From 5124bc96162667766f6120b19f57a640c2eccb2a Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Thu, 12 Sep 2024 17:57:13 +0800 Subject: [PATCH 1/3] crypto: caam - Pad SG length when allocating hash edesc Because hardware will read in multiples of 4 SG entries, ensure the allocated length is always padded. This was already done by some callers of ahash_edesc_alloc, but ahash_digest was conspicuously missing. In any case, doing it in the allocation function ensures that the memory is always there. Reported-by: Guangwu Zhang Fixes: a5e5c13398f3 ("crypto: caam - fix S/G table passing page boundary") Signed-off-by: Herbert Xu --- drivers/crypto/caam/caamhash.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/crypto/caam/caamhash.c b/drivers/crypto/caam/caamhash.c index fdd724228c2f..25c02e267258 100644 --- a/drivers/crypto/caam/caamhash.c +++ b/drivers/crypto/caam/caamhash.c @@ -708,6 +708,7 @@ static struct ahash_edesc *ahash_edesc_alloc(struct ahash_request *req, GFP_KERNEL : GFP_ATOMIC; struct ahash_edesc *edesc; + sg_num = pad_sg_nents(sg_num); edesc = kzalloc(struct_size(edesc, sec4_sg, sg_num), flags); if (!edesc) return NULL; From 4330869a2dd9e3abfde820fb5d93888e7d98ffa1 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Wed, 18 Sep 2024 12:01:47 +0800 Subject: [PATCH 2/3] crypto: s390/paes - Fix module aliases The paes_s390 module didn't declare the correct aliases for the algorithms that it registered. Instead it declared an alias for the non-existent paes algorithm. The Crypto API will eventually try to load the paes algorithm, to construct the cbc(paes) instance. But because the module does not actually contain a "paes" algorithm, this will fail. Previously this failure was hidden and the the cbc(paes) lookup will be retried. This was fixed recently, thus exposing the buggy alias in paes_s390. Replace the bogus paes alias with aliases for the actual algorithms. Reported-by: Ingo Franzki Fixes: e7a4142b35ce ("crypto: api - Fix generic algorithm self-test races") Signed-off-by: Herbert Xu Tested-by: Ingo Franzki Reviewed-by: Ingo Franzki Signed-off-by: Herbert Xu --- arch/s390/crypto/paes_s390.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/arch/s390/crypto/paes_s390.c b/arch/s390/crypto/paes_s390.c index 99ea3f12c5d2..b8d9f385555d 100644 --- a/arch/s390/crypto/paes_s390.c +++ b/arch/s390/crypto/paes_s390.c @@ -802,7 +802,10 @@ out_err: module_init(paes_s390_init); module_exit(paes_s390_fini); -MODULE_ALIAS_CRYPTO("paes"); +MODULE_ALIAS_CRYPTO("ecb(paes)"); +MODULE_ALIAS_CRYPTO("cbc(paes)"); +MODULE_ALIAS_CRYPTO("ctr(paes)"); +MODULE_ALIAS_CRYPTO("xts(paes)"); MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm with protected keys"); MODULE_LICENSE("GPL"); From 44ac4625ea002deecd0c227336c95b724206c698 Mon Sep 17 00:00:00 2001 From: Danny Tsen Date: Thu, 19 Sep 2024 07:36:37 -0400 Subject: [PATCH 3/3] crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 Data mismatch found when testing ipsec tunnel with AES/GCM crypto. Disabling CRYPTO_AES_GCM_P10 in Kconfig for this feature. Fixes: fd0e9b3e2ee6 ("crypto: p10-aes-gcm - An accelerated AES/GCM stitched implementation") Fixes: cdcecfd9991f ("crypto: p10-aes-gcm - Glue code for AES/GCM stitched implementation") Fixes: 45a4672b9a6e2 ("crypto: p10-aes-gcm - Update Kconfig and Makefile") Signed-off-by: Danny Tsen Signed-off-by: Herbert Xu --- arch/powerpc/crypto/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/powerpc/crypto/Kconfig b/arch/powerpc/crypto/Kconfig index 09ebcbdfb34f..46a4c85e85e2 100644 --- a/arch/powerpc/crypto/Kconfig +++ b/arch/powerpc/crypto/Kconfig @@ -107,6 +107,7 @@ config CRYPTO_AES_PPC_SPE config CRYPTO_AES_GCM_P10 tristate "Stitched AES/GCM acceleration support on P10 or later CPU (PPC)" + depends on BROKEN depends on PPC64 && CPU_LITTLE_ENDIAN && VSX select CRYPTO_LIB_AES select CRYPTO_ALGAPI