Signed-off-by: Herbert Xu --- .../devicetree/bindings/crypto/inside-secure-safexcel.txt | 2 -- 1 file changed, 2 deletions(-) diff --git a/Documentation/devicetree/bindings/crypto/inside-secure-safexcel.txt b/Documentation/devicetree/bindings/crypto/inside-secure-safexcel.txt index f69773f4252b..941bb6a6fb13 100644 --- a/Documentation/devicetree/bindings/crypto/inside-secure-safexcel.txt +++ b/Documentation/devicetree/bindings/crypto/inside-secure-safexcel.txt @@ -8,7 +8,6 @@ Required properties: Optional properties: - clocks: Reference to the crypto engine clock. -- dma-mask: The address mask limitation. Defaults to 64. Example: @@ -24,6 +23,5 @@ Example: interrupt-names = "mem", "ring0", "ring1", "ring2", "ring3", "eip"; clocks = <&cpm_syscon0 1 26>; - dma-mask = <0xff 0xffffffff>; status = "disabled"; }; From efc856edfd66acc5da34fec92d7feca6fd0f9add Mon Sep 17 00:00:00 2001 From: raveendra padasalagi Date: Tue, 11 Jul 2017 15:50:06 +0530 Subject: [PATCH 5/6] crypto: brcm - remove BCM_PDC_MBOX dependency in Kconfig SPU driver is dependent on generic MAILBOX API's to communicate with underlying DMA engine driver. So this patch removes BCM_PDC_MBOX "depends on" for SPU driver in Kconfig and adds MAILBOX as dependent module. Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver") Signed-off-by: Raveendra Padasalagi Reviewed-by: Ray Jui Reviewed-by: Scott Branden Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu --- drivers/crypto/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 193204dfbf3a..4b75084fabad 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -655,7 +655,7 @@ source "drivers/crypto/virtio/Kconfig" config CRYPTO_DEV_BCM_SPU tristate "Broadcom symmetric crypto/hash acceleration support" depends on ARCH_BCM_IPROC - depends on BCM_PDC_MBOX + depends on MAILBOX default m select CRYPTO_DES select CRYPTO_MD5 From 41cdf7a45389e01991ee31e3301ed83cb3e3f7dc Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Mon, 17 Jul 2017 15:32:30 +0800 Subject: [PATCH 6/6] crypto: authencesn - Fix digest_null crash When authencesn is used together with digest_null a crash will occur on the decrypt path. This is because normally we perform a special setup to preserve the ESN, but this is skipped if there is no authentication. However, on the post-authentication path it always expects the preservation to be in place, thus causing a crash when digest_null is used. This patch fixes this by also skipping the post-processing when there is no authentication. Fixes: 104880a6b470 ("crypto: authencesn - Convert to new AEAD...") Cc: Reported-by: Jan Tluka Signed-off-by: Herbert Xu --- crypto/authencesn.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/crypto/authencesn.c b/crypto/authencesn.c index 6f8f6b86bfe2..0cf5fefdb859 100644 --- a/crypto/authencesn.c +++ b/crypto/authencesn.c @@ -248,6 +248,9 @@ static int crypto_authenc_esn_decrypt_tail(struct aead_request *req, u8 *ihash = ohash + crypto_ahash_digestsize(auth); u32 tmp[2]; + if (!authsize) + goto decrypt; + /* Move high-order bits of sequence number back. */ scatterwalk_map_and_copy(tmp, dst, 4, 4, 0); scatterwalk_map_and_copy(tmp + 1, dst, assoclen + cryptlen, 4, 0); @@ -256,6 +259,8 @@ static int crypto_authenc_esn_decrypt_tail(struct aead_request *req, if (crypto_memneq(ihash, ohash, authsize)) return -EBADMSG; +decrypt: + sg_init_table(areq_ctx->dst, 2); dst = scatterwalk_ffwd(areq_ctx->dst, dst, assoclen);