From cd5c91fe62519af6af238bbead32f2943a85c7de Mon Sep 17 00:00:00 2001 From: Colin Ian King Date: Tue, 22 Jun 2021 16:16:08 +0100 Subject: [PATCH 1/7] crypto: qat - ratelimit invalid ioctl message and print the invalid cmd Currently incorrect QAT ioctls can spam the kernel log with error messages of the form "QAT: Invalid ioctl" if a userspace program uses the wrong ioctl command. Quench the messages by ratelimiting them and also print the invalid command being used as that is useful to know. Signed-off-by: Colin Ian King Acked-by: Giovanni Cabiddu Signed-off-by: Herbert Xu --- drivers/crypto/qat/qat_common/adf_ctl_drv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/qat/qat_common/adf_ctl_drv.c b/drivers/crypto/qat/qat_common/adf_ctl_drv.c index 96b437bfe3de..6f64aa693146 100644 --- a/drivers/crypto/qat/qat_common/adf_ctl_drv.c +++ b/drivers/crypto/qat/qat_common/adf_ctl_drv.c @@ -406,7 +406,7 @@ static long adf_ctl_ioctl(struct file *fp, unsigned int cmd, unsigned long arg) ret = adf_ctl_ioctl_get_status(fp, cmd, arg); break; default: - pr_err("QAT: Invalid ioctl\n"); + pr_err_ratelimited("QAT: Invalid ioctl %d\n", cmd); ret = -EFAULT; break; } From b0d2193ba643ec8246e7a194e336c71018b8e6f3 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Thu, 24 Jun 2021 14:32:15 +0800 Subject: [PATCH 2/7] crypto: scatterwalk - Remove obsolete PageSlab check As it is now legal to call flush_dcache_page on slab pages we no longer need to do the check in the Crypto API. Reported-by: Ira Weiny Signed-off-by: Herbert Xu --- include/crypto/scatterwalk.h | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/include/crypto/scatterwalk.h b/include/crypto/scatterwalk.h index c837d0775474..7af08174a721 100644 --- a/include/crypto/scatterwalk.h +++ b/include/crypto/scatterwalk.h @@ -81,12 +81,7 @@ static inline void scatterwalk_pagedone(struct scatter_walk *walk, int out, struct page *page; page = sg_page(walk->sg) + ((walk->offset - 1) >> PAGE_SHIFT); - /* Test ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE first as - * PageSlab cannot be optimised away per se due to - * use of volatile pointer. - */ - if (ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE && !PageSlab(page)) - flush_dcache_page(page); + flush_dcache_page(page); } if (more && walk->offset >= walk->sg->offset + walk->sg->length) From 6ee55a6f50fe28207d829a535effcedad37991ea Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Thu, 24 Jun 2021 14:35:29 +0800 Subject: [PATCH 3/7] crypto: omap - Drop obsolete PageSlab check As it is now legal to call flush_dcache_page on slab pages we no longer need to do the check in the omap driver. This patch also uses flush_dcache_page instead of flush_kernel_dcache_page because the page we're writing to could be anything. Reported-by: Ira Weiny Signed-off-by: Herbert Xu --- drivers/crypto/omap-crypto.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/crypto/omap-crypto.c b/drivers/crypto/omap-crypto.c index 94b2dba90f0d..31bdb1d76d11 100644 --- a/drivers/crypto/omap-crypto.c +++ b/drivers/crypto/omap-crypto.c @@ -183,8 +183,7 @@ static void omap_crypto_copy_data(struct scatterlist *src, memcpy(dstb, srcb, amt); - if (!PageSlab(sg_page(dst))) - flush_kernel_dcache_page(sg_page(dst)); + flush_dcache_page(sg_page(dst)); kunmap_atomic(srcb); kunmap_atomic(dstb); From 8833272d876eb5320e4c7c31cc455542510dc4c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stephan=20M=C3=BCller?= Date: Thu, 24 Jun 2021 17:44:35 +0200 Subject: [PATCH 4/7] crypto: drbg - self test for HMAC(SHA-512) Considering that the HMAC(SHA-512) DRBG is the default DRBG now, a self test is to be provided. The test vector is obtained from a successful NIST ACVP test run. Signed-off-by: Stephan Mueller Signed-off-by: Herbert Xu --- crypto/testmgr.c | 5 ++++- crypto/testmgr.h | 49 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 1 deletion(-) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 1f7f63e836ae..c978e41f11a1 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -4686,8 +4686,11 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_null, }, { .alg = "drbg_nopr_hmac_sha512", - .test = alg_test_null, + .test = alg_test_drbg, .fips_allowed = 1, + .suite = { + .drbg = __VECS(drbg_nopr_hmac_sha512_tv_template) + } }, { .alg = "drbg_nopr_sha1", .fips_allowed = 1, diff --git a/crypto/testmgr.h b/crypto/testmgr.h index 96eb7ce9f81b..3ed6ab34ab51 100644 --- a/crypto/testmgr.h +++ b/crypto/testmgr.h @@ -21984,6 +21984,55 @@ static const struct drbg_testvec drbg_nopr_hmac_sha256_tv_template[] = { }, }; +/* Test vector obtained during NIST ACVP testing */ +static const struct drbg_testvec drbg_nopr_hmac_sha512_tv_template[] = { + { + .entropy = (unsigned char *) + "\xDF\xB0\xF2\x18\xF0\x78\x07\x01\x29\xA4\x29\x26" + "\x2F\x8A\x34\xCB\x37\xEF\xEE\x41\xE6\x96\xF7\xFF" + "\x61\x47\xD3\xED\x41\x97\xEF\x64\x0C\x48\x56\x5A" + "\xE6\x40\x6E\x4A\x3B\x9E\x7F\xAC\x08\xEC\x25\xAE" + "\x0B\x51\x0E\x2C\x44\x2E\xBD\xDB\x57\xD0\x4A\x6D" + "\x80\x3E\x37\x0F", + .entropylen = 64, + .expected = (unsigned char *) + "\x48\xc6\xa8\xdb\x09\xae\xde\x5d\x8c\x77\xf3\x52" + "\x92\x71\xa7\xb9\x6d\x53\x6d\xa3\x73\xe3\x55\xb8" + "\x39\xd6\x44\x2b\xee\xcb\xe1\x32\x15\x30\xbe\x4e" + "\x9b\x1e\x06\xd1\x6b\xbf\xd5\x3e\xea\x7c\xf5\xaa" + "\x4b\x05\xb5\xd3\xa7\xb2\xc4\xfe\xe7\x1b\xda\x11" + "\x43\x98\x03\x70\x90\xbf\x6e\x43\x9b\xe4\x14\xef" + "\x71\xa3\x2a\xef\x9f\x0d\xb9\xe3\x52\xf2\x89\xc9" + "\x66\x9a\x60\x60\x99\x60\x62\x4c\xd6\x45\x52\x54" + "\xe6\x32\xb2\x1b\xd4\x48\xb5\xa6\xf9\xba\xd3\xff" + "\x29\xc5\x21\xe0\x91\x31\xe0\x38\x8c\x93\x0f\x3c" + "\x30\x7b\x53\xa3\xc0\x7f\x2d\xc1\x39\xec\x69\x0e" + "\xf2\x4a\x3c\x65\xcc\xed\x07\x2a\xf2\x33\x83\xdb" + "\x10\x74\x96\x40\xa7\xc5\x1b\xde\x81\xca\x0b\x8f" + "\x1e\x0a\x1a\x7a\xbf\x3c\x4a\xb8\x8c\xaf\x7b\x80" + "\xb7\xdc\x5d\x0f\xef\x1b\x97\x6e\x3d\x17\x23\x5a" + "\x31\xb9\x19\xcf\x5a\xc5\x00\x2a\xb6\xf3\x99\x34" + "\x65\xee\xe9\x1c\x55\xa0\x3b\x07\x60\xc9\xc4\xe4" + "\xf7\x57\x5c\x34\x9f\xc6\x31\x30\x3f\x23\xb2\x89" + "\xc0\xe7\x50\xf3\xde\x59\xd1\x0e\xb3\x0f\x78\xcc" + "\x7e\x54\x5e\x61\xf6\x86\x3d\xb3\x11\x94\x36\x3e" + "\x61\x5c\x48\x99\xf6\x7b\x02\x9a\xdc\x6a\x28\xe6" + "\xd1\xa7\xd1\xa3", + .expectedlen = 256, + .addtla = (unsigned char *) + "\x6B\x0F\x4A\x48\x0B\x12\x85\xE4\x72\x23\x7F\x7F" + "\x94\x7C\x24\x69\x14\x9F\xDC\x72\xA6\x33\xAD\x3C" + "\x8C\x72\xC1\x88\x49\x59\x82\xC5", + .addtlb = (unsigned char *) + "\xC4\xAF\x36\x3D\xB8\x5D\x9D\xFA\x92\xF5\xC3\x3C" + "\x2D\x1E\x22\x2A\xBD\x8B\x05\x6F\xA3\xFC\xBF\x16" + "\xED\xAA\x75\x8D\x73\x9A\xF6\xEC", + .addtllen = 32, + .pers = NULL, + .perslen = 0, + } +}; + static const struct drbg_testvec drbg_nopr_ctr_aes192_tv_template[] = { { .entropy = (unsigned char *) From df941fdd779e43112323a9c057dbbdbc0b1512a2 Mon Sep 17 00:00:00 2001 From: Geert Uytterhoeven Date: Fri, 25 Jun 2021 15:27:23 +0200 Subject: [PATCH 5/7] crypto: sl3516 - Typo s/Stormlink/Storlink/ According to Documentation/devicetree/bindings/arm/gemini.txt, the company was originally named "Storlink Semiconductor", and later renamed to "Storm Semiconductor". Fixes: 46c5338db7bd45b2 ("crypto: sl3516 - Add sl3516 crypto engine") Signed-off-by: Geert Uytterhoeven Signed-off-by: Herbert Xu --- drivers/crypto/Kconfig | 2 +- drivers/crypto/gemini/sl3516-ce-cipher.c | 2 +- drivers/crypto/gemini/sl3516-ce-core.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index ebcec460c045..8796ddf37cb5 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -267,7 +267,7 @@ config CRYPTO_DEV_NIAGARA2 checksumming, and raw copies. config CRYPTO_DEV_SL3516 - tristate "Stormlink SL3516 crypto offloader" + tristate "Storlink SL3516 crypto offloader" depends on HAS_IOMEM select CRYPTO_SKCIPHER select CRYPTO_ENGINE diff --git a/drivers/crypto/gemini/sl3516-ce-cipher.c b/drivers/crypto/gemini/sl3516-ce-cipher.c index b41c2f5fc495..c1c2b1d86663 100644 --- a/drivers/crypto/gemini/sl3516-ce-cipher.c +++ b/drivers/crypto/gemini/sl3516-ce-cipher.c @@ -1,6 +1,6 @@ // SPDX-License-Identifier: GPL-2.0 /* - * sl3516-ce-cipher.c - hardware cryptographic offloader for Stormlink SL3516 SoC + * sl3516-ce-cipher.c - hardware cryptographic offloader for Storlink SL3516 SoC * * Copyright (C) 2021 Corentin LABBE * diff --git a/drivers/crypto/gemini/sl3516-ce-core.c b/drivers/crypto/gemini/sl3516-ce-core.c index da6cd529a6c0..b7524b649068 100644 --- a/drivers/crypto/gemini/sl3516-ce-core.c +++ b/drivers/crypto/gemini/sl3516-ce-core.c @@ -1,6 +1,6 @@ // SPDX-License-Identifier: GPL-2.0 /* - * sl3516-ce-core.c - hardware cryptographic offloader for Stormlink SL3516 SoC + * sl3516-ce-core.c - hardware cryptographic offloader for Storlink SL3516 SoC * * Copyright (C) 2021 Corentin Labbe * From e29dd5c8382e39210a180b75b68912f536893ef0 Mon Sep 17 00:00:00 2001 From: Geert Uytterhoeven Date: Fri, 25 Jun 2021 15:27:24 +0200 Subject: [PATCH 6/7] crypto: sl3516 - Add dependency on ARCH_GEMINI The Storlink SL3516 crypto engine is only present on Storlink Semiconductor/Storm Semiconductor/Cortina Systems Gemini SoCs. Hence add a dependency on ARCH_GEMINI, to prevent asking the user about this driver when configuring a kernel without Gemini support. While at it, group the dependencies. Fixes: 46c5338db7bd45b2 ("crypto: sl3516 - Add sl3516 crypto engine") Signed-off-by: Geert Uytterhoeven Signed-off-by: Herbert Xu --- drivers/crypto/Kconfig | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 8796ddf37cb5..51690e73153a 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -268,13 +268,13 @@ config CRYPTO_DEV_NIAGARA2 config CRYPTO_DEV_SL3516 tristate "Storlink SL3516 crypto offloader" - depends on HAS_IOMEM + depends on ARCH_GEMINI || COMPILE_TEST + depends on HAS_IOMEM && PM select CRYPTO_SKCIPHER select CRYPTO_ENGINE select CRYPTO_ECB select CRYPTO_AES select HW_RANDOM - depends on PM help This option allows you to have support for SL3516 crypto offloader. From 66192b2e3fd8ab97ed518d6c0240e26655a20b4b Mon Sep 17 00:00:00 2001 From: Kai Ye Date: Sat, 26 Jun 2021 10:50:33 +0800 Subject: [PATCH 7/7] crypto: hisilicon/sec - fix the process of disabling sva prefetching The open interface of the sva prefetching function is distinguish the chip version. But the close interface of the sva prefetching function doesn't distinguish the chip version. As a result, the sva prefetching close operation is also performed on Kunpeng920, those registers are important on Kunpeng920, which eventually leads to abnormal hardware problems. So need to fix it immediately. Signed-off-by: Kai Ye Signed-off-by: Herbert Xu --- drivers/crypto/hisilicon/sec2/sec_main.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/crypto/hisilicon/sec2/sec_main.c b/drivers/crypto/hisilicon/sec2/sec_main.c index d120ce3e34ed..490db7bccf61 100644 --- a/drivers/crypto/hisilicon/sec2/sec_main.c +++ b/drivers/crypto/hisilicon/sec2/sec_main.c @@ -364,6 +364,9 @@ static void sec_close_sva_prefetch(struct hisi_qm *qm) u32 val; int ret; + if (qm->ver < QM_HW_V3) + return; + val = readl_relaxed(qm->io_base + SEC_PREFETCH_CFG); val |= SEC_PREFETCH_DISABLE; writel(val, qm->io_base + SEC_PREFETCH_CFG);