Commit Graph

173 Commits

Author SHA1 Message Date
Wei Yongjun
33c388b81c s390/zcrypt: fix possible memory leak in ap_module_init()
ap_configuration is malloced in ap_module_init() and should be freed
before leaving from the error handling cases, otherwise it may cause
memory leak.

Signed-off-by: Wei Yongjun <weiyj.lk@gmail.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2016-07-31 06:10:41 -04:00
Ingo Tuchscherer
d6d86c57d7 s390/zcrypt: Fix zcrypt suspend/resume behavior
The device suspend call triggers all ap devices to fetch potentially
available response messages from the queues. Therefore the
corresponding zcrypt device, that is allocated asynchronously after
ap device probing, needs to be fully prepared. This race condition
could lead to uninitialized response buffers while trying to read
from the queues.

Introduce a new callback within the ap layer to get noticed when a
zcrypt device is fully prepared. Additional checks prevent reading
from devices that are not fully prepared.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2016-07-31 05:27:58 -04:00
Heiko Carstens
11d3767303 s390/crypto: use basic blocks for ap bus inline assemblies
Use only simple inline assemblies which consist of a single basic
block if the register asm construct is being used.

Otherwise gcc would generate broken code if the compiler option
--sanitize-coverage=trace-pc would be used.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2016-06-28 09:32:30 +02:00
Heiko Carstens
f70a34c576 s390: make couple of variables and functions static
copy_oldmem_user() and ap_jumptable are private to the files they are
being used in. Therefore make them static.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2016-05-10 13:24:50 +02:00
Ingo Tuchscherer
d8f51227f3 s390/zcrypt: Fix cryptographic device id in kernel messages
Currently, on card response failures a combination of card domain and
domain id is recorded in the kernel messages.

According to the message description only the card id will be recorded.
The domain id is not relevant, since the whole card including all domains
is set offline.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2016-01-26 12:46:58 +01:00
Markus Elfring
a6e975c5f8 s390: Delete unnecessary checks before the function call "debug_unregister"
The debug_unregister() function performs also input parameter validation.
Thus the test around the calls is not needed.

This issue was detected by using the Coccinelle software.

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-11-27 09:24:16 +01:00
Ingo Tuchscherer
2bc53b8046 s390/zcrypt: Fix AP queue handling if queue is full
When the AP queue depth of requests was reached additional requests
have been ignored. These request are stuck in the request queue.

The AP queue handling now push the next waiting request into the
queue after fetching a previous serviced and finished reply.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Acked-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Acked-by: Harald Freudenberger <freude@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-11-27 09:23:29 +01:00
Sascha Silbe
121a868d05 s390/zcrypt: Fix initialisation when zcrypt is built-in
ap_bus and zcrypt_api assumed module information to always be present
and initialisation to be done in module loading order (symbol
dependencies). These assumptions don't hold if zcrypt is built-in;
THIS_MODULE will be NULL in this case and init call order is linker
order, i.e. Makefile order.

Fix initialisation order by ordering the object files in the Makefile
according to their dependencies, like the module loader would do.

Fix message type registration by using a dedicated "name" field rather
than piggy-backing on the module ("owner") information. There's no
change to the requirement that module name and msgtype name are
identical. The existing name macros are used.

We don't need any special code for dealing with the drivers being
built-in; the generic module support code already does the right
thing.

Test results:
1. CONFIG_MODULES=y, CONFIG_ZCRYPT=y

   KVM: boots, no /sys/bus/ap (expected)
   LPAR with CEX5: boots, /sys/bus/ap/devices/card*/type present

2. CONFIG_MODULES=y, CONFIG_ZCRYPT=m=:

   KVM: boots, loading zcrypt_cex4 (and ap) fails (expected)
   LPAR with CEX5: boots, loading =zcrypt_cex4= succeeds,
   /sys/bus/ap/devices/card*/type present after explicit module
   loading

3. CONFIG_MODULES unset, CONFIG_ZCRYPT=y:
   KVM: boots, no /sys/bus/ap (expected)
   LPAR with CEX5: boots, /sys/bus/ap/devices/card*/type present

No further testing (user-space functionality) was done.

Fixes: 3b6245fd303f ("s390/zcrypt: Separate msgtype implementation from card modules.")
Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-11-11 13:56:34 +01:00
Sascha Silbe
e387753c5f s390/zcrypt: Fix kernel crash on systems without AP bus support
On systems without AP bus (e.g. KVM) the kernel crashes during init
calls when zcrypt is built-in:

kernel BUG at drivers/base/driver.c:153!
illegal operation: 0001 ilc:1 [#1] SMP
Modules linked in:
CPU: 1 PID: 1 Comm: swapper/0 Not tainted 4.2.0+ #221
task: 0000000010a40000 ti: 0000000010a48000 task.ti:0000000010a48000
Krnl PSW : 0704c00180000000 0000000000592bd6(driver_register+0x106/0x140)
           R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:0 PM:0 EA:3
           0000000000000012 0000000000000000 0000000000c45328 0000000000c44e30
           00000000009ef63c 000000000067f598 0000000000cf3c58 0000000000000000
           000000000000007b 0000000000cb1030 0000000000000002 0000000000000000
           0000000000ca8580 0000000010306700 00000000001001d8 0000000010a4bd88
Krnl Code: 0000000000592bc6: f0b00004ebcf	srp 4(12,%r0),3023(%r14),0
           0000000000592bcc: f0a0000407f4       srp     4(11,%r0),2036,0
          #0000000000592bd2: a7f40001           brc     15,592bd4
          >0000000000592bd6: e330d0000004       lg      %r3,0(%r13)
           0000000000592bdc: c0200021edfd       larl    %r2,9d07d6
           0000000000592be2: c0e500126d8f       brasl   %r14,7e0700
           0000000000592be8: e330d0080004       lg      %r3,8(%r13)
           0000000000592bee: a7f4ffab           brc     15,592b44
Call Trace:
([<00000000001001c8>] do_one_initcall+0x90/0x1d0)
 [<0000000000c6dd34>] kernel_init_freeable+0x1e4/0x2a0
 [<00000000007db53a>] kernel_init+0x2a/0x120
 [<00000000007e8ece>] kernel_thread_starter+0x6/0xc
 [<00000000007e8ec8>] kernel_thread_starter+0x0/0xc
Last Breaking-Event-Address:
 [<0000000000592bd2>] driver_register+0x102/0x140

When zcrypt is built as a module, the module loader ensures that the
driver modules cannot be loaded if the AP bus module returns an error
during initialisation. But if zcrypt and the driver are built-in, the
driver is getting initialised even if the AP bus initialisation
failed. The driver invokes ap_driver_register() during initialisation,
which then causes operations on uninitialised data structures to be
performed.

Explicitly protect ap_driver_register() by introducing an
"initialised" flag that gets set iff the AP bus initialisation was
successful. When the AP bus initialisation failed,
ap_driver_register() will error out with -ENODEV, causing the driver
initialisation to fail as well.

Test results:
1. Inside KVM (no AP bus), zcrypt built-in

   Boots. /sys/bus/ap not present (expected).

2. Inside KVM (no AP bus), zcrypt as module

   Boots. Loading zcrypt_cex4 fails because loading ap_bus fails
   (expected).

3. On LPAR with CEX5, zcrypt built-in

   Boots. /sys/bus/ap/devices/card* present but .../card*/type missing
   (i.e. zcrypt_device_register() fails, unrelated issue).

4. On LPAR with CEX5, zcrypt as module

   Boots. Loading zcrypt_cex4 successful,
   /sys/bus/ap/devices/card*/type present. No further testing
   (user-space functionality) was done.

Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-11-11 13:56:30 +01:00
Martin Schwidefsky
8139b89d7c s390/zcrypt: use system work queue for ap_scan_bus
There is a system work queue system_long_wq for long running work.
Use this work queue for the AP bus scan loop.

Reviewd-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-14 14:32:25 +02:00
Martin Schwidefsky
b96a9e5140 s390/zcrypt: remove support for PCICC and PCICA cards
Remove the code for really old crypt cards, PCICC and PCICA.
These cards have been out of service for several years.

Reviewd-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-14 14:32:24 +02:00
Martin Schwidefsky
3f3007afda s390/zcrypt: introduce state machine for the AP bus
Replace the two fields 'unregistered' and 'reset' with a device
state with 5 possible values. Introduce two events for the AP devices,
device poll and device timeout. With the state machine it is easier
to deal with device initialization and suspend/resume. Device polling
is simpler as well, the arkane 'flags' passing is gone.

Reviewd-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-14 14:32:23 +02:00
Martin Schwidefsky
f58fe33600 s390/zcrypt: use explicit return code for flushed requests
If a AP device is removed while messages are still pending, the requests
are cancelled by calling the message receive function with an error pointer
for the reply. The message type receive handler recognize this and create
a fake hardware error TYPE82_RSP_CODE / REP82_ERROR_MACHINE_FAILURE.
The message with the hardware error then causes a printk and a return
code of -EAGAIN.

Replace the intricate scheme with an explicit return code for this sitation
and avoid the error message.

Reviewd-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-14 14:32:22 +02:00
Martin Schwidefsky
fcd0d1f637 s390/zcrypt: cleanup AP bus timer code
Set the configuration timer at the end of the ap_scan_bus function.
Make use of setup_timer and remove some unnecessary add_timer, mod_timer
and del_timer_sync calls. Replace the complicated timer_pending, mod_timer
and add_timer code in ap_config_time_store with a simple mod_timer.

Reviewd-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-14 14:32:21 +02:00
Martin Schwidefsky
83e9d5d2d4 s390/zcrypt: fix suspend/resume of AP bus devices
If there are no devices on the AP bus there will not be a single
call to the per-device ap_bus_suspend function. Even worse,
there will not be a call to the per-device ap_bus_resume either
and the AP will fail so resume correctly.

Introduce a bus specific dev_pm_ops to suspend / resume the AP
bus related things. While we are at it, simplify the power management
code of the AP bus.

Reviewd-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-14 14:32:20 +02:00
Martin Schwidefsky
98733791e8 s390/zcrypt: fix device unregister race
The ap_queue_messsage function will call device_unregister if the
unregistered field of the device has been set while trying to queue
a message. This races with other device_unregister calls, e.g. from
the ap_scan_bus. Remove the call to device_unregister from
ap_queue_message and let ap_scan_bus deal with it.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-14 14:32:20 +02:00
Martin Schwidefsky
889875a14f s390/zcrypt: fix memory leak with ap configuration data
The ap_query_configuration function allocates the ap_config_info
structure, but there is no code to free the structure.
Allocate the structure in the module_init function and free it
again in module_exit.

While we are at it simplify a few functions in regard to the
ap configuration data.

Reviewed-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-14 14:32:20 +02:00
Martin Schwidefsky
6acbe21f47 s390/zcrypt: remove duplicate low level functions
ap_test_queue, ap_query_facilities, __ap_query_functions all use
the same PQAP(TAPQ) command. Consolidate the three into a single
ap_test_queue function that returns the AP status and the 64-bit
result. The exception table entry for PQAP(TAPQ) can be avoided
if the T bit for the APFT facility is set only if test_facility(15)
indicated that the facility is present.

Integrate ap_query_function into ap_query queue to avoid calling
PQAP(TAPQ) twice.

Reviewed-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-14 14:32:19 +02:00
Ingo Tuchscherer
1330a1258d s390/zcrypt: enable odd RSA modulus sizes in CRT format
In the past only even modulus sizes were allowed for RSA keys in
CRT format. This restriction was based on limited RSA key generation
on older crypto adapters that provides only even modulus sizes. This
restriction is not valid any more.

Revoke restrictions that crypto requests can be serviced with odd
RSA modulus length in CRT format.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-14 14:31:59 +02:00
Andy Shevchenko
5d2fe875c9 drivers/s390/crypto/zcrypt_api.c: use seq_hex_dump() to dump buffers
Instead of custom approach let's use recently introduced seq_hex_dump()
helper.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Acked-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Joe Perches <joe@perches.com>
Cc: Tadeusz Struk <tadeusz.struk@intel.com>
Cc: Helge Deller <deller@gmx.de>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-09-10 13:29:01 -07:00
Heiko Carstens
e4e1899aae s390/zcrypt: use msleep() instead of mdelay()
There is no need to busy loop and monopolize a cpu for up to ~2 seconds.
The code in question that calls mdelay() is preemptible anyway, so better
let the kernel schedule different processes than just looping and causing
unnecessary delays.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Acked-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-08-19 10:40:26 +02:00
Ingo Tuchscherer
db490cb9ae s390/zcrypt: enable s390 hwrng to seed kernel entropy
Set the 'quality' property in the zcrypt rng device structure to enable the
zcrypt hwrng device to take part in the kernel entropy seeding process.
A module parameter named hwrng_seed will be introduced to disable the
participation. By default this parameter is set to 1 (enabled).

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Harald Freudenberger <freude@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-07-01 09:34:37 +02:00
Ingo Tuchscherer
c50a160c17 s390/zcrypt: Fixed reset and interrupt handling of AP queues
In case of request timeouts an AP queue reset will be triggered to
recover and reinitialize the AP queue. The previous behavior was an
immediate reset execution regardless of current/pending requests.
Due to newly changed firmware behavior the reset may be delayed, based
on the priority of pending request. The device driver's waiting time
frame was limited, hence it did not received the reset response. As a
consequence interrupts would not be enabled afterwards.

The RAPQ (queue reset) and AQIC (interrupt control) commands will be
treated fully asynchronous now. The device driver will check the reset and
interrupt states periodically, thus it can handle the reinitialization
properly.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-06-25 09:39:23 +02:00
Vaishali Thakkar
d9a5c0c65b s390/zcrypt: remove obsolete __constant
__constant_cpu_to_le16 converted to cpu_to_le16

Signed-off-by: Vaishali Thakkar <vthakkar1994@gmail.com>
Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-06-18 15:45:30 +02:00
Ingo Tuchscherer
f60b8d449d s390/zcrypt: Fix invalid domain handling during ap module unload
Added domain checking to prevent reset failures caused by invalid
domains.
Corrected removal sequence of bus attributes and device.

Reviewed-by: Harald Freudenberger <freude@linux.vnet.ibm.com>
Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-05-13 09:57:29 +02:00
Ingo Tuchscherer
8cc2af7c53 s390/zcrypt: fixed ap poll timer behavior
The ap poll timer restart condition was wrong. Hence the poll timer
was not restarted reliable when setting a new time interval via the
poll_timeout sysfs attribute.
Added missing timer locking.

Reported-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-04-30 13:50:35 +02:00
Heiko Carstens
86cd741bc6 s390: remove test_facility(2) (== z/Architecture mode active) checks
Given that the kernel now always runs in 64 bit mode, it is
pointless to check if the z/Architecture mode is active.
Remove the checks.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-03-25 11:49:37 +01:00
Heiko Carstens
5a79859ae0 s390: remove 31 bit support
Remove the 31 bit support in order to reduce maintenance cost and
effectively remove dead code. Since a couple of years there is no
distribution left that comes with a 31 bit kernel.

The 31 bit kernel also has been broken since more than a year before
anybody noticed. In addition I added a removal warning to the kernel
shown at ipl for 5 minutes: a960062e58 ("s390: add 31 bit warning
message") which let everybody know about the plan to remove 31 bit
code. We didn't get any response.

Given that the last 31 bit only machine was introduced in 1999 let's
remove the code.
Anybody with 31 bit user space code can still use the compat mode.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-03-25 11:49:33 +01:00
Ingo Tuchscherer
ea96f78813 s390/zcrypt: fixed domain scanning problem (again)
Older machines with more then 16 domains need a special check before
PQAP instructions can be processed. With commit 5bc334bff9 this
check was reverted by accident. This patch re-establishes the additional
code needed for checking the extended domains for older machines.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-02-04 09:03:19 +01:00
Ingo Tuchscherer
bdea1f1bb2 s390/zcrypt: Add support for new crypto express (CEX5S) adapter.
Extends the generic cryptographic device driver (zcrypt)
to support the Crypto Express 5S adapter.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-23 15:17:14 +01:00
Ingo Tuchscherer
5bc334bff9 s390/zcrypt: Number of supported ap domains is not retrievable.
Upcoming versions of secure key management facilities (CCA and
EP11) require information about the maximum number of supported
ap domains in order to service TKE requests properly. With IBM
z13 the number of available domains (so far 16) has increased up
to 85. This number varies depending on machine types and models.
Therefore the new sysfs attribute 'ap_max_domain_id' provides
this limit of supported ap domains.  Upcoming releases for CCA
and EP11 will use this new information. Without this problem fix
it is not possible to retrieve reliable information about the
maximum number of supported ap domains. Thus, customers are not
able to perform key management for CCA and EP11 coprocessor
adapters.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Harald Freudenberger <freude@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-23 15:17:10 +01:00
Harald Freudenberger
099eae11a8 s390/zcrypt: kernel oops at insmod of the z90crypt device driver
Kernel oops caused by invalid parameter at TAPQ instruction:
On older systems where the QCI instruction is not available
all possible domains are probed via TAPQ instruction. The
range for the probe has been extended with the > 16 domain
support now leading to a possible specification exception
when this instruction is called for probing higher values
within the new range. This may happen during insmod and/or
ap bus reset only on machines without a QCI instruction (z10,
z196, z114), zEC12 and newer systems are not affected.
The fix modifies the domain checking function to limit the
allowed range if no QCI info is available.

Signed-off-by: Harald Freudenberger <freude@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-12-18 09:55:55 +01:00
Kees Cook
5d26a105b5 crypto: prefix module autoloading with "crypto-"
This prefixes all crypto module loading with "crypto-" so we never run
the risk of exposing module auto-loading to userspace via a crypto API,
as demonstrated by Mathias Krause:

https://lkml.org/lkml/2013/3/4/70

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2014-11-24 22:43:57 +08:00
Ingo Tuchscherer
42f4dd613f s390/zcrypt: Toleration of new crypto hardware
The zcrypt device driver will accept the new crypto adapter
in toleration mode. A new sysfs attribute 'raw_hwtype' will
expose the raw hardware type.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Harald Freudenberger <freude@linux.vnet.ibm.com>
2014-10-09 09:14:05 +02:00
Ingo Tuchscherer
46b05c7bd5 s390/zcrypt: Fixed possible race condition in zcrypt module handling
Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-09-25 10:52:04 +02:00
Ingo Tuchscherer
170387a887 s390/zcrypt: support for extended number of ap domains
Extends the number of ap domains within the zcrypt device driver up to 256.
AP domains in the range 00..255 will be detected.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-09-25 10:51:57 +02:00
Ingo Tuchscherer
666e68e0dd s390/zcrypt: improve device probing for zcrypt adapter cards
Improve device probing process for zcrypt adapters to
transmit service request during registration process.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-07-16 10:48:12 +02:00
Kees Cook
ef283688f5 s390: avoid format strings leaking into names
This makes sure format strings can't accidentally leak into kernel
interface names.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-06-11 10:13:27 +02:00
Michael Veigel
c1a42f49b2 s390/ap_bus: Make modules parameters visible in sysfs
Change the visibility of the module parameters ap_domain_index and
ap_thread_flag for the owner and the members of the owners group in
sysfs.

Previously the parameters where invisible due to a value of zero
as permissions parameter in the module_param_named macro.

Signed-off-by: Michael Veigel <veigel@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-06-10 10:48:27 +02:00
Ingo Molnar
2fe5de9ce7 Merge branch 'sched/urgent' into sched/core, to avoid conflicts
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2014-05-07 13:15:46 +02:00
Dongsheng Yang
8698a745d8 sched, treewide: Replace hardcoded nice values with MIN_NICE/MAX_NICE
Replace various -20/+19 hardcoded nice values with MIN_NICE/MAX_NICE.

Signed-off-by: Dongsheng Yang <yangds.fnst@cn.fujitsu.com>
Acked-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Link: http://lkml.kernel.org/r/ff13819fd09b7a5dba5ab5ae797f2e7019bdfa17.1394532288.git.yangds.fnst@cn.fujitsu.com
Cc: devel@driverdev.osuosl.org
Cc: devicetree@vger.kernel.org
Cc: fcoe-devel@open-fcoe.org
Cc: linux390@de.ibm.com
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Cc: linux-s390@vger.kernel.org
Cc: linux-scsi@vger.kernel.org
Cc: nbd-general@lists.sourceforge.net
Cc: ocfs2-devel@oss.oracle.com
Cc: openipmi-developer@lists.sourceforge.net
Cc: qla2xxx-upstream@qlogic.com
Cc: linux-arch@vger.kernel.org
[ Consolidated the patches, twiddled the changelog. ]
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2014-04-18 12:07:24 +02:00
Ingo Tuchscherer
ce1ce2f312 s390/zcrypt: add length check for aligned data to avoid overflow in msg-type 6
Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-04-01 09:23:34 +02:00
Ingo Tuchscherer
63ef79c25b s390/zcrypt: additional check to avoid overflow in msg-type 6 requests
Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-02-12 09:49:45 +01:00
Hendrik Brueckner
b4a960159e s390: Fix misspellings using 'codespell' tool
Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-01-16 16:40:13 +01:00
Ingo Tuchscherer
91f3e3eaba s390/zcrypt: add support for EP11 coprocessor cards
This feature extends the generic cryptographic device driver (zcrypt)
with a new capability to service EP11 requests for the Crypto Express4S
card in EP11 (Enterprise PKCS#11 mode) coprocessor mode.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2013-12-18 17:37:15 +01:00
Hendrik Brueckner
8e6a828566 s390/s390dbf: use debug_level_enabled() where applicable
Refactor direct debug level comparisons with the (internal) s390db->level
member.  Use the debug_level_enabled() function instead.

Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2013-10-24 17:16:54 +02:00
Heiko Carstens
7d6c3b492f s390/ap_bus: use and-mask instead of a cast
Let's get rid of another sparse false positive:

drivers/s390/crypto/ap_bus.c:416:64: warning:
  cast truncates bits from constant value (102030405060708 becomes 5060708)

So instead of using a cast let's use an and-mask.
That way sparse remains silent and one doesn't always have to check
if this is a valid warning/bug or just a false positive.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
2013-09-07 11:58:18 +02:00
Ingo Tuchscherer
9da3545d82 s390/zcrypt: Alias for new zcrypt device driver base module
The zcrypt device driver has been split into base/bus module, api-module,
card modules and message type modules. The base module has been renamed
from z90crypt to ap.
A module alias (with the well-known z90crypt identifier) will be introduced
that enable users to use their existing way to load the zcrypt device driver.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2013-07-19 08:37:39 +02:00
Martin Schwidefsky
f4eae94f71 s390/airq: simplify adapter interrupt code
There are three users of adapter interrupts: AP, QDIO and PCI. Each
registers a single adapter interrupt with independent ISCs. Define
a "struct airq" with the interrupt handler, a pointer and a mask for
the local summary indicator and the ISC for the adapter interrupt
source. Convert the indicator array with its fixed number of adapter
interrupt sources per ISE to an array of hlists. This removes the
limitation to 32 adapter interrupts per ISC and allows for arbitrary
memory locations for the local summary indicator.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2013-06-26 21:10:28 +02:00
Thomas Meyer
ba8da2138e s390/ap_bus: Cocci spatch "ptr_ret.spatch"
Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2013-06-26 21:10:18 +02:00