<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/drivers/crypto/caam/caamalg.c, branch v5.5</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>crypto: caam - make CAAM_PTR_SZ dynamic</title>
<updated>2019-08-30T08:05:30+00:00</updated>
<author>
<name>Andrey Smirnov</name>
<email>andrew.smirnov@gmail.com</email>
</author>
<published>2019-08-20T20:23:55+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=1a3daadce955530df92b1bb22093618dd26a1717'/>
<id>1a3daadce955530df92b1bb22093618dd26a1717</id>
<content type='text'>
In order to be able to configure CAAM pointer size at run-time, which
needed to support i.MX8MQ, which is 64-bit SoC with 32-bit pointer
size, convert CAAM_PTR_SZ to refer to a global variable of the same
name ("caam_ptr_sz") and adjust the rest of the code accordingly. No
functional change intended.

Signed-off-by: Andrey Smirnov &lt;andrew.smirnov@gmail.com&gt;
Cc: Chris Spencer &lt;christopher.spencer@sea.co.uk&gt;
Cc: Cory Tusar &lt;cory.tusar@zii.aero&gt;
Cc: Chris Healy &lt;cphealy@gmail.com&gt;
Cc: Lucas Stach &lt;l.stach@pengutronix.de&gt;
Cc: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Cc: Aymen Sghaier &lt;aymen.sghaier@nxp.com&gt;
Cc: Leonard Crestez &lt;leonard.crestez@nxp.com&gt;
Cc: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
In order to be able to configure CAAM pointer size at run-time, which
needed to support i.MX8MQ, which is 64-bit SoC with 32-bit pointer
size, convert CAAM_PTR_SZ to refer to a global variable of the same
name ("caam_ptr_sz") and adjust the rest of the code accordingly. No
functional change intended.

Signed-off-by: Andrey Smirnov &lt;andrew.smirnov@gmail.com&gt;
Cc: Chris Spencer &lt;christopher.spencer@sea.co.uk&gt;
Cc: Cory Tusar &lt;cory.tusar@zii.aero&gt;
Cc: Chris Healy &lt;cphealy@gmail.com&gt;
Cc: Lucas Stach &lt;l.stach@pengutronix.de&gt;
Cc: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Cc: Aymen Sghaier &lt;aymen.sghaier@nxp.com&gt;
Cc: Leonard Crestez &lt;leonard.crestez@nxp.com&gt;
Cc: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: caam/des - switch to new verification routines</title>
<updated>2019-08-22T04:39:39+00:00</updated>
<author>
<name>Ard Biesheuvel</name>
<email>ard.biesheuvel@linaro.org</email>
</author>
<published>2019-08-15T09:00:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=a628c5a11d8b87a16dbc0d5bbc9b6ff233865622'/>
<id>a628c5a11d8b87a16dbc0d5bbc9b6ff233865622</id>
<content type='text'>
Cc: Horia Geanta &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Ard Biesheuvel &lt;ard.biesheuvel@linaro.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Cc: Horia Geanta &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Ard Biesheuvel &lt;ard.biesheuvel@linaro.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: caam - fix MDHA key derivation for certain user key lengths</title>
<updated>2019-08-09T05:11:49+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2019-07-31T13:08:11+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=e9b4913a5f944b23d6109c44b6f3fc6e092e30ce'/>
<id>e9b4913a5f944b23d6109c44b6f3fc6e092e30ce</id>
<content type='text'>
Fuzz testing uncovered an issue when |user key| &gt; |derived key|.
Derived key generation has to be fixed in two cases:

1. Era &gt;= 6 (DKP is available)
DKP cannot be used with immediate input key if |user key| &gt; |derived key|,
since the resulting descriptor (after DKP execution) would be invalid -
having a few bytes from user key left in descriptor buffer
as incorrect opcodes.

Fix DKP usage both in standalone hmac and in authenc algorithms.
For authenc the logic is simplified, by always storing both virtual
and dma key addresses.

2. Era &lt; 6
The same case (|user key| &gt; |derived key|) fails when DKP
is not available.
Make sure gen_split_key() dma maps max(|user key|, |derived key|),
since this is an in-place (bidirectional) operation.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Reviewed-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Fuzz testing uncovered an issue when |user key| &gt; |derived key|.
Derived key generation has to be fixed in two cases:

1. Era &gt;= 6 (DKP is available)
DKP cannot be used with immediate input key if |user key| &gt; |derived key|,
since the resulting descriptor (after DKP execution) would be invalid -
having a few bytes from user key left in descriptor buffer
as incorrect opcodes.

Fix DKP usage both in standalone hmac and in authenc algorithms.
For authenc the logic is simplified, by always storing both virtual
and dma key addresses.

2. Era &lt; 6
The same case (|user key| &gt; |derived key|) fails when DKP
is not available.
Make sure gen_split_key() dma maps max(|user key|, |derived key|),
since this is an in-place (bidirectional) operation.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Reviewed-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: caam - check zero-length input</title>
<updated>2019-08-09T05:11:48+00:00</updated>
<author>
<name>Iuliana Prodan</name>
<email>iuliana.prodan@nxp.com</email>
</author>
<published>2019-07-31T13:08:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=31bb2f0da1b5099732337d9ecef792ab67970ddf'/>
<id>31bb2f0da1b5099732337d9ecef792ab67970ddf</id>
<content type='text'>
Check zero-length input, for skcipher algorithm, to solve the extra
tests. This is a valid operation, therefore the API will return no error.

Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Reviewed-by: Horia Geanta &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Check zero-length input, for skcipher algorithm, to solve the extra
tests. This is a valid operation, therefore the API will return no error.

Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Reviewed-by: Horia Geanta &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: caam - check assoclen</title>
<updated>2019-08-09T05:11:47+00:00</updated>
<author>
<name>Iuliana Prodan</name>
<email>iuliana.prodan@nxp.com</email>
</author>
<published>2019-07-31T13:08:07+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=fcd23ed57c4cccda17b0be736cdfbd7970b842c8'/>
<id>fcd23ed57c4cccda17b0be736cdfbd7970b842c8</id>
<content type='text'>
Check assoclen to solve the extra tests that expect -EINVAL to be
returned when the associated data size is not valid.

Validated assoclen for RFC4106 and RFC4543 which expects an assoclen
of 16 or 20.
Based on seqiv, IPsec ESP and RFC4543/RFC4106 the assoclen is sizeof IP
Header (spi, seq_no, extended seq_no) and IV len. This can be 16 or 20
bytes.

Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Reviewed-by: Horia Geanta &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Check assoclen to solve the extra tests that expect -EINVAL to be
returned when the associated data size is not valid.

Validated assoclen for RFC4106 and RFC4543 which expects an assoclen
of 16 or 20.
Based on seqiv, IPsec ESP and RFC4543/RFC4106 the assoclen is sizeof IP
Header (spi, seq_no, extended seq_no) and IV len. This can be 16 or 20
bytes.

Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Reviewed-by: Horia Geanta &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: caam - check authsize</title>
<updated>2019-08-09T05:11:46+00:00</updated>
<author>
<name>Iuliana Prodan</name>
<email>iuliana.prodan@nxp.com</email>
</author>
<published>2019-07-31T13:08:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=68a51394f37ae8c6eb51209efc406355a9861874'/>
<id>68a51394f37ae8c6eb51209efc406355a9861874</id>
<content type='text'>
Check authsize to solve the extra tests that expect -EINVAL to be
returned when the authentication tag size is not valid.

Validated authsize for GCM, RFC4106 and RFC4543.

Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Reviewed-by: Horia Geanta &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Check authsize to solve the extra tests that expect -EINVAL to be
returned when the authentication tag size is not valid.

Validated authsize for GCM, RFC4106 and RFC4543.

Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Reviewed-by: Horia Geanta &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: caam - check key length</title>
<updated>2019-08-09T05:11:46+00:00</updated>
<author>
<name>Iuliana Prodan</name>
<email>iuliana.prodan@nxp.com</email>
</author>
<published>2019-07-31T13:08:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=836d8f43c5e529935bb3140edc710c23ffd1d54a'/>
<id>836d8f43c5e529935bb3140edc710c23ffd1d54a</id>
<content type='text'>
Check key length to solve the extra tests that expect -EINVAL to be
returned when the key size is not valid.

Validated AES keylen for skcipher, ahash and aead.

Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Reviewed-by: Horia Geanta &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Check key length to solve the extra tests that expect -EINVAL to be
returned when the key size is not valid.

Validated AES keylen for skcipher, ahash and aead.

Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Reviewed-by: Horia Geanta &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: caam - update IV only when crypto operation succeeds</title>
<updated>2019-08-09T05:11:45+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2019-07-31T13:08:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=1ccb39eb5a9822543273c35f5114a9dc101e7315'/>
<id>1ccb39eb5a9822543273c35f5114a9dc101e7315</id>
<content type='text'>
skcipher encryption might fail and in some cases, like (invalid) input
length smaller then block size, updating the IV would lead to a useless
IV copy in case hardware issued an error.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
skcipher encryption might fail and in some cases, like (invalid) input
length smaller then block size, updating the IV would lead to a useless
IV copy in case hardware issued an error.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: caam - fix return code in completion callbacks</title>
<updated>2019-08-09T05:11:45+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2019-07-31T13:08:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=1984aaeec372fbfb597883074253d290cbd543d4'/>
<id>1984aaeec372fbfb597883074253d290cbd543d4</id>
<content type='text'>
Modify drive to provide a valid errno (and not the HW error ID)
to the user, via completion callbacks.

A "valid errno" is currently not explicitly mentioned in the docs,
however the error code is expected to match the one returned by the
generic SW implementation.

Note: in most error cases caam/qi and caam/qi2 returned -EIO; align all
caam drivers to return -EINVAL.

While here, ratelimit prints triggered by fuzz testing, such that
console is not flooded.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Modify drive to provide a valid errno (and not the HW error ID)
to the user, via completion callbacks.

A "valid errno" is currently not explicitly mentioned in the docs,
however the error code is expected to match the one returned by the
generic SW implementation.

Note: in most error cases caam/qi and caam/qi2 returned -EIO; align all
caam drivers to return -EINVAL.

While here, ratelimit prints triggered by fuzz testing, such that
console is not flooded.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Iuliana Prodan &lt;iuliana.prodan@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: caam - update IV using HW support</title>
<updated>2019-06-20T06:18:33+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2019-06-10T13:30:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=334d37c9e26364511f0673ef155e2ad207316e90'/>
<id>334d37c9e26364511f0673ef155e2ad207316e90</id>
<content type='text'>
Modify drivers to perform skcipher IV update using the crypto engine,
instead of performing the operation in SW.

Besides being more efficient, this also fixes IV update for CTR mode.

Output HW S/G table is appended with an entry pointing to the same
IV buffer used as input (which is now mapped BIDIRECTIONAL).

AS (Algorithm State) parameter of the OPERATION command is changed
from INIFINAL to INIT in descriptors used by ctr(aes), cbc(aes).
This is needed since in case FINAL bit is set, HW skips IV updating
in the Context Register for the last data block.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Modify drivers to perform skcipher IV update using the crypto engine,
instead of performing the operation in SW.

Besides being more efficient, this also fixes IV update for CTR mode.

Output HW S/G table is appended with an entry pointing to the same
IV buffer used as input (which is now mapped BIDIRECTIONAL).

AS (Algorithm State) parameter of the OPERATION command is changed
from INIFINAL to INIT in descriptors used by ctr(aes), cbc(aes).
This is needed since in case FINAL bit is set, HW skips IV updating
in the Context Register for the last data block.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
</feed>
