<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-toradex.git/net/ceph/crypto.c, branch v4.9.89</title>
<subtitle>Linux kernel for Apalis and Colibri modules</subtitle>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/'/>
<entry>
<title>libceph: don't WARN() if user tries to add invalid key</title>
<updated>2017-11-30T08:39:03+00:00</updated>
<author>
<name>Eric Biggers</name>
<email>ebiggers@google.com</email>
</author>
<published>2017-11-07T05:57:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=a1e25420a47a55784f277363ee0b76b2e2ea981d'/>
<id>a1e25420a47a55784f277363ee0b76b2e2ea981d</id>
<content type='text'>
commit b11270853fa3654f08d4a6a03b23ddb220512d8d upstream.

The WARN_ON(!key-&gt;len) in set_secret() in net/ceph/crypto.c is hit if a
user tries to add a key of type "ceph" with an invalid payload as
follows (assuming CONFIG_CEPH_LIB=y):

    echo -e -n '\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' \
	| keyctl padd ceph desc @s

This can be hit by fuzzers.  As this is merely bad input and not a
kernel bug, replace the WARN_ON() with return -EINVAL.

Fixes: 7af3ea189a9a ("libceph: stop allocating a new cipher on every crypto request")
Signed-off-by: Eric Biggers &lt;ebiggers@google.com&gt;
Reviewed-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit b11270853fa3654f08d4a6a03b23ddb220512d8d upstream.

The WARN_ON(!key-&gt;len) in set_secret() in net/ceph/crypto.c is hit if a
user tries to add a key of type "ceph" with an invalid payload as
follows (assuming CONFIG_CEPH_LIB=y):

    echo -e -n '\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' \
	| keyctl padd ceph desc @s

This can be hit by fuzzers.  As this is merely bad input and not a
kernel bug, replace the WARN_ON() with return -EINVAL.

Fixes: 7af3ea189a9a ("libceph: stop allocating a new cipher on every crypto request")
Signed-off-by: Eric Biggers &lt;ebiggers@google.com&gt;
Reviewed-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>libceph: stop allocating a new cipher on every crypto request</title>
<updated>2017-01-26T07:24:46+00:00</updated>
<author>
<name>Ilya Dryomov</name>
<email>idryomov@gmail.com</email>
</author>
<published>2016-12-02T15:35:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=f77ef5348d4bfb498062930bd9af828f3ef2947e'/>
<id>f77ef5348d4bfb498062930bd9af828f3ef2947e</id>
<content type='text'>
commit 7af3ea189a9a13f090de51c97f676215dabc1205 upstream.

This is useless and more importantly not allowed on the writeback path,
because crypto_alloc_skcipher() allocates memory with GFP_KERNEL, which
can recurse back into the filesystem:

    kworker/9:3     D ffff92303f318180     0 20732      2 0x00000080
    Workqueue: ceph-msgr ceph_con_workfn [libceph]
     ffff923035dd4480 ffff923038f8a0c0 0000000000000001 000000009eb27318
     ffff92269eb28000 ffff92269eb27338 ffff923036b145ac ffff923035dd4480
     00000000ffffffff ffff923036b145b0 ffffffff951eb4e1 ffff923036b145a8
    Call Trace:
     [&lt;ffffffff951eb4e1&gt;] ? schedule+0x31/0x80
     [&lt;ffffffff951eb77a&gt;] ? schedule_preempt_disabled+0xa/0x10
     [&lt;ffffffff951ed1f4&gt;] ? __mutex_lock_slowpath+0xb4/0x130
     [&lt;ffffffff951ed28b&gt;] ? mutex_lock+0x1b/0x30
     [&lt;ffffffffc0a974b3&gt;] ? xfs_reclaim_inodes_ag+0x233/0x2d0 [xfs]
     [&lt;ffffffff94d92ba5&gt;] ? move_active_pages_to_lru+0x125/0x270
     [&lt;ffffffff94f2b985&gt;] ? radix_tree_gang_lookup_tag+0xc5/0x1c0
     [&lt;ffffffff94dad0f3&gt;] ? __list_lru_walk_one.isra.3+0x33/0x120
     [&lt;ffffffffc0a98331&gt;] ? xfs_reclaim_inodes_nr+0x31/0x40 [xfs]
     [&lt;ffffffff94e05bfe&gt;] ? super_cache_scan+0x17e/0x190
     [&lt;ffffffff94d919f3&gt;] ? shrink_slab.part.38+0x1e3/0x3d0
     [&lt;ffffffff94d9616a&gt;] ? shrink_node+0x10a/0x320
     [&lt;ffffffff94d96474&gt;] ? do_try_to_free_pages+0xf4/0x350
     [&lt;ffffffff94d967ba&gt;] ? try_to_free_pages+0xea/0x1b0
     [&lt;ffffffff94d863bd&gt;] ? __alloc_pages_nodemask+0x61d/0xe60
     [&lt;ffffffff94ddf42d&gt;] ? cache_grow_begin+0x9d/0x560
     [&lt;ffffffff94ddfb88&gt;] ? fallback_alloc+0x148/0x1c0
     [&lt;ffffffff94ed84e7&gt;] ? __crypto_alloc_tfm+0x37/0x130
     [&lt;ffffffff94de09db&gt;] ? __kmalloc+0x1eb/0x580
     [&lt;ffffffffc09fe2db&gt;] ? crush_choose_firstn+0x3eb/0x470 [libceph]
     [&lt;ffffffff94ed84e7&gt;] ? __crypto_alloc_tfm+0x37/0x130
     [&lt;ffffffff94ed9c19&gt;] ? crypto_spawn_tfm+0x39/0x60
     [&lt;ffffffffc08b30a3&gt;] ? crypto_cbc_init_tfm+0x23/0x40 [cbc]
     [&lt;ffffffff94ed857c&gt;] ? __crypto_alloc_tfm+0xcc/0x130
     [&lt;ffffffff94edcc23&gt;] ? crypto_skcipher_init_tfm+0x113/0x180
     [&lt;ffffffff94ed7cc3&gt;] ? crypto_create_tfm+0x43/0xb0
     [&lt;ffffffff94ed83b0&gt;] ? crypto_larval_lookup+0x150/0x150
     [&lt;ffffffff94ed7da2&gt;] ? crypto_alloc_tfm+0x72/0x120
     [&lt;ffffffffc0a01dd7&gt;] ? ceph_aes_encrypt2+0x67/0x400 [libceph]
     [&lt;ffffffffc09fd264&gt;] ? ceph_pg_to_up_acting_osds+0x84/0x5b0 [libceph]
     [&lt;ffffffff950d40a0&gt;] ? release_sock+0x40/0x90
     [&lt;ffffffff95139f94&gt;] ? tcp_recvmsg+0x4b4/0xae0
     [&lt;ffffffffc0a02714&gt;] ? ceph_encrypt2+0x54/0xc0 [libceph]
     [&lt;ffffffffc0a02b4d&gt;] ? ceph_x_encrypt+0x5d/0x90 [libceph]
     [&lt;ffffffffc0a02bdf&gt;] ? calcu_signature+0x5f/0x90 [libceph]
     [&lt;ffffffffc0a02ef5&gt;] ? ceph_x_sign_message+0x35/0x50 [libceph]
     [&lt;ffffffffc09e948c&gt;] ? prepare_write_message_footer+0x5c/0xa0 [libceph]
     [&lt;ffffffffc09ecd18&gt;] ? ceph_con_workfn+0x2258/0x2dd0 [libceph]
     [&lt;ffffffffc09e9903&gt;] ? queue_con_delay+0x33/0xd0 [libceph]
     [&lt;ffffffffc09f68ed&gt;] ? __submit_request+0x20d/0x2f0 [libceph]
     [&lt;ffffffffc09f6ef8&gt;] ? ceph_osdc_start_request+0x28/0x30 [libceph]
     [&lt;ffffffffc0b52603&gt;] ? rbd_queue_workfn+0x2f3/0x350 [rbd]
     [&lt;ffffffff94c94ec0&gt;] ? process_one_work+0x160/0x410
     [&lt;ffffffff94c951bd&gt;] ? worker_thread+0x4d/0x480
     [&lt;ffffffff94c95170&gt;] ? process_one_work+0x410/0x410
     [&lt;ffffffff94c9af8d&gt;] ? kthread+0xcd/0xf0
     [&lt;ffffffff951efb2f&gt;] ? ret_from_fork+0x1f/0x40
     [&lt;ffffffff94c9aec0&gt;] ? kthread_create_on_node+0x190/0x190

Allocating the cipher along with the key fixes the issue - as long the
key doesn't change, a single cipher context can be used concurrently in
multiple requests.

We still can't take that GFP_KERNEL allocation though.  Both
ceph_crypto_key_clone() and ceph_crypto_key_decode() are called from
GFP_NOFS context, so resort to memalloc_noio_{save,restore}() here.

Reported-by: Lucas Stach &lt;l.stach@pengutronix.de&gt;
Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Reviewed-by: Sage Weil &lt;sage@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 7af3ea189a9a13f090de51c97f676215dabc1205 upstream.

This is useless and more importantly not allowed on the writeback path,
because crypto_alloc_skcipher() allocates memory with GFP_KERNEL, which
can recurse back into the filesystem:

    kworker/9:3     D ffff92303f318180     0 20732      2 0x00000080
    Workqueue: ceph-msgr ceph_con_workfn [libceph]
     ffff923035dd4480 ffff923038f8a0c0 0000000000000001 000000009eb27318
     ffff92269eb28000 ffff92269eb27338 ffff923036b145ac ffff923035dd4480
     00000000ffffffff ffff923036b145b0 ffffffff951eb4e1 ffff923036b145a8
    Call Trace:
     [&lt;ffffffff951eb4e1&gt;] ? schedule+0x31/0x80
     [&lt;ffffffff951eb77a&gt;] ? schedule_preempt_disabled+0xa/0x10
     [&lt;ffffffff951ed1f4&gt;] ? __mutex_lock_slowpath+0xb4/0x130
     [&lt;ffffffff951ed28b&gt;] ? mutex_lock+0x1b/0x30
     [&lt;ffffffffc0a974b3&gt;] ? xfs_reclaim_inodes_ag+0x233/0x2d0 [xfs]
     [&lt;ffffffff94d92ba5&gt;] ? move_active_pages_to_lru+0x125/0x270
     [&lt;ffffffff94f2b985&gt;] ? radix_tree_gang_lookup_tag+0xc5/0x1c0
     [&lt;ffffffff94dad0f3&gt;] ? __list_lru_walk_one.isra.3+0x33/0x120
     [&lt;ffffffffc0a98331&gt;] ? xfs_reclaim_inodes_nr+0x31/0x40 [xfs]
     [&lt;ffffffff94e05bfe&gt;] ? super_cache_scan+0x17e/0x190
     [&lt;ffffffff94d919f3&gt;] ? shrink_slab.part.38+0x1e3/0x3d0
     [&lt;ffffffff94d9616a&gt;] ? shrink_node+0x10a/0x320
     [&lt;ffffffff94d96474&gt;] ? do_try_to_free_pages+0xf4/0x350
     [&lt;ffffffff94d967ba&gt;] ? try_to_free_pages+0xea/0x1b0
     [&lt;ffffffff94d863bd&gt;] ? __alloc_pages_nodemask+0x61d/0xe60
     [&lt;ffffffff94ddf42d&gt;] ? cache_grow_begin+0x9d/0x560
     [&lt;ffffffff94ddfb88&gt;] ? fallback_alloc+0x148/0x1c0
     [&lt;ffffffff94ed84e7&gt;] ? __crypto_alloc_tfm+0x37/0x130
     [&lt;ffffffff94de09db&gt;] ? __kmalloc+0x1eb/0x580
     [&lt;ffffffffc09fe2db&gt;] ? crush_choose_firstn+0x3eb/0x470 [libceph]
     [&lt;ffffffff94ed84e7&gt;] ? __crypto_alloc_tfm+0x37/0x130
     [&lt;ffffffff94ed9c19&gt;] ? crypto_spawn_tfm+0x39/0x60
     [&lt;ffffffffc08b30a3&gt;] ? crypto_cbc_init_tfm+0x23/0x40 [cbc]
     [&lt;ffffffff94ed857c&gt;] ? __crypto_alloc_tfm+0xcc/0x130
     [&lt;ffffffff94edcc23&gt;] ? crypto_skcipher_init_tfm+0x113/0x180
     [&lt;ffffffff94ed7cc3&gt;] ? crypto_create_tfm+0x43/0xb0
     [&lt;ffffffff94ed83b0&gt;] ? crypto_larval_lookup+0x150/0x150
     [&lt;ffffffff94ed7da2&gt;] ? crypto_alloc_tfm+0x72/0x120
     [&lt;ffffffffc0a01dd7&gt;] ? ceph_aes_encrypt2+0x67/0x400 [libceph]
     [&lt;ffffffffc09fd264&gt;] ? ceph_pg_to_up_acting_osds+0x84/0x5b0 [libceph]
     [&lt;ffffffff950d40a0&gt;] ? release_sock+0x40/0x90
     [&lt;ffffffff95139f94&gt;] ? tcp_recvmsg+0x4b4/0xae0
     [&lt;ffffffffc0a02714&gt;] ? ceph_encrypt2+0x54/0xc0 [libceph]
     [&lt;ffffffffc0a02b4d&gt;] ? ceph_x_encrypt+0x5d/0x90 [libceph]
     [&lt;ffffffffc0a02bdf&gt;] ? calcu_signature+0x5f/0x90 [libceph]
     [&lt;ffffffffc0a02ef5&gt;] ? ceph_x_sign_message+0x35/0x50 [libceph]
     [&lt;ffffffffc09e948c&gt;] ? prepare_write_message_footer+0x5c/0xa0 [libceph]
     [&lt;ffffffffc09ecd18&gt;] ? ceph_con_workfn+0x2258/0x2dd0 [libceph]
     [&lt;ffffffffc09e9903&gt;] ? queue_con_delay+0x33/0xd0 [libceph]
     [&lt;ffffffffc09f68ed&gt;] ? __submit_request+0x20d/0x2f0 [libceph]
     [&lt;ffffffffc09f6ef8&gt;] ? ceph_osdc_start_request+0x28/0x30 [libceph]
     [&lt;ffffffffc0b52603&gt;] ? rbd_queue_workfn+0x2f3/0x350 [rbd]
     [&lt;ffffffff94c94ec0&gt;] ? process_one_work+0x160/0x410
     [&lt;ffffffff94c951bd&gt;] ? worker_thread+0x4d/0x480
     [&lt;ffffffff94c95170&gt;] ? process_one_work+0x410/0x410
     [&lt;ffffffff94c9af8d&gt;] ? kthread+0xcd/0xf0
     [&lt;ffffffff951efb2f&gt;] ? ret_from_fork+0x1f/0x40
     [&lt;ffffffff94c9aec0&gt;] ? kthread_create_on_node+0x190/0x190

Allocating the cipher along with the key fixes the issue - as long the
key doesn't change, a single cipher context can be used concurrently in
multiple requests.

We still can't take that GFP_KERNEL allocation though.  Both
ceph_crypto_key_clone() and ceph_crypto_key_decode() are called from
GFP_NOFS context, so resort to memalloc_noio_{save,restore}() here.

Reported-by: Lucas Stach &lt;l.stach@pengutronix.de&gt;
Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Reviewed-by: Sage Weil &lt;sage@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>libceph: uninline ceph_crypto_key_destroy()</title>
<updated>2017-01-26T07:24:46+00:00</updated>
<author>
<name>Ilya Dryomov</name>
<email>idryomov@gmail.com</email>
</author>
<published>2016-12-02T15:35:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=5b482bf5886855be44e89653f88297aab423dee6'/>
<id>5b482bf5886855be44e89653f88297aab423dee6</id>
<content type='text'>
commit 6db2304aabb070261ad34923bfd83c43dfb000e3 upstream.

Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Reviewed-by: Sage Weil &lt;sage@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 6db2304aabb070261ad34923bfd83c43dfb000e3 upstream.

Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Reviewed-by: Sage Weil &lt;sage@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>libceph: make sure ceph_aes_crypt() IV is aligned</title>
<updated>2017-01-26T07:24:43+00:00</updated>
<author>
<name>Ilya Dryomov</name>
<email>idryomov@gmail.com</email>
</author>
<published>2017-01-16T18:16:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=a193c72475960dfb98a37d0fc7739a10ccd95111'/>
<id>a193c72475960dfb98a37d0fc7739a10ccd95111</id>
<content type='text'>
commit 124f930b8cbc4ac11236e6eb1c5f008318864588 upstream.

... otherwise the crypto stack will align it for us with a GFP_ATOMIC
allocation and a memcpy() -- see skcipher_walk_first().

Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 124f930b8cbc4ac11236e6eb1c5f008318864588 upstream.

... otherwise the crypto stack will align it for us with a GFP_ATOMIC
allocation and a memcpy() -- see skcipher_walk_first().

Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>libceph: remove now unused ceph_*{en,de}crypt*() functions</title>
<updated>2017-01-26T07:24:42+00:00</updated>
<author>
<name>Ilya Dryomov</name>
<email>idryomov@gmail.com</email>
</author>
<published>2016-12-02T15:35:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=b8add6715c9ada1619e6db6d4e106c03df94267c'/>
<id>b8add6715c9ada1619e6db6d4e106c03df94267c</id>
<content type='text'>
commit 2b1e1a7cd0a615d57455567a549f9965023321b5 upstream.

Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Reviewed-by: Sage Weil &lt;sage@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 2b1e1a7cd0a615d57455567a549f9965023321b5 upstream.

Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Reviewed-by: Sage Weil &lt;sage@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>libceph: introduce ceph_crypt() for in-place en/decryption</title>
<updated>2017-01-26T07:24:41+00:00</updated>
<author>
<name>Ilya Dryomov</name>
<email>idryomov@gmail.com</email>
</author>
<published>2016-12-02T15:35:07+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=ecf7ced8562811576cd02158d6ae8e44c1fb4671'/>
<id>ecf7ced8562811576cd02158d6ae8e44c1fb4671</id>
<content type='text'>
commit a45f795c65b479b4ba107b6ccde29b896d51ee98 upstream.

Starting with 4.9, kernel stacks may be vmalloced and therefore not
guaranteed to be physically contiguous; the new CONFIG_VMAP_STACK
option is enabled by default on x86.  This makes it invalid to use
on-stack buffers with the crypto scatterlist API, as sg_set_buf()
expects a logical address and won't work with vmalloced addresses.

There isn't a different (e.g. kvec-based) crypto API we could switch
net/ceph/crypto.c to and the current scatterlist.h API isn't getting
updated to accommodate this use case.  Allocating a new header and
padding for each operation is a non-starter, so do the en/decryption
in-place on a single pre-assembled (header + data + padding) heap
buffer.  This is explicitly supported by the crypto API:

    "... the caller may provide the same scatter/gather list for the
     plaintext and cipher text. After the completion of the cipher
     operation, the plaintext data is replaced with the ciphertext data
     in case of an encryption and vice versa for a decryption."

Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Reviewed-by: Sage Weil &lt;sage@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit a45f795c65b479b4ba107b6ccde29b896d51ee98 upstream.

Starting with 4.9, kernel stacks may be vmalloced and therefore not
guaranteed to be physically contiguous; the new CONFIG_VMAP_STACK
option is enabled by default on x86.  This makes it invalid to use
on-stack buffers with the crypto scatterlist API, as sg_set_buf()
expects a logical address and won't work with vmalloced addresses.

There isn't a different (e.g. kvec-based) crypto API we could switch
net/ceph/crypto.c to and the current scatterlist.h API isn't getting
updated to accommodate this use case.  Allocating a new header and
padding for each operation is a non-starter, so do the en/decryption
in-place on a single pre-assembled (header + data + padding) heap
buffer.  This is explicitly supported by the crypto API:

    "... the caller may provide the same scatter/gather list for the
     plaintext and cipher text. After the completion of the cipher
     operation, the plaintext data is replaced with the ciphertext data
     in case of an encryption and vice versa for a decryption."

Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Reviewed-by: Sage Weil &lt;sage@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>libceph: Remove unnecessary ivsize variables</title>
<updated>2016-01-27T12:36:25+00:00</updated>
<author>
<name>Ilya Dryomov</name>
<email>idryomov@gmail.com</email>
</author>
<published>2016-01-26T10:54:55+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=e9f6452e0e55ceea004f5bc0802fb14778d16c42'/>
<id>e9f6452e0e55ceea004f5bc0802fb14778d16c42</id>
<content type='text'>
This patch removes the unnecessary ivsize variabls as they always
have the value of AES_BLOCK_SIZE.

Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch removes the unnecessary ivsize variabls as they always
have the value of AES_BLOCK_SIZE.

Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>libceph: Use skcipher</title>
<updated>2016-01-27T12:36:05+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2016-01-24T13:18:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=e59dd982d355a40f08a666ce3ee3feea2af86959'/>
<id>e59dd982d355a40f08a666ce3ee3feea2af86959</id>
<content type='text'>
This patch replaces uses of blkcipher with skcipher.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch replaces uses of blkcipher with skcipher.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>KEYS: Merge the type-specific data with the payload data</title>
<updated>2015-10-21T14:18:36+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2015-10-21T13:04:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc'/>
<id>146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc</id>
<content type='text'>
Merge the type-specific data with the payload data into one four-word chunk
as it seems pointless to keep them separate.

Use user_key_payload() for accessing the payloads of overloaded
user-defined keys.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: linux-cifs@vger.kernel.org
cc: ecryptfs@vger.kernel.org
cc: linux-ext4@vger.kernel.org
cc: linux-f2fs-devel@lists.sourceforge.net
cc: linux-nfs@vger.kernel.org
cc: ceph-devel@vger.kernel.org
cc: linux-ima-devel@lists.sourceforge.net
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Merge the type-specific data with the payload data into one four-word chunk
as it seems pointless to keep them separate.

Use user_key_payload() for accessing the payloads of overloaded
user-defined keys.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: linux-cifs@vger.kernel.org
cc: ecryptfs@vger.kernel.org
cc: linux-ext4@vger.kernel.org
cc: linux-f2fs-devel@lists.sourceforge.net
cc: linux-nfs@vger.kernel.org
cc: ceph-devel@vger.kernel.org
cc: linux-ima-devel@lists.sourceforge.net
</pre>
</div>
</content>
</entry>
<entry>
<title>libceph: remove the unused macro AES_KEY_SIZE</title>
<updated>2015-09-08T20:14:28+00:00</updated>
<author>
<name>Nicholas Krause</name>
<email>xerofoify@gmail.com</email>
</author>
<published>2015-07-05T06:34:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.toradex.cn/cgit/linux-toradex.git/commit/?id=b79b23682a1649f30960fb5bd920ba46c89a1b14'/>
<id>b79b23682a1649f30960fb5bd920ba46c89a1b14</id>
<content type='text'>
This removes the no longer used macro AES_KEY_SIZE as no functions use
this macro anymore and thus this macro can be removed due it no longer
being required.

Signed-off-by: Nicholas Krause &lt;xerofoify@gmail.com&gt;
Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This removes the no longer used macro AES_KEY_SIZE as no functions use
this macro anymore and thus this macro can be removed due it no longer
being required.

Signed-off-by: Nicholas Krause &lt;xerofoify@gmail.com&gt;
Signed-off-by: Ilya Dryomov &lt;idryomov@gmail.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
