linux.git/drivers/crypto/marvell, branch v6.0.5 Clone of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git crypto: marvell/octeontx - prevent integer overflows 2022-10-21T10:39:01+00:00 Dan Carpenter dan.carpenter@oracle.com 2022-09-19T06:43:19+00:00 e7ff7a46baafd38d7ed45604397e650d61f5db8d [ Upstream commit caca37cf6c749ff0303f68418cfe7b757a4e0697 ] The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to limit the damage as much as possible. Also Smatch marks any data read from the filesystem as untrusted and prints warnings if it not capped correctly. The "code_length * 2" can overflow. The round_up(ucode_size, 16) + sizeof() expression can overflow too. Prevent these overflows. Fixes: d9110b0b01ff ("crypto: marvell - add support for OCTEON TX CPT engine") Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org> 
[ Upstream commit caca37cf6c749ff0303f68418cfe7b757a4e0697 ]

The "code_length" value comes from the firmware file.  If your firmware
is untrusted realistically there is probably very little you can do to
protect yourself.  Still we try to limit the damage as much as possible.
Also Smatch marks any data read from the filesystem as untrusted and
prints warnings if it not capped correctly.

The "code_length * 2" can overflow.  The round_up(ucode_size, 16) +
sizeof() expression can overflow too.  Prevent these overflows.

Fixes: d9110b0b01ff ("crypto: marvell - add support for OCTEON TX CPT engine")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
crypto: octeontx2 - fix potential null pointer access 2022-06-10T08:43:49+00:00 Shijith Thotton sthotton@marvell.com 2022-06-01T08:08:59+00:00 b03c0dc0788abccc7a25ef7dff5818f4123bb992 Added missing checks to avoid null pointer dereference. The patch fixes below issue reported by klocwork tool: . Pointer 'strsep( &val, ":" )' returned from call to function 'strsep' at line 1608 may be NULL and will be dereferenced at line 1608. Also there are 2 similar errors on lines 1620, 1632 in otx2_cptpf_ucode.c. Signed-off-by: Shijith Thotton <sthotton@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Added missing checks to avoid null pointer dereference.

The patch fixes below issue reported by klocwork tool:
. Pointer 'strsep( &val, ":" )' returned from call to function 'strsep'
  at line 1608 may be NULL and will be dereferenced at line 1608. Also
  there are 2 similar errors on lines 1620, 1632 in otx2_cptpf_ucode.c.

Signed-off-by: Shijith Thotton <sthotton@marvell.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: octeontx2 - add firmware version in devlink info 2022-06-10T08:40:18+00:00 Shijith Thotton sthotton@marvell.com 2022-05-27T07:54:48+00:00 4ad28689df853db3ee7b2656a225f1d722ee7639 Added running firmware version information of AE, SE and IE components in devlink info. Signed-off-by: Shijith Thotton <sthotton@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Added running firmware version information of AE, SE and IE components
in devlink info.

Signed-off-by: Shijith Thotton <sthotton@marvell.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: octeontx2 - simplify the return expression of otx2_cpt_aead_cbc_aes_sha_setkey() 2022-05-13T09:24:48+00:00 Minghao Chi chi.minghao@zte.com.cn 2022-05-05T02:20:24+00:00 e0c77eb37ec770188c0074a9f646717a434c65c9 Simplify the return expression. Reported-by: Zeal Robot <zealci@zte.com.cn> Signed-off-by: Minghao Chi <chi.minghao@zte.com.cn> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Simplify the return expression.

Reported-by: Zeal Robot <zealci@zte.com.cn>
Signed-off-by: Minghao Chi <chi.minghao@zte.com.cn>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: marvell/cesa - ECB does not IV 2022-04-21T09:53:55+00:00 Corentin Labbe clabbe@baylibre.com 2022-04-13T19:11:54+00:00 4ffa1763622ae5752961499588f3f8874315f974 The DES3 ECB has an IV size set but ECB does not need one. Fixes: 4ada483978237 ("crypto: marvell/cesa - add Triple-DES support") Signed-off-by: Corentin Labbe <clabbe@baylibre.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The DES3 ECB has an IV size set but ECB does not need one.

Fixes: 4ada483978237 ("crypto: marvell/cesa - add Triple-DES support")
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2022-03-21T23:02:36+00:00 Linus Torvalds torvalds@linux-foundation.org 2022-03-21T23:02:36+00:00 93e220a62da36f766b3188e76e234607e41488f9 Pull crypto updates from Herbert Xu: "API: - hwrng core now credits for low-quality RNG devices. Algorithms: - Optimisations for neon aes on arm/arm64. - Add accelerated crc32_be on arm64. - Add ffdheXYZ(dh) templates. - Disallow hmac keys < 112 bits in FIPS mode. - Add AVX assembly implementation for sm3 on x86. Drivers: - Add missing local_bh_disable calls for crypto_engine callback. - Ensure BH is disabled in crypto_engine callback path. - Fix zero length DMA mappings in ccree. - Add synchronization between mailbox accesses in octeontx2. - Add Xilinx SHA3 driver. - Add support for the TDES IP available on sama7g5 SoC in atmel" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (137 commits) crypto: xilinx - Turn SHA into a tristate and allow COMPILE_TEST MAINTAINERS: update HPRE/SEC2/TRNG driver maintainers list crypto: dh - Remove the unused function dh_safe_prime_dh_alg() hwrng: nomadik - Change clk_disable to clk_disable_unprepare crypto: arm64 - cleanup comments crypto: qat - fix initialization of pfvf rts_map_msg structures crypto: qat - fix initialization of pfvf cap_msg structures crypto: qat - remove unneeded assignment crypto: qat - disable registration of algorithms crypto: hisilicon/qm - fix memset during queues clearing crypto: xilinx: prevent probing on non-xilinx hardware crypto: marvell/octeontx - Use swap() instead of open coding it crypto: ccree - Fix use after free in cc_cipher_exit() crypto: ccp - ccp_dmaengine_unregister release dma channels crypto: octeontx2 - fix missing unlock hwrng: cavium - fix NULL but dereferenced coccicheck error crypto: cavium/nitrox - don't cast parameter in bit operations crypto: vmx - add missing dependencies MAINTAINERS: Add maintainer for Xilinx ZynqMP SHA3 driver crypto: xilinx - Add Xilinx SHA3 driver ... 
Pull crypto updates from Herbert Xu:
 "API:
   - hwrng core now credits for low-quality RNG devices.

  Algorithms:
   - Optimisations for neon aes on arm/arm64.
   - Add accelerated crc32_be on arm64.
   - Add ffdheXYZ(dh) templates.
   - Disallow hmac keys < 112 bits in FIPS mode.
   - Add AVX assembly implementation for sm3 on x86.

  Drivers:
   - Add missing local_bh_disable calls for crypto_engine callback.
   - Ensure BH is disabled in crypto_engine callback path.
   - Fix zero length DMA mappings in ccree.
   - Add synchronization between mailbox accesses in octeontx2.
   - Add Xilinx SHA3 driver.
   - Add support for the TDES IP available on sama7g5 SoC in atmel"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (137 commits)
  crypto: xilinx - Turn SHA into a tristate and allow COMPILE_TEST
  MAINTAINERS: update HPRE/SEC2/TRNG driver maintainers list
  crypto: dh - Remove the unused function dh_safe_prime_dh_alg()
  hwrng: nomadik - Change clk_disable to clk_disable_unprepare
  crypto: arm64 - cleanup comments
  crypto: qat - fix initialization of pfvf rts_map_msg structures
  crypto: qat - fix initialization of pfvf cap_msg structures
  crypto: qat - remove unneeded assignment
  crypto: qat - disable registration of algorithms
  crypto: hisilicon/qm - fix memset during queues clearing
  crypto: xilinx: prevent probing on non-xilinx hardware
  crypto: marvell/octeontx - Use swap() instead of open coding it
  crypto: ccree - Fix use after free in cc_cipher_exit()
  crypto: ccp - ccp_dmaengine_unregister release dma channels
  crypto: octeontx2 - fix missing unlock
  hwrng: cavium - fix NULL but dereferenced coccicheck error
  crypto: cavium/nitrox - don't cast parameter in bit operations
  crypto: vmx - add missing dependencies
  MAINTAINERS: Add maintainer for Xilinx ZynqMP SHA3 driver
  crypto: xilinx - Add Xilinx SHA3 driver
  ...
crypto: marvell/octeontx - Use swap() instead of open coding it 2022-03-09T03:12:31+00:00 Jiapeng Chong jiapeng.chong@linux.alibaba.com 2022-03-04T05:57:42+00:00 ee6584bf3c680e20464e20bf28066d1ce685f7d3 Clean the following coccicheck warning: ./drivers/crypto/marvell/octeontx/otx_cptvf_algs.c:1645:16-17: WARNING opportunity for swap(). Reported-by: Abaci Robot <abaci@linux.alibaba.com> Signed-off-by: Jiapeng Chong <jiapeng.chong@linux.alibaba.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Clean the following coccicheck warning:

./drivers/crypto/marvell/octeontx/otx_cptvf_algs.c:1645:16-17: WARNING
opportunity for swap().

Reported-by: Abaci Robot <abaci@linux.alibaba.com>
Signed-off-by: Jiapeng Chong <jiapeng.chong@linux.alibaba.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: octeontx2 - fix missing unlock 2022-03-02T22:49:22+00:00 Yang Yingliang yangyingliang@huawei.com 2022-02-25T07:27:24+00:00 280ee3c3aaa8158e69db5453d8ffd11fce49979c Add the missing unlock before return from error path. Fixes: 4363f3d3ce8f ("crypto: octeontx2 - add synchronization between mailbox accesses") Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: Yang Yingliang <yangyingliang@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Add the missing unlock before return from error path.

Fixes: 4363f3d3ce8f ("crypto: octeontx2 - add synchronization between mailbox accesses")
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: octeontx2 - add synchronization between mailbox accesses 2022-02-23T03:28:32+00:00 Harman Kalra hkalra@marvell.com 2022-02-04T12:46:01+00:00 4363f3d3ce8f5440dfbcd66b6a6800b42a58ba6a Since there are two workqueues implemented in CPTPF driver - one for handling mailbox requests from VFs and another for handling FLR. In both cases PF driver will forward the request to AF driver by writing to mailbox memory. A race condition may arise if two simultaneous requests are written to mailbox memory. Introducing locking mechanism to maintain synchronization between multiple mailbox accesses. Signed-off-by: Harman Kalra <hkalra@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Since there are two workqueues implemented in CPTPF driver - one
for handling mailbox requests from VFs and another for handling FLR.
In both cases PF driver will forward the request to AF driver by
writing to mailbox memory. A race condition may arise if two
simultaneous requests are written to mailbox memory. Introducing
locking mechanism to maintain synchronization between multiple
mailbox accesses.

Signed-off-by: Harman Kalra <hkalra@marvell.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: marvell/octeontx - remove redundant initialization of variable c_size 2022-02-05T04:27:10+00:00 Colin Ian King colin.i.king@gmail.com 2022-01-30T22:53:25+00:00 c717993dd76a1049093af5c262e751d901b8da10 Variable c_size is being initialized with a value that is never read, it is being re-assigned with a different value later on. The initialization is redundant and can be removed. Signed-off-by: Colin Ian King <colin.i.king@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Variable c_size is being initialized with a value that is never read, it
is being re-assigned with a different value later on. The initialization
is redundant and can be removed.

Signed-off-by: Colin Ian King <colin.i.king@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>