Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.9.33 2017-04-21T07:31:23Z 2017-04-21T07:31:23Z Herbert Xu herbert@gondor.apana.org.au 2017-04-10T09:27:57Z urn:sha1:c10479591869177ae7ac0570b54ace6fbdeb57c2 commit ef0579b64e93188710d48667cb5e014926af9f1b upstream. The ahash API modifies the request's callback function in order to clean up after itself in some corner cases (unaligned final and missing finup). When the request is complete ahash will restore the original callback and everything is fine. However, when the request gets an EBUSY on a full queue, an EINPROGRESS callback is made while the request is still ongoing. In this case the ahash API will incorrectly call its own callback. This patch fixes the problem by creating a temporary request object on the stack which is used to relay EINPROGRESS back to the original completion function. This patch also adds code to preserve the original flags value. Fixes: ab6bf4e5e5e4 ("crypto: hash - Fix the pointer voodoo in...") Reported-by: Sabrina Dubroca <sd@queasysnail.net> Tested-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2016-11-30T11:46:44Z Stephan Mueller smueller@chronox.de 2016-11-29T08:45:04Z urn:sha1:5102981212454998d549273ff9847f19e97a1794 When using SGs, only heap memory (memory that is valid as per virt_addr_valid) is allowed to be referenced. The CTR DRBG used to reference the caller-provided memory directly in an SG. In case the caller provided stack memory pointers, the SG mapping is not considered to be valid. In some cases, this would even cause a paging fault. The change adds a new scratch buffer that is used unconditionally to catch the cases where the caller-provided buffer is not suitable for use in an SG. The crypto operation of the CTR DRBG produces its output with that scratch buffer and finally copies the content of the scratch buffer to the caller's buffer. The scratch buffer is allocated during allocation time of the CTR DRBG as its access is protected with the DRBG mutex. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-10-10T03:19:47Z Herbert Xu herbert@gondor.apana.org.au 2016-10-10T03:19:47Z urn:sha1:c3afafa47898e34eb49828ec4ac92bcdc81c8f0c Merge the crypto tree to pull in vmx ghash fix. 2016-10-02T14:26:40Z Marcelo Cerri marcelo.cerri@canonical.com 2016-09-28T16:42:09Z urn:sha1:a397ba829d7f8aff4c90af3704573a28ccd61a59 Move common values and types used by ghash-generic to a new header file so drivers can directly use ghash-generic as a fallback implementation. Fixes: cc333cd68dfa ("crypto: vmx - Adding GHASH routines for VMX module") Cc: stable@vger.kernel.org Signed-off-by: Marcelo Cerri <marcelo.cerri@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-09-07T13:08:27Z Corentin LABBE clabbe.montjoie@gmail.com 2016-08-31T12:02:58Z urn:sha1:4cba7cf025f35599f8de3282c8a7278ecc43eea4 The current crypto engine allow only ablkcipher_request to be enqueued. Thus denying any use of it for hardware that also handle hash algo. This patch modify the API for allowing to enqueue ciphers and hash. Since omap-aes/omap-des are the only users, this patch also convert them to the new cryptoengine API. Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-09-07T13:08:26Z Corentin LABBE clabbe.montjoie@gmail.com 2016-08-31T12:02:57Z urn:sha1:2589ad84047f1dbed741b48785680b152db2e5db This patch move the whole crypto engine API to its own header crypto/engine.h. Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-27T22:11:55Z Linus Torvalds torvalds@linux-foundation.org 2016-07-27T22:11:55Z urn:sha1:818e607b57c94ade9824dad63a96c2ea6b21baf3 Pull random driver updates from Ted Ts'o: "A number of improvements for the /dev/random driver; the most important is the use of a ChaCha20-based CRNG for /dev/urandom, which is faster, more efficient, and easier to make scalable for silly/abusive userspace programs that want to read from /dev/urandom in a tight loop on NUMA systems. This set of patches also improves entropy gathering on VM's running on Microsoft Azure, and will take advantage of a hw random number generator (if present) to initialize the /dev/urandom pool" (It turns out that the random tree hadn't been in linux-next this time around, because it had been dropped earlier as being too quiet. Oh well). * tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random: random: strengthen input validation for RNDADDTOENTCNT random: add backtracking protection to the CRNG random: make /dev/urandom scalable for silly userspace programs random: replace non-blocking pool with a Chacha20-based CRNG random: properly align get_random_int_hash random: add interrupt callback to VMBus IRQ handler random: print a warning for the first ten uninitialized random users random: initialize the non-blocking pool via add_hwgenerator_randomness() 2016-07-19T07:42:42Z Herbert Xu herbert@gondor.apana.org.au 2016-07-18T16:59:30Z urn:sha1:5c562338dea29dc09415f39676e7107fa48ce763 This patch adds a missing comment for the base parameter in struct skcipher_alg. Reported-by: kbuild test robot <fengguang.wu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-18T09:35:50Z Herbert Xu herbert@gondor.apana.org.au 2016-07-12T05:18:00Z urn:sha1:ac02725812cb3a814cfe1fdc2a8a59db073e7e66 This patch inlines the functions scatterwalk_start, scatterwalk_map and scatterwalk_done as they're all tiny and mostly used by the block cipher walker. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-18T09:35:49Z Herbert Xu herbert@gondor.apana.org.au 2016-07-12T05:17:56Z urn:sha1:4140139734459db4dffc50dad7b9e21ed79a8dd9 When hard preemption is enabled there is no need to explicitly call crypto_yield. This patch eliminates it if that is the case. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>