<feed xmlns='http://www.w3.org/2005/Atom'>
<title>kernel/git/stable/linux.git/drivers/crypto/caam, branch linux-4.17.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<id>https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/atom?h=linux-4.17.y</id>
<link rel='self' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/atom?h=linux-4.17.y'/>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/'/>
<updated>2018-06-16T07:18:23+00:00</updated>
<entry>
<title>crypto: caam - fix size of RSA prime factor q</title>
<updated>2018-06-16T07:18:23+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-04-27T08:40:11+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=df54a248ba581d8950b26099ec2b153f232d2cee'/>
<id>urn:sha1:df54a248ba581d8950b26099ec2b153f232d2cee</id>
<content type='text'>
commit 4bffaab373d9afaf862f3924442c33340bd26736 upstream.

Fix a typo where size of RSA prime factor q is using the size of
prime factor p.

Cc: &lt;stable@vger.kernel.org&gt; # 4.13+
Fixes: 52e26d77b8b3 ("crypto: caam - add support for RSA key form 2")
Fixes: 4a651b122adb ("crypto: caam - add support for RSA key form 3")
Reported-by: David Binderman &lt;dcb314@hotmail.com&gt;
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam/qi - fix IV DMA mapping and updating</title>
<updated>2018-06-16T07:18:23+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-03-28T12:39:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=8f643590afb7fd3d36d049af6aa38d71bd14bb93'/>
<id>urn:sha1:8f643590afb7fd3d36d049af6aa38d71bd14bb93</id>
<content type='text'>
commit 3a488aaec6f343b5dc6d94529847a840bbeaf009 upstream.

There are two IV-related issues:
(1) crypto API does not guarantee to provide an IV buffer that is DMAable,
thus it's incorrect to DMA map it
(2) for in-place decryption, since ciphertext is overwritten with
plaintext, updated IV (req-&gt;info) will contain the last block of plaintext
(instead of the last block of ciphertext)

While these two issues could be fixed separately, it's straightforward
to fix both in the same time - by using the {ablkcipher,aead}_edesc
extended descriptor to store the IV that will be fed to the crypto engine;
this allows for fixing (2) by saving req-&gt;src[last_block] in req-&gt;info
directly, i.e. without allocating yet another temporary buffer.

A side effect of the fix is that it's no longer possible to have the IV
contiguous with req-&gt;src or req-&gt;dst.
Code checking for this case is removed.

Cc: &lt;stable@vger.kernel.org&gt; # 4.14+
Fixes: a68a19380522 ("crypto: caam/qi - properly set IV after {en,de}crypt")
Link: http://lkml.kernel.org/r/20170113084620.GF22022@gondor.apana.org.au
Reported-by: Gilad Ben-Yossef &lt;gilad@benyossef.com&gt;
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam - fix IV DMA mapping and updating</title>
<updated>2018-06-16T07:18:23+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-03-28T12:39:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9136b00c6f5d37c7878b05035a89f3d0dec0d9d0'/>
<id>urn:sha1:9136b00c6f5d37c7878b05035a89f3d0dec0d9d0</id>
<content type='text'>
commit 115957bb3e59fcb226ce76b97af14533f239e0ac upstream.

There are two IV-related issues:
(1) crypto API does not guarantee to provide an IV buffer that is DMAable,
thus it's incorrect to DMA map it
(2) for in-place decryption, since ciphertext is overwritten with
plaintext, updated req-&gt;info will contain the last block of plaintext
(instead of the last block of ciphertext)

While these two issues could be fixed separately, it's straightforward
to fix both in the same time - by allocating extra space in the
ablkcipher_edesc for the IV that will be fed to the crypto engine;
this allows for fixing (2) by saving req-&gt;src[last_block] in req-&gt;info
directly, i.e. without allocating another temporary buffer.

A side effect of the fix is that it's no longer possible to have the IV
and req-&gt;src contiguous. Code checking for this case is removed.

Cc: &lt;stable@vger.kernel.org&gt; # 4.13+
Fixes: 854b06f76879 ("crypto: caam - properly set IV after {en,de}crypt")
Link: http://lkml.kernel.org/r/20170113084620.GF22022@gondor.apana.org.au
Reported-by: Gilad Ben-Yossef &lt;gilad@benyossef.com&gt;
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam - fix DMA mapping dir for generated IV</title>
<updated>2018-06-16T07:18:23+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-03-28T12:39:17+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=4f2fa31f93c7c58a7598644d402773503b31ec3b'/>
<id>urn:sha1:4f2fa31f93c7c58a7598644d402773503b31ec3b</id>
<content type='text'>
commit a38acd236cac914aafffd80af79b9556fc2c3934 upstream.

In case of GIVCIPHER, IV is generated by the device.
Fix the DMA mapping direction.

Cc: &lt;stable@vger.kernel.org&gt; # 3.19+
Fixes: 7222d1a34103 ("crypto: caam - add support for givencrypt cbc(aes) and rfc3686(ctr(aes))")
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam - strip input zeros from RSA input buffer</title>
<updated>2018-06-16T07:18:23+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-04-16T13:07:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=2f8b123b08e05f534b29441ca785b1989687f97b'/>
<id>urn:sha1:2f8b123b08e05f534b29441ca785b1989687f97b</id>
<content type='text'>
commit 8a2a0dd35f2e54c023d9041a5428b6c5639af86c upstream.

Sometimes the provided RSA input buffer provided is not stripped
of leading zeros. This could cause its size to be bigger than that
of the modulus, making the HW complain:

caam_jr 2142000.jr1: 40000789: DECO: desc idx 7:
Protocol Size Error - A protocol has seen an error in size. When
running RSA, pdb size N &lt; (size of F) when no formatting is used; or
pdb size N &lt; (F + 11) when formatting is used.

Fix the problem by stripping off the leading zero from input data
before feeding it to the CAAM accelerator.

Fixes: 8c419778ab57e ("crypto: caam - add support for RSA algorithm")
Cc: &lt;stable@vger.kernel.org&gt; # 4.8+
Reported-by: Martin Townsend &lt;mtownsend1973@gmail.com&gt;
Link: https://lkml.kernel.org/r/CABatt_ytYORYKtApcB4izhNanEKkGFi9XAQMjHi_n-8YWoCRiw@mail.gmail.com
Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Tested-by: Fabio Estevam &lt;fabio.estevam@nxp.com&gt;
Reviewed-by: Tudor Ambarus &lt;tudor.ambarus@microchip.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: caam/qi - don't leak pointers to authenc keys</title>
<updated>2018-03-30T17:33:12+00:00</updated>
<author>
<name>Tudor-Dan Ambarus</name>
<email>tudor.ambarus@microchip.com</email>
</author>
<published>2018-03-23T10:42:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=cc4ccaafcbddb88d661143c779af08d4ed8798ae'/>
<id>urn:sha1:cc4ccaafcbddb88d661143c779af08d4ed8798ae</id>
<content type='text'>
In caam/qi's aead_setkey we save pointers to the authenc keys in
a local variable of type struct crypto_authenc_keys and we don't
zeroize it after use. Fix this and don't leak pointers to the
authenc keys.

Signed-off-by: Tudor Ambarus &lt;tudor.ambarus@microchip.com&gt;
Reviewed-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: caam - don't leak pointers to authenc keys</title>
<updated>2018-03-30T17:33:11+00:00</updated>
<author>
<name>Tudor-Dan Ambarus</name>
<email>tudor.ambarus@microchip.com</email>
</author>
<published>2018-03-23T10:42:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=61dab9726050b0ffa826f1b540e9518768914b76'/>
<id>urn:sha1:61dab9726050b0ffa826f1b540e9518768914b76</id>
<content type='text'>
In caam's aead_setkey we save pointers to the authenc keys in a
local variable of type struct crypto_authenc_keys and we don't
zeroize it after use. Fix this and don't leak pointers to the
authenc keys.

Signed-off-by: Tudor Ambarus &lt;tudor.ambarus@microchip.com&gt;
Reviewed-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: caam - do not use mem and emi_slow clock for imx7x</title>
<updated>2018-03-02T16:03:40+00:00</updated>
<author>
<name>Rui Miguel Silva</name>
<email>rui.silva@linaro.org</email>
</author>
<published>2018-02-22T14:22:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=699e491bac84a2069c7abeacf2f4367ecb19fa9c'/>
<id>urn:sha1:699e491bac84a2069c7abeacf2f4367ecb19fa9c</id>
<content type='text'>
I.MX7x only use two clocks for the CAAM module, so make sure we do not try to
use the mem and the emi_slow clock when running in that imx7d and imx7s machine
type.

Cc: "Horia Geantă" &lt;horia.geanta@nxp.com&gt;
Cc: Aymen Sghaier &lt;aymen.sghaier@nxp.com&gt;
Cc: Fabio Estevam &lt;fabio.estevam@nxp.com&gt;
Cc: Peng Fan &lt;peng.fan@nxp.com&gt;
Cc: "David S. Miller" &lt;davem@davemloft.net&gt;
Cc: Lukas Auer &lt;lukas.auer@aisec.fraunhofer.de&gt;
Signed-off-by: Rui Miguel Silva &lt;rui.silva@linaro.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: caam - Fix null dereference at error path</title>
<updated>2018-03-02T16:03:39+00:00</updated>
<author>
<name>Rui Miguel Silva</name>
<email>rui.silva@linaro.org</email>
</author>
<published>2018-02-22T14:22:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=b85149f6f5d5a9279f29a73b2e95342f4d465e73'/>
<id>urn:sha1:b85149f6f5d5a9279f29a73b2e95342f4d465e73</id>
<content type='text'>
caam_remove already removes the debugfs entry, so we need to remove the one
immediately before calling caam_remove.

This fix a NULL dereference at error paths is caam_probe fail.

Fixes: 67c2315def06 ("crypto: caam - add Queue Interface (QI) backend support")

Tested-by: Ryan Harkin &lt;ryan.harkin@linaro.org&gt;
Cc: "Horia Geantă" &lt;horia.geanta@nxp.com&gt;
Cc: Aymen Sghaier &lt;aymen.sghaier@nxp.com&gt;
Cc: Fabio Estevam &lt;fabio.estevam@nxp.com&gt;
Cc: Peng Fan &lt;peng.fan@nxp.com&gt;
Cc: "David S. Miller" &lt;davem@davemloft.net&gt;
Cc: Lukas Auer &lt;lukas.auer@aisec.fraunhofer.de&gt;
Cc: &lt;stable@vger.kernel.org&gt; # 4.12+
Reviewed-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Rui Miguel Silva &lt;rui.silva@linaro.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: caam/qi - add GCM support</title>
<updated>2018-02-15T15:26:55+00:00</updated>
<author>
<name>Horia Geantă</name>
<email>horia.geanta@nxp.com</email>
</author>
<published>2018-01-29T08:38:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=d3e41b50b46b5ee26793c9c28ccc2d3e45f4f9cc'/>
<id>urn:sha1:d3e41b50b46b5ee26793c9c28ccc2d3e45f4f9cc</id>
<content type='text'>
Add support for AES working in Galois Counter Mode.
The following algorithms are added:
gcm(aes)
rfc4106(gcm(aes))
rfc4543(gcm(aes))

There is a limitation related to IV size, similar to the one present in
SW implementation (crypto/gcm.c):
The only IV size allowed is 12 bytes. It will be padded by HW to the right
with 0x0000_0001 (up to 16 bytes - AES block size), according to the
GCM specification.

Signed-off-by: Horia Geantă &lt;horia.geanta@nxp.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
</feed>
