<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/drivers/crypto, branch v4.10.6</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>crypto: s5p-sss - Fix spinlock recursion on LRW(AES)</title>
<updated>2017-03-22T11:57:05+00:00</updated>
<author>
<name>Krzysztof Kozlowski</name>
<email>krzk@kernel.org</email>
</author>
<published>2017-03-08T21:14:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=7814c9bd217afefb654ee7f8755c6736ffe9ddf6'/>
<id>7814c9bd217afefb654ee7f8755c6736ffe9ddf6</id>
<content type='text'>
commit 28b62b1458685d8f68f67d9b2d511bf8fa32b746 upstream.

Running TCRYPT with LRW compiled causes spinlock recursion:

    testing speed of async lrw(aes) (lrw(ecb-aes-s5p)) encryption
    tcrypt: test 0 (256 bit key, 16 byte blocks): 19007 operations in 1 seconds (304112 bytes)
    tcrypt: test 1 (256 bit key, 64 byte blocks): 15753 operations in 1 seconds (1008192 bytes)
    tcrypt: test 2 (256 bit key, 256 byte blocks): 14293 operations in 1 seconds (3659008 bytes)
    tcrypt: test 3 (256 bit key, 1024 byte blocks): 11906 operations in 1 seconds (12191744 bytes)
    tcrypt: test 4 (256 bit key, 8192 byte blocks):
    BUG: spinlock recursion on CPU#1, irq/84-10830000/89
     lock: 0xeea99a68, .magic: dead4ead, .owner: irq/84-10830000/89, .owner_cpu: 1
    CPU: 1 PID: 89 Comm: irq/84-10830000 Not tainted 4.11.0-rc1-00001-g897ca6d0800d #559
    Hardware name: SAMSUNG EXYNOS (Flattened Device Tree)
    [&lt;c010e1ec&gt;] (unwind_backtrace) from [&lt;c010ae1c&gt;] (show_stack+0x10/0x14)
    [&lt;c010ae1c&gt;] (show_stack) from [&lt;c03449c0&gt;] (dump_stack+0x78/0x8c)
    [&lt;c03449c0&gt;] (dump_stack) from [&lt;c015de68&gt;] (do_raw_spin_lock+0x11c/0x120)
    [&lt;c015de68&gt;] (do_raw_spin_lock) from [&lt;c0720110&gt;] (_raw_spin_lock_irqsave+0x20/0x28)
    [&lt;c0720110&gt;] (_raw_spin_lock_irqsave) from [&lt;c0572ca0&gt;] (s5p_aes_crypt+0x2c/0xb4)
    [&lt;c0572ca0&gt;] (s5p_aes_crypt) from [&lt;bf1d8aa4&gt;] (do_encrypt+0x78/0xb0 [lrw])
    [&lt;bf1d8aa4&gt;] (do_encrypt [lrw]) from [&lt;bf1d8b00&gt;] (encrypt_done+0x24/0x54 [lrw])
    [&lt;bf1d8b00&gt;] (encrypt_done [lrw]) from [&lt;c05732a0&gt;] (s5p_aes_complete+0x60/0xcc)
    [&lt;c05732a0&gt;] (s5p_aes_complete) from [&lt;c0573440&gt;] (s5p_aes_interrupt+0x134/0x1a0)
    [&lt;c0573440&gt;] (s5p_aes_interrupt) from [&lt;c01667c4&gt;] (irq_thread_fn+0x1c/0x54)
    [&lt;c01667c4&gt;] (irq_thread_fn) from [&lt;c0166a98&gt;] (irq_thread+0x12c/0x1e0)
    [&lt;c0166a98&gt;] (irq_thread) from [&lt;c0136a28&gt;] (kthread+0x108/0x138)
    [&lt;c0136a28&gt;] (kthread) from [&lt;c0107778&gt;] (ret_from_fork+0x14/0x3c)

Interrupt handling routine was calling req-&gt;base.complete() under
spinlock.  In most cases this wasn't fatal but when combined with some
of the cipher modes (like LRW) this caused recursion - starting the new
encryption (s5p_aes_crypt()) while still holding the spinlock from
previous round (s5p_aes_complete()).

Beside that, the s5p_aes_interrupt() error handling path could execute
two completions in case of error for RX and TX blocks.

Rewrite the interrupt handling routine and the completion by:

1. Splitting the operations on scatterlist copies from
   s5p_aes_complete() into separate s5p_sg_done(). This still should be
   done under lock.
   The s5p_aes_complete() now only calls req-&gt;base.complete() and it has
   to be called outside of lock.

2. Moving the s5p_aes_complete() out of spinlock critical sections.
   In interrupt service routine s5p_aes_interrupts(), it appeared in few
   places, including error paths inside other functions called from ISR.
   This code was not so obvious to read so simplify it by putting the
   s5p_aes_complete() only within ISR level.

Reported-by: Nathan Royce &lt;nroycea+kernel@gmail.com&gt;
Signed-off-by: Krzysztof Kozlowski &lt;krzk@kernel.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 28b62b1458685d8f68f67d9b2d511bf8fa32b746 upstream.

Running TCRYPT with LRW compiled causes spinlock recursion:

    testing speed of async lrw(aes) (lrw(ecb-aes-s5p)) encryption
    tcrypt: test 0 (256 bit key, 16 byte blocks): 19007 operations in 1 seconds (304112 bytes)
    tcrypt: test 1 (256 bit key, 64 byte blocks): 15753 operations in 1 seconds (1008192 bytes)
    tcrypt: test 2 (256 bit key, 256 byte blocks): 14293 operations in 1 seconds (3659008 bytes)
    tcrypt: test 3 (256 bit key, 1024 byte blocks): 11906 operations in 1 seconds (12191744 bytes)
    tcrypt: test 4 (256 bit key, 8192 byte blocks):
    BUG: spinlock recursion on CPU#1, irq/84-10830000/89
     lock: 0xeea99a68, .magic: dead4ead, .owner: irq/84-10830000/89, .owner_cpu: 1
    CPU: 1 PID: 89 Comm: irq/84-10830000 Not tainted 4.11.0-rc1-00001-g897ca6d0800d #559
    Hardware name: SAMSUNG EXYNOS (Flattened Device Tree)
    [&lt;c010e1ec&gt;] (unwind_backtrace) from [&lt;c010ae1c&gt;] (show_stack+0x10/0x14)
    [&lt;c010ae1c&gt;] (show_stack) from [&lt;c03449c0&gt;] (dump_stack+0x78/0x8c)
    [&lt;c03449c0&gt;] (dump_stack) from [&lt;c015de68&gt;] (do_raw_spin_lock+0x11c/0x120)
    [&lt;c015de68&gt;] (do_raw_spin_lock) from [&lt;c0720110&gt;] (_raw_spin_lock_irqsave+0x20/0x28)
    [&lt;c0720110&gt;] (_raw_spin_lock_irqsave) from [&lt;c0572ca0&gt;] (s5p_aes_crypt+0x2c/0xb4)
    [&lt;c0572ca0&gt;] (s5p_aes_crypt) from [&lt;bf1d8aa4&gt;] (do_encrypt+0x78/0xb0 [lrw])
    [&lt;bf1d8aa4&gt;] (do_encrypt [lrw]) from [&lt;bf1d8b00&gt;] (encrypt_done+0x24/0x54 [lrw])
    [&lt;bf1d8b00&gt;] (encrypt_done [lrw]) from [&lt;c05732a0&gt;] (s5p_aes_complete+0x60/0xcc)
    [&lt;c05732a0&gt;] (s5p_aes_complete) from [&lt;c0573440&gt;] (s5p_aes_interrupt+0x134/0x1a0)
    [&lt;c0573440&gt;] (s5p_aes_interrupt) from [&lt;c01667c4&gt;] (irq_thread_fn+0x1c/0x54)
    [&lt;c01667c4&gt;] (irq_thread_fn) from [&lt;c0166a98&gt;] (irq_thread+0x12c/0x1e0)
    [&lt;c0166a98&gt;] (irq_thread) from [&lt;c0136a28&gt;] (kthread+0x108/0x138)
    [&lt;c0136a28&gt;] (kthread) from [&lt;c0107778&gt;] (ret_from_fork+0x14/0x3c)

Interrupt handling routine was calling req-&gt;base.complete() under
spinlock.  In most cases this wasn't fatal but when combined with some
of the cipher modes (like LRW) this caused recursion - starting the new
encryption (s5p_aes_crypt()) while still holding the spinlock from
previous round (s5p_aes_complete()).

Beside that, the s5p_aes_interrupt() error handling path could execute
two completions in case of error for RX and TX blocks.

Rewrite the interrupt handling routine and the completion by:

1. Splitting the operations on scatterlist copies from
   s5p_aes_complete() into separate s5p_sg_done(). This still should be
   done under lock.
   The s5p_aes_complete() now only calls req-&gt;base.complete() and it has
   to be called outside of lock.

2. Moving the s5p_aes_complete() out of spinlock critical sections.
   In interrupt service routine s5p_aes_interrupts(), it appeared in few
   places, including error paths inside other functions called from ISR.
   This code was not so obvious to read so simplify it by putting the
   s5p_aes_complete() only within ISR level.

Reported-by: Nathan Royce &lt;nroycea+kernel@gmail.com&gt;
Signed-off-by: Krzysztof Kozlowski &lt;krzk@kernel.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: vmx - Use skcipher for xts fallback</title>
<updated>2017-03-12T05:44:15+00:00</updated>
<author>
<name>Paulo Flabiano Smorigo</name>
<email>pfsmorigo@linux.vnet.ibm.com</email>
</author>
<published>2017-03-01T14:00:00+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=f5e2e7ca6e6a28b9796b977b7ff5fb206cc199dd'/>
<id>f5e2e7ca6e6a28b9796b977b7ff5fb206cc199dd</id>
<content type='text'>
commit 5839f555fa576be57371686265206398d9ea1480 upstream.

Signed-off-by: Paulo Flabiano Smorigo &lt;pfsmorigo@linux.vnet.ibm.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 5839f555fa576be57371686265206398d9ea1480 upstream.

Signed-off-by: Paulo Flabiano Smorigo &lt;pfsmorigo@linux.vnet.ibm.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: vmx - Use skcipher for cbc fallback</title>
<updated>2017-03-12T05:44:15+00:00</updated>
<author>
<name>Paulo Flabiano Smorigo</name>
<email>pfsmorigo@linux.vnet.ibm.com</email>
</author>
<published>2017-03-01T13:58:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=1fd2ec10d3e1c8c4d93db1baaf3eef4e9bb1f3e3'/>
<id>1fd2ec10d3e1c8c4d93db1baaf3eef4e9bb1f3e3</id>
<content type='text'>
commit c96d0a1c47abd5c4fa544dcedb5fac4d020ac58b upstream.

Signed-off-by: Paulo Flabiano Smorigo &lt;pfsmorigo@linux.vnet.ibm.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit c96d0a1c47abd5c4fa544dcedb5fac4d020ac58b upstream.

Signed-off-by: Paulo Flabiano Smorigo &lt;pfsmorigo@linux.vnet.ibm.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6</title>
<updated>2017-02-06T22:16:23+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2017-02-06T22:16:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=396bf4cd835e62d70fad4a03a8963e61f19021f2'/>
<id>396bf4cd835e62d70fad4a03a8963e61f19021f2</id>
<content type='text'>
Pull crypto fixes from Herbert Xu:

 - use-after-free in algif_aead

 - modular aesni regression when pcbc is modular but absent

 - bug causing IO page faults in ccp

 - double list add in ccp

 - NULL pointer dereference in qat (two patches)

 - panic in chcr

 - NULL pointer dereference in chcr

 - out-of-bound access in chcr

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: chcr - Fix key length for RFC4106
  crypto: algif_aead - Fix kernel panic on list_del
  crypto: aesni - Fix failure when pcbc module is absent
  crypto: ccp - Fix double add when creating new DMA command
  crypto: ccp - Fix DMA operations when IOMMU is enabled
  crypto: chcr - Check device is allocated before use
  crypto: chcr - Fix panic on dma_unmap_sg
  crypto: qat - zero esram only for DH85x devices
  crypto: qat - fix bar discovery for c62x
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull crypto fixes from Herbert Xu:

 - use-after-free in algif_aead

 - modular aesni regression when pcbc is modular but absent

 - bug causing IO page faults in ccp

 - double list add in ccp

 - NULL pointer dereference in qat (two patches)

 - panic in chcr

 - NULL pointer dereference in chcr

 - out-of-bound access in chcr

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: chcr - Fix key length for RFC4106
  crypto: algif_aead - Fix kernel panic on list_del
  crypto: aesni - Fix failure when pcbc module is absent
  crypto: ccp - Fix double add when creating new DMA command
  crypto: ccp - Fix DMA operations when IOMMU is enabled
  crypto: chcr - Check device is allocated before use
  crypto: chcr - Fix panic on dma_unmap_sg
  crypto: qat - zero esram only for DH85x devices
  crypto: qat - fix bar discovery for c62x
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: chcr - Fix key length for RFC4106</title>
<updated>2017-02-03T10:09:31+00:00</updated>
<author>
<name>Harsh Jain</name>
<email>harsh@chelsio.com</email>
</author>
<published>2017-01-27T10:39:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=7c2cf1c4615cc2f576d0604406cdf0065f00b83b'/>
<id>7c2cf1c4615cc2f576d0604406cdf0065f00b83b</id>
<content type='text'>
Check keylen before copying salt to avoid wrap around of Integer.

Signed-off-by: Harsh Jain &lt;harsh@chelsio.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Check keylen before copying salt to avoid wrap around of Integer.

Signed-off-by: Harsh Jain &lt;harsh@chelsio.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: ccp - Fix double add when creating new DMA command</title>
<updated>2017-02-03T09:45:46+00:00</updated>
<author>
<name>Gary R Hook</name>
<email>gary.hook@amd.com</email>
</author>
<published>2017-01-27T23:09:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=e5da5c5667381d2772374ee6a2967b3576c9483d'/>
<id>e5da5c5667381d2772374ee6a2967b3576c9483d</id>
<content type='text'>
Eliminate a double-add by creating a new list to manage
command descriptors when created; move the descriptor to
the pending list when the command is submitted.

Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Gary R Hook &lt;gary.hook@amd.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Eliminate a double-add by creating a new list to manage
command descriptors when created; move the descriptor to
the pending list when the command is submitted.

Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Gary R Hook &lt;gary.hook@amd.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: ccp - Fix DMA operations when IOMMU is enabled</title>
<updated>2017-02-03T09:45:45+00:00</updated>
<author>
<name>Gary R Hook</name>
<email>gary.hook@amd.com</email>
</author>
<published>2017-01-27T21:28:45+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=500c0106e638e08c2c661c305ed57d6b67e10908'/>
<id>500c0106e638e08c2c661c305ed57d6b67e10908</id>
<content type='text'>
An I/O page fault occurs when the IOMMU is enabled on a
system that supports the v5 CCP.  DMA operations use a
Request ID value that does not match what is expected by
the IOMMU, resulting in the I/O page fault.  Setting the
Request ID value to 0 corrects this issue.

Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Gary R Hook &lt;gary.hook@amd.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
An I/O page fault occurs when the IOMMU is enabled on a
system that supports the v5 CCP.  DMA operations use a
Request ID value that does not match what is expected by
the IOMMU, resulting in the I/O page fault.  Setting the
Request ID value to 0 corrects this issue.

Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Gary R Hook &lt;gary.hook@amd.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: chcr - Check device is allocated before use</title>
<updated>2017-02-03T09:45:44+00:00</updated>
<author>
<name>Harsh Jain</name>
<email>harsh@chelsio.com</email>
</author>
<published>2017-01-24T05:04:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=f5f7bebc91ab378dea5aad5277c4d283e46472d9'/>
<id>f5f7bebc91ab378dea5aad5277c4d283e46472d9</id>
<content type='text'>
Ensure dev is allocated for crypto uld context before using the device
for crypto operations.

Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Atul Gupta &lt;atul.gupta@chelsio.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Ensure dev is allocated for crypto uld context before using the device
for crypto operations.

Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Atul Gupta &lt;atul.gupta@chelsio.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: chcr - Fix panic on dma_unmap_sg</title>
<updated>2017-02-03T09:45:44+00:00</updated>
<author>
<name>Harsh Jain</name>
<email>harsh@chelsio.com</email>
</author>
<published>2017-01-24T05:04:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=94e1dab1c94715e18bb0bada503de3f3d7593076'/>
<id>94e1dab1c94715e18bb0bada503de3f3d7593076</id>
<content type='text'>
Save DMA mapped sg list addresses to request context buffer.

Signed-off-by: Atul Gupta &lt;atul.gupta@chelsio.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Save DMA mapped sg list addresses to request context buffer.

Signed-off-by: Atul Gupta &lt;atul.gupta@chelsio.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: qat - zero esram only for DH85x devices</title>
<updated>2017-02-02T13:54:53+00:00</updated>
<author>
<name>Giovanni Cabiddu</name>
<email>giovanni.cabiddu@intel.com</email>
</author>
<published>2016-12-22T15:00:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=685ce0626840e2673fe64ea8807684f7324fec5f'/>
<id>685ce0626840e2673fe64ea8807684f7324fec5f</id>
<content type='text'>
Zero embedded ram in DH85x devices. This is not
needed for newer generations as it is done by HW.

Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Giovanni Cabiddu &lt;giovanni.cabiddu@intel.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Zero embedded ram in DH85x devices. This is not
needed for newer generations as it is done by HW.

Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Giovanni Cabiddu &lt;giovanni.cabiddu@intel.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
</feed>
