tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
- NULL dereference in octeontx
- PM reference imbalance in ks-sa
- deadlock in crypto manager
- memory leak in drbg
- missing socket limit check on receive SG list size in algif_skcipher
- typos in caam
- warnings in ccp and hisilicon
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: drbg - always try to free Jitter RNG instance
crypto: marvell/octeontx - Fix a potential NULL dereference
crypto: algboss - don't wait during notifier callback
crypto: caam - fix typos
crypto: ccp - Fix sparse warnings in sev-dev
crypto: hisilicon - Cap block size at 2^31
crypto: algif_skcipher - Cap recv SG list at ctx->used
hwrng: ks-sa - Fix runtime PM imbalance on error
+45
-35
-2
crypto/algboss.c
-2
crypto/algboss.c
+1
-5
crypto/algif_skcipher.c
+1
-5
crypto/algif_skcipher.c
···
74
74
return PTR_ERR(areq);
75
75
76
76
/* convert iovecs of output buffers into RX SGL */
77
-
err = af_alg_get_rsgl(sk, msg, flags, areq, -1, &len);
77
+
err = af_alg_get_rsgl(sk, msg, flags, areq, ctx->used, &len);
78
78
if (err)
79
79
goto free;
80
-
81
-
/* Process only as much RX buffers for which we have TX data */
82
-
if (len > ctx->used)
83
-
len = ctx->used;
84
80
85
81
/*
86
82
* If more buffers are to be expected to be processed, process only
+4
-2
crypto/drbg.c
+4
-2
crypto/drbg.c
···
1631
1631
if (drbg->random_ready.func) {
1632
1632
del_random_ready_callback(&drbg->random_ready);
1633
1633
cancel_work_sync(&drbg->seed_work);
1634
-
crypto_free_rng(drbg->jent);
1635
-
drbg->jent = NULL;
1636
1634
}
1635
+
1636
+
if (!IS_ERR_OR_NULL(drbg->jent))
1637
+
crypto_free_rng(drbg->jent);
1638
+
drbg->jent = NULL;
1637
1639
1638
1640
if (drbg->d_ops)
1639
1641
drbg->d_ops->crypto_fini(drbg);
+1
drivers/char/hw_random/ks-sa-rng.c
+1
drivers/char/hw_random/ks-sa-rng.c
+1
-1
drivers/crypto/caam/Kconfig
+1
-1
drivers/crypto/caam/Kconfig
+9
-9
drivers/crypto/caam/ctrl.c
+9
-9
drivers/crypto/caam/ctrl.c
···
54
54
55
55
/*
56
56
* load 1 to clear written reg:
57
-
* resets the done interrrupt and returns the RNG to idle.
57
+
* resets the done interrupt and returns the RNG to idle.
58
58
*/
59
59
append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW);
60
60
···
156
156
DESC_DER_DECO_STAT_SHIFT;
157
157
158
158
/*
159
-
* If an error occured in the descriptor, then
159
+
* If an error occurred in the descriptor, then
160
160
* the DECO status field will be set to 0x0D
161
161
*/
162
162
if (deco_state == DECO_STAT_HOST_ERR)
···
264
264
* - -ENODEV if DECO0 couldn't be acquired
265
265
* - -EAGAIN if an error occurred when executing the descriptor
266
266
* f.i. there was a RNG hardware error due to not "good enough"
267
-
* entropy being aquired.
267
+
* entropy being acquired.
268
268
*/
269
269
static int instantiate_rng(struct device *ctrldev, int state_handle_mask,
270
270
int gen_sk)
···
733
733
handle_imx6_err005766(&ctrl->mcr);
734
734
735
735
/*
736
-
* Read the Compile Time paramters and SCFGR to determine
737
-
* if Virtualization is enabled for this platform
736
+
* Read the Compile Time parameters and SCFGR to determine
737
+
* if virtualization is enabled for this platform
738
738
*/
739
739
scfgr = rd_reg32(&ctrl->scfgr);
740
740
···
863
863
}
864
864
/*
865
865
* if instantiate_rng(...) fails, the loop will rerun
866
-
* and the kick_trng(...) function will modfiy the
866
+
* and the kick_trng(...) function will modify the
867
867
* upper and lower limits of the entropy sampling
868
-
* interval, leading to a sucessful initialization of
868
+
* interval, leading to a successful initialization of
869
869
* the RNG.
870
870
*/
871
871
ret = instantiate_rng(dev, inst_handles,
···
882
882
return ret;
883
883
}
884
884
/*
885
-
* Set handles init'ed by this module as the complement of the
886
-
* already initialized ones
885
+
* Set handles initialized by this module as the complement of
886
+
* the already initialized ones
887
887
*/
888
888
ctrlpriv->rng4_sh_init = ~ctrlpriv->rng4_sh_init & RDSTA_MASK;
889
889
+2
-2
drivers/crypto/caam/desc.h
+2
-2
drivers/crypto/caam/desc.h
···
18
18
*/
19
19
20
20
#define SEC4_SG_LEN_EXT 0x80000000 /* Entry points to table */
21
-
#define SEC4_SG_LEN_FIN 0x40000000 /* Last ent in table */
21
+
#define SEC4_SG_LEN_FIN 0x40000000 /* Last entry in table */
22
22
#define SEC4_SG_BPID_MASK 0x000000ff
23
23
#define SEC4_SG_BPID_SHIFT 16
24
24
#define SEC4_SG_LEN_MASK 0x3fffffff /* Excludes EXT and FINAL */
···
113
113
*/
114
114
#define HDR_REVERSE 0x00000800
115
115
116
-
/* Propogate DNR property to SharedDesc */
116
+
/* Propagate DNR property to SharedDesc */
117
117
#define HDR_PROP_DNR 0x00000800
118
118
119
119
/* JobDesc/SharedDesc share property */
+1
-1
drivers/crypto/caam/pdb.h
+1
-1
drivers/crypto/caam/pdb.h
+16
-7
drivers/crypto/ccp/sev-dev.c
+16
-7
drivers/crypto/ccp/sev-dev.c
···
376
376
struct sev_device *sev = psp_master->sev_data;
377
377
struct sev_user_data_pek_csr input;
378
378
struct sev_data_pek_csr *data;
379
+
void __user *input_address;
379
380
void *blob = NULL;
380
381
int ret;
381
382
···
395
394
goto cmd;
396
395
397
396
/* allocate a physically contiguous buffer to store the CSR blob */
397
+
input_address = (void __user *)input.address;
398
398
if (input.length > SEV_FW_BLOB_MAX_SIZE) {
399
399
ret = -EFAULT;
400
400
goto e_free;
···
428
426
}
429
427
430
428
if (blob) {
431
-
if (copy_to_user((void __user *)input.address, blob, input.length))
429
+
if (copy_to_user(input_address, blob, input.length))
432
430
ret = -EFAULT;
433
431
}
434
432
···
439
437
return ret;
440
438
}
441
439
442
-
void *psp_copy_user_blob(u64 __user uaddr, u32 len)
440
+
void *psp_copy_user_blob(u64 uaddr, u32 len)
443
441
{
444
442
if (!uaddr || !len)
445
443
return ERR_PTR(-EINVAL);
···
448
446
if (len > SEV_FW_BLOB_MAX_SIZE)
449
447
return ERR_PTR(-EINVAL);
450
448
451
-
return memdup_user((void __user *)(uintptr_t)uaddr, len);
449
+
return memdup_user((void __user *)uaddr, len);
452
450
}
453
451
EXPORT_SYMBOL_GPL(psp_copy_user_blob);
454
452
···
623
621
{
624
622
struct sev_user_data_get_id2 input;
625
623
struct sev_data_get_id *data;
624
+
void __user *input_address;
626
625
void *id_blob = NULL;
627
626
int ret;
628
627
···
633
630
634
631
if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
635
632
return -EFAULT;
633
+
634
+
input_address = (void __user *)input.address;
636
635
637
636
data = kzalloc(sizeof(*data), GFP_KERNEL);
638
637
if (!data)
···
665
660
}
666
661
667
662
if (id_blob) {
668
-
if (copy_to_user((void __user *)input.address,
669
-
id_blob, data->len)) {
663
+
if (copy_to_user(input_address, id_blob, data->len)) {
670
664
ret = -EFAULT;
671
665
goto e_free;
672
666
}
···
724
720
struct sev_user_data_pdh_cert_export input;
725
721
void *pdh_blob = NULL, *cert_blob = NULL;
726
722
struct sev_data_pdh_cert_export *data;
723
+
void __user *input_cert_chain_address;
724
+
void __user *input_pdh_cert_address;
727
725
int ret;
728
726
729
727
/* If platform is not in INIT state then transition it to INIT. */
···
750
744
!input.pdh_cert_len ||
751
745
!input.cert_chain_address)
752
746
goto cmd;
747
+
748
+
input_pdh_cert_address = (void __user *)input.pdh_cert_address;
749
+
input_cert_chain_address = (void __user *)input.cert_chain_address;
753
750
754
751
/* Allocate a physically contiguous buffer to store the PDH blob. */
755
752
if (input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE) {
···
797
788
}
798
789
799
790
if (pdh_blob) {
800
-
if (copy_to_user((void __user *)input.pdh_cert_address,
791
+
if (copy_to_user(input_pdh_cert_address,
801
792
pdh_blob, input.pdh_cert_len)) {
802
793
ret = -EFAULT;
803
794
goto e_free_cert;
···
805
796
}
806
797
807
798
if (cert_blob) {
808
-
if (copy_to_user((void __user *)input.cert_chain_address,
799
+
if (copy_to_user(input_cert_chain_address,
809
800
cert_blob, input.cert_chain_len))
810
801
ret = -EFAULT;
811
802
}
+2
-1
drivers/crypto/hisilicon/sgl.c
+2
-1
drivers/crypto/hisilicon/sgl.c
···
66
66
67
67
sgl_size = sizeof(struct acc_hw_sge) * sge_nr +
68
68
sizeof(struct hisi_acc_hw_sgl);
69
-
block_size = PAGE_SIZE * (1 << (MAX_ORDER - 1));
69
+
block_size = 1 << (PAGE_SHIFT + MAX_ORDER <= 32 ?
70
+
PAGE_SHIFT + MAX_ORDER - 1 : 31);
70
71
sgl_num_per_block = block_size / sgl_size;
71
72
block_num = count / sgl_num_per_block;
72
73
remain_sgl = count % sgl_num_per_block;
+7
-4
drivers/crypto/marvell/octeontx/otx_cptvf_algs.c
+7
-4
drivers/crypto/marvell/octeontx/otx_cptvf_algs.c
···
118
118
struct otx_cpt_req_info *cpt_req;
119
119
struct pci_dev *pdev;
120
120
121
+
if (!cpt_info)
122
+
goto complete;
123
+
121
124
cpt_req = cpt_info->req;
122
125
if (!status) {
123
126
/*
···
132
129
!cpt_req->is_enc)
133
130
status = validate_hmac_cipher_null(cpt_req);
134
131
}
135
-
if (cpt_info) {
136
-
pdev = cpt_info->pdev;
137
-
do_request_cleanup(pdev, cpt_info);
138
-
}
132
+
pdev = cpt_info->pdev;
133
+
do_request_cleanup(pdev, cpt_info);
134
+
135
+
complete:
139
136
if (areq)
140
137
areq->complete(areq, status);
141
138
}
+1
-1
include/linux/psp-sev.h
+1
-1
include/linux/psp-sev.h