<feed xmlns='http://www.w3.org/2005/Atom'>
<title>kernel/git/stable/linux.git/drivers/crypto/caam, branch linux-4.16.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<id>https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/atom?h=linux-4.16.y</id>
<link rel='self' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/atom?h=linux-4.16.y'/>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/'/>
<updated>2018-06-16T07:43:45+00:00</updated>
<entry>
<title>crypto: caam - fix size of RSA prime factor q</title>
<updated>2018-06-16T07:43:45+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-04-27T08:40:11+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=236fb6cb6bd0f0857acb2a10302ce66d50c00afd'/>
<id>urn:sha1:236fb6cb6bd0f0857acb2a10302ce66d50c00afd</id>
<content type='text'>
commit 4bffaab373d9afaf862f3924442c33340bd26736 upstream.

Fix a typo where size of RSA prime factor q is using the size of
prime factor p.

Cc: &lt;stable@vger.kernel.org&gt; # 4.13+
Fixes: 52e26d77b8b3 ("crypto: caam - add support for RSA key form 2")
Fixes: 4a651b122adb ("crypto: caam - add support for RSA key form 3")
Reported-by: David Binderman &lt;dcb314@hotmail.com&gt;
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam/qi - fix IV DMA mapping and updating</title>
<updated>2018-06-16T07:43:45+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-03-28T12:39:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=12603dec963c20effd1e9b09a85a329c761503a1'/>
<id>urn:sha1:12603dec963c20effd1e9b09a85a329c761503a1</id>
<content type='text'>
commit 3a488aaec6f343b5dc6d94529847a840bbeaf009 upstream.

There are two IV-related issues:
(1) crypto API does not guarantee to provide an IV buffer that is DMAable,
thus it's incorrect to DMA map it
(2) for in-place decryption, since ciphertext is overwritten with
plaintext, updated IV (req-&gt;info) will contain the last block of plaintext
(instead of the last block of ciphertext)

While these two issues could be fixed separately, it's straightforward
to fix both in the same time - by using the {ablkcipher,aead}_edesc
extended descriptor to store the IV that will be fed to the crypto engine;
this allows for fixing (2) by saving req-&gt;src[last_block] in req-&gt;info
directly, i.e. without allocating yet another temporary buffer.

A side effect of the fix is that it's no longer possible to have the IV
contiguous with req-&gt;src or req-&gt;dst.
Code checking for this case is removed.

Cc: &lt;stable@vger.kernel.org&gt; # 4.14+
Fixes: a68a19380522 ("crypto: caam/qi - properly set IV after {en,de}crypt")
Link: http://lkml.kernel.org/r/20170113084620.GF22022@gondor.apana.org.au
Reported-by: Gilad Ben-Yossef &lt;gilad@benyossef.com&gt;
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam - fix IV DMA mapping and updating</title>
<updated>2018-06-16T07:43:45+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-03-28T12:39:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=139cfd6df3470f80b61cda0a1e6eaa26643ff1b3'/>
<id>urn:sha1:139cfd6df3470f80b61cda0a1e6eaa26643ff1b3</id>
<content type='text'>
commit 115957bb3e59fcb226ce76b97af14533f239e0ac upstream.

There are two IV-related issues:
(1) crypto API does not guarantee to provide an IV buffer that is DMAable,
thus it's incorrect to DMA map it
(2) for in-place decryption, since ciphertext is overwritten with
plaintext, updated req-&gt;info will contain the last block of plaintext
(instead of the last block of ciphertext)

While these two issues could be fixed separately, it's straightforward
to fix both in the same time - by allocating extra space in the
ablkcipher_edesc for the IV that will be fed to the crypto engine;
this allows for fixing (2) by saving req-&gt;src[last_block] in req-&gt;info
directly, i.e. without allocating another temporary buffer.

A side effect of the fix is that it's no longer possible to have the IV
and req-&gt;src contiguous. Code checking for this case is removed.

Cc: &lt;stable@vger.kernel.org&gt; # 4.13+
Fixes: 854b06f76879 ("crypto: caam - properly set IV after {en,de}crypt")
Link: http://lkml.kernel.org/r/20170113084620.GF22022@gondor.apana.org.au
Reported-by: Gilad Ben-Yossef &lt;gilad@benyossef.com&gt;
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam - fix DMA mapping dir for generated IV</title>
<updated>2018-06-16T07:43:45+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-03-28T12:39:17+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e7a076f2fdd03955737a979aa918f177b33e2685'/>
<id>urn:sha1:e7a076f2fdd03955737a979aa918f177b33e2685</id>
<content type='text'>
commit a38acd236cac914aafffd80af79b9556fc2c3934 upstream.

In case of GIVCIPHER, IV is generated by the device.
Fix the DMA mapping direction.

Cc: &lt;stable@vger.kernel.org&gt; # 3.19+
Fixes: 7222d1a34103 ("crypto: caam - add support for givencrypt cbc(aes) and rfc3686(ctr(aes))")
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam - strip input zeros from RSA input buffer</title>
<updated>2018-06-16T07:43:45+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-04-16T13:07:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ebb536c0e35b3d06090db5f75e2b810ccc7abde9'/>
<id>urn:sha1:ebb536c0e35b3d06090db5f75e2b810ccc7abde9</id>
<content type='text'>
commit 8a2a0dd35f2e54c023d9041a5428b6c5639af86c upstream.

Sometimes the provided RSA input buffer provided is not stripped
of leading zeros. This could cause its size to be bigger than that
of the modulus, making the HW complain:

caam_jr 2142000.jr1: 40000789: DECO: desc idx 7:
Protocol Size Error - A protocol has seen an error in size. When
running RSA, pdb size N &lt; (size of F) when no formatting is used; or
pdb size N &lt; (F + 11) when formatting is used.

Fix the problem by stripping off the leading zero from input data
before feeding it to the CAAM accelerator.

Fixes: 8c419778ab57e ("crypto: caam - add support for RSA algorithm")
Cc: &lt;stable@vger.kernel.org&gt; # 4.8+
Reported-by: Martin Townsend &lt;mtownsend1973@gmail.com&gt;
Link: https://lkml.kernel.org/r/CABatt_ytYORYKtApcB4izhNanEKkGFi9XAQMjHi_n-8YWoCRiw@mail.gmail.com
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Tested-by: Fabio Estevam &lt;fabio.estevam@nxp.com&gt;
Reviewed-by: Tudor Ambarus &lt;tudor.ambarus@microchip.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam - Fix null dereference at error path</title>
<updated>2018-04-08T12:29:50+00:00</updated>
<author>
<name>Rui Miguel Silva</name>
<email>rui.silva@linaro.org</email>
</author>
<published>2018-02-22T14:22:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ea75f4729c736147667b86b52ae4382b30a687d2'/>
<id>urn:sha1:ea75f4729c736147667b86b52ae4382b30a687d2</id>
<content type='text'>
commit b85149f6f5d5a9279f29a73b2e95342f4d465e73 upstream.

caam_remove already removes the debugfs entry, so we need to remove the one
immediately before calling caam_remove.

This fix a NULL dereference at error paths is caam_probe fail.

Fixes: 67c2315def06 ("crypto: caam - add Queue Interface (QI) backend support")

Tested-by: Ryan Harkin &lt;ryan.harkin@linaro.org&gt;
Cc: "Horia Geantă" &lt;horia.geanta@nxp.com&gt;
Cc: Aymen Sghaier &lt;aymen.sghaier@nxp.com&gt;
Cc: Fabio Estevam &lt;fabio.estevam@nxp.com&gt;
Cc: Peng Fan &lt;peng.fan@nxp.com&gt;
Cc: "David S. Miller" &lt;davem@davemloft.net&gt;
Cc: Lukas Auer &lt;lukas.auer@aisec.fraunhofer.de&gt;
Cc: &lt;stable@vger.kernel.org&gt; # 4.12+
Reviewed-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Rui Miguel Silva &lt;rui.silva@linaro.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam - fix endless loop when DECO acquire fails</title>
<updated>2018-02-08T11:38:13+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-02-05T09:15:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=225ece3e7dad4cfc44cca38ce7a3a80f255ea8f1'/>
<id>urn:sha1:225ece3e7dad4cfc44cca38ce7a3a80f255ea8f1</id>
<content type='text'>
In case DECO0 cannot be acquired - i.e. run_descriptor_deco0() fails
with -ENODEV, caam_probe() enters an endless loop:

run_descriptor_deco0
	ret -ENODEV
	-&gt; instantiate_rng
		-ENODEV, overwritten by -EAGAIN
		ret -EAGAIN
		-&gt; caam_probe
			-EAGAIN results in endless loop

It turns out the error path in instantiate_rng() is incorrect,
the checks are done in the wrong order.

Cc: &lt;stable@vger.kernel.org&gt; # 3.13+
Fixes: 1005bccd7a4a6 ("crypto: caam - enable instantiation of all RNG4 state handles")
Reported-by: Bryan O'Donoghue &lt;pure.logic@nexus-software.ie&gt;
Suggested-by: Auer Lukas &lt;lukas.auer@aisec.fraunhofer.de&gt;
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: caam - add Derived Key Protocol (DKP) support</title>
<updated>2017-12-28T06:56:48+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2017-12-19T10:16:07+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=7e0880b9fbbe7d21e29347020bef0b7329cb0e9d'/>
<id>urn:sha1:7e0880b9fbbe7d21e29347020bef0b7329cb0e9d</id>
<content type='text'>
Offload split key generation in CAAM engine, using DKP.
DKP is supported starting with Era 6.

Note that the way assoclen is transmitted from the job descriptor
to the shared descriptor changes - DPOVRD register is used instead
of MATH3 (where available), since DKP protocol thrashes the MATH
registers.

The replacement of MDHA split key generation with DKP has the side
effect of the crypto engine writing the authentication key, and thus
the DMA mapping direction for the buffer holding the key has to change
from DMA_TO_DEVICE to DMA_BIDIRECTIONAL.
There are two cases:
-key is inlined in descriptor - descriptor buffer mapping changes
-key is referenced - key buffer mapping changes

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: caam - save Era in driver's private data</title>
<updated>2017-12-28T06:56:47+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2017-12-19T10:16:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9fe712df08ea805868789bb6800f2226f5fd5285'/>
<id>urn:sha1:9fe712df08ea805868789bb6800f2226f5fd5285</id>
<content type='text'>
Save Era in driver's private data for further usage,
like deciding whether an erratum applies or a feature is available
based on its value.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: caam - remove needless ablkcipher key copy</title>
<updated>2017-12-28T06:56:47+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2017-12-19T10:16:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=662f70ede5975ce68a1c3524c9fa080c44a38b44'/>
<id>urn:sha1:662f70ede5975ce68a1c3524c9fa080c44a38b44</id>
<content type='text'>
ablkcipher shared descriptors are relatively small, thus there is enough
space for the key to be inlined.
Accordingly, there is no need to copy the key in ctx-&gt;key.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
</feed>
