Select Git revision
Search by author
- Any Author
- authors
-
Abhiram Balasubramanian abhiram
-
Anton Burtsev
aburtsev
-
Charlie Jacobsen cjacobsen
-
David Detweiler ddetweiler
-
David Johnson johnsond
-
Michael Quigley MichaelQuigley
-
Mike Hibler hibler
-
Robert Ricci ricci
-
Sarah Spall spall
-
Scotty Bauer ScottyB
-
Vikram Narayanan vikram
- Jul 26, 2011
-
-
Arun Sharma authored
This allows us to move duplicated code in <asm/atomic.h> (atomic_inc_not_zero() for now) to <linux/atomic.h> Signed-off-by:
Arun Sharma <asharma@fb.com> Reviewed-by:
Eric Dumazet <eric.dumazet@gmail.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: David Miller <davem@davemloft.net> Cc: Eric Dumazet <eric.dumazet@gmail.com> Acked-by:
Mike Frysinger <vapier@gentoo.org> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
- Jul 11, 2011
-
-
Michael Witten authored
Also, a comma was inserted to offset a modifier. Signed-off-by:
Michael Witten <mfwitten@gmail.com> Signed-off-by:
Jiri Kosina <jkosina@suse.cz>
-
- Jul 08, 2011
-
-
Mathias Krause authored
In gf128mul_lle() and gf128mul_bbe() r isn't completely initialized with zero because the size argument passed to memset() is the size of the pointer, not the structure it points to. Luckily there are no in-kernel users of those functions so the ABI change implied by this fix should break no existing code. Based on a patch by the PaX Team. Signed-off-by:
Mathias Krause <minipli@googlemail.com> Cc: PaX Team <pageexec@freemail.hu> Acked-by:
David S. Miller <davem@davemloft.net> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
- Jun 29, 2011
-
-
Herbert Xu authored
When the first call to af_alg_make_sg fails, we may return garbage instead of the real error. This patch fixes it by setting the error if "copied" is zero. Based on a patch by Jesper Juhl. Reported-by:
Jesper Juhl <jj@chaosbits.net> Signed-off-by:
-
Mandeep Singh Baines authored
Modify sha1_update to use SHA1_BLOCK_SIZE. Signed-off-by:
Mandeep Singh Baines <msb@chromium.org> Signed-off-by:
-
Mati Vait authored
Fixed coding style issues: unnecessary spaces, parentheses on wrong lines. Signed-off-by:
Mati Vait <mativait@gmail.com> Signed-off-by:
-
Mati Vait authored
Removed coding style issue: space before tabs. Signed-off-by:
-
Richard Weinberger authored
CRYPTO_GHASH_CLMUL_NI_INTEL and CRYPTO_AES_NI_INTEL cannot be used on UML. Commit 3e02e5cb and 54b6a1bd enabled them by accident. Signed-off-by:
Richard Weinberger <richard@nod.at> Signed-off-by:
-
Jarod Wilson authored
FIPS compliance requires a known-answer self-test for all approved cipher and mode combinations, for all valid key sizes. Presently, there are only self-tests for xts-aes-128. This adds a 256-bit one, pulled from the same reference document, which should satisfy the requirement. Signed-off-by:
Jarod Wilson <jarod@redhat.com> Signed-off-by:
-
David S. Miller authored
They are 64K and result in order-4 allocations, even with SLUB. Therefore, just like we always have for the deflate buffers, use vmalloc. Reported-by:
Martin Jackson <mjackson220.list@gmail.com> Acked-by:
-
- Jun 21, 2011
-
-
Alexey Dobriyan authored
Remove linux/mm.h inclusion from netdevice.h -- it's unused (I've checked manually). To prevent mm.h inclusion via other channels also extract "enum dma_data_direction" definition into separate header. This tiny piece is what gluing netdevice.h with mm.h via "netdevice.h => dmaengine.h => dma-mapping.h => scatterlist.h => mm.h". Removal of mm.h from scatterlist.h was tried and was found not feasible on most archs, so the link was cutoff earlier. Hope people are OK with tiny include file. Note, that mm_types.h is still dragged in, but it is a separate story. Signed-off-by:
Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by:
-
- May 15, 2011
-
-
Andy Lutomirski authored
Loading fpu without aesni-intel does nothing. Loading aesni-intel without fpu causes modes like xts to fail. (Unloading aesni-intel will restore those modes.) One solution would be to make aesni-intel depend on fpu, but it seems cleaner to just combine the modules. This is probably responsible for bugs like: https://bugzilla.redhat.com/show_bug.cgi?id=589390 Signed-off-by:
Andy Lutomirski <luto@mit.edu> Signed-off-by:
-
- May 03, 2011
-
-
Jan Glauber authored
Add the CTR mode speed test for AES. Signed-off-by:
Jan Glauber <jang@linux.vnet.ibm.com> Signed-off-by:
-
Puneet Saxena authored
the fix add testcase for testing aes ofb mode. Signed-off-by:
Puneet Saxena <puneets@nvidia.com> Signed-off-by:
-
- Mar 31, 2011
-
-
Lucas De Marchi authored
Fixes generated by 'codespell' and manually reviewed. Signed-off-by:Lucas De Marchi <lucas.demarchi@profusion.mobi>
-
- Mar 22, 2011
-
-
Jim Keniston authored
Instead of always creating a huge (268K) deflate_workspace with the maximum compression parameters (windowBits=15, memLevel=8), allow the caller to obtain a smaller workspace by specifying smaller parameter values. For example, when capturing oops and panic reports to a medium with limited capacity, such as NVRAM, compression may be the only way to capture the whole report. In this case, a small workspace (24K works fine) is a win, whether you allocate the workspace when you need it (i.e., during an oops or panic) or at boot time. I've verified that this patch works with all accepted values of windowBits (positive and negative), memLevel, and compression level. Signed-off-by:
Jim Keniston <jkenisto@us.ibm.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: David Miller <davem@davemloft.net> Cc: Chris Mason <chris.mason@oracle.com> Signed-off-by:
-
- Mar 13, 2011
-
-
Steffen Klassert authored
ESP with separate encryption/authentication algorithms needs a special treatment for the associated data. This patch add a new algorithm that handles esp with extended sequence numbers. Signed-off-by:
Steffen Klassert <steffen.klassert@secunet.com> Acked-by:
-
- Mar 04, 2011
-
-
David Sterba authored
Commit da7f033d (”crypto: cryptomgr - Add test infrastructure”) added a const to variable which is later used as target buffer of memcpy. crypto/tcrypt.c:217:12: warning: passing 'const char (*)[128]' to parameter of type 'void *' discards qualifiers memset(&iv, 0xff, iv_len); crypto/tcrypt.c:test_cipher_speed() - unsigned char *key, iv[128]; + const char *key, iv[128]; ... memset(&iv, 0xff, iv_len); Signed-off-by:
David Sterba <dsterba@suse.cz> Signed-off-by:
-
- Feb 16, 2011
-
-
Herbert Xu authored
In light of the recent discovery of the bug with partial block processing on s390, we need best test coverage for that. This patch adds a test vector for SHA1 that should catch such problems. Signed-off-by:
-
- Jan 28, 2011
-
-
Jarod Wilson authored
A self-test failure in fips mode means a panic. Well, gcm(aes) self-tests currently fail in fips mode, as gcm is dependent on ghash, which semi-recently got self-test vectors added, but wasn't marked as a fips_allowed algorithm. Because of gcm's dependence on what is now seen as a non-fips_allowed algorithm, its self-tests refuse to run. Previously, ghash got a pass in fips mode, due to the lack of any test vectors at all, and thus gcm self-tests were able to run. After this patch, a 'modprobe tcrypt mode=35' no longer panics in fips mode, and successful self-test of gcm(aes) is reported. Signed-off-by:
-
Jarod Wilson authored
We (Red Hat) are intending to include dm-crypt functionality, using xts(aes) for disk encryption, as part of an upcoming FIPS-140-2 certification effort, and xts(aes) *is* on the list of possible mode/cipher combinations that can be certified. To make that possible, we need to mark xts(aes) as fips_allowed in the crypto subsystem. A 'modprobe tcrypt mode=10' in fips mode shows xts(aes) self-tests passing successfully after this change. Signed-off-by:
-
Davidlohr Bueso authored
Signed-off-by:
Davidlohr Bueso <dave@gnu.org> Acked-by:
-
- Jan 04, 2011
-
-
Tejun Heo authored
kcrypto_wq and pcrypt->wq's are used to run ciphers and may consume considerable amount of CPU cycles. Mark both as CPU_INTENSIVE so that they don't block other work items. As the workqueues are primarily used to burn CPU cycles, concurrency levels shouldn't matter much and are left at 1. A higher value may be beneficial and needs investigation. Signed-off-by:
Tejun Heo <tj@kernel.org> Signed-off-by:
-
Adrian-Ken Rueegsegger authored
Signed-off-by:
Adrian-Ken Rueegsegger <ken@codelabs.ch> Signed-off-by:
-
- Dec 28, 2010
-
-
Herbert Xu authored
This feature no longer needs the experimental tag. Reported-by:
Toralf Förster <toralf.foerster@gmx.de> Signed-off-by:
-
- Dec 21, 2010
-
-
Randy Dunlap authored
Change data type to fix warning: crypto/af_alg.c:35: warning: initialization from incompatible pointer type Signed-off-by:
Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by:
-
- Dec 07, 2010
-
-
Miloslav Trmač authored
Signed-off-by:
Miloslav Trmač <mitr@redhat.com> Signed-off-by:
-
- Dec 01, 2010
-
-
Steffen Klassert authored
Use scatterwalk_crypto_chain in favor of locally defined chaining functions. Signed-off-by:
-
- Nov 30, 2010
-
-
Herbert Xu authored
As it is if user-space passes through a receive buffer that's not aligned to to the cipher block size, we'll end up encrypting or decrypting a partial block which causes a spurious EINVAL to be returned. This patch fixes this by moving the partial block test after the af_alg_make_sg call. Signed-off-by: -
Herbert Xu authored
When sk_sndbuf is not a multiple of PAGE_SIZE, the limit tests in sendmsg fail as the limit variable becomes negative and we're using an unsigned comparison. The same thing can happen if sk_sndbuf is lowered after a sendmsg call. This patch fixes this by always taking the signed maximum of limit and 0 before we perform the comparison. It also rounds the value of sk_sndbuf down to a multiple of PAGE_SIZE so that we don't end up allocating a page only to use a small number of bytes in it because we're bound by sk_sndbuf. Signed-off-by:
-
- Nov 29, 2010
-
-
Herbert Xu authored
Add missing dependency on NET since we require sockets for our interface. Should really be a select but kconfig doesn't like that: net/Kconfig:6:error: found recursive dependency: NET -> NETWORK_FILESYSTEMS -> AFS_FS -> AF_RXRPC -> CRYPTO -> CRYPTO_USER_API_HASH -> CRYPTO_USER_API -> NET Reported-by:
Zimny Lech <napohybelskurwysynom2010@gmail.com> Signed-off-by:
-
- Nov 28, 2010
-
-
Herbert Xu authored
The error returned from af_alg_make_sg is currently lost and we always pass on -EINVAL. This patch pases on the underlying error. Signed-off-by:
-
- Nov 27, 2010
-
-
Mathias Krause authored
The AES-NI instructions are also available in legacy mode so the 32-bit architecture may profit from those, too. To illustrate the performance gain here's a short summary of a dm-crypt speed test on a Core i7 M620 running at 2.67GHz comparing both assembler implementations: x86: i568 aes-ni delta ECB, 256 bit: 93.8 MB/s 123.3 MB/s +31.4% CBC, 256 bit: 84.8 MB/s 262.3 MB/s +209.3% LRW, 256 bit: 108.6 MB/s 222.1 MB/s +104.5% XTS, 256 bit: 105.0 MB/s 205.5 MB/s +95.7% Additionally, due to some minor optimizations, the 64-bit version also got a minor performance gain as seen below: x86-64: old impl. new impl. delta ECB, 256 bit: 121.1 MB/s 123.0 MB/s +1.5% CBC, 256 bit: 285.3 MB/s 290.8 MB/s +1.9% LRW, 256 bit: 263.7 MB/s 265.3 MB/s +0.6% XTS, 256 bit: 251.1 MB/s 255.3 MB/s +1.7% Signed-off-by:
Huang Ying <ying.huang@intel.com> Signed-off-by:
-
Tracey Dent authored
Changed Makefile to use <modules>-y instead of <modules>-objs. Signed-off-by:
Tracey Dent <tdent48227@gmail.com> Signed-off-by:
-
Joe Perches authored
Signed-off-by:
Joe Perches <joe@perches.com> Signed-off-by:
-
- Nov 26, 2010
-
-
Herbert Xu authored
This patch adds the af_alg plugin for symmetric key ciphers, corresponding to the ablkcipher kernel operation type. Keys can optionally be set through the setsockopt interface. Once a sendmsg call occurs without MSG_MORE no further writes may be made to the socket until all previous data has been read. IVs and and whether encryption/decryption is performed can be set through the setsockopt interface or as a control message to sendmsg. The interface is completely synchronous, all operations are carried out in recvmsg(2) and will complete prior to the system call returning. The splice(2) interface support reading the user-space data directly without copying (except that the Crypto API itself may copy the data if alignment is off). The recvmsg(2) interface supports directly writing to user-space without additional copying, i.e., the kernel crypto interface will receive the user-space address as its output SG list. Thakns to Miloslav Trmac for reviewing this and contributing fixes and improvements. Signed-off-by:
-
- Nov 19, 2010
-
-
Herbert Xu authored
This patch adds the af_alg plugin for hash, corresponding to the ahash kernel operation type. Keys can optionally be set through the setsockopt interface. Each sendmsg call will finalise the hash unless sent with a MSG_MORE flag. Partial hash states can be cloned using accept(2). The interface is completely synchronous, all operations will complete prior to the system call returning. Both sendmsg(2) and splice(2) support reading the user-space data directly without copying (except that the Crypto API itself may copy the data if alignment is off). For now only the splice(2) interface supports performing digest instead of init/update/final. In future the sendmsg(2) interface will also be modified to use digest/finup where possible so that hardware that cannot return a partial hash state can still benefit from this interface. Thakns to Miloslav Trmac for reviewing this and contributing fixes and improvements. Signed-off-by:
Martin Willi <martin@strongswan.org>
-
Herbert Xu authored
This patch creates the backbone of the user-space interface for the Crypto API, through a new socket family AF_ALG. Each session corresponds to one or more connections obtained from that socket. The number depends on the number of inputs/outputs of that particular type of operation. For most types there will be a s ingle connection/file descriptor that is used for both input and output. AEAD is one of the few that require two inputs. Each algorithm type will provide its own implementation that plugs into af_alg. They're keyed using a string such as "skcipher" or "hash". IOW this patch only contains the boring bits that is required to hold everything together. Thakns to Miloslav Trmac for reviewing this and contributing fixes and improvements. Signed-off-by:
-
- Nov 13, 2010
-
-
Adrian Hoban authored
Updated RFC4106 AES-GCM testing. Some test vectors were taken from http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/ gcm/gcm-test-vectors.tar.gz Signed-off-by:
Adrian Hoban <adrian.hoban@intel.com> Signed-off-by:
Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by:
Gabriele Paoloni <gabriele.paoloni@intel.com> Signed-off-by:
Aidan O'Mahony <aidan.o.mahony@intel.com> Signed-off-by:
-
Nicolas Kaiser authored
I noticed that by factoring out common rounds from the branches of the if-statements in the encryption and decryption functions, the executable file size goes down significantly, for crypto/cast5.ko from 26688 bytes to 24336 bytes (amd64). On my test system, I saw a slight speedup. This is the first time I'm doing such a benchmark - I found a similar one on the crypto mailing list, and I hope I did it right? Before: # cryptsetup create dm-test /dev/hda2 -c cast5-cbc-plain -s 128 Passsatz eingeben: # dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50 52428800 Bytes (52 MB) kopiert, 2,43484 s, 21,5 MB/s # dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50 52428800 Bytes (52 MB) kopiert, 2,4089 s, 21,8 MB/s # dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50 52428800 Bytes (52 MB) kopiert, 2,41091 s, 21,7 MB/s After: # cryptsetup create dm-test /dev/hda2 -c cast5-cbc-plain -s 128 Passsatz eingeben: # dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50 52428800 Bytes (52 MB) kopiert, 2,38128 s, 22,0 MB/s # dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50 52428800 Bytes (52 MB) kopiert, 2,29486 s, 22,8 MB/s # dd if=/dev/zero of=/dev/mapper/dm-test bs=1M count=50 52428800 Bytes (52 MB) kopiert, 2,37162 s, 22,1 MB/s Signed-off-by:
Nicolas Kaiser <nikai@nikai.net> Signed-off-by:
-
