tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'libcrypto-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux

Pull crypto library fixes from Eric Biggers:

- Disable the "padlock" SHA-1 and SHA-256 driver on Zhaoxin
processors, since it does not compute hash values correctly

- Make a generated file be removed by 'make clean'

- Fix excessive stack usage in some of the arm64 AES code

* tag 'libcrypto-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux:
lib/crypto: powerpc: Add powerpc/aesp8-ppc.S to clean-files
crypto: padlock-sha - Disable for Zhaoxin processor
crypto: arm64/aes-neonbs - Move key expansion off the stack

Linus Torvalds 1863b405 8a30aeb0

+33 -14
+23 -14
arch/arm64/crypto/aes-neonbs-glue.c
··· 76 76 unsigned int key_len) 77 77 { 78 78 struct aesbs_ctx *ctx = crypto_skcipher_ctx(tfm); 79 - struct crypto_aes_ctx rk; 79 + struct crypto_aes_ctx *rk; 80 80 int err; 81 81 82 - err = aes_expandkey(&rk, in_key, key_len); 82 + rk = kmalloc(sizeof(*rk), GFP_KERNEL); 83 + if (!rk) 84 + return -ENOMEM; 85 + 86 + err = aes_expandkey(rk, in_key, key_len); 83 87 if (err) 84 - return err; 88 + goto out; 85 89 86 90 ctx->rounds = 6 + key_len / 4; 87 91 88 92 scoped_ksimd() 89 - aesbs_convert_key(ctx->rk, rk.key_enc, ctx->rounds); 90 - 91 - return 0; 93 + aesbs_convert_key(ctx->rk, rk->key_enc, ctx->rounds); 94 + out: 95 + kfree_sensitive(rk); 96 + return err; 92 97 } 93 98 94 99 static int __ecb_crypt(struct skcipher_request *req, ··· 138 133 unsigned int key_len) 139 134 { 140 135 struct aesbs_cbc_ctr_ctx *ctx = crypto_skcipher_ctx(tfm); 141 - struct crypto_aes_ctx rk; 136 + struct crypto_aes_ctx *rk; 142 137 int err; 143 138 144 - err = aes_expandkey(&rk, in_key, key_len); 139 + rk = kmalloc(sizeof(*rk), GFP_KERNEL); 140 + if (!rk) 141 + return -ENOMEM; 142 + 143 + err = aes_expandkey(rk, in_key, key_len); 145 144 if (err) 146 - return err; 145 + goto out; 147 146 148 147 ctx->key.rounds = 6 + key_len / 4; 149 148 150 - memcpy(ctx->enc, rk.key_enc, sizeof(ctx->enc)); 149 + memcpy(ctx->enc, rk->key_enc, sizeof(ctx->enc)); 151 150 152 151 scoped_ksimd() 153 - aesbs_convert_key(ctx->key.rk, rk.key_enc, ctx->key.rounds); 154 - memzero_explicit(&rk, sizeof(rk)); 155 - 156 - return 0; 152 + aesbs_convert_key(ctx->key.rk, rk->key_enc, ctx->key.rounds); 153 + out: 154 + kfree_sensitive(rk); 155 + return err; 157 156 } 158 157 159 158 static int cbc_encrypt(struct skcipher_request *req)
+7
drivers/crypto/padlock-sha.c
··· 332 332 if (!x86_match_cpu(padlock_sha_ids) || !boot_cpu_has(X86_FEATURE_PHE_EN)) 333 333 return -ENODEV; 334 334 335 + /* 336 + * Skip family 0x07 and newer used by Zhaoxin processors, 337 + * as the driver's self-tests fail on these CPUs. 338 + */ 339 + if (c->x86 >= 0x07) 340 + return -ENODEV; 341 + 335 342 /* Register the newly added algorithm module if on * 336 343 * VIA Nano processor, or else just do as before */ 337 344 if (c->x86_model < 0x0f) {
+3
lib/crypto/Makefile
··· 55 55 libaes-$(CONFIG_X86) += x86/aes-aesni.o 56 56 endif # CONFIG_CRYPTO_LIB_AES_ARCH 57 57 58 + # clean-files must be defined unconditionally 59 + clean-files += powerpc/aesp8-ppc.S 60 + 58 61 ################################################################################ 59 62 60 63 obj-$(CONFIG_CRYPTO_LIB_AESCFB) += libaescfb.o