* [PATCH crypto] crypto: algboss: fix NULL pointer dereference in cryptomgr_probe
From: Daniel Borkmann @ 2013-06-20 8:00 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, linux-sctp, netdev
After having fixed a NULL pointer dereference in SCTP 1abd165e ("net:
sctp: fix NULL pointer dereference in socket destruction"), I ran into
the following NULL pointer dereference in the crypto subsystem with
the same reproducer, easily hit each time:
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<ffffffff81070321>] __wake_up_common+0x31/0x90
PGD 0
Oops: 0000 [#1] SMP
Modules linked in: padlock_sha(F-) sha256_generic(F) sctp(F) libcrc32c(F) [..]
CPU: 6 PID: 3326 Comm: cryptomgr_probe Tainted: GF 3.10.0-rc5+ #1
Hardware name: Dell Inc. PowerEdge T410/0H19HD, BIOS 1.6.3 02/01/2011
task: ffff88007b6cf4e0 ti: ffff88007b7cc000 task.ti: ffff88007b7cc000
RIP: 0010:[<ffffffff81070321>] [<ffffffff81070321>] __wake_up_common+0x31/0x90
RSP: 0018:ffff88007b7cde08 EFLAGS: 00010082
RAX: ffffffffffffffe8 RBX: ffff88003756c130 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffff88003756c130
RBP: ffff88007b7cde48 R08: 0000000000000000 R09: ffff88012b173200
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000282
R13: ffff88003756c138 R14: 0000000000000000 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff88012fc60000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000000 CR3: 0000000001a0b000 CR4: 00000000000007e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Stack:
ffff88007b7cde28 0000000300000000 ffff88007b7cde28 ffff88003756c130
0000000000000282 ffff88003756c128 ffffffff81227670 0000000000000000
ffff88007b7cde78 ffffffff810722b7 ffff88007cdcf000 ffffffff81a90540
Call Trace:
[<ffffffff81227670>] ? crypto_alloc_pcomp+0x20/0x20
[<ffffffff810722b7>] complete_all+0x47/0x60
[<ffffffff81227708>] cryptomgr_probe+0x98/0xc0
[<ffffffff81227670>] ? crypto_alloc_pcomp+0x20/0x20
[<ffffffff8106760e>] kthread+0xce/0xe0
[<ffffffff81067540>] ? kthread_freezable_should_stop+0x70/0x70
[<ffffffff815450dc>] ret_from_fork+0x7c/0xb0
[<ffffffff81067540>] ? kthread_freezable_should_stop+0x70/0x70
Code: 41 56 41 55 41 54 53 48 83 ec 18 66 66 66 66 90 89 75 cc 89 55 c8
4c 8d 6f 08 48 8b 57 08 41 89 cf 4d 89 c6 48 8d 42 e
RIP [<ffffffff81070321>] __wake_up_common+0x31/0x90
RSP <ffff88007b7cde08>
CR2: 0000000000000000
---[ end trace b495b19270a4d37e ]---
My assumption is that the following is happening: the minimal SCTP
tool runs under ``echo 1 > /proc/sys/net/sctp/auth_enable'', hence
it's making use of crypto_alloc_hash() via sctp_auth_init_hmacs().
It forks itself, heavily allocates, binds, listens and waits in
accept on sctp sockets, and then randomly kills some of them (no
need for an actual client in this case to hit this). Then, again,
allocating, binding, etc, and then killing child processes.
The problem that might be happening here is that cryptomgr requests
the module to probe/load through cryptomgr_schedule_probe(), but
before the thread handler cryptomgr_probe() returns, we return from
the wait_for_completion_interruptible() function and probably already
have cleared up larval, thus we run into a NULL pointer dereference
when in cryptomgr_probe() complete_all() is being called.
If we wait with wait_for_completion() instead, this panic will not
occur anymore. This is valid, because in case a signal is pending,
cryptomgr_probe() returns from probing anyway with properly calling
complete_all().
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
---
v1->v2:
- Submitting as non-RFC
- Slightly improving commit message
crypto/algboss.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/algboss.c b/crypto/algboss.c
index 769219b..eee89a5 100644
--- a/crypto/algboss.c
+++ b/crypto/algboss.c
@@ -195,7 +195,7 @@ static int cryptomgr_schedule_probe(struct crypto_larval *larval)
if (IS_ERR(thread))
goto err_free_param;
- wait_for_completion_interruptible(&larval->completion);
+ wait_for_completion(&larval->completion);
return NOTIFY_STOP;
--
1.7.11.7
^ permalink raw reply related
* Re: [PATCH v2 2/4] lib/scatterlist: introduce sg_pcopy_from_buffer() and sg_pcopy_to_buffer()
From: Akinobu Mita @ 2013-06-19 13:12 UTC (permalink / raw)
To: Tejun Heo
Cc: LKML, Andrew Morton, Imre Deak, Herbert Xu, David S. Miller,
linux-crypto, James E.J. Bottomley, Douglas Gilbert, linux-scsi
In-Reply-To: <20130618143728.GE2767@htj.dyndns.org>
2013/6/18 Tejun Heo <tj@kernel.org>:
> On Tue, Jun 18, 2013 at 10:31:32PM +0900, Akinobu Mita wrote:
>> /**
>> + * sg_miter_seek - reposition mapping iterator
>> + * @miter: sg mapping iter to be seeked
>> + * @offset: number of bytes to plus the current location
>> + *
>> + * Description:
>> + * Sets the offset of @miter to its current location plus @offset bytes.
>> + *
>> + * Notes:
>> + * This function must be called just after sg_miter_start() or sg_miter_stop()
>
> It's not gonna be hard to make this function to handle any state,
> right? Wouldn't it be better to do that? It's a pretty generic
> feature after all. Also, maybe a better name is sg_miter_skip()?
Yes. This limitation can be removed by calling sg_miter_stop() at
the front of sg_miter_seek(). Also, renaming it to sg_miter_skip()
sounds good.
^ permalink raw reply
* Re: [PATCH v2 2/4] lib/scatterlist: introduce sg_pcopy_from_buffer() and sg_pcopy_to_buffer()
From: Tejun Heo @ 2013-06-18 14:37 UTC (permalink / raw)
To: Akinobu Mita
Cc: linux-kernel, akpm, Imre Deak, Herbert Xu, David S. Miller,
linux-crypto, James E.J. Bottomley, Douglas Gilbert, linux-scsi
In-Reply-To: <1371562294-13642-3-git-send-email-akinobu.mita@gmail.com>
On Tue, Jun 18, 2013 at 10:31:32PM +0900, Akinobu Mita wrote:
> /**
> + * sg_miter_seek - reposition mapping iterator
> + * @miter: sg mapping iter to be seeked
> + * @offset: number of bytes to plus the current location
> + *
> + * Description:
> + * Sets the offset of @miter to its current location plus @offset bytes.
> + *
> + * Notes:
> + * This function must be called just after sg_miter_start() or sg_miter_stop()
It's not gonna be hard to make this function to handle any state,
right? Wouldn't it be better to do that? It's a pretty generic
feature after all. Also, maybe a better name is sg_miter_skip()?
Thanks.
--
tejun
^ permalink raw reply
* Re: [PATCH v2 1/4] lib/scatterlist: factor out sg_miter_get_next_page() from sg_miter_next()
From: Tejun Heo @ 2013-06-18 14:35 UTC (permalink / raw)
To: Akinobu Mita
Cc: linux-kernel, akpm, Imre Deak, Herbert Xu, David S. Miller,
linux-crypto, James E.J. Bottomley, Douglas Gilbert, linux-scsi
In-Reply-To: <1371562294-13642-2-git-send-email-akinobu.mita@gmail.com>
On Tue, Jun 18, 2013 at 10:31:31PM +0900, Akinobu Mita wrote:
> This function is used to proceed page iterator to the next page if
> necessary, and will be used to implement the variants of
> sg_copy_{from,to}_buffer() later.
>
> Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
> Cc: Tejun Heo <tj@kernel.org>
> Cc: Imre Deak <imre.deak@intel.com>
> Cc: Herbert Xu <herbert@gondor.apana.org.au>
> Cc: "David S. Miller" <davem@davemloft.net>
> Cc: linux-crypto@vger.kernel.org
> Cc: "James E.J. Bottomley" <JBottomley@parallels.com>
> Cc: Douglas Gilbert <dgilbert@interlog.com>
> Cc: linux-scsi@vger.kernel.org
Acked-by: Tejun Heo <tj@kernel.org>
Thanks.
--
tejun
^ permalink raw reply
* [PATCH v2 3/4] crypto: talitos: use sg_pcopy_to_buffer()
From: Akinobu Mita @ 2013-06-18 13:31 UTC (permalink / raw)
To: linux-kernel, akpm
Cc: Akinobu Mita, Herbert Xu, Horia Geanta, David S. Miller,
linux-crypto
In-Reply-To: <1371562294-13642-1-git-send-email-akinobu.mita@gmail.com>
Use sg_pcopy_to_buffer() which is better than the function previously used.
Because it doesn't do kmap/kunmap for skipped pages.
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Horia Geanta <horia.geanta@freescale.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org
---
* No change from v1
drivers/crypto/talitos.c | 60 +-----------------------------------------------
1 file changed, 1 insertion(+), 59 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 5b2b5e6..661dc3e 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1112,64 +1112,6 @@ static int sg_count(struct scatterlist *sg_list, int nbytes, bool *chained)
return sg_nents;
}
-/**
- * sg_copy_end_to_buffer - Copy end data from SG list to a linear buffer
- * @sgl: The SG list
- * @nents: Number of SG entries
- * @buf: Where to copy to
- * @buflen: The number of bytes to copy
- * @skip: The number of bytes to skip before copying.
- * Note: skip + buflen should equal SG total size.
- *
- * Returns the number of copied bytes.
- *
- **/
-static size_t sg_copy_end_to_buffer(struct scatterlist *sgl, unsigned int nents,
- void *buf, size_t buflen, unsigned int skip)
-{
- unsigned int offset = 0;
- unsigned int boffset = 0;
- struct sg_mapping_iter miter;
- unsigned long flags;
- unsigned int sg_flags = SG_MITER_ATOMIC;
- size_t total_buffer = buflen + skip;
-
- sg_flags |= SG_MITER_FROM_SG;
-
- sg_miter_start(&miter, sgl, nents, sg_flags);
-
- local_irq_save(flags);
-
- while (sg_miter_next(&miter) && offset < total_buffer) {
- unsigned int len;
- unsigned int ignore;
-
- if ((offset + miter.length) > skip) {
- if (offset < skip) {
- /* Copy part of this segment */
- ignore = skip - offset;
- len = miter.length - ignore;
- if (boffset + len > buflen)
- len = buflen - boffset;
- memcpy(buf + boffset, miter.addr + ignore, len);
- } else {
- /* Copy all of this segment (up to buflen) */
- len = miter.length;
- if (boffset + len > buflen)
- len = buflen - boffset;
- memcpy(buf + boffset, miter.addr, len);
- }
- boffset += len;
- }
- offset += miter.length;
- }
-
- sg_miter_stop(&miter);
-
- local_irq_restore(flags);
- return boffset;
-}
-
/*
* allocate and map the extended descriptor
*/
@@ -1800,7 +1742,7 @@ static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
if (to_hash_later) {
int nents = sg_count(areq->src, nbytes, &chained);
- sg_copy_end_to_buffer(areq->src, nents,
+ sg_pcopy_to_buffer(areq->src, nents,
req_ctx->bufnext,
to_hash_later,
nbytes - to_hash_later);
--
1.8.1.4
^ permalink raw reply related
* [PATCH v2 2/4] lib/scatterlist: introduce sg_pcopy_from_buffer() and sg_pcopy_to_buffer()
From: Akinobu Mita @ 2013-06-18 13:31 UTC (permalink / raw)
To: linux-kernel, akpm
Cc: Akinobu Mita, Tejun Heo, Imre Deak, Herbert Xu, David S. Miller,
linux-crypto, James E.J. Bottomley, Douglas Gilbert, linux-scsi
In-Reply-To: <1371562294-13642-1-git-send-email-akinobu.mita@gmail.com>
The only difference between sg_pcopy_{from,to}_buffer() and
sg_copy_{from,to}_buffer() is an additional argument that specifies
the number of bytes to skip the SG list before copying.
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Imre Deak <imre.deak@intel.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org
Cc: "James E.J. Bottomley" <JBottomley@parallels.com>
Cc: Douglas Gilbert <dgilbert@interlog.com>
Cc: linux-scsi@vger.kernel.org
---
* Change from v2
- Separate the change that factors out sg_miter_get_next_page()
- Add function comment for internal function sg_miter_seek()
include/linux/scatterlist.h | 5 +++
lib/scatterlist.c | 88 ++++++++++++++++++++++++++++++++++++++++++---
2 files changed, 88 insertions(+), 5 deletions(-)
diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h
index 2680677..adae88f 100644
--- a/include/linux/scatterlist.h
+++ b/include/linux/scatterlist.h
@@ -244,6 +244,11 @@ size_t sg_copy_from_buffer(struct scatterlist *sgl, unsigned int nents,
size_t sg_copy_to_buffer(struct scatterlist *sgl, unsigned int nents,
void *buf, size_t buflen);
+size_t sg_pcopy_from_buffer(struct scatterlist *sgl, unsigned int nents,
+ void *buf, size_t buflen, off_t skip);
+size_t sg_pcopy_to_buffer(struct scatterlist *sgl, unsigned int nents,
+ void *buf, size_t buflen, off_t skip);
+
/*
* Maximum number of entries that will be allocated in one piece, if
* a list larger than this is required then chaining will be utilized.
diff --git a/lib/scatterlist.c b/lib/scatterlist.c
index c35b929..f167392 100644
--- a/lib/scatterlist.c
+++ b/lib/scatterlist.c
@@ -476,6 +476,43 @@ static bool sg_miter_get_next_page(struct sg_mapping_iter *miter)
}
/**
+ * sg_miter_seek - reposition mapping iterator
+ * @miter: sg mapping iter to be seeked
+ * @offset: number of bytes to plus the current location
+ *
+ * Description:
+ * Sets the offset of @miter to its current location plus @offset bytes.
+ *
+ * Notes:
+ * This function must be called just after sg_miter_start() or sg_miter_stop()
+ *
+ * Context:
+ * Don't care.
+ *
+ * Returns:
+ * true if @miter contains the valid mapping. false if end of sg
+ * list is reached.
+ */
+static bool sg_miter_seek(struct sg_mapping_iter *miter, off_t offset)
+{
+ WARN_ON(miter->addr);
+
+ while (offset) {
+ off_t consumed;
+
+ if (!sg_miter_get_next_page(miter))
+ return false;
+
+ consumed = min_t(off_t, offset, miter->__remaining);
+ miter->__offset += consumed;
+ miter->__remaining -= consumed;
+ offset -= consumed;
+ }
+
+ return true;
+}
+
+/**
* sg_miter_next - proceed mapping iterator to the next mapping
* @miter: sg mapping iter to proceed
*
@@ -561,14 +598,16 @@ EXPORT_SYMBOL(sg_miter_stop);
* @nents: Number of SG entries
* @buf: Where to copy from
* @buflen: The number of bytes to copy
- * @to_buffer: transfer direction (non zero == from an sg list to a
- * buffer, 0 == from a buffer to an sg list
+ * @skip: Number of bytes to skip before copying
+ * @to_buffer: transfer direction (true == from an sg list to a
+ * buffer, false == from a buffer to an sg list
*
* Returns the number of copied bytes.
*
**/
static size_t sg_copy_buffer(struct scatterlist *sgl, unsigned int nents,
- void *buf, size_t buflen, int to_buffer)
+ void *buf, size_t buflen, off_t skip,
+ bool to_buffer)
{
unsigned int offset = 0;
struct sg_mapping_iter miter;
@@ -582,6 +621,9 @@ static size_t sg_copy_buffer(struct scatterlist *sgl, unsigned int nents,
sg_miter_start(&miter, sgl, nents, sg_flags);
+ if (!sg_miter_seek(&miter, skip))
+ return false;
+
local_irq_save(flags);
while (sg_miter_next(&miter) && offset < buflen) {
@@ -616,7 +658,7 @@ static size_t sg_copy_buffer(struct scatterlist *sgl, unsigned int nents,
size_t sg_copy_from_buffer(struct scatterlist *sgl, unsigned int nents,
void *buf, size_t buflen)
{
- return sg_copy_buffer(sgl, nents, buf, buflen, 0);
+ return sg_copy_buffer(sgl, nents, buf, buflen, 0, false);
}
EXPORT_SYMBOL(sg_copy_from_buffer);
@@ -633,6 +675,42 @@ EXPORT_SYMBOL(sg_copy_from_buffer);
size_t sg_copy_to_buffer(struct scatterlist *sgl, unsigned int nents,
void *buf, size_t buflen)
{
- return sg_copy_buffer(sgl, nents, buf, buflen, 1);
+ return sg_copy_buffer(sgl, nents, buf, buflen, 0, true);
}
EXPORT_SYMBOL(sg_copy_to_buffer);
+
+/**
+ * sg_pcopy_from_buffer - Copy from a linear buffer to an SG list
+ * @sgl: The SG list
+ * @nents: Number of SG entries
+ * @buf: Where to copy from
+ * @skip: Number of bytes to skip before copying
+ * @buflen: The number of bytes to copy
+ *
+ * Returns the number of copied bytes.
+ *
+ **/
+size_t sg_pcopy_from_buffer(struct scatterlist *sgl, unsigned int nents,
+ void *buf, size_t buflen, off_t skip)
+{
+ return sg_copy_buffer(sgl, nents, buf, buflen, skip, false);
+}
+EXPORT_SYMBOL(sg_pcopy_from_buffer);
+
+/**
+ * sg_pcopy_to_buffer - Copy from an SG list to a linear buffer
+ * @sgl: The SG list
+ * @nents: Number of SG entries
+ * @buf: Where to copy to
+ * @skip: Number of bytes to skip before copying
+ * @buflen: The number of bytes to copy
+ *
+ * Returns the number of copied bytes.
+ *
+ **/
+size_t sg_pcopy_to_buffer(struct scatterlist *sgl, unsigned int nents,
+ void *buf, size_t buflen, off_t skip)
+{
+ return sg_copy_buffer(sgl, nents, buf, buflen, skip, true);
+}
+EXPORT_SYMBOL(sg_pcopy_to_buffer);
--
1.8.1.4
^ permalink raw reply related
* [PATCH v2 1/4] lib/scatterlist: factor out sg_miter_get_next_page() from sg_miter_next()
From: Akinobu Mita @ 2013-06-18 13:31 UTC (permalink / raw)
To: linux-kernel, akpm
Cc: Akinobu Mita, Tejun Heo, Imre Deak, Herbert Xu, David S. Miller,
linux-crypto, James E.J. Bottomley, Douglas Gilbert, linux-scsi
In-Reply-To: <1371562294-13642-1-git-send-email-akinobu.mita@gmail.com>
This function is used to proceed page iterator to the next page if
necessary, and will be used to implement the variants of
sg_copy_{from,to}_buffer() later.
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Imre Deak <imre.deak@intel.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org
Cc: "James E.J. Bottomley" <JBottomley@parallels.com>
Cc: Douglas Gilbert <dgilbert@interlog.com>
Cc: linux-scsi@vger.kernel.org
---
* New patch from v2
lib/scatterlist.c | 39 ++++++++++++++++++++++++---------------
1 file changed, 24 insertions(+), 15 deletions(-)
diff --git a/lib/scatterlist.c b/lib/scatterlist.c
index a1cf8ca..c35b929 100644
--- a/lib/scatterlist.c
+++ b/lib/scatterlist.c
@@ -453,6 +453,28 @@ void sg_miter_start(struct sg_mapping_iter *miter, struct scatterlist *sgl,
}
EXPORT_SYMBOL(sg_miter_start);
+static bool sg_miter_get_next_page(struct sg_mapping_iter *miter)
+{
+ if (!miter->__remaining) {
+ struct scatterlist *sg;
+ unsigned long pgoffset;
+
+ if (!__sg_page_iter_next(&miter->piter))
+ return false;
+
+ sg = miter->piter.sg;
+ pgoffset = miter->piter.sg_pgoffset;
+
+ miter->__offset = pgoffset ? 0 : sg->offset;
+ miter->__remaining = sg->offset + sg->length -
+ (pgoffset << PAGE_SHIFT) - miter->__offset;
+ miter->__remaining = min_t(unsigned long, miter->__remaining,
+ PAGE_SIZE - miter->__offset);
+ }
+
+ return true;
+}
+
/**
* sg_miter_next - proceed mapping iterator to the next mapping
* @miter: sg mapping iter to proceed
@@ -478,22 +500,9 @@ bool sg_miter_next(struct sg_mapping_iter *miter)
* Get to the next page if necessary.
* __remaining, __offset is adjusted by sg_miter_stop
*/
- if (!miter->__remaining) {
- struct scatterlist *sg;
- unsigned long pgoffset;
-
- if (!__sg_page_iter_next(&miter->piter))
- return false;
-
- sg = miter->piter.sg;
- pgoffset = miter->piter.sg_pgoffset;
+ if (!sg_miter_get_next_page(miter))
+ return false;
- miter->__offset = pgoffset ? 0 : sg->offset;
- miter->__remaining = sg->offset + sg->length -
- (pgoffset << PAGE_SHIFT) - miter->__offset;
- miter->__remaining = min_t(unsigned long, miter->__remaining,
- PAGE_SIZE - miter->__offset);
- }
miter->page = sg_page_iter_page(&miter->piter);
miter->consumed = miter->length = miter->__remaining;
--
1.8.1.4
^ permalink raw reply related
* [PATCH v2 0/4] introduce sg_pcopy_from_buffer() and sg_pcopy_to_buffer()
From: Akinobu Mita @ 2013-06-18 13:31 UTC (permalink / raw)
To: linux-kernel, akpm
Cc: Akinobu Mita, Tejun Heo, Imre Deak, Herbert Xu, David S. Miller,
linux-crypto, James E.J. Bottomley, Douglas Gilbert, linux-scsi
This patch set introduces sg_pcopy_from_buffer() and sg_pcopy_to_buffer(),
which copy data between a linear buffer and an SG list.
The only difference between sg_pcopy_{from,to}_buffer() and
sg_copy_{from,to}_buffer() is an additional argument that specifies
the number of bytes to skip the SG list before copying.
The main reason for introducing these functions is to fix a problem
in scsi_debug module. And there is a local function in crypto/talitos
module, which can be replaced by sg_pcopy_to_buffer().
* Changes from v1
- Separate the change that factors out sg_miter_get_next_page() from
the patch "introduce sg_pcopy_from_buffer() and sg_pcopy_to_buffer()"
- Add function comment for internal function sg_miter_seek()
- Simplify the assignment of sdb->resid in fill_from_dev_buffer() in
scsi_debug
Akinobu Mita (4):
lib/scatterlist: factor out sg_miter_get_next_page() from
sg_miter_next()
lib/scatterlist: introduce sg_pcopy_from_buffer() and
sg_pcopy_to_buffer()
crypto: talitos: use sg_pcopy_to_buffer()
scsi_debug: fix do_device_access() with wrap around range
drivers/crypto/talitos.c | 60 +--------------------
drivers/scsi/scsi_debug.c | 48 +++++++++++++----
include/linux/scatterlist.h | 5 ++
lib/scatterlist.c | 127 +++++++++++++++++++++++++++++++++++++-------
4 files changed, 150 insertions(+), 90 deletions(-)
Cc: Tejun Heo <tj@kernel.org>
Cc: Imre Deak <imre.deak@intel.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org
Cc: "James E.J. Bottomley" <JBottomley@parallels.com>
Cc: Douglas Gilbert <dgilbert@interlog.com>
Cc: linux-scsi@vger.kernel.org
--
1.8.1.4
^ permalink raw reply
* [RFC, PATCH] crypto: algboss: fix NULL pointer dereference in cryptomgr_probe
From: Daniel Borkmann @ 2013-06-14 14:09 UTC (permalink / raw)
To: herbert; +Cc: davem, linux-crypto, linux-sctp
After having fixed a NULL pointer dereference in SCTP 1abd165e ("net:
sctp: fix NULL pointer dereference in socket destruction"), I ran into
the following NULL pointer dereference in the crypto subsystem with
the same reproducer, easily hit each time:
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<ffffffff81070321>] __wake_up_common+0x31/0x90
PGD 0
Oops: 0000 [#1] SMP
Modules linked in: padlock_sha(F-) sha256_generic(F) sctp(F) libcrc32c(F) [..]
CPU: 6 PID: 3326 Comm: cryptomgr_probe Tainted: GF 3.10.0-rc5+ #1
Hardware name: Dell Inc. PowerEdge T410/0H19HD, BIOS 1.6.3 02/01/2011
task: ffff88007b6cf4e0 ti: ffff88007b7cc000 task.ti: ffff88007b7cc000
RIP: 0010:[<ffffffff81070321>] [<ffffffff81070321>] __wake_up_common+0x31/0x90
RSP: 0018:ffff88007b7cde08 EFLAGS: 00010082
RAX: ffffffffffffffe8 RBX: ffff88003756c130 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffff88003756c130
RBP: ffff88007b7cde48 R08: 0000000000000000 R09: ffff88012b173200
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000282
R13: ffff88003756c138 R14: 0000000000000000 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff88012fc60000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000000 CR3: 0000000001a0b000 CR4: 00000000000007e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Stack:
ffff88007b7cde28 0000000300000000 ffff88007b7cde28 ffff88003756c130
0000000000000282 ffff88003756c128 ffffffff81227670 0000000000000000
ffff88007b7cde78 ffffffff810722b7 ffff88007cdcf000 ffffffff81a90540
Call Trace:
[<ffffffff81227670>] ? crypto_alloc_pcomp+0x20/0x20
[<ffffffff810722b7>] complete_all+0x47/0x60
[<ffffffff81227708>] cryptomgr_probe+0x98/0xc0
[<ffffffff81227670>] ? crypto_alloc_pcomp+0x20/0x20
[<ffffffff8106760e>] kthread+0xce/0xe0
[<ffffffff81067540>] ? kthread_freezable_should_stop+0x70/0x70
[<ffffffff815450dc>] ret_from_fork+0x7c/0xb0
[<ffffffff81067540>] ? kthread_freezable_should_stop+0x70/0x70
Code: 41 56 41 55 41 54 53 48 83 ec 18 66 66 66 66 90 89 75 cc 89 55 c8
4c 8d 6f 08 48 8b 57 08 41 89 cf 4d 89 c6 48 8d 42 e
RIP [<ffffffff81070321>] __wake_up_common+0x31/0x90
RSP <ffff88007b7cde08>
CR2: 0000000000000000
---[ end trace b495b19270a4d37e ]---
My assumption is that the following is happening: the minimal SCTP
tool runs under ``echo 1 > /proc/sys/net/sctp/auth_enable'', hence
it's making use of crypto_alloc_hash() via sctp_auth_init_hmacs().
It forks itself, heavily allocates, binds, listens and waits in
accept on sctp sockets, and then randomly kills some of them (no
need for an actual client in this case to hit this). Then, again,
allocating, binding, etc, and then killing child processes.
The problem that might be happening here is that cryptomgr requests
the module to probe/load through cryptomgr_schedule_probe(), but
before the thread handler cryptomgr_probe() returns, we return from
the wait_for_completion_interruptible() function and probably already
have cleared up larval, thus we run into a NULL pointer dereference
when in cryptomgr_probe() complete_all() is being called.
If we wait with wait_for_completion() instead, this panic will not
occur anymore.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
---
I'm not very familiar with the crypto subsystem and not entirely
sure if this is the best solution. However, it has fixed the panic
in my case.
crypto/algboss.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/algboss.c b/crypto/algboss.c
index 769219b..eee89a5 100644
--- a/crypto/algboss.c
+++ b/crypto/algboss.c
@@ -195,7 +195,7 @@ static int cryptomgr_schedule_probe(struct crypto_larval *larval)
if (IS_ERR(thread))
goto err_free_param;
- wait_for_completion_interruptible(&larval->completion);
+ wait_for_completion(&larval->completion);
return NOTIFY_STOP;
--
1.7.11.7
^ permalink raw reply related
* [PATCH 1/4] crypto: testmgr - check that entries in alg_test_descs are in correct order
From: Jussi Kivilinna @ 2013-06-13 14:37 UTC (permalink / raw)
To: linux-crypto; +Cc: Herbert Xu, David S. Miller
Patch adds check for alg_test_descs list order, so that accidentically
misplaced entries are found quicker. Duplicate entries are also checked for.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
crypto/testmgr.c | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index b2bc533..a81c154 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -3054,6 +3054,35 @@ static const struct alg_test_desc alg_test_descs[] = {
}
};
+static bool alg_test_descs_checked;
+
+static void alg_test_descs_check_order(void)
+{
+ int i;
+
+ /* only check once */
+ if (alg_test_descs_checked)
+ return;
+
+ alg_test_descs_checked = true;
+
+ for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) {
+ int diff = strcmp(alg_test_descs[i - 1].alg,
+ alg_test_descs[i].alg);
+
+ if (WARN_ON(diff > 0)) {
+ pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n",
+ alg_test_descs[i - 1].alg,
+ alg_test_descs[i].alg);
+ }
+
+ if (WARN_ON(diff == 0)) {
+ pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n",
+ alg_test_descs[i].alg);
+ }
+ }
+}
+
static int alg_find_test(const char *alg)
{
int start = 0;
@@ -3085,6 +3114,8 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
int j;
int rc;
+ alg_test_descs_check_order();
+
if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
char nalg[CRYPTO_MAX_ALG_NAME];
^ permalink raw reply related
* [PATCH 3/4] crypto: testmgr - test AEADs with unaligned buffers
From: Jussi Kivilinna @ 2013-06-13 14:37 UTC (permalink / raw)
To: linux-crypto; +Cc: Herbert Xu, David S. Miller
In-Reply-To: <20130613143740.31765.66518.stgit@localhost6.localdomain6>
This patch adds unaligned buffer tests for AEADs.
The first new test is with one byte offset and the second test checks if
cra_alignmask for driver is big enough; for example, for testing a case
where cra_alignmask is set to 7, but driver really needs buffers to be
aligned to 16 bytes.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
crypto/testmgr.c | 37 +++++++++++++++++++++++++++++++------
1 file changed, 31 insertions(+), 6 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 8bd185f..f205386 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -360,7 +360,7 @@ out_nobuf:
static int __test_aead(struct crypto_aead *tfm, int enc,
struct aead_testvec *template, unsigned int tcount,
- const bool diff_dst)
+ const bool diff_dst, const int align_offset)
{
const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
unsigned int i, j, k, n, temp;
@@ -423,15 +423,16 @@ static int __test_aead(struct crypto_aead *tfm, int enc,
if (!template[i].np) {
j++;
- /* some tepmplates have no input data but they will
+ /* some templates have no input data but they will
* touch input
*/
input = xbuf[0];
+ input += align_offset;
assoc = axbuf[0];
ret = -EINVAL;
- if (WARN_ON(template[i].ilen > PAGE_SIZE ||
- template[i].alen > PAGE_SIZE))
+ if (WARN_ON(align_offset + template[i].ilen >
+ PAGE_SIZE || template[i].alen > PAGE_SIZE))
goto out;
memcpy(input, template[i].input, template[i].ilen);
@@ -470,6 +471,7 @@ static int __test_aead(struct crypto_aead *tfm, int enc,
if (diff_dst) {
output = xoutbuf[0];
+ output += align_offset;
sg_init_one(&sgout[0], output,
template[i].ilen +
(enc ? authsize : 0));
@@ -530,6 +532,10 @@ static int __test_aead(struct crypto_aead *tfm, int enc,
}
for (i = 0, j = 0; i < tcount; i++) {
+ /* alignment tests are only done with continuous buffers */
+ if (align_offset != 0)
+ break;
+
if (template[i].np) {
j++;
@@ -732,15 +738,34 @@ out_noxbuf:
static int test_aead(struct crypto_aead *tfm, int enc,
struct aead_testvec *template, unsigned int tcount)
{
+ unsigned int alignmask;
int ret;
/* test 'dst == src' case */
- ret = __test_aead(tfm, enc, template, tcount, false);
+ ret = __test_aead(tfm, enc, template, tcount, false, 0);
if (ret)
return ret;
/* test 'dst != src' case */
- return __test_aead(tfm, enc, template, tcount, true);
+ ret = __test_aead(tfm, enc, template, tcount, true, 0);
+ if (ret)
+ return ret;
+
+ /* test unaligned buffers, check with one byte offset */
+ ret = __test_aead(tfm, enc, template, tcount, true, 1);
+ if (ret)
+ return ret;
+
+ alignmask = crypto_tfm_alg_alignmask(&tfm->base);
+ if (alignmask) {
+ /* Check if alignment mask for tfm is correctly set. */
+ ret = __test_aead(tfm, enc, template, tcount, true,
+ alignmask + 1);
+ if (ret)
+ return ret;
+ }
+
+ return 0;
}
static int test_cipher(struct crypto_cipher *tfm, int enc,
^ permalink raw reply related
* [PATCH 4/4] crypto: testmgr - test hash implementations with unaligned buffers
From: Jussi Kivilinna @ 2013-06-13 14:37 UTC (permalink / raw)
To: linux-crypto; +Cc: Herbert Xu, David S. Miller
In-Reply-To: <20130613143740.31765.66518.stgit@localhost6.localdomain6>
This patch adds unaligned buffer tests for hashes.
The first new test is with one byte offset and the second test checks if
cra_alignmask for driver is big enough; for example, for testing a case
where cra_alignmask is set to 7, but driver really needs buffers to be
aligned to 16 bytes.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
crypto/testmgr.c | 41 +++++++++++++++++++++++++++++++++++++++--
1 file changed, 39 insertions(+), 2 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index f205386..2f00607 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -184,8 +184,9 @@ static int do_one_async_hash_op(struct ahash_request *req,
return ret;
}
-static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
- unsigned int tcount, bool use_digest)
+static int __test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
+ unsigned int tcount, bool use_digest,
+ const int align_offset)
{
const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm));
unsigned int i, j, k, temp;
@@ -216,10 +217,15 @@ static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
if (template[i].np)
continue;
+ ret = -EINVAL;
+ if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE))
+ goto out;
+
j++;
memset(result, 0, 64);
hash_buff = xbuf[0];
+ hash_buff += align_offset;
memcpy(hash_buff, template[i].plaintext, template[i].psize);
sg_init_one(&sg[0], hash_buff, template[i].psize);
@@ -281,6 +287,10 @@ static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
j = 0;
for (i = 0; i < tcount; i++) {
+ /* alignment tests are only done with continuous buffers */
+ if (align_offset != 0)
+ break;
+
if (template[i].np) {
j++;
memset(result, 0, 64);
@@ -358,6 +368,33 @@ out_nobuf:
return ret;
}
+static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
+ unsigned int tcount, bool use_digest)
+{
+ unsigned int alignmask;
+ int ret;
+
+ ret = __test_hash(tfm, template, tcount, use_digest, 0);
+ if (ret)
+ return ret;
+
+ /* test unaligned buffers, check with one byte offset */
+ ret = __test_hash(tfm, template, tcount, use_digest, 1);
+ if (ret)
+ return ret;
+
+ alignmask = crypto_tfm_alg_alignmask(&tfm->base);
+ if (alignmask) {
+ /* Check if alignment mask for tfm is correctly set. */
+ ret = __test_hash(tfm, template, tcount, use_digest,
+ alignmask + 1);
+ if (ret)
+ return ret;
+ }
+
+ return 0;
+}
+
static int __test_aead(struct crypto_aead *tfm, int enc,
struct aead_testvec *template, unsigned int tcount,
const bool diff_dst, const int align_offset)
^ permalink raw reply related
* [PATCH 2/4] crypto: testmgr - test skciphers with unaligned buffers
From: Jussi Kivilinna @ 2013-06-13 14:37 UTC (permalink / raw)
To: linux-crypto; +Cc: Herbert Xu, David S. Miller
In-Reply-To: <20130613143740.31765.66518.stgit@localhost6.localdomain6>
This patch adds unaligned buffer tests for blkciphers.
The first new test is with one byte offset and the second test checks if
cra_alignmask for driver is big enough; for example, for testing a case
where cra_alignmask is set to 7, but driver really needs buffers to be
aligned to 16 bytes.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
crypto/testmgr.c | 33 +++++++++++++++++++++++++++++----
1 file changed, 29 insertions(+), 4 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index a81c154..8bd185f 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -820,7 +820,7 @@ out_nobuf:
static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc,
struct cipher_testvec *template, unsigned int tcount,
- const bool diff_dst)
+ const bool diff_dst, const int align_offset)
{
const char *algo =
crypto_tfm_alg_driver_name(crypto_ablkcipher_tfm(tfm));
@@ -876,10 +876,12 @@ static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc,
j++;
ret = -EINVAL;
- if (WARN_ON(template[i].ilen > PAGE_SIZE))
+ if (WARN_ON(align_offset + template[i].ilen >
+ PAGE_SIZE))
goto out;
data = xbuf[0];
+ data += align_offset;
memcpy(data, template[i].input, template[i].ilen);
crypto_ablkcipher_clear_flags(tfm, ~0);
@@ -900,6 +902,7 @@ static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc,
sg_init_one(&sg[0], data, template[i].ilen);
if (diff_dst) {
data = xoutbuf[0];
+ data += align_offset;
sg_init_one(&sgout[0], data, template[i].ilen);
}
@@ -941,6 +944,9 @@ static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc,
j = 0;
for (i = 0; i < tcount; i++) {
+ /* alignment tests are only done with continuous buffers */
+ if (align_offset != 0)
+ break;
if (template[i].iv)
memcpy(iv, template[i].iv, MAX_IVLEN);
@@ -1075,15 +1081,34 @@ out_nobuf:
static int test_skcipher(struct crypto_ablkcipher *tfm, int enc,
struct cipher_testvec *template, unsigned int tcount)
{
+ unsigned int alignmask;
int ret;
/* test 'dst == src' case */
- ret = __test_skcipher(tfm, enc, template, tcount, false);
+ ret = __test_skcipher(tfm, enc, template, tcount, false, 0);
if (ret)
return ret;
/* test 'dst != src' case */
- return __test_skcipher(tfm, enc, template, tcount, true);
+ ret = __test_skcipher(tfm, enc, template, tcount, true, 0);
+ if (ret)
+ return ret;
+
+ /* test unaligned buffers, check with one byte offset */
+ ret = __test_skcipher(tfm, enc, template, tcount, true, 1);
+ if (ret)
+ return ret;
+
+ alignmask = crypto_tfm_alg_alignmask(&tfm->base);
+ if (alignmask) {
+ /* Check if alignment mask for tfm is correctly set. */
+ ret = __test_skcipher(tfm, enc, template, tcount, true,
+ alignmask + 1);
+ if (ret)
+ return ret;
+ }
+
+ return 0;
}
static int test_comp(struct crypto_comp *tfm, struct comp_testvec *ctemplate,
^ permalink raw reply related
* Re: [PATCH] crypto: aesni_intel - fix accessing of unaligned memory
From: Herbert Xu @ 2013-06-13 6:58 UTC (permalink / raw)
To: Jussi Kivilinna; +Cc: linux-crypto, Dave Jones, David S. Miller, linux-kernel
In-Reply-To: <20130611192522.12995.57979.stgit@localhost6.localdomain6>
On Tue, Jun 11, 2013 at 10:25:22PM +0300, Jussi Kivilinna wrote:
> The new XTS code for aesni_intel uses input buffers directly as memory operands
> for pxor instructions, which causes crash if those buffers are not aligned to
> 16 bytes.
>
> Patch changes XTS code to handle unaligned memory correctly, by loading memory
> with movdqu instead.
>
> Reported-by: Dave Jones <davej@redhat.com>
> Tested-by: Dave Jones <davej@redhat.com>
> Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Applied to crypto. Thanks!
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [ANNOUNCE] Linux Security Summit 2013 - CFP
From: Casey Schaufler @ 2013-06-12 16:45 UTC (permalink / raw)
To: Linux Security Summit Program Committee
Cc: keyrings, gentoo-hardened, kernel-hardening, C. Craig Ross,
tomoyo-users-en, tpmdd-devel, Audit-ML, netfilter-devel,
linux-crypto, selinux, lwn, ubuntu-hardened, fedora-selinux-list
In-Reply-To: <alpine.LRH.2.02.1305061853410.31937@tundra.namei.org>
On 5/6/2013 2:18 AM, James Morris wrote:
> ==========================================================================
> ANNOUNCEMENT AND CALL FOR PARTICIPATION
>
> LINUX SECURITY SUMMIT 2013
> 19-20 SEPTEMBER
> NEW ORLEANS, USA
> ==========================================================================
Multiple Concurrent Security Modules? Really?
This talk will cover the ongoing work to update the
Linux Security Module (LSM) infrastructure to allow
multiple concurrent security modules.
The talk starts with a statement of the problem being
solved, that the existing infrastructure allows only
a single LSM (plus Yama) to be active at a time. The
rationale for the current scheme will be discussed as
well as what has changed so that the new scheme is in
the works.
The talk continues with a description of the externally
visible changes and the reasons they've been made.
The peculiar configuration issues with networking will
be covered in some detail. The additions in /proc/.../attr
will be noted.
Next the structure of the stacking mechanism is detailed,
with special attention to the allocation and freeing of
security blobs. The handling of networking hooks and
secids will be examined.
Finally, the current project plan and status will be
described.
>
>
> DESCRIPTION
>
> The Linux Security Summit (LSS) is a technical forum for collaboration
> between Linux developers, researchers, and end users. Its primary aim
> is to foster community efforts in analyzing and solving Linux security
> challenges.
>
> The format of the summit will be:
>
> * Refereed presentations
> * Subsystem reports
> * Breakout development sessions
>
>
> WEB SITE
>
> http://kernsec.org/wiki/index.php/Linux_Security_Summit_2013
>
>
> DATES / LOCATION
>
> The Linux Security Summit for 2013 will be held across 19 and 20 September
> in New Orleans, USA. It will be co-located with LinuxCon, as well
> as Linux Plumbers.
>
> Note that Linux Security Summit attendees and speakers must be registered
> to attend LinuxCon. See the LinuxCon site for details on registration,
> travel, and accommodation:
>
> https://events.linuxfoundation.org/events/linuxcon
>
> The Linux Security Summit CFP is now open, and will close on 14th June.
>
> Accepted speakers will be notified by 21st of June.
>
>
> WHO SHOULD ATTEND
>
> The event is open to all registered LinuxCon attendees.
>
> You do not have to be a "security person" to attend -- we're seeking a
> diverse range of attendees, and welcome the participation of general
> developers, researchers, operations, and end-users.
>
>
> CALL FOR PARTICIPATION
>
> The program committee currently seeks proposals for:
>
> * Refereed Presentations:
> 45 minutes in length, including at least 10 minutes of discussion.
> Papers are encouraged.
>
>
> Topic areas include, but are not limited to:
>
> * System hardening
> * Access control
> * Cryptography
> * Integrity control
> * Hardware security
> * Networking
> * Storage
> * Virtualization
> * Desktop
> * Tools
> * Management
> * Case studies
> * Emerging technologies, threats & techniques
>
> Proposals should be submitted in plain text via email to the program
> committee at: lss-pc (_at_) ext.namei.org
>
> Abstracts should be approximately 150 words in total.
>
>
> PROGRAM COMMITTEE
>
> The Linux Security Summit for 2013 is organized by:
>
> * James Morris, Oracle
> * Serge Hallyn, Canonical
> * Paul Moore, Red Hat
> * Stephen Smalley, NSA
> * Joshua Brindle, Quark Security
> * Herbert Xu, Red Hat
> * John Johansen, Canonical
> * Kees Cook, Google
> * Casey Schaufler, Intel
> * Mimi Zohar, IBM
>
> The program committee may be contacted as a group via email:
>
> lss-pc (_at_) ext.namei.org
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
^ permalink raw reply
* [PATCH] crypto: aesni_intel - fix accessing of unaligned memory
From: Jussi Kivilinna @ 2013-06-11 19:25 UTC (permalink / raw)
To: linux-crypto; +Cc: Dave Jones, David S. Miller, linux-kernel, Herbert Xu
In-Reply-To: <20130611191746.GA31945@redhat.com>
The new XTS code for aesni_intel uses input buffers directly as memory operands
for pxor instructions, which causes crash if those buffers are not aligned to
16 bytes.
Patch changes XTS code to handle unaligned memory correctly, by loading memory
with movdqu instead.
Reported-by: Dave Jones <davej@redhat.com>
Tested-by: Dave Jones <davej@redhat.com>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
arch/x86/crypto/aesni-intel_asm.S | 48 +++++++++++++++++++++++++------------
1 file changed, 32 insertions(+), 16 deletions(-)
diff --git a/arch/x86/crypto/aesni-intel_asm.S b/arch/x86/crypto/aesni-intel_asm.S
index 62fe22c..477e9d7 100644
--- a/arch/x86/crypto/aesni-intel_asm.S
+++ b/arch/x86/crypto/aesni-intel_asm.S
@@ -2681,56 +2681,68 @@ ENTRY(aesni_xts_crypt8)
addq %rcx, KEYP
movdqa IV, STATE1
- pxor 0x00(INP), STATE1
+ movdqu 0x00(INP), INC
+ pxor INC, STATE1
movdqu IV, 0x00(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE2
- pxor 0x10(INP), STATE2
+ movdqu 0x10(INP), INC
+ pxor INC, STATE2
movdqu IV, 0x10(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE3
- pxor 0x20(INP), STATE3
+ movdqu 0x20(INP), INC
+ pxor INC, STATE3
movdqu IV, 0x20(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE4
- pxor 0x30(INP), STATE4
+ movdqu 0x30(INP), INC
+ pxor INC, STATE4
movdqu IV, 0x30(OUTP)
call *%r11
- pxor 0x00(OUTP), STATE1
+ movdqu 0x00(OUTP), INC
+ pxor INC, STATE1
movdqu STATE1, 0x00(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE1
- pxor 0x40(INP), STATE1
+ movdqu 0x40(INP), INC
+ pxor INC, STATE1
movdqu IV, 0x40(OUTP)
- pxor 0x10(OUTP), STATE2
+ movdqu 0x10(OUTP), INC
+ pxor INC, STATE2
movdqu STATE2, 0x10(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE2
- pxor 0x50(INP), STATE2
+ movdqu 0x50(INP), INC
+ pxor INC, STATE2
movdqu IV, 0x50(OUTP)
- pxor 0x20(OUTP), STATE3
+ movdqu 0x20(OUTP), INC
+ pxor INC, STATE3
movdqu STATE3, 0x20(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE3
- pxor 0x60(INP), STATE3
+ movdqu 0x60(INP), INC
+ pxor INC, STATE3
movdqu IV, 0x60(OUTP)
- pxor 0x30(OUTP), STATE4
+ movdqu 0x30(OUTP), INC
+ pxor INC, STATE4
movdqu STATE4, 0x30(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE4
- pxor 0x70(INP), STATE4
+ movdqu 0x70(INP), INC
+ pxor INC, STATE4
movdqu IV, 0x70(OUTP)
_aesni_gf128mul_x_ble()
@@ -2738,16 +2750,20 @@ ENTRY(aesni_xts_crypt8)
call *%r11
- pxor 0x40(OUTP), STATE1
+ movdqu 0x40(OUTP), INC
+ pxor INC, STATE1
movdqu STATE1, 0x40(OUTP)
- pxor 0x50(OUTP), STATE2
+ movdqu 0x50(OUTP), INC
+ pxor INC, STATE2
movdqu STATE2, 0x50(OUTP)
- pxor 0x60(OUTP), STATE3
+ movdqu 0x60(OUTP), INC
+ pxor INC, STATE3
movdqu STATE3, 0x60(OUTP)
- pxor 0x70(OUTP), STATE4
+ movdqu 0x70(OUTP), INC
+ pxor INC, STATE4
movdqu STATE4, 0x70(OUTP)
ret
^ permalink raw reply related
* Re: GPF in aesni_xts_crypt8 (3.10-rc5)
From: Dave Jones @ 2013-06-11 19:17 UTC (permalink / raw)
To: Jussi Kivilinna; +Cc: Linux Kernel, herbert, linux-crypto@vger.kernel.org
In-Reply-To: <51B773ED.9080308@iki.fi>
On Tue, Jun 11, 2013 at 10:01:01PM +0300, Jussi Kivilinna wrote:
> Hello,
>
> Does attached patch help?
>
> crypto: aesni_intel - fix accessing of unaligned memory
It does, thanks for the quick turnaround!
Dave
^ permalink raw reply
* Re: GPF in aesni_xts_crypt8 (3.10-rc5)
From: Jussi Kivilinna @ 2013-06-11 19:01 UTC (permalink / raw)
To: Dave Jones, Linux Kernel, herbert, linux-crypto@vger.kernel.org
In-Reply-To: <20130611172624.GA20496@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 3479 bytes --]
Hello,
Does attached patch help?
-Jussi
On 11.06.2013 20:26, Dave Jones wrote:
> Just found that 3.10-rc doesn't boot on my laptop with encrypted disk.
>
>
> general protection fault: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
> Modules linked in: xfs libcrc32c dm_crypt crc32c_intel ghash_clmulni_intel aesni_intel glue_helper ablk_helper i915 i2c_algo_bit drm_kms_helper drm i2c_core video
> CPU: 1 PID: 53 Comm: kworker/1:1 Not tainted 3.10.0-rc5+ #5
> Hardware name: LENOVO 2356JK8/2356JK8, BIOS G7ET94WW (2.54 ) 04/30/2013
> Workqueue: kcryptd kcryptd_crypt [dm_crypt]
> task: ffff880135c58000 ti: ffff880135c54000 task.ti: ffff880135c54000
> RIP: 0010:[<ffffffffa01433a2>] [<ffffffffa01433a2>] aesni_xts_crypt8+0x42/0x1e0 [aesni_intel]
> RSP: 0018:ffff880135c55b68 EFLAGS: 00010282
> RAX: ffffffffa0142eb8 RBX: 0000000000000080 RCX: 00000000000000f0
> RDX: ffff8801316eeaa8 RSI: ffff8801316eeaa8 RDI: ffff88012fd84440
> RBP: ffff880135c55b70 R08: ffff8801304fe118 R09: 0000000000000020
> R10: 00000000000000f0 R11: ffffffffa0142eb8 R12: ffff8801316eeb28
> R13: 0000000000000080 R14: ffff8801316eeb28 R15: 0000000000000180
> FS: 0000000000000000(0000) GS:ffff880139400000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00000039e88bc720 CR3: 0000000001c0b000 CR4: 00000000001407e0
> Stack:
> ffffffffa0143683 ffff880135c55c40 ffffffffa00602fb ffff880135c55c70
> ffffffffa0146060 0000000001ad0190 ffffffffa0146060 ffffea0004c5bb80
> ffff8801316eeaa8 ffffea0004c5bb80 ffff8801316eeaa8 ffff8801304fe0c0
> Call Trace:
> [<ffffffffa0143683>] ? aesni_xts_dec8+0x13/0x20 [aesni_intel]
> [<ffffffffa00602fb>] glue_xts_crypt_128bit+0x10b/0x1c0 [glue_helper]
> [<ffffffffa014358b>] xts_decrypt+0x4b/0x50 [aesni_intel]
> [<ffffffffa000617f>] ablk_decrypt+0x4f/0xd0 [ablk_helper]
> [<ffffffffa0067202>] crypt_convert+0x352/0x3b0 [dm_crypt]
> [<ffffffffa00675b5>] kcryptd_crypt+0x355/0x4e0 [dm_crypt]
> [<ffffffff81061b35>] ? process_one_work+0x1a5/0x700
> [<ffffffff81061ba1>] process_one_work+0x211/0x700
> [<ffffffff81061b35>] ? process_one_work+0x1a5/0x700
> [<ffffffff810621ab>] worker_thread+0x11b/0x3a0
> [<ffffffff81062090>] ? process_one_work+0x700/0x700
> [<ffffffff81069f4d>] kthread+0xed/0x100
> [<ffffffff81069e60>] ? insert_kthread_work+0x80/0x80
> [<ffffffff815fd41c>] ret_from_fork+0x7c/0xb0
> [<ffffffff81069e60>] ? insert_kthread_work+0x80/0x80
> Code: 8d 04 25 b8 2e 14 a0 41 0f 44 ca 4c 0f 44 d8 66 44 0f 6f 14 25 00 70 14 a0 41 0f 10 18 44 8b 8f e0 01 00 00 48 01 cf 66 0f 6f c3 <66> 0f ef 02 f3 0f 7f 1e 66 44 0f 70 db 13 66 0f d4 db 66 41 0f
> RIP [<ffffffffa01433a2>] aesni_xts_crypt8+0x42/0x1e0 [aesni_intel]
> RSP <ffff880135c55b68>
>
> 0: 8d 04 25 b8 2e 14 a0 lea 0xffffffffa0142eb8,%eax
> 7: 41 0f 44 ca cmove %r10d,%ecx
> b: 4c 0f 44 d8 cmove %rax,%r11
> f: 66 44 0f 6f 14 25 00 movdqa 0xffffffffa0147000,%xmm10
> 16: 70 14 a0
> 19: 41 0f 10 18 movups (%r8),%xmm3
> 1d: 44 8b 8f e0 01 00 00 mov 0x1e0(%rdi),%r9d
> 24: 48 01 cf add %rcx,%rdi
> 27: 66 0f 6f c3 movdqa %xmm3,%xmm0
> 2b:* 66 0f ef 02 pxor (%rdx),%xmm0 <-- trapping instruction
> 2f: f3 0f 7f 1e movdqu %xmm3,(%rsi)
> 33: 66 44 0f 70 db 13 pshufd $0x13,%xmm3,%xmm11
> 39: 66 0f d4 db paddq %xmm3,%xmm3
> 3d: 66 data16
> 3e: 41 rex.B
> 3f:
>
>
[-- Attachment #2: 05-aesni_intel-xts-fix-unaligned-mem-access.patch --]
[-- Type: text/x-patch, Size: 2876 bytes --]
crypto: aesni_intel - fix accessing of unaligned memory
From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
The new XTS code for aesni_intel uses input buffers directly as memory operands
for pxor instructions, which causes crash if those buffers are not aligned to
16 bytes.
Patch change XTS code to handle unaligned memory correctly, by loading memory
with movdqu instead.
Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
arch/x86/crypto/aesni-intel_asm.S | 48 +++++++++++++++++++++++++------------
1 file changed, 32 insertions(+), 16 deletions(-)
diff --git a/arch/x86/crypto/aesni-intel_asm.S b/arch/x86/crypto/aesni-intel_asm.S
index 62fe22c..477e9d7 100644
--- a/arch/x86/crypto/aesni-intel_asm.S
+++ b/arch/x86/crypto/aesni-intel_asm.S
@@ -2681,56 +2681,68 @@ ENTRY(aesni_xts_crypt8)
addq %rcx, KEYP
movdqa IV, STATE1
- pxor 0x00(INP), STATE1
+ movdqu 0x00(INP), INC
+ pxor INC, STATE1
movdqu IV, 0x00(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE2
- pxor 0x10(INP), STATE2
+ movdqu 0x10(INP), INC
+ pxor INC, STATE2
movdqu IV, 0x10(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE3
- pxor 0x20(INP), STATE3
+ movdqu 0x20(INP), INC
+ pxor INC, STATE3
movdqu IV, 0x20(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE4
- pxor 0x30(INP), STATE4
+ movdqu 0x30(INP), INC
+ pxor INC, STATE4
movdqu IV, 0x30(OUTP)
call *%r11
- pxor 0x00(OUTP), STATE1
+ movdqu 0x00(OUTP), INC
+ pxor INC, STATE1
movdqu STATE1, 0x00(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE1
- pxor 0x40(INP), STATE1
+ movdqu 0x40(INP), INC
+ pxor INC, STATE1
movdqu IV, 0x40(OUTP)
- pxor 0x10(OUTP), STATE2
+ movdqu 0x10(OUTP), INC
+ pxor INC, STATE2
movdqu STATE2, 0x10(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE2
- pxor 0x50(INP), STATE2
+ movdqu 0x50(INP), INC
+ pxor INC, STATE2
movdqu IV, 0x50(OUTP)
- pxor 0x20(OUTP), STATE3
+ movdqu 0x20(OUTP), INC
+ pxor INC, STATE3
movdqu STATE3, 0x20(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE3
- pxor 0x60(INP), STATE3
+ movdqu 0x60(INP), INC
+ pxor INC, STATE3
movdqu IV, 0x60(OUTP)
- pxor 0x30(OUTP), STATE4
+ movdqu 0x30(OUTP), INC
+ pxor INC, STATE4
movdqu STATE4, 0x30(OUTP)
_aesni_gf128mul_x_ble()
movdqa IV, STATE4
- pxor 0x70(INP), STATE4
+ movdqu 0x70(INP), INC
+ pxor INC, STATE4
movdqu IV, 0x70(OUTP)
_aesni_gf128mul_x_ble()
@@ -2738,16 +2750,20 @@ ENTRY(aesni_xts_crypt8)
call *%r11
- pxor 0x40(OUTP), STATE1
+ movdqu 0x40(OUTP), INC
+ pxor INC, STATE1
movdqu STATE1, 0x40(OUTP)
- pxor 0x50(OUTP), STATE2
+ movdqu 0x50(OUTP), INC
+ pxor INC, STATE2
movdqu STATE2, 0x50(OUTP)
- pxor 0x60(OUTP), STATE3
+ movdqu 0x60(OUTP), INC
+ pxor INC, STATE3
movdqu STATE3, 0x60(OUTP)
- pxor 0x70(OUTP), STATE4
+ movdqu 0x70(OUTP), INC
+ pxor INC, STATE4
movdqu STATE4, 0x70(OUTP)
ret
^ permalink raw reply related
* Re: [PATCH 06/39] ARM: ux500: Move SDI (MMC) and UART devices under more descriptive heading
From: Linus Walleij @ 2013-06-11 9:40 UTC (permalink / raw)
To: Lee Jones
Cc: linux-arm-kernel-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Felipe Balbi, linux-usb-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-crypto-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
David S. Miller, Herbert Xu, Vinod Koul, Arnd Bergmann,
Linus WALLEIJ, Srinidhi KASAGAR
In-Reply-To: <20130610091724.GG20297-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
On Mon, Jun 10, 2013 at 11:17 AM, Lee Jones <lee.jones-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> wrote:
> On Wed, 15 May 2013, Linus Walleij wrote:
>
>> On Wed, May 15, 2013 at 11:51 AM, Lee Jones <lee.jones-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> wrote:
>>
>> > Now DMA DT bindings exist and are in use by he MMC and UART drivers, it
>> > should be possible to remove them from the auxdata structure. However,
>> > after doing so the drivers fail. Common clk is still reliant on the
>> > dev_name() call to do device name matching, which will fail due to the
>> > fact that Device Tree naming differs somewhat do the more traditional
>> > conventions.
>> >
>> > Reviewed-by: Linus Walleij <linus.walleij-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
>> > Signed-off-by: Lee Jones <lee.jones-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
>>
>> Cannot be applied due to dependency on 5/39.
>
> I think this can be applied now (if it hasn't already).
I really need a clean mergebase for this to merge ...
This patch requires both the dma40 and devicetree
branches to land in a common place before it can be
applied.
I want the DMA40 branch to be closed down now as I
have sent all pull requests on it, so pls ping me again on
this when we have something in the ARM SoC tree we
can work on.
Yours,
Linus Walleij
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply
* Re: [PATCH 05/39] ARM: ux500: Stop passing MMC's platform data for Device Tree boots
From: Linus Walleij @ 2013-06-11 9:31 UTC (permalink / raw)
To: Lee Jones
Cc: linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, Felipe Balbi,
linux-usb@vger.kernel.org, linux-crypto@vger.kernel.org,
David S. Miller, Herbert Xu, Vinod Koul, Linus WALLEIJ,
Arnd Bergmann, Srinidhi KASAGAR
In-Reply-To: <20130610091503.GF20297@gmail.com>
On Mon, Jun 10, 2013 at 11:15 AM, Lee Jones <lee.jones@linaro.org> wrote:
> On Wed, 15 May 2013, Linus Walleij wrote:
>
>> On Wed, May 15, 2013 at 11:51 AM, Lee Jones <lee.jones@linaro.org> wrote:
>>
>> > It was required to pass DMA channel configuration information to the
>> > MMC driver before the new DMA API was in place. Now that it is, and
>> > is fully compatible with Device Tree we can stop doing that.
>> >
>> > Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
>> > Signed-off-by: Lee Jones <lee.jones@linaro.org>
>>
>> So since the use of dma_request_slave_channel() is not upstream,
>> I guess this will break DMA use (i.e slow down transfers!) on all
>> device tree boots?
>>
>> I'd be happy to apply it once the MMCI patch is in linux-next
>> indicating there may just be a window in the merge period
>> where it falls back to IRQ mode, but I don't want to disable
>> DMA on DT boots for an entire kernel cycle just like that.
>>
>> Not applied as of yet.
>
> I believe it's now okay to apply this.
Yep, I've rebased and applied it to the ux500-devicetree
branch.
I have some stuff on this branch which is queued up but may
miss v3.11, because I need the 5 outstanding pull requests
to land in ARM SoC so I get a merge base there before I
can send any more stuff.
It's mainly because this stuff isn't any orthogonal, everything
just conflicts in the AUXDATA all the time.
Yours,
Linus Walleij
^ permalink raw reply
* Re: [PATCH 06/39] ARM: ux500: Move SDI (MMC) and UART devices under more descriptive heading
From: Lee Jones @ 2013-06-10 9:17 UTC (permalink / raw)
To: Linus Walleij
Cc: linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, Felipe Balbi,
linux-usb@vger.kernel.org, linux-crypto@vger.kernel.org,
David S. Miller, Herbert Xu, Vinod Koul, Arnd Bergmann,
Linus WALLEIJ, Srinidhi KASAGAR
In-Reply-To: <CACRpkdZ=NJR3VRNJE2pSTJ8t1VCMq+wjH_s0NOi4AHko3no_KA@mail.gmail.com>
On Wed, 15 May 2013, Linus Walleij wrote:
> On Wed, May 15, 2013 at 11:51 AM, Lee Jones <lee.jones@linaro.org> wrote:
>
> > Now DMA DT bindings exist and are in use by he MMC and UART drivers, it
> > should be possible to remove them from the auxdata structure. However,
> > after doing so the drivers fail. Common clk is still reliant on the
> > dev_name() call to do device name matching, which will fail due to the
> > fact that Device Tree naming differs somewhat do the more traditional
> > conventions.
> >
> > Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
> > Signed-off-by: Lee Jones <lee.jones@linaro.org>
>
> Cannot be applied due to dependency on 5/39.
I think this can be applied now (if it hasn't already).
--
Lee Jones
Linaro ST-Ericsson Landing Team Lead
Linaro.org │ Open source software for ARM SoCs
Follow Linaro: Facebook | Twitter | Blog
^ permalink raw reply
* Re: [PATCH 05/39] ARM: ux500: Stop passing MMC's platform data for Device Tree boots
From: Lee Jones @ 2013-06-10 9:15 UTC (permalink / raw)
To: Linus Walleij
Cc: linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, Felipe Balbi,
linux-usb@vger.kernel.org, linux-crypto@vger.kernel.org,
David S. Miller, Herbert Xu, Vinod Koul, Linus WALLEIJ,
Arnd Bergmann, Srinidhi KASAGAR
In-Reply-To: <CACRpkdbOxzhgR=ugXLrSBJ_Y1rw=0mcrvtuRi=-c5v039xsPWA@mail.gmail.com>
On Wed, 15 May 2013, Linus Walleij wrote:
> On Wed, May 15, 2013 at 11:51 AM, Lee Jones <lee.jones@linaro.org> wrote:
>
> > It was required to pass DMA channel configuration information to the
> > MMC driver before the new DMA API was in place. Now that it is, and
> > is fully compatible with Device Tree we can stop doing that.
> >
> > Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
> > Signed-off-by: Lee Jones <lee.jones@linaro.org>
>
> So since the use of dma_request_slave_channel() is not upstream,
> I guess this will break DMA use (i.e slow down transfers!) on all
> device tree boots?
>
> I'd be happy to apply it once the MMCI patch is in linux-next
> indicating there may just be a window in the merge period
> where it falls back to IRQ mode, but I don't want to disable
> DMA on DT boots for an entire kernel cycle just like that.
>
> Not applied as of yet.
I believe it's now okay to apply this.
--
Lee Jones
Linaro ST-Ericsson Landing Team Lead
Linaro.org │ Open source software for ARM SoCs
Follow Linaro: Facebook | Twitter | Blog
^ permalink raw reply
* Re: Crypto Fixes for 3.10
From: Herbert Xu @ 2013-06-10 9:05 UTC (permalink / raw)
To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
In-Reply-To: <20130528055229.GA23937@gondor.apana.org.au>
Hi Linus:
This push fixes a build problem in sahara and temporarily disables
two new optimisations because of performance regressions until a
permanent fix is ready.
Please pull from
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git
or
master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6.git
Arnd Bergmann (1):
crypto: sahara - fix building as module
Jussi Kivilinna (2):
crypto: twofish - disable AVX2 implementation
crypto: blowfish - disable AVX2 implementation
crypto/Kconfig | 2 ++
drivers/crypto/sahara.c | 2 +-
2 files changed, 3 insertions(+), 1 deletions(-)
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH 1/3] lib/scatterlist: introduce sg_pcopy_from_buffer() and sg_pcopy_to_buffer()
From: Akinobu Mita @ 2013-06-08 14:28 UTC (permalink / raw)
To: Tejun Heo
Cc: LKML, Andrew Morton, Imre Deak, Herbert Xu, David S. Miller,
linux-crypto, James E.J. Bottomley, Douglas Gilbert, linux-scsi
In-Reply-To: <20130606210041.GD5045@htj.dyndns.org>
2013/6/7 Tejun Heo <tj@kernel.org>:
> Hello,
>
> On Thu, Jun 06, 2013 at 09:52:56PM +0900, Akinobu Mita wrote:
>> +static bool sg_miter_get_next_page(struct sg_mapping_iter *miter)
>> +{
>> + if (!miter->__remaining) {
>> + struct scatterlist *sg;
>> + unsigned long pgoffset;
>> +
>> + if (!__sg_page_iter_next(&miter->piter))
>> + return false;
>> +
>> + sg = miter->piter.sg;
>> + pgoffset = miter->piter.sg_pgoffset;
>> +
>> + miter->__offset = pgoffset ? 0 : sg->offset;
>> + miter->__remaining = sg->offset + sg->length -
>> + (pgoffset << PAGE_SHIFT) - miter->__offset;
>> + miter->__remaining = min_t(unsigned long, miter->__remaining,
>> + PAGE_SIZE - miter->__offset);
>> + }
>> +
>> + return true;
>> +}
>
> It'd be better if separating out this function is a separate patch.
> Mixing factoring out something and adding new stuff makes the patch a
> bit harder to read.
OK, sounds good. I'll do so in next version.
But I feel sg_miter_get_next_page() is not very appropriate name, because
it gets the next page only if necessary. If I can find more appropriate name,
I'll rename it.
>> +static bool sg_miter_seek(struct sg_mapping_iter *miter, off_t offset)
>> +{
>> + WARN_ON(miter->addr);
>> +
>> + while (offset) {
>> + off_t consumed;
>> +
>> + if (!sg_miter_get_next_page(miter))
>> + return false;
>> +
>> + consumed = min_t(off_t, offset, miter->__remaining);
>> + miter->__offset += consumed;
>> + miter->__remaining -= consumed;
>> + offset -= consumed;
>> + }
>> +
>> + return true;
>> +}
>
> While I think the above should work at the beginning, what if @miter
> is in the middle of iteration and __remaining isn't zero?
sg_miter_seek() should work as far as it is called just after sg_miter_start(),
or just after sg_miter_stop() in the middle of iteration (Although I only
tested the former case). I omitted a function comment in excuse of the static
function, but I should write something I said above.
^ permalink raw reply
* Re: [PATCH 1/3] lib/scatterlist: introduce sg_pcopy_from_buffer() and sg_pcopy_to_buffer()
From: Akinobu Mita @ 2013-06-08 14:04 UTC (permalink / raw)
To: imre.deak
Cc: LKML, Andrew Morton, Tejun Heo, Herbert Xu, David S. Miller,
linux-crypto, James E.J. Bottomley, Douglas Gilbert, linux-scsi
In-Reply-To: <1370524350.23133.11.camel@intelbox>
2013/6/6 Imre Deak <imre.deak@intel.com>:
> Looks ok to me, perhaps adding the seek functionality to the mapping
> iterator would make things more generic and the mapping iterator more
> resemble the page iterator. So we'd have a new sg_miter_start_offset and
> call it here something like:
>
> sg_miter_start_offset(&miter, sgl, nents, sg_flags, skip);
I also thought something like this could be a new interface for sg_miter_* API,
but I haven't found any places where it can be used yet. That's why I made
it a local function and didn't create new interface.
But putting good function comment like other sg_miter_* API for new
local function
is harmless and it helps someone who wants interface like this in the future.
So I'll do so in next version.
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox