linux-toradex.git/arch/arm64/crypto, branch v4.4.26 Linux kernel for Apalis and Colibri modules crypto: arm64/aes-ctr - fix NULL dereference in tail processing 2016-09-30T08:18:34+00:00 Ard Biesheuvel ard.biesheuvel@linaro.org 2016-09-13T08:48:53+00:00 3e2d986d8b2f95cfd4c2c0528cff74ce42a4e2a8 commit 2db34e78f126c6001d79d3b66ab1abb482dc7caa upstream. The AES-CTR glue code avoids calling into the blkcipher API for the tail portion of the walk, by comparing the remainder of walk.nbytes modulo AES_BLOCK_SIZE with the residual nbytes, and jumping straight into the tail processing block if they are equal. This tail processing block checks whether nbytes != 0, and does nothing otherwise. However, in case of an allocation failure in the blkcipher layer, we may enter this code with walk.nbytes == 0, while nbytes > 0. In this case, we should not dereference the source and destination pointers, since they may be NULL. So instead of checking for nbytes != 0, check for (walk.nbytes % AES_BLOCK_SIZE) != 0, which implies the former in non-error conditions. Fixes: 49788fe2a128 ("arm64/crypto: AES-ECB/CBC/CTR/XTS using ARMv8 NEON and Crypto Extensions") Reported-by: xiakaixu <xiakaixu@huawei.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit 2db34e78f126c6001d79d3b66ab1abb482dc7caa upstream.

The AES-CTR glue code avoids calling into the blkcipher API for the
tail portion of the walk, by comparing the remainder of walk.nbytes
modulo AES_BLOCK_SIZE with the residual nbytes, and jumping straight
into the tail processing block if they are equal. This tail processing
block checks whether nbytes != 0, and does nothing otherwise.

However, in case of an allocation failure in the blkcipher layer, we
may enter this code with walk.nbytes == 0, while nbytes > 0. In this
case, we should not dereference the source and destination pointers,
since they may be NULL. So instead of checking for nbytes != 0, check
for (walk.nbytes % AES_BLOCK_SIZE) != 0, which implies the former in
non-error conditions.

Fixes: 49788fe2a128 ("arm64/crypto: AES-ECB/CBC/CTR/XTS using ARMv8 NEON and Crypto Extensions")
Reported-by: xiakaixu <xiakaixu@huawei.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
arm64: crypto: reduce priority of core AES cipher 2015-11-18T12:09:08+00:00 Ard Biesheuvel ard.biesheuvel@linaro.org 2015-11-16T12:12:48+00:00 08c6781cfaa196d4b257ec043c17e8746d9284e3 The asynchronous, merged implementations of AES in CBC, CTR and XTS modes are preferred when available (i.e., when instantiating ablkciphers explicitly). However, the synchronous core AES cipher combined with the generic CBC mode implementation will produce a 'cbc(aes)' blkcipher that is callable asynchronously as well. To prevent this implementation from being used when the accelerated asynchronous implemenation is also available, lower its priority to 250 (i.e., below the asynchronous module's priority of 300). Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> 
The asynchronous, merged implementations of AES in CBC, CTR and XTS
modes are preferred when available (i.e., when instantiating ablkciphers
explicitly). However, the synchronous core AES cipher combined with the
generic CBC mode implementation will produce a 'cbc(aes)' blkcipher that
is callable asynchronously as well. To prevent this implementation from
being used when the accelerated asynchronous implemenation is also
available, lower its priority to 250 (i.e., below the asynchronous
module's priority of 300).

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag 2015-08-17T08:53:53+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-08-13T09:29:06+00:00 5e4b8c1fcc70016f43926203ae1820c3b380d5cd This patch removes the CRYPTO_ALG_AEAD_NEW flag now that everyone has been converted. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch removes the CRYPTO_ALG_AEAD_NEW flag now that everyone
has been converted.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: aes-ce-ccm - Convert to new AEAD interface 2015-07-17T13:20:10+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-07-14T08:53:19+00:00 2642d6abca9bc3404b7b967914300169135dcd31 This patch converts the ARM64 aes-ce-ccm implementation to the new AEAD interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> 
This patch converts the ARM64 aes-ce-ccm implementation to the
new AEAD interface.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Merge branch 'mvebu/drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc 2015-06-19T14:07:07+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-06-19T14:07:07+00:00 c0b59fafe31bf91f589736be304d739b13952fdd Merge the mvebu/drivers branch of the arm-soc tree which contains just a single patch bfa1ce5f38938cc9e6c7f2d1011f88eba2b9e2b2 ("bus: mvebu-mbus: add mv_mbus_dram_info_nooverlap()") that happens to be a prerequisite of the new marvell/cesa crypto driver. 
Merge the mvebu/drivers branch of the arm-soc tree which contains
just a single patch bfa1ce5f38938cc9e6c7f2d1011f88eba2b9e2b2 ("bus:
mvebu-mbus: add mv_mbus_dram_info_nooverlap()") that happens to be
a prerequisite of the new marvell/cesa crypto driver.
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2015-05-28T03:16:41+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-05-28T03:16:41+00:00 6d7e3d89954af773c70948a54cfa2aaa15907c1c Merge the crypto tree for 4.1 to pull in the changeset that disables algif_aead. 
Merge the crypto tree for 4.1 to pull in the changeset that disables
algif_aead.
crypto: arm64/sha2-ce - prevent asm code finalization in final() path 2015-05-07T03:16:26+00:00 Ard Biesheuvel ard.biesheuvel@linaro.org 2015-05-06T13:54:32+00:00 ec59a65d694e5fd99d76565b93468c99ae8dff79 Ensure that the asm code finalization path is not triggered when invoked via final(), since it already takes care of that itself. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Ensure that the asm code finalization path is not triggered when
invoked via final(), since it already takes care of that itself.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: arm64/sha1-ce - prevent asm code finalization in final() path 2015-05-07T03:16:25+00:00 Ard Biesheuvel ard.biesheuvel@linaro.org 2015-05-06T13:54:31+00:00 bf7883ebcb9c0880b8f5d22c1435a3de15283f0a Ensure that the asm code finalization path is not triggered when invoked via final(), since it already takes care of that itself. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Ensure that the asm code finalization path is not triggered when
invoked via final(), since it already takes care of that itself.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: arm64/crc32 - bring in line with generic CRC32 2015-05-07T03:16:24+00:00 Ard Biesheuvel ard.biesheuvel@linaro.org 2015-05-04T09:00:16+00:00 ac02c6ea6b404461829697792cd2b67f6a14d28a The arm64 CRC32 (not CRC32c) implementation was not quite doing the same thing as the generic one. Fix that. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Acked-by: Steve Capper <steve.capper@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The arm64 CRC32 (not CRC32c) implementation was not quite doing
the same thing as the generic one. Fix that.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Steve Capper <steve.capper@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: arm64/aes-ce-ccm - Include crypto/internal/aead.h 2015-04-23T06:18:10+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-04-22T07:06:27+00:00 34ed9a35788a562d80648247022ae9497cc88ebc All implementers of AEAD should include crypto/internal/aead.h instead of include/linux/crypto.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: David S. Miller <davem@davemloft.net> 
All implementers of AEAD should include crypto/internal/aead.h
instead of include/linux/crypto.h.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>