1. 10 Apr, 2015 1 commit
  2. 03 Apr, 2015 2 commits
  3. 22 Dec, 2014 1 commit
  4. 26 Nov, 2014 1 commit
  5. 03 Jul, 2014 1 commit
    • Jarod Wilson's avatar
      crypto: fips - only panic on bad/missing crypto mod signatures · 002c77a4
      Jarod Wilson authored
      Per further discussion with NIST, the requirements for FIPS state that
      we only need to panic the system on failed kernel module signature checks
      for crypto subsystem modules. This moves the fips-mode-only module
      signature check out of the generic module loading code, into the crypto
      subsystem, at points where we can catch both algorithm module loads and
      mode module loads. At the same time, make CONFIG_CRYPTO_FIPS dependent on
      CONFIG_MODULE_SIG, as this is entirely necessary for FIPS mode.
      v2: remove extraneous blank line, perform checks in static inline
      function, drop no longer necessary fips.h include.
      CC: "David S. Miller" <davem@davemloft.net>
      CC: Rusty Russell <rusty@rustcorp.com.au>
      CC: Stephan Mueller <stephan.mueller@atsec.com>
      Signed-off-by: default avatarJarod Wilson <jarod@redhat.com>
      Acked-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  6. 03 Jul, 2013 1 commit
  7. 28 Feb, 2013 1 commit
    • Sasha Levin's avatar
      hlist: drop the node parameter from iterators · b67bfe0d
      Sasha Levin authored
      I'm not sure why, but the hlist for each entry iterators were conceived
              list_for_each_entry(pos, head, member)
      The hlist ones were greedy and wanted an extra parameter:
              hlist_for_each_entry(tpos, pos, head, member)
      Why did they need an extra pos parameter? I'm not quite sure. Not only
      they don't really need it, it also prevents the iterator from looking
      exactly like the list iterator, which is unfortunate.
      Besides the semantic patch, there was some manual work required:
       - Fix up the actual hlist iterators in linux/list.h
       - Fix up the declaration of other iterators based on the hlist ones.
       - A very small amount of places were using the 'node' parameter, this
       was modified to use 'obj->member' instead.
       - Coccinelle didn't handle the hlist_for_each_entry_safe iterator
       properly, so those had to be fixed up manually.
      The semantic patch which is mostly the work of Peter Senna Tschudin is here:
      iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host;
      type T;
      expression a,c,d,e;
      identifier b;
      statement S;
      -T b;
          <+... when != b
      - b,
      c, d) S
      - b,
      c) S
      - b,
      c) S
      - b,
      c, d) S
      - b,
      c, d) S
      - b,
      c) S
      for_each_busy_worker(a, c,
      - b,
      d) S
      - b,
      c) S
      - b,
      c) S
      - b,
      c) S
      - b,
      c) S
      - b,
      c) S
      - b,
      c) S
      -(a, b)
      + sk_for_each_from(a) S
      - b,
      c, d) S
      - b,
      c) S
      - b,
      c, d, e) S
      - b,
      c) S
      - b,
      c) S
      - b,
      c, d) S
      - b,
      c) S
      - b,
      c, d) S
      - for_each_gfn_sp(a, c, d, b) S
      + for_each_gfn_sp(a, c, d) S
      - for_each_gfn_indirect_valid_sp(a, c, d, b) S
      + for_each_gfn_indirect_valid_sp(a, c, d) S
      - b,
      c) S
      - b,
      c, d) S
      - b,
      c, d) S
      [akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
      [akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
      [akpm@linux-foundation.org: checkpatch fixes]
      [akpm@linux-foundation.org: fix warnings]
      [akpm@linux-foudnation.org: redo intrusive kvm changes]
      Tested-by: default avatarPeter Senna Tschudin <peter.senna@gmail.com>
      Acked-by: default avatarPaul E. McKenney <paulmck@linux.vnet.ibm.com>
      Signed-off-by: default avatarSasha Levin <sasha.levin@oracle.com>
      Cc: Wu Fengguang <fengguang.wu@intel.com>
      Cc: Marcelo Tosatti <mtosatti@redhat.com>
      Cc: Gleb Natapov <gleb@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
  8. 04 Feb, 2013 1 commit
  9. 22 Jun, 2012 1 commit
    • Herbert Xu's avatar
      crypto: algapi - Move larval completion into algboss · 39871037
      Herbert Xu authored
      It has been observed that sometimes the crypto allocation code
      will get stuck for 60 seconds or multiples thereof.  This is
      usually caused by an algorithm failing to pass the self-test.
      If an algorithm fails to be constructed, we will immediately notify
      all larval waiters.  However, if it succeeds in construction, but
      then fails the self-test, we won't notify anyone at all.
      This patch fixes this by merging the notification in the case
      where the algorithm fails to be constructed with that of the
      the case where it pases the self-test.  This way regardless of
      what happens, we'll give the larval waiters an answer.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  10. 26 Jan, 2012 1 commit
  11. 09 Nov, 2011 1 commit
  12. 21 Oct, 2011 3 commits
  13. 03 May, 2010 1 commit
  14. 30 Mar, 2010 1 commit
    • Tejun Heo's avatar
      include cleanup: Update gfp.h and slab.h includes to prepare for breaking... · 5a0e3ad6
      Tejun Heo authored
      include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
      percpu.h is included by sched.h and module.h and thus ends up being
      included when building most .c files.  percpu.h includes slab.h which
      in turn includes gfp.h making everything defined by the two files
      universally available and complicating inclusion dependencies.
      percpu.h -> slab.h dependency is about to be removed.  Prepare for
      this change by updating users of gfp and slab facilities include those
      headers directly instead of assuming availability.  As this conversion
      needs to touch large number of source files, the following script is
      used as the basis of conversion.
      The script does the followings.
      * Scan files for gfp and slab usages and update includes such that
        only the necessary includes are there.  ie. if only gfp is used,
        gfp.h, if slab is used, slab.h.
      * When the script inserts a new include, it looks at the include
        blocks and try to put the new include such that its order conforms
        to its surrounding.  It's put in the include block which contains
        core kernel includes, in the same order that the rest are ordered -
        alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
        doesn't seem to be any matching order.
      * If the script can't find a place to put a new include (mostly
        because the file doesn't have fitting include block), it prints out
        an error message indicating which .h file needs to be added to the
      The conversion was done in the following steps.
      1. The initial automatic conversion of all .c files updated slightly
         over 4000 files, deleting around 700 includes and adding ~480 gfp.h
         and ~3000 slab.h inclusions.  The script emitted errors for ~400
      2. Each error was manually checked.  Some didn't need the inclusion,
         some needed manual addition while adding it to implementation .h or
         embedding .c file was more appropriate for others.  This step added
         inclusions to around 150 files.
      3. The script was run again and the output was compared to the edits
         from #2 to make sure no file was left behind.
      4. Several build tests were done and a couple of problems were fixed.
         e.g. lib/decompress_*.c used malloc/free() wrappers around slab
         APIs requiring slab.h to be added manually.
      5. The script was run on all .h files but without automatically
         editing them as sprinkling gfp.h and slab.h inclusions around .h
         files could easily lead to inclusion dependency hell.  Most gfp.h
         inclusion directives were ignored as stuff from gfp.h was usually
         wildly available and often used in preprocessor macros.  Each
         slab.h inclusion directive was examined and added manually as
      6. percpu.h was updated not to include slab.h.
      7. Build test were done on the following configurations and failures
         were fixed.  CONFIG_GCOV_KERNEL was turned off for all tests (as my
         distributed build env didn't work with gcov compiles) and a few
         more options had to be turned off depending on archs to make things
         build (like ipr on powerpc/64 which failed due to missing writeq).
         * x86 and x86_64 UP and SMP allmodconfig and a custom test config.
         * powerpc and powerpc64 SMP allmodconfig
         * sparc and sparc64 SMP allmodconfig
         * ia64 SMP allmodconfig
         * s390 SMP allmodconfig
         * alpha SMP allmodconfig
         * um on x86_64 SMP allmodconfig
      8. percpu.h modifications were reverted so that it could be applied as
         a separate patch and serve as bisection point.
      Given the fact that I had only a couple of failures from tests on step
      6, I'm fairly confident about the coverage of this conversion patch.
      If there is a breakage, it's likely to be something in one of the arch
      headers which should be easily discoverable easily on most builds of
      the specific arch.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Guess-its-ok-by: default avatarChristoph Lameter <cl@linux-foundation.org>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
  15. 16 Feb, 2010 1 commit
  16. 31 Aug, 2009 1 commit
    • Herbert Xu's avatar
      crypto: api - Do not displace newly registered algorithms · 2bf29016
      Herbert Xu authored
      We have a mechanism where newly registered algorithms of a higher
      priority can displace existing instances that use a different
      implementation of the same algorithm with a lower priority.
      Unfortunately the same mechanism can cause a newly registered
      algorithm to displace itself if it depends on an existing version
      of the same algorithm.
      This patch fixes this by keeping all algorithms that the newly
      reigstered algorithm depends on, thus protecting them from being
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  17. 29 Aug, 2009 1 commit
  18. 09 Jul, 2009 1 commit
  19. 08 Jul, 2009 2 commits
  20. 07 Jul, 2009 1 commit
  21. 28 Jan, 2009 1 commit
    • Herbert Xu's avatar
      crypto: api - Fix algorithm test race that broke aead initialisation · b8e15992
      Herbert Xu authored
      When we complete a test we'll notify everyone waiting on it, drop
      the mutex, and then remove the test larval (after reacquiring the
      mutex).  If one of the notified parties tries to register another
      algorithm with the same driver name prior to the removal of the
      test larval, they will fail with EEXIST as only one algorithm of
      a given name can be tested at any time.
      This broke the initialisation of aead and givcipher algorithms as
      they will register two algorithms with the same driver name, in
      This patch fixes the problem by marking the larval as dead before
      we drop the mutex, and also ignoring all dead or dying algorithms
      on the registration path.
      Tested-by: default avatarAndreas Steffen <andreas.steffen@strongswan.org>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  22. 29 Aug, 2008 2 commits
  23. 10 Jan, 2008 2 commits
    • Herbert Xu's avatar
      [CRYPTO] api: Add crypto_attr_alg_name · 68b6c7d6
      Herbert Xu authored
      This patch adds a new helper crypto_attr_alg_name which is basically the
      first half of crypto_attr_alg.  That is, it returns an algorithm name
      parameter as a string without looking it up.  The caller can then look it
      up immediately or defer it until later.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    • Herbert Xu's avatar
      [CRYPTO] api: Add crypto_inc and crypto_xor · 7613636d
      Herbert Xu authored
      With the addition of more stream ciphers we need to curb the proliferation
      of ad-hoc xor functions.  This patch creates a generic pair of functions,
      crypto_inc and crypto_xor which does big-endian increment and exclusive or,
      For optimum performance, they both use u32 operations so alignment must be
      as that of u32 even though the arguments are of type u8 *.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  24. 23 Nov, 2007 1 commit
    • Herbert Xu's avatar
      [CRYPTO] api: Fix potential race in crypto_remove_spawn · 38cb2419
      Herbert Xu authored
      As it is crypto_remove_spawn may try to unregister an instance which is
      yet to be registered.  This patch fixes this by checking whether the
      instance has been registered before attempting to remove it.
      It also removes a bogus cra_destroy check in crypto_register_instance as
      1) it's outside the mutex;
      2) we have a check in __crypto_register_alg already.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  25. 10 Oct, 2007 4 commits
    • Herbert Xu's avatar
      [CRYPTO] api: Explain the comparison on larval cra_name · d8058480
      Herbert Xu authored
      This patch adds a comment to explain why we compare the cra_driver_name of
      the algorithm being registered against the cra_name of a larval as opposed
      to the cra_driver_name of the larval.
      In fact larvals have only one name, cra_name which is the name that was
      requested by the user.  The test here is simply trying to find out whether
      the algorithm being registered can or can not satisfy the larval.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    • Herbert Xu's avatar
      [CRYPTO] blkcipher: Remove alignment restriction on block size · 70613783
      Herbert Xu authored
      Previously we assumed for convenience that the block size is a multiple of
      the algorithm's required alignment.  With the pending addition of CTR this
      will no longer be the case as the block size will be 1 due to it being a
      stream cipher.  However, the alignment requirement will be that of the
      underlying implementation which will most likely be greater than 1.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    • Herbert Xu's avatar
      [CRYPTO] aead: Add authenc · 3c09f17c
      Herbert Xu authored
      This patch adds the authenc algorithm which constructs an AEAD algorithm
      from an asynchronous block cipher and a hash.  The construction is done
      by concatenating the encrypted result from the cipher with the output
      from the hash, as is used by the IPsec ESP protocol.
      The authenc algorithm exists as a template with four parameters:
      	authenc(auth, authsize, enc, enckeylen).
      The authentication algorithm, the authentication size (i.e., truncating
      the output of the authentication algorithm), the encryption algorithm,
      and the encryption key length.  Both the size field and the key length
      field are in bytes.  For example, AES-128 with SHA1-HMAC would be
      represented by
      	authenc(hmac(sha1), 12, cbc(aes), 16)
      The key for the authenc algorithm is the concatenation of the keys for
      the authentication algorithm with the encryption algorithm.  For the
      above example, if a key of length 36 bytes is given, then hmac(sha1)
      would receive the first 20 bytes while the last 16 would be given to
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    • Herbert Xu's avatar
      [CRYPTO] api: Add support for multiple template parameters · 39e1ee01
      Herbert Xu authored
      This patch adds support for having multiple parameters to
      a template, separated by a comma.  It also adds support
      for integer parameters in addition to the current algorithm
      parameter type.
      This will be used by the authenc template which will have
      four parameters: the authentication algorithm, the encryption
      algorithm, the authentication size and the encryption key
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  26. 11 Jul, 2007 1 commit
  27. 02 May, 2007 3 commits
    • Herbert Xu's avatar
      [CRYPTO] api: Do not remove users unless new algorithm matches · a73e6996
      Herbert Xu authored
      As it is whenever a new algorithm with the same name is registered
      users of the old algorithm will be removed so that they can take
      advantage of the new algorithm.  This presents a problem when the
      new algorithm is not equivalent to the old algorithm.  In particular,
      the new algorithm might only function on top of the existing one.
      Hence we should not remove users unless they can make use of the
      new algorithm.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    • Herbert Xu's avatar
      [CRYPTO] api: Add async blkcipher type · b5b7f088
      Herbert Xu authored
      This patch adds the mid-level interface for asynchronous block ciphers.
      It also includes a generic queueing mechanism that can be used by other
      asynchronous crypto operations in future.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    • Herbert Xu's avatar
      [CRYPTO] templates: Pass type/mask when creating instances · ebc610e5
      Herbert Xu authored
      This patch passes the type/mask along when constructing instances of
      templates.  This is in preparation for templates that may support
      multiple types of instances depending on what is requested.  For example,
      the planned software async crypto driver will use this construct.
      For the moment this allows us to check whether the instance constructed
      is of the correct type and avoid returning success if the type does not
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  28. 06 Feb, 2007 2 commits