Merge tag 'v7.1-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

+3 -5

crypto/acompress.c

··· 169 169 state->compl = req->base.complete; 170 170 state->data = req->base.data; 171 171 req->base.complete = cplt; 172 - req->base.data = state; 172 + req->base.data = req; 173 173 } 174 174 175 175 static void acomp_restore_req(struct acomp_req *req) 176 176 { 177 - struct acomp_req_chain *state = req->base.data; 178 - 179 - req->base.complete = state->compl; 180 - req->base.data = state->data; 177 + req->base.complete = req->chain.compl; 178 + req->base.data = req->chain.data; 181 179 } 182 180 183 181 static void acomp_reqchain_virt(struct acomp_req *req)

+8 -2

crypto/algif_aead.c

··· 72 72 struct af_alg_ctx *ctx = ask->private; 73 73 struct crypto_aead *tfm = pask->private; 74 74 unsigned int as = crypto_aead_authsize(tfm); 75 + unsigned int ivsize = crypto_aead_ivsize(tfm); 75 76 struct af_alg_async_req *areq; 76 77 struct scatterlist *rsgl_src, *tsgl_src = NULL; 78 + void *iv; 77 79 int err = 0; 78 80 size_t used = 0; /* [in] TX bufs to be en/decrypted */ 79 81 size_t outlen = 0; /* [out] RX bufs produced by kernel */ ··· 127 125 128 126 /* Allocate cipher request for current operation. */ 129 127 areq = af_alg_alloc_areq(sk, sizeof(struct af_alg_async_req) + 130 - crypto_aead_reqsize(tfm)); 128 + crypto_aead_reqsize(tfm) + ivsize); 131 129 if (IS_ERR(areq)) 132 130 return PTR_ERR(areq); 131 + 132 + iv = (u8 *)aead_request_ctx(&areq->cra_u.aead_req) + 133 + crypto_aead_reqsize(tfm); 134 + memcpy(iv, ctx->iv, ivsize); 133 135 134 136 /* convert iovecs of output buffers into RX SGL */ 135 137 err = af_alg_get_rsgl(sk, msg, flags, areq, outlen, &usedpages); ··· 193 187 194 188 /* Initialize the crypto operation */ 195 189 aead_request_set_crypt(&areq->cra_u.aead_req, tsgl_src, 196 - areq->first_rsgl.sgl.sgt.sgl, used, ctx->iv); 190 + areq->first_rsgl.sgl.sgt.sgl, used, iv); 197 191 aead_request_set_ad(&areq->cra_u.aead_req, ctx->aead_assoclen); 198 192 aead_request_set_tfm(&areq->cra_u.aead_req, tfm); 199 193

+4 -2

crypto/authencesn.c

··· 228 228 229 229 decrypt: 230 230 231 - if (src != dst) 232 - src = scatterwalk_ffwd(areq_ctx->src, src, assoclen); 233 231 dst = scatterwalk_ffwd(areq_ctx->dst, dst, assoclen); 232 + if (req->src == req->dst) 233 + src = dst; 234 + else 235 + src = scatterwalk_ffwd(areq_ctx->src, src, assoclen); 234 236 235 237 skcipher_request_set_tfm(skreq, ctx->enc); 236 238 skcipher_request_set_callback(skreq, flags,

+31 -21

crypto/krb5enc.c

··· 39 39 char tail[]; 40 40 }; 41 41 42 - static void krb5enc_request_complete(struct aead_request *req, int err) 43 - { 44 - if (err != -EINPROGRESS) 45 - aead_request_complete(req, err); 46 - } 47 - 48 42 /** 49 43 * crypto_krb5enc_extractkeys - Extract Ke and Ki keys from the key blob. 50 44 * @keys: Where to put the key sizes and pointers ··· 121 127 { 122 128 struct aead_request *req = data; 123 129 124 - krb5enc_request_complete(req, err); 130 + aead_request_complete(req, err); 125 131 } 126 132 127 133 /* ··· 182 188 struct ahash_request *ahreq = (void *)(areq_ctx->tail + ictx->reqoff); 183 189 184 190 if (err) 185 - return krb5enc_request_complete(req, err); 191 + goto out; 186 192 187 193 krb5enc_insert_checksum(req, ahreq->result); 188 194 189 - err = krb5enc_dispatch_encrypt(req, 190 - aead_request_flags(req) & ~CRYPTO_TFM_REQ_MAY_SLEEP); 191 - if (err != -EINPROGRESS) 192 - aead_request_complete(req, err); 195 + err = krb5enc_dispatch_encrypt(req, 0); 196 + if (err == -EINPROGRESS) 197 + return; 198 + 199 + out: 200 + aead_request_complete(req, err); 193 201 } 194 202 195 203 /* ··· 261 265 { 262 266 struct aead_request *req = data; 263 267 264 - if (err) 265 - return krb5enc_request_complete(req, err); 266 - 267 - err = krb5enc_verify_hash(req); 268 - krb5enc_request_complete(req, err); 268 + if (!err) 269 + err = krb5enc_verify_hash(req); 270 + aead_request_complete(req, err); 269 271 } 270 272 271 273 /* 272 274 * Dispatch the hashing of the plaintext after we've done the decryption. 273 275 */ 274 - static int krb5enc_dispatch_decrypt_hash(struct aead_request *req) 276 + static int krb5enc_dispatch_decrypt_hash(struct aead_request *req, 277 + unsigned int flags) 275 278 { 276 279 struct crypto_aead *krb5enc = crypto_aead_reqtfm(req); 277 280 struct aead_instance *inst = aead_alg_instance(krb5enc); ··· 286 291 ahash_request_set_tfm(ahreq, auth); 287 292 ahash_request_set_crypt(ahreq, req->dst, hash, 288 293 req->assoclen + req->cryptlen - authsize); 289 - ahash_request_set_callback(ahreq, aead_request_flags(req), 294 + ahash_request_set_callback(ahreq, flags, 290 295 krb5enc_decrypt_hash_done, req); 291 296 292 297 err = crypto_ahash_digest(ahreq); ··· 294 299 return err; 295 300 296 301 return krb5enc_verify_hash(req); 302 + } 303 + 304 + static void krb5enc_decrypt_done(void *data, int err) 305 + { 306 + struct aead_request *req = data; 307 + 308 + if (err) 309 + goto out; 310 + 311 + err = krb5enc_dispatch_decrypt_hash(req, 0); 312 + if (err == -EINPROGRESS) 313 + return; 314 + 315 + out: 316 + aead_request_complete(req, err); 297 317 } 298 318 299 319 /* ··· 334 324 335 325 skcipher_request_set_tfm(skreq, ctx->enc); 336 326 skcipher_request_set_callback(skreq, aead_request_flags(req), 337 - req->base.complete, req->base.data); 327 + krb5enc_decrypt_done, req); 338 328 skcipher_request_set_crypt(skreq, src, dst, 339 329 req->cryptlen - authsize, req->iv); 340 330 ··· 349 339 if (err < 0) 350 340 return err; 351 341 352 - return krb5enc_dispatch_decrypt_hash(req); 342 + return krb5enc_dispatch_decrypt_hash(req, aead_request_flags(req)); 353 343 } 354 344 355 345 static int krb5enc_init_tfm(struct crypto_aead *tfm)

+5 -2

crypto/pcrypt.c

··· 69 69 struct pcrypt_request *preq = aead_request_ctx(req); 70 70 struct padata_priv *padata = pcrypt_request_padata(preq); 71 71 72 + if (err == -EINPROGRESS) 73 + return; 74 + 72 75 padata->info = err; 73 76 74 77 padata_do_serial(padata); ··· 85 82 86 83 ret = crypto_aead_encrypt(req); 87 84 88 - if (ret == -EINPROGRESS) 85 + if (ret == -EINPROGRESS || ret == -EBUSY) 89 86 return; 90 87 91 88 padata->info = ret; ··· 136 133 137 134 ret = crypto_aead_decrypt(req); 138 135 139 - if (ret == -EINPROGRESS) 136 + if (ret == -EINPROGRESS || ret == -EBUSY) 140 137 return; 141 138 142 139 padata->info = ret;

+5 -2

drivers/crypto/ccp/ccp-crypto-aes.c

··· 30 30 if (ret) 31 31 return ret; 32 32 33 - if (ctx->u.aes.mode != CCP_AES_MODE_ECB) 34 - memcpy(req->iv, rctx->iv, AES_BLOCK_SIZE); 33 + if (ctx->u.aes.mode != CCP_AES_MODE_ECB) { 34 + size_t ivsize = crypto_skcipher_ivsize(crypto_skcipher_reqtfm(req)); 35 + 36 + memcpy(req->iv, rctx->iv, ivsize); 37 + } 35 38 36 39 return 0; 37 40 }

+17 -2

drivers/crypto/ccp/sev-dev.c

··· 1860 1860 1861 1861 ret = __sev_do_cmd_locked(SEV_CMD_PEK_CSR, &data, &argp->error); 1862 1862 1863 - /* If we query the CSR length, FW responded with expected data. */ 1863 + /* 1864 + * Firmware will returns the length of the CSR blob (either the minimum 1865 + * required length or the actual length written), return it to the user. 1866 + */ 1864 1867 input.length = data.len; 1865 1868 1866 1869 if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) { 1867 1870 ret = -EFAULT; 1868 1871 goto e_free_blob; 1869 1872 } 1873 + 1874 + if (ret || WARN_ON_ONCE(argp->error)) 1875 + goto e_free_blob; 1870 1876 1871 1877 if (blob) { 1872 1878 if (copy_to_user(input_address, blob, input.length)) ··· 2223 2217 goto e_free; 2224 2218 } 2225 2219 2220 + if (ret || WARN_ON_ONCE(argp->error)) 2221 + goto e_free; 2222 + 2226 2223 if (id_blob) { 2227 2224 if (copy_to_user(input_address, id_blob, data.len)) { 2228 2225 ret = -EFAULT; ··· 2342 2333 2343 2334 ret = __sev_do_cmd_locked(SEV_CMD_PDH_CERT_EXPORT, &data, &argp->error); 2344 2335 2345 - /* If we query the length, FW responded with expected data. */ 2336 + /* 2337 + * Firmware will return the length of the blobs (either the minimum 2338 + * required length or the actual length written), return 'em to the user. 2339 + */ 2346 2340 input.cert_chain_len = data.cert_chain_len; 2347 2341 input.pdh_cert_len = data.pdh_cert_len; 2348 2342 ··· 2353 2341 ret = -EFAULT; 2354 2342 goto e_free_cert; 2355 2343 } 2344 + 2345 + if (ret || WARN_ON_ONCE(argp->error)) 2346 + goto e_free_cert; 2356 2347 2357 2348 if (pdh_blob) { 2358 2349 if (copy_to_user(input_pdh_cert_address,

+1 -1

drivers/crypto/inside-secure/eip93/eip93-common.c

··· 731 731 return -EINVAL; 732 732 } 733 733 734 - ahash_tfm = crypto_alloc_ahash(alg_name, 0, CRYPTO_ALG_ASYNC); 734 + ahash_tfm = crypto_alloc_ahash(alg_name, 0, 0); 735 735 if (IS_ERR(ahash_tfm)) 736 736 return PTR_ERR(ahash_tfm); 737 737

+2 -2

drivers/crypto/sa2ul.c

··· 1744 1744 static int sa_cra_init_aead_sha1(struct crypto_aead *tfm) 1745 1745 { 1746 1746 return sa_cra_init_aead(tfm, "sha1", 1747 - "authenc(hmac(sha1-ce),cbc(aes-ce))"); 1747 + "authenc(hmac(sha1),cbc(aes))"); 1748 1748 } 1749 1749 1750 1750 static int sa_cra_init_aead_sha256(struct crypto_aead *tfm) 1751 1751 { 1752 1752 return sa_cra_init_aead(tfm, "sha256", 1753 - "authenc(hmac(sha256-ce),cbc(aes-ce))"); 1753 + "authenc(hmac(sha256),cbc(aes))"); 1754 1754 } 1755 1755 1756 1756 static void sa_exit_tfm_aead(struct crypto_aead *tfm)

Configure Feed

Configure Feed