<feed xmlns='http://www.w3.org/2005/Atom'>
<title>litmus-rt.git/drivers/s390/crypto, branch test</title>
<subtitle>The LITMUS^RT kernel.</subtitle>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/'/>
<entry>
<title>s390/zcrypt: Fix invalid domain handling during ap module unload</title>
<updated>2015-05-13T07:57:29+00:00</updated>
<author>
<name>Ingo Tuchscherer</name>
<email>ingo.tuchscherer@linux.vnet.ibm.com</email>
</author>
<published>2015-04-30T13:36:48+00:00</published>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/commit/?id=f60b8d449d850ae4aa3ee4fdaefec6b7882c92f7'/>
<id>f60b8d449d850ae4aa3ee4fdaefec6b7882c92f7</id>
<content type='text'>
Added domain checking to prevent reset failures caused by invalid
domains.
Corrected removal sequence of bus attributes and device.

Reviewed-by: Harald Freudenberger &lt;freude@linux.vnet.ibm.com&gt;
Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@linux.vnet.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Added domain checking to prevent reset failures caused by invalid
domains.
Corrected removal sequence of bus attributes and device.

Reviewed-by: Harald Freudenberger &lt;freude@linux.vnet.ibm.com&gt;
Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@linux.vnet.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>s390/zcrypt: fixed ap poll timer behavior</title>
<updated>2015-04-30T11:50:35+00:00</updated>
<author>
<name>Ingo Tuchscherer</name>
<email>ingo.tuchscherer@de.ibm.com</email>
</author>
<published>2015-04-28T08:31:44+00:00</published>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/commit/?id=8cc2af7c530e320db442e6efec8c84c125c07c81'/>
<id>8cc2af7c530e320db442e6efec8c84c125c07c81</id>
<content type='text'>
The ap poll timer restart condition was wrong. Hence the poll timer
was not restarted reliable when setting a new time interval via the
poll_timeout sysfs attribute.
Added missing timer locking.

Reported-by: Thomas Gleixner &lt;tglx@linutronix.de&gt;
Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@de.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The ap poll timer restart condition was wrong. Hence the poll timer
was not restarted reliable when setting a new time interval via the
poll_timeout sysfs attribute.
Added missing timer locking.

Reported-by: Thomas Gleixner &lt;tglx@linutronix.de&gt;
Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@de.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>s390: remove test_facility(2) (== z/Architecture mode active) checks</title>
<updated>2015-03-25T10:49:37+00:00</updated>
<author>
<name>Heiko Carstens</name>
<email>heiko.carstens@de.ibm.com</email>
</author>
<published>2015-02-14T10:23:21+00:00</published>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/commit/?id=86cd741bc6ed0edf6ea0e8ec5c840cf9e3f3a7cb'/>
<id>86cd741bc6ed0edf6ea0e8ec5c840cf9e3f3a7cb</id>
<content type='text'>
Given that the kernel now always runs in 64 bit mode, it is
pointless to check if the z/Architecture mode is active.
Remove the checks.

Signed-off-by: Heiko Carstens &lt;heiko.carstens@de.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Given that the kernel now always runs in 64 bit mode, it is
pointless to check if the z/Architecture mode is active.
Remove the checks.

Signed-off-by: Heiko Carstens &lt;heiko.carstens@de.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>s390: remove 31 bit support</title>
<updated>2015-03-25T10:49:33+00:00</updated>
<author>
<name>Heiko Carstens</name>
<email>heiko.carstens@de.ibm.com</email>
</author>
<published>2015-02-12T12:08:27+00:00</published>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/commit/?id=5a79859ae0f35d25c67a03e82bf0c80592f16a39'/>
<id>5a79859ae0f35d25c67a03e82bf0c80592f16a39</id>
<content type='text'>
Remove the 31 bit support in order to reduce maintenance cost and
effectively remove dead code. Since a couple of years there is no
distribution left that comes with a 31 bit kernel.

The 31 bit kernel also has been broken since more than a year before
anybody noticed. In addition I added a removal warning to the kernel
shown at ipl for 5 minutes: a960062e5826 ("s390: add 31 bit warning
message") which let everybody know about the plan to remove 31 bit
code. We didn't get any response.

Given that the last 31 bit only machine was introduced in 1999 let's
remove the code.
Anybody with 31 bit user space code can still use the compat mode.

Signed-off-by: Heiko Carstens &lt;heiko.carstens@de.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Remove the 31 bit support in order to reduce maintenance cost and
effectively remove dead code. Since a couple of years there is no
distribution left that comes with a 31 bit kernel.

The 31 bit kernel also has been broken since more than a year before
anybody noticed. In addition I added a removal warning to the kernel
shown at ipl for 5 minutes: a960062e5826 ("s390: add 31 bit warning
message") which let everybody know about the plan to remove 31 bit
code. We didn't get any response.

Given that the last 31 bit only machine was introduced in 1999 let's
remove the code.
Anybody with 31 bit user space code can still use the compat mode.

Signed-off-by: Heiko Carstens &lt;heiko.carstens@de.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>s390/zcrypt: fixed domain scanning problem (again)</title>
<updated>2015-02-04T08:03:19+00:00</updated>
<author>
<name>Ingo Tuchscherer</name>
<email>ingo.tuchscherer@de.ibm.com</email>
</author>
<published>2015-02-02T16:50:17+00:00</published>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/commit/?id=ea96f78813823ab186e7e52122c06fb9c3cf6e20'/>
<id>ea96f78813823ab186e7e52122c06fb9c3cf6e20</id>
<content type='text'>
Older machines with more then 16 domains need a special check before
PQAP instructions can be processed. With commit 5bc334bff9a6e189 this
check was reverted by accident. This patch re-establishes the additional
code needed for checking the extended domains for older machines.

Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@de.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Older machines with more then 16 domains need a special check before
PQAP instructions can be processed. With commit 5bc334bff9a6e189 this
check was reverted by accident. This patch re-establishes the additional
code needed for checking the extended domains for older machines.

Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@de.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>s390/zcrypt: Add support for new crypto express (CEX5S) adapter.</title>
<updated>2015-01-23T14:17:14+00:00</updated>
<author>
<name>Ingo Tuchscherer</name>
<email>ingo.tuchscherer@de.ibm.com</email>
</author>
<published>2015-01-23T13:56:25+00:00</published>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/commit/?id=bdea1f1bb273383312f0eca56241794b06ed4205'/>
<id>bdea1f1bb273383312f0eca56241794b06ed4205</id>
<content type='text'>
Extends the generic cryptographic device driver (zcrypt)
to support the Crypto Express 5S adapter.

Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@de.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Extends the generic cryptographic device driver (zcrypt)
to support the Crypto Express 5S adapter.

Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@de.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>s390/zcrypt: Number of supported ap domains is not retrievable.</title>
<updated>2015-01-23T14:17:10+00:00</updated>
<author>
<name>Ingo Tuchscherer</name>
<email>ingo.tuchscherer@de.ibm.com</email>
</author>
<published>2015-01-23T12:27:04+00:00</published>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/commit/?id=5bc334bff9a6e189113140ed6dce0ce61d768943'/>
<id>5bc334bff9a6e189113140ed6dce0ce61d768943</id>
<content type='text'>
Upcoming versions of secure key management facilities (CCA and
EP11) require information about the maximum number of supported
ap domains in order to service TKE requests properly. With IBM
z13 the number of available domains (so far 16) has increased up
to 85. This number varies depending on machine types and models.
Therefore the new sysfs attribute 'ap_max_domain_id' provides
this limit of supported ap domains.  Upcoming releases for CCA
and EP11 will use this new information. Without this problem fix
it is not possible to retrieve reliable information about the
maximum number of supported ap domains. Thus, customers are not
able to perform key management for CCA and EP11 coprocessor
adapters.

Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@de.ibm.com&gt;
Signed-off-by: Harald Freudenberger &lt;freude@linux.vnet.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Upcoming versions of secure key management facilities (CCA and
EP11) require information about the maximum number of supported
ap domains in order to service TKE requests properly. With IBM
z13 the number of available domains (so far 16) has increased up
to 85. This number varies depending on machine types and models.
Therefore the new sysfs attribute 'ap_max_domain_id' provides
this limit of supported ap domains.  Upcoming releases for CCA
and EP11 will use this new information. Without this problem fix
it is not possible to retrieve reliable information about the
maximum number of supported ap domains. Thus, customers are not
able to perform key management for CCA and EP11 coprocessor
adapters.

Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@de.ibm.com&gt;
Signed-off-by: Harald Freudenberger &lt;freude@linux.vnet.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>s390/zcrypt: kernel oops at insmod of the z90crypt device driver</title>
<updated>2014-12-18T08:55:55+00:00</updated>
<author>
<name>Harald Freudenberger</name>
<email>freude@linux.vnet.ibm.com</email>
</author>
<published>2014-12-10T09:23:59+00:00</published>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/commit/?id=099eae11a8beb13e17f6b9371c7c090c61bc061d'/>
<id>099eae11a8beb13e17f6b9371c7c090c61bc061d</id>
<content type='text'>
Kernel oops caused by invalid parameter at TAPQ instruction:
On older systems where the QCI instruction is not available
all possible domains are probed via TAPQ instruction. The
range for the probe has been extended with the &gt; 16 domain
support now leading to a possible specification exception
when this instruction is called for probing higher values
within the new range. This may happen during insmod and/or
ap bus reset only on machines without a QCI instruction (z10,
z196, z114), zEC12 and newer systems are not affected.
The fix modifies the domain checking function to limit the
allowed range if no QCI info is available.

Signed-off-by: Harald Freudenberger &lt;freude@linux.vnet.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Kernel oops caused by invalid parameter at TAPQ instruction:
On older systems where the QCI instruction is not available
all possible domains are probed via TAPQ instruction. The
range for the probe has been extended with the &gt; 16 domain
support now leading to a possible specification exception
when this instruction is called for probing higher values
within the new range. This may happen during insmod and/or
ap bus reset only on machines without a QCI instruction (z10,
z196, z114), zEC12 and newer systems are not affected.
The fix modifies the domain checking function to limit the
allowed range if no QCI info is available.

Signed-off-by: Harald Freudenberger &lt;freude@linux.vnet.ibm.com&gt;
Signed-off-by: Martin Schwidefsky &lt;schwidefsky@de.ibm.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: prefix module autoloading with "crypto-"</title>
<updated>2014-11-24T14:43:57+00:00</updated>
<author>
<name>Kees Cook</name>
<email>keescook@chromium.org</email>
</author>
<published>2014-11-21T01:05:53+00:00</published>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/commit/?id=5d26a105b5a73e5635eae0629b42fa0a90e07b7b'/>
<id>5d26a105b5a73e5635eae0629b42fa0a90e07b7b</id>
<content type='text'>
This prefixes all crypto module loading with "crypto-" so we never run
the risk of exposing module auto-loading to userspace via a crypto API,
as demonstrated by Mathias Krause:

https://lkml.org/lkml/2013/3/4/70

Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This prefixes all crypto module loading with "crypto-" so we never run
the risk of exposing module auto-loading to userspace via a crypto API,
as demonstrated by Mathias Krause:

https://lkml.org/lkml/2013/3/4/70

Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>s390/zcrypt: Toleration of new crypto hardware</title>
<updated>2014-10-09T07:14:05+00:00</updated>
<author>
<name>Ingo Tuchscherer</name>
<email>ingo.tuchscherer@de.ibm.com</email>
</author>
<published>2014-10-02T12:48:46+00:00</published>
<link rel='alternate' type='text/html' href='http://rtsrv.cs.unc.edu/cgit/cgit.cgi/litmus-rt.git/commit/?id=42f4dd613fe808676126472bbe1283e452201148'/>
<id>42f4dd613fe808676126472bbe1283e452201148</id>
<content type='text'>
The zcrypt device driver will accept the new crypto adapter
in toleration mode. A new sysfs attribute 'raw_hwtype' will
expose the raw hardware type.

Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@de.ibm.com&gt;
Signed-off-by: Harald Freudenberger &lt;freude@linux.vnet.ibm.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The zcrypt device driver will accept the new crypto adapter
in toleration mode. A new sysfs attribute 'raw_hwtype' will
expose the raw hardware type.

Signed-off-by: Ingo Tuchscherer &lt;ingo.tuchscherer@de.ibm.com&gt;
Signed-off-by: Harald Freudenberger &lt;freude@linux.vnet.ibm.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
