summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2019-05-06 23:15:06 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2019-05-06 23:15:06 -0400
commit81ff5d2cba4f86cd850b9ee4a530cd221ee45aa3 (patch)
tree532847c0823dc864e3aa9da6cde863e48157eafa /security
parent7aefd944f038c7469571adb37769cb6f3924ecfa (diff)
parente59f755ceb6d6f39f90899d2a4e39c3e05837e12 (diff)
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto update from Herbert Xu: "API: - Add support for AEAD in simd - Add fuzz testing to testmgr - Add panic_on_fail module parameter to testmgr - Use per-CPU struct instead multiple variables in scompress - Change verify API for akcipher Algorithms: - Convert x86 AEAD algorithms over to simd - Forbid 2-key 3DES in FIPS mode - Add EC-RDSA (GOST 34.10) algorithm Drivers: - Set output IV with ctr-aes in crypto4xx - Set output IV in rockchip - Fix potential length overflow with hashing in sun4i-ss - Fix computation error with ctr in vmx - Add SM4 protected keys support in ccree - Remove long-broken mxc-scc driver - Add rfc4106(gcm(aes)) cipher support in cavium/nitrox" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (179 commits) crypto: ccree - use a proper le32 type for le32 val crypto: ccree - remove set but not used variable 'du_size' crypto: ccree - Make cc_sec_disable static crypto: ccree - fix spelling mistake "protedcted" -> "protected" crypto: caam/qi2 - generate hash keys in-place crypto: caam/qi2 - fix DMA mapping of stack memory crypto: caam/qi2 - fix zero-length buffer DMA mapping crypto: stm32/cryp - update to return iv_out crypto: stm32/cryp - remove request mutex protection crypto: stm32/cryp - add weak key check for DES crypto: atmel - remove set but not used variable 'alg_name' crypto: picoxcell - Use dev_get_drvdata() crypto: crypto4xx - get rid of redundant using_sd variable crypto: crypto4xx - use sync skcipher for fallback crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues crypto: crypto4xx - fix ctr-aes missing output IV crypto: ecrdsa - select ASN1 and OID_REGISTRY for EC-RDSA crypto: ux500 - use ccflags-y instead of CFLAGS_<basename>.o crypto: ccree - handle tee fips error during power management resume crypto: ccree - add function to handle cryptocell tee fips error ...
Diffstat (limited to 'security')
-rw-r--r--security/apparmor/crypto.c2
-rw-r--r--security/integrity/digsig_asymmetric.c11
-rw-r--r--security/integrity/evm/evm_crypto.c1
-rw-r--r--security/integrity/ima/ima_crypto.c4
-rw-r--r--security/keys/dh.c1
-rw-r--r--security/keys/encrypted-keys/encrypted.c1
-rw-r--r--security/keys/trusted.c1
7 files changed, 9 insertions, 12 deletions
diff --git a/security/apparmor/crypto.c b/security/apparmor/crypto.c
index af03d98c7552..baba63bc66b1 100644
--- a/security/apparmor/crypto.c
+++ b/security/apparmor/crypto.c
@@ -43,7 +43,6 @@ char *aa_calc_hash(void *data, size_t len)
43 goto fail; 43 goto fail;
44 44
45 desc->tfm = apparmor_tfm; 45 desc->tfm = apparmor_tfm;
46 desc->flags = 0;
47 46
48 error = crypto_shash_init(desc); 47 error = crypto_shash_init(desc);
49 if (error) 48 if (error)
@@ -81,7 +80,6 @@ int aa_calc_profile_hash(struct aa_profile *profile, u32 version, void *start,
81 goto fail; 80 goto fail;
82 81
83 desc->tfm = apparmor_tfm; 82 desc->tfm = apparmor_tfm;
84 desc->flags = 0;
85 83
86 error = crypto_shash_init(desc); 84 error = crypto_shash_init(desc);
87 if (error) 85 if (error)
diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c
index d775e03fbbcc..99080871eb9f 100644
--- a/security/integrity/digsig_asymmetric.c
+++ b/security/integrity/digsig_asymmetric.c
@@ -104,9 +104,16 @@ int asymmetric_verify(struct key *keyring, const char *sig,
104 104
105 memset(&pks, 0, sizeof(pks)); 105 memset(&pks, 0, sizeof(pks));
106 106
107 pks.pkey_algo = "rsa";
108 pks.hash_algo = hash_algo_name[hdr->hash_algo]; 107 pks.hash_algo = hash_algo_name[hdr->hash_algo];
109 pks.encoding = "pkcs1"; 108 if (hdr->hash_algo == HASH_ALGO_STREEBOG_256 ||
109 hdr->hash_algo == HASH_ALGO_STREEBOG_512) {
110 /* EC-RDSA and Streebog should go together. */
111 pks.pkey_algo = "ecrdsa";
112 pks.encoding = "raw";
113 } else {
114 pks.pkey_algo = "rsa";
115 pks.encoding = "pkcs1";
116 }
110 pks.digest = (u8 *)data; 117 pks.digest = (u8 *)data;
111 pks.digest_size = datalen; 118 pks.digest_size = datalen;
112 pks.s = hdr->sig; 119 pks.s = hdr->sig;
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index c37d08118af5..e11564eb645b 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -124,7 +124,6 @@ out:
124 return ERR_PTR(-ENOMEM); 124 return ERR_PTR(-ENOMEM);
125 125
126 desc->tfm = *tfm; 126 desc->tfm = *tfm;
127 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
128 127
129 rc = crypto_shash_init(desc); 128 rc = crypto_shash_init(desc);
130 if (rc) { 129 if (rc) {
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index 16a4f45863b1..a32878e10ebc 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -333,7 +333,6 @@ static int ima_calc_file_hash_tfm(struct file *file,
333 SHASH_DESC_ON_STACK(shash, tfm); 333 SHASH_DESC_ON_STACK(shash, tfm);
334 334
335 shash->tfm = tfm; 335 shash->tfm = tfm;
336 shash->flags = 0;
337 336
338 hash->length = crypto_shash_digestsize(tfm); 337 hash->length = crypto_shash_digestsize(tfm);
339 338
@@ -469,7 +468,6 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
469 int rc, i; 468 int rc, i;
470 469
471 shash->tfm = tfm; 470 shash->tfm = tfm;
472 shash->flags = 0;
473 471
474 hash->length = crypto_shash_digestsize(tfm); 472 hash->length = crypto_shash_digestsize(tfm);
475 473
@@ -591,7 +589,6 @@ static int calc_buffer_shash_tfm(const void *buf, loff_t size,
591 int rc; 589 int rc;
592 590
593 shash->tfm = tfm; 591 shash->tfm = tfm;
594 shash->flags = 0;
595 592
596 hash->length = crypto_shash_digestsize(tfm); 593 hash->length = crypto_shash_digestsize(tfm);
597 594
@@ -664,7 +661,6 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
664 SHASH_DESC_ON_STACK(shash, tfm); 661 SHASH_DESC_ON_STACK(shash, tfm);
665 662
666 shash->tfm = tfm; 663 shash->tfm = tfm;
667 shash->flags = 0;
668 664
669 rc = crypto_shash_init(shash); 665 rc = crypto_shash_init(shash);
670 if (rc != 0) 666 if (rc != 0)
diff --git a/security/keys/dh.c b/security/keys/dh.c
index 711e89d8c415..23f95dec771b 100644
--- a/security/keys/dh.c
+++ b/security/keys/dh.c
@@ -112,7 +112,6 @@ static int kdf_alloc(struct kdf_sdesc **sdesc_ret, char *hashname)
112 if (!sdesc) 112 if (!sdesc)
113 goto out_free_tfm; 113 goto out_free_tfm;
114 sdesc->shash.tfm = tfm; 114 sdesc->shash.tfm = tfm;
115 sdesc->shash.flags = 0x0;
116 115
117 *sdesc_ret = sdesc; 116 *sdesc_ret = sdesc;
118 117
diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
index 347108f660a1..1b1456b21a93 100644
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encrypted.c
@@ -333,7 +333,6 @@ static int calc_hash(struct crypto_shash *tfm, u8 *digest,
333 int err; 333 int err;
334 334
335 desc->tfm = tfm; 335 desc->tfm = tfm;
336 desc->flags = 0;
337 336
338 err = crypto_shash_digest(desc, buf, buflen, digest); 337 err = crypto_shash_digest(desc, buf, buflen, digest);
339 shash_desc_zero(desc); 338 shash_desc_zero(desc);
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index efdbf17f3915..a75b2f0f1230 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -55,7 +55,6 @@ static struct sdesc *init_sdesc(struct crypto_shash *alg)
55 if (!sdesc) 55 if (!sdesc)
56 return ERR_PTR(-ENOMEM); 56 return ERR_PTR(-ENOMEM);
57 sdesc->shash.tfm = alg; 57 sdesc->shash.tfm = alg;
58 sdesc->shash.flags = 0x0;
59 return sdesc; 58 return sdesc;
60} 59}
61 60
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-17 00:02:29 -0400