aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* crypto: async - Use kzfree for requestsHerbert Xu2009-07-11
| | | | | | | | This patch changes the kfree call to kzfree for async requests. As the request may contain sensitive data it needs to be zeroed before it can be reallocated by others. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Move null setkey check to registration timeHerbert Xu2009-07-11
| | | | | | | This patch moves the run-time null setkey check to shash_prepare_alg just like we did for finup/digest. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: padlock - Use shash fallback for shaHerbert Xu2009-07-11
| | | | | | This patch changes padlock sha fallback to shash instead of hash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sha256-s390 - Add export/import supportHerbert Xu2009-07-11
| | | | | | | | This patch adds export/import support to sha256-s390. The exported type is defined by struct sha256_state, which is basically the entire descriptor state of sha256_generic. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sha1-s390 - Add export/import supportHerbert Xu2009-07-11
| | | | | | | | This patch adds export/import support to sha1-s390. The exported type is defined by struct sha1_state, which is basically the entire descriptor state of sha1_generic. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sha256_generic - Add export/import supportHerbert Xu2009-07-11
| | | | | | | | This patch adds export/import support to sha256_generic. The exported type is defined by struct sha256_state, which is basically the entire descriptor state of sha256_generic. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sha256_generic - Use 64-bit counter like sha1Herbert Xu2009-07-11
| | | | | | | This patch replaces the two 32-bit counter code in sha256_generic with the simpler 64-bit counter code from sha1. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sha1_generic - Add export/import supportHerbert Xu2009-07-11
| | | | | | | | This patch adds export/import support to sha1_generic. The exported type is defined by struct sha1_state, which is basically the entire descriptor state of sha1_generic. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Move finup/digest null checks to registration timeHerbert Xu2009-07-11
| | | | | | | This patch moves the run-time null finup/digest checks to the shash_prepare_alg function which is run at registration time. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Export/import hash state onlyHerbert Xu2009-07-11
| | | | | | | | | | | | | This patch replaces the full descriptor export with an export of the partial hash state. This allows the use of a consistent export format across all implementations of a given algorithm. This is useful because a number of cases require the use of the partial hash state, e.g., PadLock can use the SHA1 hash state to get around the fact that it can only hash contiguous data chunks. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: api - Fix crypto_drop_spawn crash on blank spawnsHerbert Xu2009-07-08
| | | | | | | | | This patch allows crypto_drop_spawn to be called on spawns that have not been initialised or have failed initialisation. This fixes potential crashes during initialisation without adding special case code. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Add shash_instance_ctxHerbert Xu2009-07-08
| | | | | | | This patch adds the helper shash_instance_ctx which is the shash analogue of crypto_instance_ctx. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Propagate reinit return valueHerbert Xu2009-07-08
| | | | | | | This patch fixes crypto_shash_import to propagate the value returned by reinit. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Use finup in default digestHerbert Xu2009-07-08
| | | | | | This patch simplifies the default digest function by using finup. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Add __crypto_shash_castHerbert Xu2009-07-08
| | | | | | | | | | | This patch adds __crypto_shash_cast which turns a crypto_tfm into crypto_shash. It's analogous to the other __crypto_*_cast functions. It hasn't been needed until now since no existing shash algorithms have had an init function. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Add crypto_shash_ctx_alignedHerbert Xu2009-07-08
| | | | | | | This patch adds crypto_shash_ctx_aligned which will be needed by hmac after its conversion to shash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Add shash_register_instanceHerbert Xu2009-07-08
| | | | | | | | This patch adds shash_register_instance so that shash instances can be registered without bypassing the shash checks applied to normal algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Add shash_attr_alg2 helperHerbert Xu2009-07-08
| | | | | | | This patch adds the helper shash_attr_alg2 which locates a shash algorithm based on the information in the given attribute. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: api - Add crypto_attr_alg2 helperHerbert Xu2009-07-08
| | | | | | | | This patch adds the helper crypto_attr_alg2 which is similar to crypto_attr_alg but takes an extra frontend argument. This is intended to be used by new style algorithm types such as shash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Add spawn supportHerbert Xu2009-07-08
| | | | | | | This patch adds the functions needed to create and use shash spawns, i.e., to use shash algorithms in a template. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: api - Add new style spawn supportHerbert Xu2009-07-08
| | | | | | | | | This patch modifies the spawn infrastructure to support new style algorithms like shash. In particular, this means storing the frontend type in the spawn and using crypto_create_tfm to allocate the tfm. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: shash - Add shash_instanceHerbert Xu2009-07-08
| | | | | | | | | This patch adds shash_instance and the associated alloc/free functions. This is meant to be an instance that with a shash algorithm under it. Note that the instance itself doesn't have to be shash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: api - Add crypto_alloc_instance2Herbert Xu2009-07-07
| | | | | | | | | | | This patch adds a new argument to crypto_alloc_instance which sets aside some space before the instance for use by algorithms such as shash that place type-specific data before crypto_alg. For compatibility the function has been renamed so that existing users aren't affected. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: api - Add new template create functionHerbert Xu2009-07-07
| | | | | | | | | | | This patch introduces the template->create function intended to replace the existing alloc function. The intention is for create to handle the registration directly, whereas currently the caller of alloc has to handle the registration. This allows type-specific code to be run prior to registration. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ansi_prng - alloc cipher just in initSebastian Andrzej Siewior2009-07-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As reported by Eric Sesterhenn the re-allocation of the cipher in reset leads to: |BUG: sleeping function called from invalid context at kernel/rwsem.c:21 |in_atomic(): 1, irqs_disabled(): 0, pid: 4926, name: modprobe |INFO: lockdep is turned off. |Pid: 4926, comm: modprobe Tainted: G M 2.6.31-rc1-22297-g5298976 #24 |Call Trace: | [<c011dd93>] __might_sleep+0xf9/0x101 | [<c0777aa0>] down_read+0x16/0x68 | [<c048bf04>] crypto_alg_lookup+0x16/0x34 | [<c048bf52>] crypto_larval_lookup+0x30/0xf9 | [<c048c038>] crypto_alg_mod_lookup+0x1d/0x62 | [<c048c13e>] crypto_alloc_base+0x1e/0x64 | [<c04bf991>] reset_prng_context+0xab/0x13f | [<c04e5cfc>] ? __spin_lock_init+0x27/0x51 | [<c04bfce1>] cprng_init+0x2a/0x42 | [<c048bb4c>] __crypto_alloc_tfm+0xfa/0x128 | [<c048c153>] crypto_alloc_base+0x33/0x64 | [<c04933c9>] alg_test_cprng+0x30/0x1f4 | [<c0493329>] alg_test+0x12f/0x19f | [<c0177f1f>] ? __alloc_pages_nodemask+0x14d/0x481 | [<d09219e2>] do_test+0xf9d/0x163f [tcrypt] | [<d0920de6>] do_test+0x3a1/0x163f [tcrypt] | [<d0926035>] tcrypt_mod_init+0x35/0x7c [tcrypt] | [<c010113c>] _stext+0x54/0x12c | [<d0926000>] ? tcrypt_mod_init+0x0/0x7c [tcrypt] | [<c01398a3>] ? up_read+0x16/0x2b | [<c0139fc4>] ? __blocking_notifier_call_chain+0x40/0x4c | [<c014ee8d>] sys_init_module+0xa9/0x1bf | [<c010292b>] sysenter_do_call+0x12/0x32 because a spin lock is held and crypto_alloc_base() may sleep. There is no reason to re-allocate the cipher, the state is resetted in ->setkey(). This patches makes the cipher allocation a one time thing and moves it to init. Reported-by: Eric Sesterhenn <eric.sesterhenn@lsexperts.de> Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ansi_prng - Use just a BH lockSebastian Andrzej Siewior2009-07-03
| | | | | | | | | | | | The current code uses a mix of sping_lock() & spin_lock_irqsave(). This can lead to deadlock with the correct timming & cprng_get_random() + cprng_reset() sequence. I've converted them to bottom half locks since all three user grab just a BH lock so this runs probably in softirq :) Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Allow implementation-specific testsHerbert Xu2009-07-02
| | | | | | | | This patch adds the support for testing specific implementations. This should only be used in very specific situations. Right now this means specific implementations of random number generators. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: skcipher - Change default sync geniv on SMP to eseqivHerbert Xu2009-06-25
| | | | | | | | | | | | | | | | | As it stands we use chainiv for sync algorithms and eseqiv for async algorithms. However, when there is more than one CPU chainiv forces all processing to be serialised which is usually not what you want. Also, the added overhead of eseqiv isn't that great. Therefore this patch changes the default sync geniv on SMP machines to eseqiv. For the odd situation where the overhead is unacceptable then chainiv is still available as an option. Note that on UP machines chainiv is still preferred over eseqiv for sync algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: skcipher - Fix request for sync algorithmsHerbert Xu2009-06-25
| | | | | | | | | | | When a sync givcipher algorithm is requested, if an async version of the same algorithm already exists, then we will loop forever without ever constructing the sync version based on a blkcipher. This is because we did not include the requested type/mask when getting a larval for the geniv algorithm that is to be constructed. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* hwrng: Use PCI_VDEVICEJoe Perches2009-06-25
| | | | | | Signed-off-by: Joe Perches <joe@perches.com> Acked-by: Matt Mackall <mpm@selenic.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Remove hash size checkHerbert Xu2009-06-24
| | | | | | | Until hash test vectors grow longer than 256 bytes, the only purpose of the check is to generate a gcc warning. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aes-ni - Don't print message with KERN_ERR on old systemRoland Dreier2009-06-24
| | | | | | | | | | | | | | | When the aes-intel module is loaded on a system that does not have the AES instructions, it prints Intel AES-NI instructions are not detected. at level KERN_ERR. Since aes-intel is aliased to "aes" it will be tried whenever anything uses AES and spam the console. This doesn't match existing practice for how to handle "no hardware" when initializing a module, so downgrade the message to KERN_INFO. Signed-off-by: Roland Dreier <rolandd@cisco.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: fips - Select CPRNGNeil Horman2009-06-21
| | | | | | | | The ANSI CPRNG has no dependence on FIPS support. FIPS support however, requires the use of the CPRNG. Adjust that depedency relationship in Kconfig. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: tcrypt - Fix module return code when testing by nameHerbert Xu2009-06-19
| | | | | | We should return 0/-ENOENT instead of 1/0 when testing by name. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ansi_cprng - Do not select FIPSHerbert Xu2009-06-19
| | | | | | The RNG should work with FIPS disabled. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: tcrypt - Test algorithms by nameSteffen Klassert2009-06-19
| | | | | | | | | | This adds the 'alg' module parameter to be able to test an algorithm by name. If the algorithm type is not ad-hoc clear for a algorithm (e.g. pcrypt, cryptd) it is possilbe to set the algorithm type with the 'type' module parameter. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: des_s390 - Permit weak keys unless REQ_WEAK_KEY setJarod Wilson2009-06-18
| | | | | | | | | | | | | | Just started running fips cavs test vectors through an s390x system for giggles, and discovered that I missed patching s390's arch-specific des3 implementation w/an earlier des3 patch to permit weak keys. This change adds the same flag tweaks as ad79cdd77fc1466e45cf923890f66bcfe7c43f12 (crypto: des3_ede - permit weak keys unless REQ_WEAK_KEY set) for s390's des3 implementation, yields expected test results now. Signed-off-by: Jarod Wilson <jarod@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* random: Add optional continuous repetition test to entropy store based rngsNeil Horman2009-06-18
| | | | | | | | | | | | | | | | FIPS-140 requires that all random number generators implement continuous self tests in which each extracted block of data is compared against the last block for repetition. The ansi_cprng implements such a test, but it would be nice if the hw rng's did the same thing. Obviously its not something thats always needed, but it seems like it would be a nice feature to have on occasion. I've written the below patch which allows individual entropy stores to be flagged as desiring a continuous test to be run on them as is extracted. By default this option is off, but is enabled in the event that fips mode is selected during bootup. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Acked-by: Matt Mackall <mpm@selenic.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aes-ni - Remove CRYPTO_TFM_REQ_MAY_SLEEP from fpu templateHuang Ying2009-06-18
| | | | | | | | kernel_fpu_begin/end used preempt_disable/enable, so sleep should be prevented between kernel_fpu_begin/end. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aes-ni - Do not sleep when using the FPUHuang Ying2009-06-18
| | | | | | | | | | Because AES-NI instructions will touch XMM state, corresponding code must be enclosed within kernel_fpu_begin/end, which used preempt_disable/enable. So sleep should be prevented between kernel_fpu_begin/end. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aes-ni - Fix cbc mode IV savingHuang Ying2009-06-18
| | | | | | | | Original implementation of aesni_cbc_dec do not save IV if input length % 4 == 0. This will make decryption of next block failed. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: padlock-aes - work around Nano CPU errata in CBC modeChuck Ebbert2009-06-18
| | | | | | | | | Extend previous workarounds for the prefetch bug to cover CBC mode, clean up the code a bit. Signed-off-by: Chuck Ebbert <cebbert@redhat.com> Acked-by: Harald Welte <HaraldWelte@viatech.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: padlock-aes - work around Nano CPU errata in ECB modeChuck Ebbert2009-06-18
| | | | | | | | | | | The VIA Nano processor has a bug that makes it prefetch extra data during encryption operations, causing spurious page faults. Extend existing workarounds for ECB mode to copy the data to an temporary buffer to avoid the problem. Signed-off-by: Chuck Ebbert <cebbert@redhat.com> Acked-by: Harald Welte <HaraldWelte@viatech.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* ia64: Fix resource assignment for root bussesMatthew Wilcox2009-06-17
| | | | | | | | | | | ia64 was assigning resources to root busses after allocations had been made for child busses. Calling pcibios_setup_root_windows() from pcibios_fixup_bus() solves this problem by assigning the resources to the root bus before child busses are scanned. Signed-off-by: Matthew Wilcox <willy@linux.intel.com> Tested-by: Andrew Patterson <andrew.patterson@hp.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* x86: Use pci_claim_resourceMatthew Wilcox2009-06-17
| | | | | | | | Instead of open-coding pci_find_parent_resource and request_resource, just call pci_claim_resource. Signed-off-by: Matthew Wilcox <willy@linux.intel.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* Delete pcibios_select_rootMatthew Wilcox2009-06-17
| | | | | | | | This function was only used by pci_claim_resource(), and the last commit deleted that use. Signed-off-by: Matthew Wilcox <willy@linux.intel.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* Fix pci_claim_resourceMatthew Wilcox2009-06-17
| | | | | | | | | | Instead of starting from the iomem or ioport roots, start from the parent bus' resources. This fixes a bug where child resources would appear above their parents resources if they had the same size. Signed-off-by: Matthew Wilcox <willy@linux.intel.com> Tested-by: Andrew Patterson <andrew.patterson@hp.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* Merge branch 'release' of ↵Linus Torvalds2009-06-17
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6 * 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6: [IA64] Convert ia64 to use int-ll64.h [IA64] Fix build error in paravirt_patchlist.c [IA64] ia64 does not need umount2() syscall [IA64] hook up new rt_tgsigqueueinfo syscall [IA64] msi_ia64.c dmar_msi_type should be static [IA64] remove obsolete hw_interrupt_type [IA64] remove obsolete irq_desc_t typedef [IA64] remove obsolete no_irq_type [IA64] unexport fpswa.h
| * Pull for-2.6.31 into releaseTony Luck2009-06-17
| |\
| | * [IA64] Convert ia64 to use int-ll64.hMatthew Wilcox2009-06-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It is generally agreed that it would be beneficial for u64 to be an unsigned long long on all architectures. ia64 (in common with several other 64-bit architectures) currently uses unsigned long. Migrating piecemeal is too painful; this giant patch fixes all compilation warnings and errors that come as a result of switching to use int-ll64.h. Note that userspace will still see __u64 defined as unsigned long. This is important as it affects C++ name mangling. [Updated by Tony Luck to change efi.h:efi_freemem_callback_t to use u64 for start/end rather than unsigned long] Signed-off-by: Matthew Wilcox <willy@linux.intel.com> Signed-off-by: Tony Luck <tony.luck@intel.com>