linux-stable.git/drivers/crypto/ccree, branch v5.5 Linux kernel stable tree crypto: ccree - update a stale reference to ablkcipher 2019-11-17T01:02:50+00:00 Ard Biesheuvel ardb@kernel.org 2019-11-09T17:09:54+00:00 5620eb6c9d814b1e26e53b31adb40a57dc904b35 The ccree driver does not use the ablkcipher interface but contains a rudimentary reference to it in the naming of an unrelated macro. Let's rename it to avoid confusion. Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The ccree driver does not use the ablkcipher interface but contains
a rudimentary reference to it in the naming of an unrelated macro.
Let's rename it to avoid confusion.

Acked-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - fix comparison of unsigned expression warning 2019-10-25T15:09:58+00:00 Tian Tao tiantao6@huawei.com 2019-10-19T00:41:37+00:00 798ac398179e832b5c2e392d7d17288421aa85f5 This patch fixes the following warnings: drivers/crypto/ccree/cc_aead.c:630:5-12: WARNING: Unsigned expression compared with zero: seq_len > 0 Signed-off-by: Tian Tao <tiantao6@huawei.com> v2: change hmac_setkey() return type to unsigned int to fix the warning. Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch fixes the following warnings:
drivers/crypto/ccree/cc_aead.c:630:5-12: WARNING: Unsigned expression
compared with zero: seq_len > 0

Signed-off-by: Tian Tao <tiantao6@huawei.com>

v2:
change hmac_setkey() return type to unsigned int to fix the warning.
Acked-by: Gilad Ben-Yossef <gilad@benyossef.com>

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - enable CTS support in AES-XTS 2019-09-13T11:17:58+00:00 Uri Shir uri.shir@arm.com 2019-09-08T08:04:26+00:00 67caef08a71fa6506fc16be58cd594c49b0605de In XTS encryption/decryption the plaintext byte size can be >= AES_BLOCK_SIZE. This patch enable the AES-XTS ciphertext stealing implementation in ccree driver. Signed-off-by: Uri Shir <uri.shir@arm.com> Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
In XTS encryption/decryption the plaintext byte size
can be >= AES_BLOCK_SIZE. This patch enable the AES-XTS ciphertext
stealing implementation in ccree driver.

Signed-off-by: Uri Shir <uri.shir@arm.com>
Acked-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - Rename arrays to avoid conflict with crypto/sha256.h 2019-09-05T04:54:54+00:00 Hans de Goede hdegoede@redhat.com 2019-09-01T20:35:28+00:00 e55d8a75c60207e3c261c847d03f832344544712 Rename the algo_init arrays to cc_algo_init so that they do not conflict with the functions declared in crypto/sha256.h. This is a preparation patch for folding crypto/sha256.h into crypto/sha.h. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Rename the algo_init arrays to cc_algo_init so that they do not conflict
with the functions declared in crypto/sha256.h.

This is a preparation patch for folding crypto/sha256.h into crypto/sha.h.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Acked-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree/des - switch to new verification routines 2019-08-22T04:39:40+00:00 Ard Biesheuvel ard.biesheuvel@linaro.org 2019-08-15T09:00:52+00:00 00cd6b233fc89463d4f4eddeb9abf1e009cc09c0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: drivers - Remove dev_err() usage after platform_get_irq() 2019-08-09T05:11:38+00:00 Stephen Boyd swboyd@chromium.org 2019-07-30T18:15:05+00:00 514838e920d06f5c2ba56e9656107dfcbbb90219 We don't need dev_err() messages when platform_get_irq() fails now that platform_get_irq() prints an error message itself when something goes wrong. Let's remove these prints with a simple semantic patch. // <smpl> @@ expression ret; struct platform_device *E; @@ ret = ( platform_get_irq(E, ...) | platform_get_irq_byname(E, ...) ); if ( \( ret < 0 \| ret <= 0 \) ) { ( -if (ret != -EPROBE_DEFER) -{ ... -dev_err(...); -... } | ... -dev_err(...); ) ... } // </smpl> While we're here, remove braces on if statements that only have one statement (manually). Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: <linux-crypto@vger.kernel.org> Signed-off-by: Stephen Boyd <swboyd@chromium.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
We don't need dev_err() messages when platform_get_irq() fails now that
platform_get_irq() prints an error message itself when something goes
wrong. Let's remove these prints with a simple semantic patch.

// <smpl>
@@
expression ret;
struct platform_device *E;
@@

ret =
(
platform_get_irq(E, ...)
|
platform_get_irq_byname(E, ...)
);

if ( \( ret < 0 \| ret <= 0 \) )
{
(
-if (ret != -EPROBE_DEFER)
-{ ...
-dev_err(...);
-... }
|
...
-dev_err(...);
)
...
}
// </smpl>

While we're here, remove braces on if statements that only have one
statement (manually).

Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: <linux-crypto@vger.kernel.org>
Signed-off-by: Stephen Boyd <swboyd@chromium.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - use std api sg_zero_buffer 2019-08-09T05:05:31+00:00 Gilad Ben-Yossef gilad@benyossef.com 2019-07-29T10:40:19+00:00 e88b27c8eaa8f3126791778803dd2fdd81828f5c Replace internal cc_zero_sgl() with kernel API of the same function sg_zero_buffer(). Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Replace internal cc_zero_sgl() with kernel API of the same function
sg_zero_buffer().

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - use the full crypt length value 2019-08-09T05:05:30+00:00 Gilad Ben-Yossef gilad@benyossef.com 2019-07-29T10:40:18+00:00 7a4be6c113c1f721818d1e3722a9015fe393295c In case of AEAD decryption verifcation error we were using the wrong value to zero out the plaintext buffer leaving the end of the buffer with the false plaintext. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Fixes: ff27e85a85bb ("crypto: ccree - add AEAD support") CC: stable@vger.kernel.org # v4.17+ Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
In case of AEAD decryption verifcation error we were using the
wrong value to zero out the plaintext buffer leaving the end of
the buffer with the false plaintext.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Fixes: ff27e85a85bb ("crypto: ccree - add AEAD support")
CC: stable@vger.kernel.org # v4.17+
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - check assoclen for rfc4543 2019-07-27T11:08:36+00:00 Iuliana Prodan iuliana.prodan@nxp.com 2019-07-19T07:09:23+00:00 b93ecf4296742c36192621645f59e4a607263233 Check assoclen to solve the extra tests that expect -EINVAL to be returned when the associated data size is not valid. Validated assoclen for RFC4543 which expects an assoclen of 16 or 20, the same as RFC4106. Based on seqiv, IPsec ESP and RFC4543/RFC4106 the assoclen is sizeof IP Header (spi, seq_no, extended seq_no) and IV len. This can be 16 or 20 bytes. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Check assoclen to solve the extra tests that expect -EINVAL to be
returned when the associated data size is not valid.

Validated assoclen for RFC4543 which expects an assoclen
of 16 or 20, the same as RFC4106.
Based on seqiv, IPsec ESP and RFC4543/RFC4106 the assoclen is sizeof
IP Header (spi, seq_no, extended seq_no) and IV len. This can be 16 or
20 bytes.

Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - notify TEE on FIPS tests errors 2019-07-26T04:51:57+00:00 Gilad Ben-Yossef gilad@benyossef.com 2019-07-02T11:39:21+00:00 452c53d7868b3f95658ebb2f346acca96eaa2aed Register a FIPS test failure notifier and use it to notify TEE side of FIPS test failures on our side prior to panic. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Register a FIPS test failure notifier and use it to notify
TEE side of FIPS test failures on our side prior to panic.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>