tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Merge the crypto tree for 4.1 to pull in the changeset that disables
algif_aead.
+77
-42
+19
-3
arch/arm64/crypto/crc32-arm64.c
+19
-3
arch/arm64/crypto/crc32-arm64.c
···
147
147
{
148
148
struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
149
149
150
+
put_unaligned_le32(ctx->crc, out);
151
+
return 0;
152
+
}
153
+
154
+
static int chksumc_final(struct shash_desc *desc, u8 *out)
155
+
{
156
+
struct chksum_desc_ctx *ctx = shash_desc_ctx(desc);
157
+
150
158
put_unaligned_le32(~ctx->crc, out);
151
159
return 0;
152
160
}
153
161
154
162
static int __chksum_finup(u32 crc, const u8 *data, unsigned int len, u8 *out)
155
163
{
156
-
put_unaligned_le32(~crc32_arm64_le_hw(crc, data, len), out);
164
+
put_unaligned_le32(crc32_arm64_le_hw(crc, data, len), out);
157
165
return 0;
158
166
}
159
167
···
207
199
{
208
200
struct chksum_ctx *mctx = crypto_tfm_ctx(tfm);
209
201
202
+
mctx->key = 0;
203
+
return 0;
204
+
}
205
+
206
+
static int crc32c_cra_init(struct crypto_tfm *tfm)
207
+
{
208
+
struct chksum_ctx *mctx = crypto_tfm_ctx(tfm);
209
+
210
210
mctx->key = ~0;
211
211
return 0;
212
212
}
···
245
229
.setkey = chksum_setkey,
246
230
.init = chksum_init,
247
231
.update = chksumc_update,
248
-
.final = chksum_final,
232
+
.final = chksumc_final,
249
233
.finup = chksumc_finup,
250
234
.digest = chksumc_digest,
251
235
.descsize = sizeof(struct chksum_desc_ctx),
···
257
241
.cra_alignmask = 0,
258
242
.cra_ctxsize = sizeof(struct chksum_ctx),
259
243
.cra_module = THIS_MODULE,
260
-
.cra_init = crc32_cra_init,
244
+
.cra_init = crc32c_cra_init,
261
245
}
262
246
};
263
247
+3
arch/arm64/crypto/sha1-ce-glue.c
+3
arch/arm64/crypto/sha1-ce-glue.c
···
74
74
75
75
static int sha1_ce_final(struct shash_desc *desc, u8 *out)
76
76
{
77
+
struct sha1_ce_state *sctx = shash_desc_ctx(desc);
78
+
79
+
sctx->finalize = 0;
77
80
kernel_neon_begin_partial(16);
78
81
sha1_base_do_finalize(desc, (sha1_block_fn *)sha1_ce_transform);
79
82
kernel_neon_end();
+3
arch/arm64/crypto/sha2-ce-glue.c
+3
arch/arm64/crypto/sha2-ce-glue.c
···
75
75
76
76
static int sha256_ce_final(struct shash_desc *desc, u8 *out)
77
77
{
78
+
struct sha256_ce_state *sctx = shash_desc_ctx(desc);
79
+
80
+
sctx->finalize = 0;
78
81
kernel_neon_begin_partial(28);
79
82
sha256_base_do_finalize(desc, (sha256_block_fn *)sha2_ce_transform);
80
83
kernel_neon_end();
+13
-12
arch/s390/crypto/ghash_s390.c
+13
-12
arch/s390/crypto/ghash_s390.c
···
16
16
#define GHASH_DIGEST_SIZE 16
17
17
18
18
struct ghash_ctx {
19
-
u8 icv[16];
20
-
u8 key[16];
19
+
u8 key[GHASH_BLOCK_SIZE];
21
20
};
22
21
23
22
struct ghash_desc_ctx {
23
+
u8 icv[GHASH_BLOCK_SIZE];
24
+
u8 key[GHASH_BLOCK_SIZE];
24
25
u8 buffer[GHASH_BLOCK_SIZE];
25
26
u32 bytes;
26
27
};
···
29
28
static int ghash_init(struct shash_desc *desc)
30
29
{
31
30
struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
31
+
struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
32
32
33
33
memset(dctx, 0, sizeof(*dctx));
34
+
memcpy(dctx->key, ctx->key, GHASH_BLOCK_SIZE);
34
35
35
36
return 0;
36
37
}
···
48
45
}
49
46
50
47
memcpy(ctx->key, key, GHASH_BLOCK_SIZE);
51
-
memset(ctx->icv, 0, GHASH_BLOCK_SIZE);
52
48
53
49
return 0;
54
50
}
···
56
54
const u8 *src, unsigned int srclen)
57
55
{
58
56
struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
59
-
struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
60
57
unsigned int n;
61
58
u8 *buf = dctx->buffer;
62
59
int ret;
···
71
70
src += n;
72
71
73
72
if (!dctx->bytes) {
74
-
ret = crypt_s390_kimd(KIMD_GHASH, ctx, buf,
73
+
ret = crypt_s390_kimd(KIMD_GHASH, dctx, buf,
75
74
GHASH_BLOCK_SIZE);
76
75
if (ret != GHASH_BLOCK_SIZE)
77
76
return -EIO;
···
80
79
81
80
n = srclen & ~(GHASH_BLOCK_SIZE - 1);
82
81
if (n) {
83
-
ret = crypt_s390_kimd(KIMD_GHASH, ctx, src, n);
82
+
ret = crypt_s390_kimd(KIMD_GHASH, dctx, src, n);
84
83
if (ret != n)
85
84
return -EIO;
86
85
src += n;
···
95
94
return 0;
96
95
}
97
96
98
-
static int ghash_flush(struct ghash_ctx *ctx, struct ghash_desc_ctx *dctx)
97
+
static int ghash_flush(struct ghash_desc_ctx *dctx)
99
98
{
100
99
u8 *buf = dctx->buffer;
101
100
int ret;
···
105
104
106
105
memset(pos, 0, dctx->bytes);
107
106
108
-
ret = crypt_s390_kimd(KIMD_GHASH, ctx, buf, GHASH_BLOCK_SIZE);
107
+
ret = crypt_s390_kimd(KIMD_GHASH, dctx, buf, GHASH_BLOCK_SIZE);
109
108
if (ret != GHASH_BLOCK_SIZE)
110
109
return -EIO;
110
+
111
+
dctx->bytes = 0;
111
112
}
112
113
113
-
dctx->bytes = 0;
114
114
return 0;
115
115
}
116
116
117
117
static int ghash_final(struct shash_desc *desc, u8 *dst)
118
118
{
119
119
struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
120
-
struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
121
120
int ret;
122
121
123
-
ret = ghash_flush(ctx, dctx);
122
+
ret = ghash_flush(dctx);
124
123
if (!ret)
125
-
memcpy(dst, ctx->icv, GHASH_BLOCK_SIZE);
124
+
memcpy(dst, dctx->icv, GHASH_BLOCK_SIZE);
126
125
return ret;
127
126
}
128
127
+1
-1
arch/x86/crypto/sha512-avx2-asm.S
+1
-1
arch/x86/crypto/sha512-avx2-asm.S
-9
crypto/Kconfig
-9
crypto/Kconfig
···
1532
1532
This option enables the user-spaces interface for random
1533
1533
number generator algorithms.
1534
1534
1535
-
config CRYPTO_USER_API_AEAD
1536
-
tristate "User-space interface for AEAD cipher algorithms"
1537
-
depends on NET
1538
-
select CRYPTO_AEAD
1539
-
select CRYPTO_USER_API
1540
-
help
1541
-
This option enables the user-spaces interface for AEAD
1542
-
cipher algorithms.
1543
-
1544
1535
config CRYPTO_HASH_INFO
1545
1536
bool
1546
1537
+4
-5
crypto/algif_aead.c
+4
-5
crypto/algif_aead.c
···
34
34
/*
35
35
* RSGL_MAX_ENTRIES is an artificial limit where user space at maximum
36
36
* can cause the kernel to allocate RSGL_MAX_ENTRIES * ALG_MAX_PAGES
37
-
* bytes
37
+
* pages
38
38
*/
39
39
#define RSGL_MAX_ENTRIES ALG_MAX_PAGES
40
40
struct af_alg_sgl rsgl[RSGL_MAX_ENTRIES];
···
436
436
if (err < 0)
437
437
goto unlock;
438
438
usedpages += err;
439
-
/* chain the new scatterlist with initial list */
439
+
/* chain the new scatterlist with previous one */
440
440
if (cnt)
441
-
scatterwalk_crypto_chain(ctx->rsgl[0].sg,
442
-
ctx->rsgl[cnt].sg, 1,
443
-
sg_nents(ctx->rsgl[cnt-1].sg));
441
+
af_alg_link_sg(&ctx->rsgl[cnt-1], &ctx->rsgl[cnt]);
442
+
444
443
/* we do not need more iovecs as we have sufficient memory */
445
444
if (outlen <= usedpages)
446
445
break;
+9
-9
drivers/char/hw_random/bcm63xx-rng.c
+9
-9
drivers/char/hw_random/bcm63xx-rng.c
···
57
57
val &= ~RNG_EN;
58
58
__raw_writel(val, priv->regs + RNG_CTRL);
59
59
60
-
clk_didsable_unprepare(prov->clk);
60
+
clk_disable_unprepare(priv->clk);
61
61
}
62
62
63
63
static int bcm63xx_rng_data_present(struct hwrng *rng, int wait)
···
97
97
priv->rng.name = pdev->name;
98
98
priv->rng.init = bcm63xx_rng_init;
99
99
priv->rng.cleanup = bcm63xx_rng_cleanup;
100
-
prov->rng.data_present = bcm63xx_rng_data_present;
100
+
priv->rng.data_present = bcm63xx_rng_data_present;
101
101
priv->rng.data_read = bcm63xx_rng_data_read;
102
102
103
103
priv->clk = devm_clk_get(&pdev->dev, "ipsec");
104
104
if (IS_ERR(priv->clk)) {
105
-
error = PTR_ERR(priv->clk);
106
-
dev_err(&pdev->dev, "no clock for device: %d\n", error);
107
-
return error;
105
+
ret = PTR_ERR(priv->clk);
106
+
dev_err(&pdev->dev, "no clock for device: %d\n", ret);
107
+
return ret;
108
108
}
109
109
110
110
if (!devm_request_mem_region(&pdev->dev, r->start,
···
120
120
return -ENOMEM;
121
121
}
122
122
123
-
error = devm_hwrng_register(&pdev->dev, &priv->rng);
124
-
if (error) {
123
+
ret = devm_hwrng_register(&pdev->dev, &priv->rng);
124
+
if (ret) {
125
125
dev_err(&pdev->dev, "failed to register rng device: %d\n",
126
-
error);
127
-
return error;
126
+
ret);
127
+
return ret;
128
128
}
129
129
130
130
dev_info(&pdev->dev, "registered RNG driver\n");
+2
-1
drivers/crypto/Kconfig
+2
-1
drivers/crypto/Kconfig
···
466
466
source "drivers/crypto/vmx/Kconfig"
467
467
468
468
config CRYPTO_DEV_IMGTEC_HASH
469
-
depends on MIPS || COMPILE_TEST
470
469
tristate "Imagination Technologies hardware hash accelerator"
470
+
depends on MIPS || COMPILE_TEST
471
+
depends on HAS_DMA
471
472
select CRYPTO_ALGAPI
472
473
select CRYPTO_MD5
473
474
select CRYPTO_SHA1
+15
-1
include/linux/compiler-gcc.h
+15
-1
include/linux/compiler-gcc.h
···
9
9
+ __GNUC_MINOR__ * 100 \
10
10
+ __GNUC_PATCHLEVEL__)
11
11
12
-
13
12
/* Optimization barrier */
13
+
14
14
/* The "volatile" is due to gcc bugs */
15
15
#define barrier() __asm__ __volatile__("": : :"memory")
16
+
/*
17
+
* This version is i.e. to prevent dead stores elimination on @ptr
18
+
* where gcc and llvm may behave differently when otherwise using
19
+
* normal barrier(): while gcc behavior gets along with a normal
20
+
* barrier(), llvm needs an explicit input variable to be assumed
21
+
* clobbered. The issue is as follows: while the inline asm might
22
+
* access any memory it wants, the compiler could have fit all of
23
+
* @ptr into memory registers instead, and since @ptr never escaped
24
+
* from that, it proofed that the inline asm wasn't touching any of
25
+
* it. This version works well with both compilers, i.e. we're telling
26
+
* the compiler that the inline asm absolutely may see the contents
27
+
* of @ptr. See also: https://llvm.org/bugs/show_bug.cgi?id=15495
28
+
*/
29
+
#define barrier_data(ptr) __asm__ __volatile__("": :"r"(ptr) :"memory")
16
30
17
31
/*
18
32
* This macro obfuscates arithmetic on a variable address so that gcc
+3
include/linux/compiler-intel.h
+3
include/linux/compiler-intel.h
···
13
13
/* Intel ECC compiler doesn't support gcc specific asm stmts.
14
14
* It uses intrinsics to do the equivalent things.
15
15
*/
16
+
#undef barrier_data
16
17
#undef RELOC_HIDE
17
18
#undef OPTIMIZER_HIDE_VAR
19
+
20
+
#define barrier_data(ptr) barrier()
18
21
19
22
#define RELOC_HIDE(ptr, off) \
20
23
({ unsigned long __ptr; \
+4
include/linux/compiler.h
+4
include/linux/compiler.h