<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/crypto, branch v2.6.26-rc2</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>[CRYPTO] hmac: Avoid calling virt_to_page on key</title>
<updated>2008-05-07T13:08:56+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2008-05-06T12:46:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=67412f0e78dfbbbcb36e631d9df70c6c559d60d4'/>
<id>67412f0e78dfbbbcb36e631d9df70c6c559d60d4</id>
<content type='text'>
When HMAC gets a key longer than the block size of the hash, it needs
to feed it as input to the hash to reduce it to a fixed length.  As
it is HMAC converts the key to a scatter and gather list.  However,
this doesn't work on certain platforms if the key is not allocated
via kmalloc.  For example, the keys from tcrypt are stored in the
rodata section and this causes it to fail with HMAC on x86-64.

This patch fixes this by copying the key to memory obtained via
kmalloc before hashing it.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
When HMAC gets a key longer than the block size of the hash, it needs
to feed it as input to the hash to reduce it to a fixed length.  As
it is HMAC converts the key to a scatter and gather list.  However,
this doesn't work on certain platforms if the key is not allocated
via kmalloc.  For example, the keys from tcrypt are stored in the
rodata section and this causes it to fail with HMAC on x86-64.

This patch fixes this by copying the key to memory obtained via
kmalloc before hashing it.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>[CRYPTO] cryptd: Correct kzalloc error test</title>
<updated>2008-05-01T10:22:28+00:00</updated>
<author>
<name>Julia Lawall</name>
<email>julia@diku.dk</email>
</author>
<published>2008-04-29T16:27:14+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=b1145ce395f7785487c128fe8faf8624e6586d84'/>
<id>b1145ce395f7785487c128fe8faf8624e6586d84</id>
<content type='text'>
Normally, kzalloc returns NULL or a valid pointer value, not a value to be
tested using IS_ERR.

Signed-off-by: Julia Lawall &lt;julia@diku.dk&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Normally, kzalloc returns NULL or a valid pointer value, not a value to be
tested using IS_ERR.

Signed-off-by: Julia Lawall &lt;julia@diku.dk&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>[CRYPTO] eseqiv: Fix off-by-one encryption</title>
<updated>2008-05-01T10:22:28+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2008-04-29T13:57:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=46f8153cc59384eb09a426d044668d4801f818ce'/>
<id>46f8153cc59384eb09a426d044668d4801f818ce</id>
<content type='text'>
After attaching the IV to the head during encryption, eseqiv does not
increase the encryption length by that amount.  As such the last block
of the actual plain text will be left unencrypted.

Fortunately the only user of this code hifn currently crashes so this
shouldn't affect anyone :)

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
After attaching the IV to the head during encryption, eseqiv does not
increase the encryption length by that amount.  As such the last block
of the actual plain text will be left unencrypted.

Fortunately the only user of this code hifn currently crashes so this
shouldn't affect anyone :)

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>[CRYPTO] authenc: Fix async crypto crash in crypto_authenc_genicv()</title>
<updated>2008-05-01T10:22:28+00:00</updated>
<author>
<name>Patrick McHardy</name>
<email>kaber@trash.net</email>
</author>
<published>2008-04-29T13:44:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=161613293fd4b7d5ceb1faab788f47e688e07a67'/>
<id>161613293fd4b7d5ceb1faab788f47e688e07a67</id>
<content type='text'>
crypto_authenc_givencrypt_done uses req-&gt;data as struct aead_givcrypt_request,
while it really points to a struct aead_request, causing this crash:

BUG: unable to handle kernel paging request at 6b6b6b6b
IP: [&lt;dc87517b&gt;] :authenc:crypto_authenc_genicv+0x23/0x109
*pde = 00000000
Oops: 0000 [#1] PREEMPT DEBUG_PAGEALLOC
Modules linked in: hifn_795x authenc esp4 aead xfrm4_mode_tunnel sha1_generic hmac crypto_hash]

Pid: 3074, comm: ping Not tainted (2.6.25 #4)
EIP: 0060:[&lt;dc87517b&gt;] EFLAGS: 00010296 CPU: 0
EIP is at crypto_authenc_genicv+0x23/0x109 [authenc]
EAX: daa04690 EBX: daa046e0 ECX: dab0a100 EDX: daa046b0
ESI: 6b6b6b6b EDI: dc872054 EBP: c033ff60 ESP: c033ff0c
 DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
Process ping (pid: 3074, ti=c033f000 task=db883a80 task.ti=dab6c000)
Stack: 00000000 daa046b0 c0215a3e daa04690 dab0a100 00000000 ffffffff db9fd7f0
       dba208c0 dbbb1720 00000001 daa04720 00000001 c033ff54 c0119ca9 dc852a75
       c033ff60 c033ff60 daa046e0 00000000 00000001 c033ff6c dc87527b 00000001
Call Trace:
 [&lt;c0215a3e&gt;] ? dev_alloc_skb+0x14/0x29
 [&lt;c0119ca9&gt;] ? printk+0x15/0x17
 [&lt;dc87527b&gt;] ? crypto_authenc_givencrypt_done+0x1a/0x27 [authenc]
 [&lt;dc850cca&gt;] ? hifn_process_ready+0x34a/0x352 [hifn_795x]
 [&lt;dc8353c7&gt;] ? rhine_napipoll+0x3f2/0x3fd [via_rhine]
 [&lt;dc851a56&gt;] ? hifn_check_for_completion+0x4d/0xa6 [hifn_795x]
 [&lt;dc851ab9&gt;] ? hifn_tasklet_callback+0xa/0xc [hifn_795x]
 [&lt;c011d046&gt;] ? tasklet_action+0x3f/0x66
 [&lt;c011d230&gt;] ? __do_softirq+0x38/0x7a
 [&lt;c0105a5f&gt;] ? do_softirq+0x3e/0x71
 [&lt;c011d17c&gt;] ? irq_exit+0x2c/0x65
 [&lt;c010e0c0&gt;] ? smp_apic_timer_interrupt+0x5f/0x6a
 [&lt;c01042e4&gt;] ? apic_timer_interrupt+0x28/0x30
 [&lt;dc851640&gt;] ? hifn_handle_req+0x44a/0x50d [hifn_795x]
 ...

Signed-off-by: Patrick McHardy &lt;kaber@trash.net&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
crypto_authenc_givencrypt_done uses req-&gt;data as struct aead_givcrypt_request,
while it really points to a struct aead_request, causing this crash:

BUG: unable to handle kernel paging request at 6b6b6b6b
IP: [&lt;dc87517b&gt;] :authenc:crypto_authenc_genicv+0x23/0x109
*pde = 00000000
Oops: 0000 [#1] PREEMPT DEBUG_PAGEALLOC
Modules linked in: hifn_795x authenc esp4 aead xfrm4_mode_tunnel sha1_generic hmac crypto_hash]

Pid: 3074, comm: ping Not tainted (2.6.25 #4)
EIP: 0060:[&lt;dc87517b&gt;] EFLAGS: 00010296 CPU: 0
EIP is at crypto_authenc_genicv+0x23/0x109 [authenc]
EAX: daa04690 EBX: daa046e0 ECX: dab0a100 EDX: daa046b0
ESI: 6b6b6b6b EDI: dc872054 EBP: c033ff60 ESP: c033ff0c
 DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
Process ping (pid: 3074, ti=c033f000 task=db883a80 task.ti=dab6c000)
Stack: 00000000 daa046b0 c0215a3e daa04690 dab0a100 00000000 ffffffff db9fd7f0
       dba208c0 dbbb1720 00000001 daa04720 00000001 c033ff54 c0119ca9 dc852a75
       c033ff60 c033ff60 daa046e0 00000000 00000001 c033ff6c dc87527b 00000001
Call Trace:
 [&lt;c0215a3e&gt;] ? dev_alloc_skb+0x14/0x29
 [&lt;c0119ca9&gt;] ? printk+0x15/0x17
 [&lt;dc87527b&gt;] ? crypto_authenc_givencrypt_done+0x1a/0x27 [authenc]
 [&lt;dc850cca&gt;] ? hifn_process_ready+0x34a/0x352 [hifn_795x]
 [&lt;dc8353c7&gt;] ? rhine_napipoll+0x3f2/0x3fd [via_rhine]
 [&lt;dc851a56&gt;] ? hifn_check_for_completion+0x4d/0xa6 [hifn_795x]
 [&lt;dc851ab9&gt;] ? hifn_tasklet_callback+0xa/0xc [hifn_795x]
 [&lt;c011d046&gt;] ? tasklet_action+0x3f/0x66
 [&lt;c011d230&gt;] ? __do_softirq+0x38/0x7a
 [&lt;c0105a5f&gt;] ? do_softirq+0x3e/0x71
 [&lt;c011d17c&gt;] ? irq_exit+0x2c/0x65
 [&lt;c010e0c0&gt;] ? smp_apic_timer_interrupt+0x5f/0x6a
 [&lt;c01042e4&gt;] ? apic_timer_interrupt+0x28/0x30
 [&lt;dc851640&gt;] ? hifn_handle_req+0x44a/0x50d [hifn_795x]
 ...

Signed-off-by: Patrick McHardy &lt;kaber@trash.net&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>[CRYPTO] kconfig: Ordering cleanup</title>
<updated>2008-04-21T02:19:34+00:00</updated>
<author>
<name>Sebastian Siewior</name>
<email>sebastian@breakpoint.cc</email>
</author>
<published>2008-04-05T13:04:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=584fffc8b1965cc09ebc4b7608bafcbf12ad5244'/>
<id>584fffc8b1965cc09ebc4b7608bafcbf12ad5244</id>
<content type='text'>
Ciphers, block modes, name it, are grouped together and sorted.

Signed-off-by: Sebastian Siewior &lt;sebastian@breakpoint.cc&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Ciphers, block modes, name it, are grouped together and sorted.

Signed-off-by: Sebastian Siewior &lt;sebastian@breakpoint.cc&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>[CRYPTO] all: Clean up init()/fini()</title>
<updated>2008-04-21T02:19:34+00:00</updated>
<author>
<name>Kamalesh Babulal</name>
<email>kamalesh@linux.vnet.ibm.com</email>
</author>
<published>2008-04-05T13:00:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=3af5b90bde5000abc739996cb03fd718e753d053'/>
<id>3af5b90bde5000abc739996cb03fd718e753d053</id>
<content type='text'>
On Thu, Mar 27, 2008 at 03:40:36PM +0100, Bodo Eggert wrote:
&gt; Kamalesh Babulal &lt;kamalesh@linux.vnet.ibm.com&gt; wrote:
&gt; 
&gt; &gt; This patch cleanups the crypto code, replaces the init() and fini()
&gt; &gt; with the &lt;algorithm name&gt;_init/_fini
&gt; 
&gt; This part ist OK.
&gt; 
&gt; &gt; or init/fini_&lt;algorithm name&gt; (if the 
&gt; &gt; &lt;algorithm name&gt;_init/_fini exist)
&gt; 
&gt; Having init_foo and foo_init won't be a good thing, will it? I'd start
&gt; confusing them.
&gt; 
&gt; What about foo_modinit instead?

Thanks for the suggestion, the init() is replaced with

	&lt;algorithm name&gt;_mod_init ()

and fini () is replaced with &lt;algorithm name&gt;_mod_fini.
 
Signed-off-by: Kamalesh Babulal &lt;kamalesh@linux.vnet.ibm.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
On Thu, Mar 27, 2008 at 03:40:36PM +0100, Bodo Eggert wrote:
&gt; Kamalesh Babulal &lt;kamalesh@linux.vnet.ibm.com&gt; wrote:
&gt; 
&gt; &gt; This patch cleanups the crypto code, replaces the init() and fini()
&gt; &gt; with the &lt;algorithm name&gt;_init/_fini
&gt; 
&gt; This part ist OK.
&gt; 
&gt; &gt; or init/fini_&lt;algorithm name&gt; (if the 
&gt; &gt; &lt;algorithm name&gt;_init/_fini exist)
&gt; 
&gt; Having init_foo and foo_init won't be a good thing, will it? I'd start
&gt; confusing them.
&gt; 
&gt; What about foo_modinit instead?

Thanks for the suggestion, the init() is replaced with

	&lt;algorithm name&gt;_mod_init ()

and fini () is replaced with &lt;algorithm name&gt;_mod_fini.
 
Signed-off-by: Kamalesh Babulal &lt;kamalesh@linux.vnet.ibm.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>[CRYPTO] aes: Export generic setkey</title>
<updated>2008-04-21T02:19:34+00:00</updated>
<author>
<name>Sebastian Siewior</name>
<email>sebastian@breakpoint.cc</email>
</author>
<published>2008-04-01T12:58:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=5427663f498e19b441277de72ce7a685511f247c'/>
<id>5427663f498e19b441277de72ce7a685511f247c</id>
<content type='text'>
The key expansion routine could be get little more generic, become
a kernel doc entry and then get exported.

Signed-off-by: Sebastian Siewior &lt;sebastian@breakpoint.cc&gt;
Tested-by: Stefan Hellermann &lt;stefan@the2masters.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The key expansion routine could be get little more generic, become
a kernel doc entry and then get exported.

Signed-off-by: Sebastian Siewior &lt;sebastian@breakpoint.cc&gt;
Tested-by: Stefan Hellermann &lt;stefan@the2masters.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>[CRYPTO] api: Make the crypto subsystem fully modular</title>
<updated>2008-04-21T02:19:23+00:00</updated>
<author>
<name>Sebastian Siewior</name>
<email>sebastian@breakpoint.cc</email>
</author>
<published>2008-03-30T08:36:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=c3715cb90f722b1cf5f6f073be02cc8a49659b90'/>
<id>c3715cb90f722b1cf5f6f073be02cc8a49659b90</id>
<content type='text'>
Signed-off-by: Sebastian Siewior &lt;sebastian@breakpoint.cc&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Signed-off-by: Sebastian Siewior &lt;sebastian@breakpoint.cc&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>[CRYPTO] cts: Add CTS mode required for Kerberos AES support</title>
<updated>2008-04-21T02:19:23+00:00</updated>
<author>
<name>Kevin Coffman</name>
<email>kwc@citi.umich.edu</email>
</author>
<published>2008-03-24T13:26:16+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=76cb9521795a167ae3d206343c072f602d84f815'/>
<id>76cb9521795a167ae3d206343c072f602d84f815</id>
<content type='text'>
Implement CTS wrapper for CBC mode required for support of AES
encryption support for Kerberos (rfc3962).

Signed-off-by: Kevin Coffman &lt;kwc@citi.umich.edu&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Implement CTS wrapper for CBC mode required for support of AES
encryption support for Kerberos (rfc3962).

Signed-off-by: Kevin Coffman &lt;kwc@citi.umich.edu&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>[CRYPTO] lrw: Replace all adds to big endians variables with be*_add_cpu</title>
<updated>2008-04-21T02:19:22+00:00</updated>
<author>
<name>Marcin Slusarz</name>
<email>marcin.slusarz@gmail.com</email>
</author>
<published>2008-03-14T08:22:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=fd4609a8e00a867303783ade62d67953fb72adc8'/>
<id>fd4609a8e00a867303783ade62d67953fb72adc8</id>
<content type='text'>
replace all:
big_endian_variable = cpu_to_beX(beX_to_cpu(big_endian_variable) +
					expression_in_cpu_byteorder);
with:
	beX_add_cpu(&amp;big_endian_variable, expression_in_cpu_byteorder);

Signed-off-by: Marcin Slusarz &lt;marcin.slusarz@gmail.com&gt;
Cc: David S. Miller &lt;davem@davemloft.net&gt;
Cc: Roel Kluin &lt;12o3l@tiscali.nl&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
replace all:
big_endian_variable = cpu_to_beX(beX_to_cpu(big_endian_variable) +
					expression_in_cpu_byteorder);
with:
	beX_add_cpu(&amp;big_endian_variable, expression_in_cpu_byteorder);

Signed-off-by: Marcin Slusarz &lt;marcin.slusarz@gmail.com&gt;
Cc: David S. Miller &lt;davem@davemloft.net&gt;
Cc: Roel Kluin &lt;12o3l@tiscali.nl&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
</feed>
