Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.9.36 2017-04-21T07:31:23Z 2017-04-21T07:31:23Z Herbert Xu herbert@gondor.apana.org.au 2017-04-10T09:27:57Z urn:sha1:c10479591869177ae7ac0570b54ace6fbdeb57c2 commit ef0579b64e93188710d48667cb5e014926af9f1b upstream. The ahash API modifies the request's callback function in order to clean up after itself in some corner cases (unaligned final and missing finup). When the request is complete ahash will restore the original callback and everything is fine. However, when the request gets an EBUSY on a full queue, an EINPROGRESS callback is made while the request is still ongoing. In this case the ahash API will incorrectly call its own callback. This patch fixes the problem by creating a temporary request object on the stack which is used to relay EINPROGRESS back to the original completion function. This patch also adds code to preserve the original flags value. Fixes: ab6bf4e5e5e4 ("crypto: hash - Fix the pointer voodoo in...") Reported-by: Sabrina Dubroca <sd@queasysnail.net> Tested-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2016-07-18T09:35:46Z Herbert Xu herbert@gondor.apana.org.au 2016-07-12T05:17:50Z urn:sha1:3a01d0ee2b991c8c267620e63a4ab47cd8c30cc4 This patch removes the old crypto_grab_skcipher helper and replaces it with crypto_grab_skcipher2. As this is the final entry point into givcipher this patch also removes all traces of the top-level givcipher interface, including all implicit IV generators such as chainiv. The bottom-level givcipher interface remains until the drivers using it are converted. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-18T09:35:43Z Herbert Xu herbert@gondor.apana.org.au 2016-07-12T05:17:46Z urn:sha1:da721302a78807e5da2902677fbe116fe052068f The blkcipher null object is no longer used and can now be removed. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-18T09:35:42Z Herbert Xu herbert@gondor.apana.org.au 2016-07-12T05:17:42Z urn:sha1:ca0494c093371b1ca3cd4c8e14e1e7a19e6e21b6 This patch adds an skcipher null object alongside the existing null blkcipher so that IV generators using it can switch over to skcipher. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-18T09:35:38Z Herbert Xu herbert@gondor.apana.org.au 2016-07-12T05:17:33Z urn:sha1:7a530aa9cf3f282b6b123b9296dfce80ed8f068e This patch adds a chunk size parameter to aead algorithms, just like the chunk size for skcipher algorithms. However, unlike skcipher we do not currently export this to AEAD users. It is only meant to be used by AEAD implementors for now. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-18T09:35:36Z Herbert Xu herbert@gondor.apana.org.au 2016-07-12T05:17:31Z urn:sha1:4e6c3df4d729f85997cbf276bfa8ffd8579b8e77 This patch allows skcipher algorithms and instances to be created and registered with the crypto API. They are accessible through the top-level skcipher interface, along with ablkcipher/blkcipher algorithms and instances. This patch also introduces a new parameter called chunk size which is meant for ciphers such as CTR and CTS which ostensibly can handle arbitrary lengths, but still behave like block ciphers in that you can only process a partial block at the very end. For these ciphers the block size will continue to be set to 1 as it is now while the chunk size will be set to the underlying block size. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-05T15:05:26Z Salvatore Benedetto salvatore.benedetto@intel.com 2016-07-04T16:21:38Z urn:sha1:8be0b84e58a9b07c314f920792926c5c5a53d3da When parsing a private key, store all non-optional fields. These are required for enabling CRT mode for decrypt and verify Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-06-23T10:29:56Z Salvatore Benedetto salvatore.benedetto@intel.com 2016-06-22T16:49:13Z urn:sha1:4e5f2c400765e3a3ce512dc1ae890bac53401798 Add key-agreement protocol primitives (kpp) API which allows to implement primitives required by protocols such as DH and ECDH. The API is composed mainly by the following functions * set_secret() - It allows the user to set his secret, also referred to as his private key, along with the parameters known to both parties involved in the key-agreement session. * generate_public_key() - It generates the public key to be sent to the other counterpart involved in the key-agreement session. The function has to be called after set_params() and set_secret() * generate_secret() - It generates the shared secret for the session Other functions such as init() and exit() are provided for allowing cryptographic hardware to be inizialized properly before use Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-06-23T10:29:55Z Megha Dey megha.dey@linux.intel.com 2016-06-22T01:21:46Z urn:sha1:331bf739c4f9992a73547d20bd8f2378b97d386a Herbert wants the sha1-mb algorithm to have an async implementation: https://lkml.org/lkml/2016/4/5/286. Currently, sha1-mb uses an async interface for the outer algorithm and a sync interface for the inner algorithm. This patch introduces a async interface for even the inner algorithm. Signed-off-by: Megha Dey <megha.dey@linux.intel.com> Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-06-15T09:07:54Z Tudor Ambarus tudor-dan.ambarus@nxp.com 2016-06-14T13:14:58Z urn:sha1:5a7de97309f5af4458b1a25a2a529a1a893c5269 Return the raw key with no other processing so that the caller can copy it or MPI parse it, etc. The scope is to have only one ANS.1 parser for all RSA implementations. Update the RSA software implementation so that it does the MPI conversion on top. Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>