Hosts the 0x221E linux distro kernel. https://universe.0xinfinity.dev/distro/kernel/atom?h=linux-4.16.y 2018-05-25T14:46:13Z 2018-05-25T14:46:13Z Antoine Tenart antoine.tenart@bootlin.com 2018-02-13T08:26:55Z urn:sha1:7b3f61b6ba721edac9b86ca99bf7a8719c7bdead [ Upstream commit b7007dbccd92f7b8c00e590020bee542a48c6a2c ] When exiting a transformation, the cra_exit() helper is called in each driver providing one. The Inside Secure SafeXcel driver has one, which is responsible of freeing some areas and of sending one invalidation request to the crypto engine, to invalidate the context that was used during the transformation. We could see in some setups (when lots of transformations were being used with a short lifetime, and hence lots of cra_exit() calls) NULL pointer dereferences and other weird issues. All these issues were coming from accessing the tfm context. The issue is the invalidation request completion is checked using a wait_for_completion_interruptible() call in both the cipher and hash cra_exit() helpers. In some cases this was interrupted while the invalidation request wasn't processed yet. And then cra_exit() returned, and its caller was freeing the tfm instance. Only then the request was being handled by the SafeXcel driver, which lead to the said issues. This patch fixes this by using wait_for_completion() calls in these specific cases. Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-05-25T14:46:13Z Antoine Tenart antoine.tenart@bootlin.com 2018-02-13T08:26:51Z urn:sha1:a814727161d8c6d4d270f8e8b893ea284e71cf9a [ Upstream commit e1d24c0bb76648cdf789b168defb6e31adb0b1b1 ] This patch fixes the Inside Secure SafeXcel driver not to overwrite the interrupt threshold value. In certain cases the value of this register, which controls when to fire an interrupt, was overwritten. This lead to packet not being processed or acked as the driver never was aware of their completion. This patch fixes this behaviour by not setting the threshold when requests are being processed by the engine. Fixes: dc7e28a3286e ("crypto: inside-secure - dequeue all requests at once") Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-05-25T14:46:13Z Antoine Tenart antoine.tenart@bootlin.com 2018-02-13T08:26:52Z urn:sha1:1f47bc2630460404af17fca234d933aba3f0bf30 [ Upstream commit c1a8fa6e240ed4b99778d48ab790743565cb61c8 ] This patch fixes the extra cache computation when the queued data is a multiple of a block size. This fixes the hash support in some cases. Fixes: 809778e02cd4 ("crypto: inside-secure - fix hash when length is a multiple of a block") Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-05-25T14:46:13Z Antoine Tenart antoine.tenart@bootlin.com 2018-02-13T08:26:53Z urn:sha1:0b67bf7627028df8f8cd3fa7100a4777f386792b [ Upstream commit 666a9c70b04fccabde5cea5e680ae1ae92460a62 ] This patch fixes the cache length computation as cache_len could end up being a negative value. The check between the queued size and the block size is updated to reflect the caching mechanism which can cache up to a full block size (included!). Fixes: 809778e02cd4 ("crypto: inside-secure - fix hash when length is a multiple of a block") Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-05-25T14:46:12Z Antoine Tenart antoine.tenart@bootlin.com 2018-02-13T08:26:54Z urn:sha1:d6c794cb4cf8a2fb386ea7ba2f9ed7855ad48def [ Upstream commit 95831ceafc0de7d94a5fe86ebb1c2042317cc2cd ] This patch adds a check in the SafeXcel dequeue function, to avoid processing request further if no hardware command was issued. This can happen in certain cases where the ->send() function caches all the data that would have been send. Fixes: 809778e02cd4 ("crypto: inside-secure - fix hash when length is a multiple of a block") Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-05-25T14:46:12Z Antoine Tenart antoine.tenart@bootlin.com 2018-02-26T13:45:12Z urn:sha1:b8c6ebab1afaed4b041cd7854da324e3ea0d7ae8 [ Upstream commit 4dc5475ae0375ea4f9283dfd9b2ddc91b20d4c4b ] This patch updates the safexcel_hmac_init_pad() function to also wait for completion when the digest return code is -EBUSY, as it would mean the request is in the backlog to be processed later. Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-05-25T14:46:12Z Antoine Tenart antoine.tenart@bootlin.com 2018-03-19T08:21:13Z urn:sha1:f03136a54b7992e82f85e37d6894d9163c72c9f9 [ Upstream commit b869648c060fbb00bf6578d13cbe83e6f85914bc ] This patches moves the digest information from the transformation context to the request context. This fixes cases where HMAC init functions were called and override the digest value for a short period of time, as the HMAC init functions call the SHA init one which reset the value. This lead to a small percentage of HMAC being incorrectly computed under heavy load. Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> [Ofer here did all the work, from seeing the issue to understanding the root cause. I only made the patch.] Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-04-08T12:29:50Z Gregory CLEMENT gregory.clement@bootlin.com 2018-03-13T16:48:40Z urn:sha1:3819c95fec54f7ce2e07336dbfd641c1b2b52425 commit f962eb46e7a9b98a58d2483f5eb216e738fec732 upstream. In this driver the clock is got but never put when the driver is removed or if there is an error in the probe. Using the managed version of clk_get() allows to let the kernel take care of it. Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") cc: stable@vger.kernel.org Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-01-25T14:10:28Z Colin Ian King colin.king@canonical.com 2018-01-16T07:41:58Z urn:sha1:059bfd1171069025dc134a95f7fcce27483fba41 The function safexcel_try_push_requests is local to the source and does not need to be in global scope, so make it static. Cleans up sparse warning: symbol 'safexcel_try_push_requests' was not declared. Should it be static? Signed-off-by: Colin Ian King <colin.king@canonical.com> [Antoine: fixed alignment] Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2018-01-05T07:43:06Z Antoine Ténart antoine.tenart@free-electrons.com 2017-12-26T16:21:17Z urn:sha1:809778e02cd45d0625439fee67688f655627bb3c This patch fixes the hash support in the SafeXcel driver when the update size is a multiple of a block size, and when a final call is made just after with a size of 0. In such cases the driver should cache the last block from the update to avoid handling 0 length data on the final call (that's a hardware limitation). Cc: stable@vger.kernel.org Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>