Hosts the 0x221E linux distro kernel. https://universe.0xinfinity.dev/distro/kernel/atom?h=0x221E-v0.0-v7.0 2023-08-11T11:19:27Z 2023-08-11T11:19:27Z Herbert Xu herbert@gondor.apana.org.au 2023-08-04T09:24:34Z urn:sha1:2a598d0b2800aa23ba51adcf060cec524aaa63b2 As lib/mpi is mostly used by crypto code, move it under lib/crypto so that patches touching it get directed to the right mailing list. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2023-01-06T09:15:46Z Herbert Xu herbert@gondor.apana.org.au 2022-12-27T14:27:39Z urn:sha1:7361d1bc307b926cbca214ab67b641123c2d6357 The helper mpi_read_raw_from_sgl sets the number of entries in the SG list according to nbytes. However, if the last entry in the SG list contains more data than nbytes, then it may overrun the buffer because it only allocates enough memory for nbytes. Fixes: 2d4d1eea540b ("lib/mpi: Add mpi sgl helpers") Reported-by: Roberto Sassu <roberto.sassu@huaweicloud.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2021-07-01T18:06:05Z Zhen Lei thunder.leizhen@huawei.com 2021-07-01T01:55:58Z urn:sha1:478485f6c0e5936b62c0c9393a865bfb00f037a5 Fix some spelling mistakes in comments: flaged ==> flagged bufer ==> buffer multipler ==> multiplier MULTIPLER ==> MULTIPLIER leaset ==> least chnage ==> change Link: https://lkml.kernel.org/r/20210604074401.12198-1-thunder.leizhen@huawei.com Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2020-09-25T07:48:53Z Tianjia Zhang tianjia.zhang@linux.alibaba.com 2020-09-20T16:20:55Z urn:sha1:a8ea8bdd9df92a0e5db5b43900abb7a288b8a53e Expand the mpi library based on libgcrypt, and the ECC algorithm of mpi based on libgcrypt requires these functions. Some other algorithms will be developed based on mpi ecc, such as SM2. Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Tested-by: Xufeng Zhang <yunbo.xufeng@linux.alibaba.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2017-08-22T06:45:01Z Stephan Mueller smueller@chronox.de 2017-08-10T06:06:18Z urn:sha1:dea3eb8b452e36cf2dd572b0a797915ccf452ae6 Using sg_miter_start and sg_miter_next, the buffer of an SG is kmap'ed to *buff. The current code calls sg_miter_stop (and thus kunmap) on the SG entry before the last access of *buff. The patch moves the sg_miter_stop call after the last access to *buff to ensure that the memory pointed to by *buff is still mapped. Fixes: 4816c9406430 ("lib/mpi: Fix SG miter leak") Cc: <stable@vger.kernel.org> Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-29T10:30:16Z Herbert Xu herbert@gondor.apana.org.au 2016-07-28T05:29:17Z urn:sha1:4816c9406430d0d3d4fa58a212a7a869d429b315 In mpi_read_raw_from_sgl we may leak the SG miter resouces after reading the leading zeroes. This patch fixes this by stopping the iteration once the leading zeroes have been read. Fixes: 127827b9c295 ("lib/mpi: Do not do sg_virt") Reported-by: Nicolai Stange <nicstange@gmail.com> Tested-by: Nicolai Stange <nicstange@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-01T15:45:18Z Herbert Xu herbert@gondor.apana.org.au 2016-06-29T11:32:22Z urn:sha1:127827b9c295db35fa7e49d00ac5d14faeda9461 Currently the mpi SG helpers use sg_virt which is completely broken. It happens to work with normal kernel memory but will fail with anything that is not linearly mapped. This patch fixes this by using the SG iterator helpers. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-01T15:45:18Z Herbert Xu herbert@gondor.apana.org.au 2016-06-29T11:32:21Z urn:sha1:9b45b7bba3d22de52e09df63c50f390a193a3f53 Every implementation of RSA that we have naturally generates output with leading zeroes. The one and only user of RSA, pkcs1pad wants to have those leading zeroes in place, in fact because they are currently absent it has to write those zeroes itself. So we shouldn't be stripping leading zeroes in the first place. In fact this patch makes rsa-generic produce output with fixed length so that pkcs1pad does not need to do any extra work. This patch also changes DH to use the new interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-05-31T08:42:01Z Nicolai Stange nicstange@gmail.com 2016-05-26T21:19:55Z urn:sha1:20b5b7f3c2df2fb69b3b27dc83314b8891614ba5 mpi_read_from_buffer() and mpi_read_raw_data() do basically the same thing except that the former extracts the number of payload bits from the first two bytes of the input buffer. Besides that, the data copying logic is exactly the same. Replace the open coded buffer to MPI instance conversion by a call to mpi_read_raw_data(). Signed-off-by: Nicolai Stange <nicstange@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2016-05-31T08:42:00Z Nicolai Stange nicstange@gmail.com 2016-05-26T21:19:54Z urn:sha1:cdf24b42c6740ec429e85a8405e5e917abac8595 The first two bytes of the input buffer encode its expected length and mpi_read_from_buffer() prints a console message if the given buffer is too short. However, there are some oddities with how this message is printed: - It is printed at the default loglevel. This is different from the one used in the case that the first two bytes' value is unsupportedly large, i.e. KERN_INFO. - The format specifier '%d' is used for unsigned ints. - It prints the values of nread and *ret_nread. This is redundant since the former is always the latter + 1. Clean this up as follows: - Use pr_info() rather than printk() with no loglevel. - Use the format specifiers '%u' in place if '%d'. - Do not print the redundant 'nread' but the more helpful 'nbytes' value. Signed-off-by: Nicolai Stange <nicstange@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>