From 03d7db5654aefb78bf2ded62e2187833fda2a6cc Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Fri, 19 May 2017 08:53:23 +0200 Subject: crypto: hmac - add hmac IPAD/OPAD constant Many HMAC users directly use directly 0x36/0x5c values. It's better with crypto to use a name instead of directly some crypto constant. This patch simply add HMAC_IPAD_VALUE/HMAC_OPAD_VALUE defines in a new include file "crypto/hmac.h" and use them in crypto/hmac.c Signed-off-by: Corentin Labbe Signed-off-by: Herbert Xu --- include/crypto/hmac.h | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 include/crypto/hmac.h (limited to 'include') diff --git a/include/crypto/hmac.h b/include/crypto/hmac.h new file mode 100644 index 000000000000..ef09f7938204 --- /dev/null +++ b/include/crypto/hmac.h @@ -0,0 +1,7 @@ +#ifndef _CRYPTO_HMAC_H +#define _CRYPTO_HMAC_H + +#define HMAC_IPAD_VALUE 0x36 +#define HMAC_OPAD_VALUE 0x5c + +#endif /* _CRYPTO_HMAC_H */ -- cgit v1.2.3 From 284e76387c38260e834c99b010a68d75fc46b394 Mon Sep 17 00:00:00 2001 From: Rick Altherr Date: Mon, 22 May 2017 14:12:24 -0700 Subject: hw_random: timeriomem_rng: Allow setting RNG quality from platform data When a hw_random device's quality is non-zero, it will automatically be used to fill the kernel's entropy pool. Since timeriomem_rng is used by many different devices, the quality needs to be provided by platform data or device tree. Signed-off-by: Rick Altherr Signed-off-by: Herbert Xu --- drivers/char/hw_random/timeriomem-rng.c | 7 +++++++ include/linux/timeriomem-rng.h | 3 +++ 2 files changed, 10 insertions(+) (limited to 'include') diff --git a/drivers/char/hw_random/timeriomem-rng.c b/drivers/char/hw_random/timeriomem-rng.c index a0faa5f05deb..03ff5483d865 100644 --- a/drivers/char/hw_random/timeriomem-rng.c +++ b/drivers/char/hw_random/timeriomem-rng.c @@ -151,8 +151,15 @@ static int timeriomem_rng_probe(struct platform_device *pdev) dev_err(&pdev->dev, "missing period\n"); return -EINVAL; } + + if (!of_property_read_u32(pdev->dev.of_node, + "quality", &i)) + priv->rng_ops.quality = i; + else + priv->rng_ops.quality = 0; } else { period = pdata->period; + priv->rng_ops.quality = pdata->quality; } priv->period = ns_to_ktime(period * NSEC_PER_USEC); diff --git a/include/linux/timeriomem-rng.h b/include/linux/timeriomem-rng.h index 46eb27ddbfab..3e00122bcf88 100644 --- a/include/linux/timeriomem-rng.h +++ b/include/linux/timeriomem-rng.h @@ -13,4 +13,7 @@ struct timeriomem_rng_data { /* measures in usecs */ unsigned int period; + + /* bits of entropy per 1024 bits read */ + unsigned int quality; }; -- cgit v1.2.3 From c0ca1215dc92ee6a0f975c95a92fb7f9fb31e9e1 Mon Sep 17 00:00:00 2001 From: Tudor-Dan Ambarus Date: Thu, 25 May 2017 10:18:03 +0300 Subject: crypto: kpp, (ec)dh - fix typos While here, add missing argument description (ndigits). Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu --- crypto/dh.c | 4 ++-- crypto/dh_helper.c | 4 ++-- crypto/ecc.h | 8 +++++--- crypto/ecdh.c | 4 ++-- crypto/ecdh_helper.c | 4 ++-- include/crypto/dh.h | 4 ++-- include/crypto/ecdh.h | 4 ++-- include/crypto/kpp.h | 4 ++-- 8 files changed, 19 insertions(+), 17 deletions(-) (limited to 'include') diff --git a/crypto/dh.c b/crypto/dh.c index 87e3542cf1b8..7cec04985b9d 100644 --- a/crypto/dh.c +++ b/crypto/dh.c @@ -4,9 +4,9 @@ * Authors: Salvatore Benedetto * * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public Licence + * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version - * 2 of the Licence, or (at your option) any later version. + * 2 of the License, or (at your option) any later version. */ #include diff --git a/crypto/dh_helper.c b/crypto/dh_helper.c index 02db76b20d00..8ba8a3f82620 100644 --- a/crypto/dh_helper.c +++ b/crypto/dh_helper.c @@ -3,9 +3,9 @@ * Authors: Salvatore Benedetto * * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public Licence + * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version - * 2 of the Licence, or (at your option) any later version. + * 2 of the License, or (at your option) any later version. */ #include #include diff --git a/crypto/ecc.h b/crypto/ecc.h index 663d598c7406..37f438500255 100644 --- a/crypto/ecc.h +++ b/crypto/ecc.h @@ -34,9 +34,9 @@ * ecc_is_key_valid() - Validate a given ECDH private key * * @curve_id: id representing the curve to use - * @ndigits: curve number of digits + * @ndigits: curve's number of digits * @private_key: private key to be used for the given curve - * @private_key_len: private key len + * @private_key_len: private key length * * Returns 0 if the key is acceptable, a negative value otherwise */ @@ -47,9 +47,10 @@ int ecc_is_key_valid(unsigned int curve_id, unsigned int ndigits, * ecdh_make_pub_key() - Compute an ECC public key * * @curve_id: id representing the curve to use + * @ndigits: curve's number of digits * @private_key: pregenerated private key for the given curve * @private_key_len: length of private_key - * @public_key: buffer for storing the public key generated + * @public_key: buffer for storing the generated public key * @public_key_len: length of the public_key buffer * * Returns 0 if the public key was generated successfully, a negative value @@ -63,6 +64,7 @@ int ecdh_make_pub_key(const unsigned int curve_id, unsigned int ndigits, * crypto_ecdh_shared_secret() - Compute a shared secret * * @curve_id: id representing the curve to use + * @ndigits: curve's number of digits * @private_key: private key of part A * @private_key_len: length of private_key * @public_key: public key of counterpart B diff --git a/crypto/ecdh.c b/crypto/ecdh.c index 63ca33771e4e..36233077a552 100644 --- a/crypto/ecdh.c +++ b/crypto/ecdh.c @@ -4,9 +4,9 @@ * Authors: Salvator Benedetto * * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public Licence + * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version - * 2 of the Licence, or (at your option) any later version. + * 2 of the License, or (at your option) any later version. */ #include diff --git a/crypto/ecdh_helper.c b/crypto/ecdh_helper.c index 3cd8a2414e60..f05bea5fd257 100644 --- a/crypto/ecdh_helper.c +++ b/crypto/ecdh_helper.c @@ -3,9 +3,9 @@ * Authors: Salvatore Benedetto * * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public Licence + * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version - * 2 of the Licence, or (at your option) any later version. + * 2 of the License, or (at your option) any later version. */ #include #include diff --git a/include/crypto/dh.h b/include/crypto/dh.h index 6b424ad3482e..f638998fb6d0 100644 --- a/include/crypto/dh.h +++ b/include/crypto/dh.h @@ -73,9 +73,9 @@ int crypto_dh_encode_key(char *buf, unsigned int len, const struct dh *params); /** * crypto_dh_decode_key() - decode a private key * @buf: Buffer holding a packet key that should be decoded - * @len: Lenth of the packet private key buffer + * @len: Length of the packet private key buffer * @params: Buffer allocated by the caller that is filled with the - * unpacket DH private key. + * unpacked DH private key. * * The unpacking obtains the private key by pointing @p to the correct location * in @buf. Thus, both pointers refer to the same memory. diff --git a/include/crypto/ecdh.h b/include/crypto/ecdh.h index 03a64f62ba7a..1aff2a8a3a68 100644 --- a/include/crypto/ecdh.h +++ b/include/crypto/ecdh.h @@ -74,9 +74,9 @@ int crypto_ecdh_encode_key(char *buf, unsigned int len, const struct ecdh *p); /** * crypto_ecdh_decode_key() - decode a private key * @buf: Buffer holding a packet key that should be decoded - * @len: Lenth of the packet private key buffer + * @len: Length of the packet private key buffer * @p: Buffer allocated by the caller that is filled with the - * unpacket ECDH private key. + * unpacked ECDH private key. * * The unpacking obtains the private key by pointing @p to the correct location * in @buf. Thus, both pointers refer to the same memory. diff --git a/include/crypto/kpp.h b/include/crypto/kpp.h index ce8e1f79374b..c19082587950 100644 --- a/include/crypto/kpp.h +++ b/include/crypto/kpp.h @@ -53,7 +53,7 @@ struct crypto_kpp { * * @set_secret: Function invokes the protocol specific function to * store the secret private key along with parameters. - * The implementation knows how to decode thie buffer + * The implementation knows how to decode the buffer * @generate_public_key: Function generate the public key to be sent to the * counterpart. In case of error, where output is not big * enough req->dst_len will be updated to the size @@ -102,7 +102,7 @@ struct kpp_alg { * @mask: specifies the mask for the algorithm * * Allocate a handle for kpp algorithm. The returned struct crypto_kpp - * is requeried for any following API invocation + * is required for any following API invocation * * Return: allocated handle in case of success; IS_ERR() is true in case of * an error, PTR_ERR() returns the error code. -- cgit v1.2.3 From c444b8da87d16e6f9f11e15c8c873a641f7cd117 Mon Sep 17 00:00:00 2001 From: Tudor-Dan Ambarus Date: Thu, 25 May 2017 10:18:08 +0300 Subject: crypto: kpp - assume key is already set in maxsize As of now, crypto_kpp_maxsize() can not be reached without successfully setting the key for the transformation. kpp algorithm implementations check if the key was set and then return the output buffer size required for the given key. Change the return type to unsigned int and always assume that this function is called after a successful setkey of the transformation. kpp algorithm implementations will remove the check if key is not NULL and directly return the max size. Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu --- include/crypto/kpp.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/crypto/kpp.h b/include/crypto/kpp.h index c19082587950..2133d17b7156 100644 --- a/include/crypto/kpp.h +++ b/include/crypto/kpp.h @@ -79,7 +79,7 @@ struct kpp_alg { int (*generate_public_key)(struct kpp_request *req); int (*compute_shared_secret)(struct kpp_request *req); - int (*max_size)(struct crypto_kpp *tfm); + unsigned int (*max_size)(struct crypto_kpp *tfm); int (*init)(struct crypto_kpp *tfm); void (*exit)(struct crypto_kpp *tfm); @@ -323,13 +323,14 @@ static inline int crypto_kpp_compute_shared_secret(struct kpp_request *req) /** * crypto_kpp_maxsize() - Get len for output buffer * - * Function returns the output buffer size required + * Function returns the output buffer size required for a given key. + * Function assumes that the key is already set in the transformation. If this + * function is called without a setkey or with a failed setkey, you will end up + * in a NULL dereference. * * @tfm: KPP tfm handle allocated with crypto_alloc_kpp() - * - * Return: minimum len for output buffer or error code if key hasn't been set */ -static inline int crypto_kpp_maxsize(struct crypto_kpp *tfm) +static inline unsigned int crypto_kpp_maxsize(struct crypto_kpp *tfm) { struct kpp_alg *alg = crypto_kpp_alg(tfm); -- cgit v1.2.3 From 561f8e2df990a7a2859a98bd208d0f7dc932c3f7 Mon Sep 17 00:00:00 2001 From: Tudor-Dan Ambarus Date: Thu, 25 May 2017 10:18:12 +0300 Subject: crypto: akcipher - assume key is already set in maxsize As of now, crypto_akcipher_maxsize() can not be reached without successfully setting the key for the transformation. akcipher algorithm implementations check if the key was set and then return the output buffer size required for the given key. Change the return type to unsigned int and always assume that this function is called after a successful setkey of the transformation. akcipher algorithm implementations will remove the check if key is not NULL and directly return the max size. Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu --- include/crypto/akcipher.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h index c37cc59e9bf2..b5e11de4d497 100644 --- a/include/crypto/akcipher.h +++ b/include/crypto/akcipher.h @@ -98,7 +98,7 @@ struct akcipher_alg { unsigned int keylen); int (*set_priv_key)(struct crypto_akcipher *tfm, const void *key, unsigned int keylen); - int (*max_size)(struct crypto_akcipher *tfm); + unsigned int (*max_size)(struct crypto_akcipher *tfm); int (*init)(struct crypto_akcipher *tfm); void (*exit)(struct crypto_akcipher *tfm); @@ -257,13 +257,14 @@ static inline void akcipher_request_set_crypt(struct akcipher_request *req, /** * crypto_akcipher_maxsize() - Get len for output buffer * - * Function returns the dest buffer size required for a given key + * Function returns the dest buffer size required for a given key. + * Function assumes that the key is already set in the transformation. If this + * function is called without a setkey or with a failed setkey, you will end up + * in a NULL dereference. * * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher() - * - * Return: minimum len for output buffer or error code in key hasn't been set */ -static inline int crypto_akcipher_maxsize(struct crypto_akcipher *tfm) +static inline unsigned int crypto_akcipher_maxsize(struct crypto_akcipher *tfm) { struct akcipher_alg *alg = crypto_akcipher_alg(tfm); -- cgit v1.2.3 From 88d58ef891d868303acd7951cb1282c911f736ac Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Tue, 6 Jun 2017 15:44:16 +0200 Subject: crypto: engine - replace pr_xxx by dev_xxx By adding a struct device *dev to struct engine, we could store the device used at register time and so use all dev_xxx functions instead of pr_xxx. Signed-off-by: Corentin Labbe Signed-off-by: Herbert Xu --- crypto/crypto_engine.c | 23 +++++++++++++---------- include/crypto/engine.h | 1 + 2 files changed, 14 insertions(+), 10 deletions(-) (limited to 'include') diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c index 727bd5c3569e..61e7c4e02fd2 100644 --- a/crypto/crypto_engine.c +++ b/crypto/crypto_engine.c @@ -70,7 +70,7 @@ static void crypto_pump_requests(struct crypto_engine *engine, if (engine->unprepare_crypt_hardware && engine->unprepare_crypt_hardware(engine)) - pr_err("failed to unprepare crypt hardware\n"); + dev_err(engine->dev, "failed to unprepare crypt hardware\n"); spin_lock_irqsave(&engine->queue_lock, flags); engine->idling = false; @@ -99,7 +99,7 @@ static void crypto_pump_requests(struct crypto_engine *engine, if (!was_busy && engine->prepare_crypt_hardware) { ret = engine->prepare_crypt_hardware(engine); if (ret) { - pr_err("failed to prepare crypt hardware\n"); + dev_err(engine->dev, "failed to prepare crypt hardware\n"); goto req_err; } } @@ -110,14 +110,15 @@ static void crypto_pump_requests(struct crypto_engine *engine, if (engine->prepare_hash_request) { ret = engine->prepare_hash_request(engine, hreq); if (ret) { - pr_err("failed to prepare request: %d\n", ret); + dev_err(engine->dev, "failed to prepare request: %d\n", + ret); goto req_err; } engine->cur_req_prepared = true; } ret = engine->hash_one_request(engine, hreq); if (ret) { - pr_err("failed to hash one request from queue\n"); + dev_err(engine->dev, "failed to hash one request from queue\n"); goto req_err; } return; @@ -126,19 +127,20 @@ static void crypto_pump_requests(struct crypto_engine *engine, if (engine->prepare_cipher_request) { ret = engine->prepare_cipher_request(engine, breq); if (ret) { - pr_err("failed to prepare request: %d\n", ret); + dev_err(engine->dev, "failed to prepare request: %d\n", + ret); goto req_err; } engine->cur_req_prepared = true; } ret = engine->cipher_one_request(engine, breq); if (ret) { - pr_err("failed to cipher one request from queue\n"); + dev_err(engine->dev, "failed to cipher one request from queue\n"); goto req_err; } return; default: - pr_err("failed to prepare request of unknown type\n"); + dev_err(engine->dev, "failed to prepare request of unknown type\n"); return; } @@ -275,7 +277,7 @@ void crypto_finalize_cipher_request(struct crypto_engine *engine, engine->unprepare_cipher_request) { ret = engine->unprepare_cipher_request(engine, req); if (ret) - pr_err("failed to unprepare request\n"); + dev_err(engine->dev, "failed to unprepare request\n"); } spin_lock_irqsave(&engine->queue_lock, flags); engine->cur_req = NULL; @@ -312,7 +314,7 @@ void crypto_finalize_hash_request(struct crypto_engine *engine, engine->unprepare_hash_request) { ret = engine->unprepare_hash_request(engine, req); if (ret) - pr_err("failed to unprepare request\n"); + dev_err(engine->dev, "failed to unprepare request\n"); } spin_lock_irqsave(&engine->queue_lock, flags); engine->cur_req = NULL; @@ -384,7 +386,7 @@ int crypto_engine_stop(struct crypto_engine *engine) spin_unlock_irqrestore(&engine->queue_lock, flags); if (ret) - pr_warn("could not stop engine\n"); + dev_warn(engine->dev, "could not stop engine\n"); return ret; } @@ -411,6 +413,7 @@ struct crypto_engine *crypto_engine_alloc_init(struct device *dev, bool rt) if (!engine) return NULL; + engine->dev = dev; engine->rt = rt; engine->running = false; engine->busy = false; diff --git a/include/crypto/engine.h b/include/crypto/engine.h index 1bf600fc99f7..dd04c1699b51 100644 --- a/include/crypto/engine.h +++ b/include/crypto/engine.h @@ -58,6 +58,7 @@ struct crypto_engine { struct list_head list; spinlock_t queue_lock; struct crypto_queue queue; + struct device *dev; bool rt; -- cgit v1.2.3