Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
"This fixes the following issues:
API:
- algif_hash needs to wait for init operations to complete.
- The has_key setting for shash was always true.
Algorithms:
- Add missing selections of CRYPTO_HASH.
- Fix pkcs7 authentication.
Drivers:
- Fix stack alignment bug in chacha20-ssse3.
- Fix performance regression in caam due to incorrect setting.
- Fix potential compile-only build failure of stm32"
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: atmel-aes - remove calls of clk_prepare() from atomic contexts
crypto: algif_hash - wait for crypto_ahash_init() to complete
crypto: shash - Fix has_key setting
hwrng: stm32 - Fix dependencies for !HAS_IOMEM archs
crypto: ghash,poly1305 - select CRYPTO_HASH where needed
crypto: chacha20-ssse3 - Align stack pointer to 64 bytes
PKCS#7: Don't require SpcSpOpusInfo in Authenticode pkcs7 signatures
crypto: caam - make write transactions bufferable on PPC platforms
diff --git a/arch/x86/crypto/chacha20-ssse3-x86_64.S b/arch/x86/crypto/chacha20-ssse3-x86_64.S
index 712b130..3a33124 100644
--- a/arch/x86/crypto/chacha20-ssse3-x86_64.S
+++ b/arch/x86/crypto/chacha20-ssse3-x86_64.S
@@ -157,7 +157,9 @@
# done with the slightly better performing SSSE3 byte shuffling,
# 7/12-bit word rotation uses traditional shift+OR.
- sub $0x40,%rsp
+ mov %rsp,%r11
+ sub $0x80,%rsp
+ and $~63,%rsp
# x0..15[0-3] = s0..3[0..3]
movq 0x00(%rdi),%xmm1
@@ -620,6 +622,6 @@
pxor %xmm1,%xmm15
movdqu %xmm15,0xf0(%rsi)
- add $0x40,%rsp
+ mov %r11,%rsp
ret
ENDPROC(chacha20_4block_xor_ssse3)
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 7240821..3be07ad 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -472,11 +472,13 @@
config CRYPTO_GHASH
tristate "GHASH digest algorithm"
select CRYPTO_GF128MUL
+ select CRYPTO_HASH
help
GHASH is message digest algorithm for GCM (Galois/Counter Mode).
config CRYPTO_POLY1305
tristate "Poly1305 authenticator algorithm"
+ select CRYPTO_HASH
help
Poly1305 authenticator algorithm, RFC7539.
diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
index 608a756..68a5cea 100644
--- a/crypto/algif_hash.c
+++ b/crypto/algif_hash.c
@@ -54,7 +54,8 @@
lock_sock(sk);
if (!ctx->more) {
- err = crypto_ahash_init(&ctx->req);
+ err = af_alg_wait_for_completion(crypto_ahash_init(&ctx->req),
+ &ctx->completion);
if (err)
goto unlock;
}
@@ -125,6 +126,7 @@
} else {
if (!ctx->more) {
err = crypto_ahash_init(&ctx->req);
+ err = af_alg_wait_for_completion(err, &ctx->completion);
if (err)
goto unlock;
}
diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
index 758acab..8f3056c 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -547,9 +547,7 @@
struct pkcs7_signed_info *sinfo = ctx->sinfo;
if (!test_bit(sinfo_has_content_type, &sinfo->aa_set) ||
- !test_bit(sinfo_has_message_digest, &sinfo->aa_set) ||
- (ctx->msg->data_type == OID_msIndirectData &&
- !test_bit(sinfo_has_ms_opus_info, &sinfo->aa_set))) {
+ !test_bit(sinfo_has_message_digest, &sinfo->aa_set)) {
pr_warn("Missing required AuthAttr\n");
return -EBADMSG;
}
diff --git a/crypto/shash.c b/crypto/shash.c
index 88a27de..35975459 100644
--- a/crypto/shash.c
+++ b/crypto/shash.c
@@ -354,11 +354,10 @@
crt->final = shash_async_final;
crt->finup = shash_async_finup;
crt->digest = shash_async_digest;
+ crt->setkey = shash_async_setkey;
- if (alg->setkey) {
- crt->setkey = shash_async_setkey;
- crt->has_setkey = true;
- }
+ crt->has_setkey = alg->setkey != shash_no_setkey;
+
if (alg->export)
crt->export = shash_async_export;
if (alg->import)
diff --git a/drivers/char/hw_random/Kconfig b/drivers/char/hw_random/Kconfig
index dbf2271..ff00331 100644
--- a/drivers/char/hw_random/Kconfig
+++ b/drivers/char/hw_random/Kconfig
@@ -372,6 +372,7 @@
config HW_RANDOM_STM32
tristate "STMicroelectronics STM32 random number generator"
depends on HW_RANDOM && (ARCH_STM32 || COMPILE_TEST)
+ depends on HAS_IOMEM
help
This driver provides kernel-side support for the Random Number
Generator hardware found on STM32 microcontrollers.
diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
index 6dd3317..3eb3f12 100644
--- a/drivers/crypto/atmel-aes.c
+++ b/drivers/crypto/atmel-aes.c
@@ -400,7 +400,7 @@
{
int err;
- err = clk_prepare_enable(dd->iclk);
+ err = clk_enable(dd->iclk);
if (err)
return err;
@@ -430,7 +430,7 @@
dev_info(dd->dev, "version: 0x%x\n", dd->hw_version);
- clk_disable_unprepare(dd->iclk);
+ clk_disable(dd->iclk);
return 0;
}
@@ -448,7 +448,7 @@
static inline int atmel_aes_complete(struct atmel_aes_dev *dd, int err)
{
- clk_disable_unprepare(dd->iclk);
+ clk_disable(dd->iclk);
dd->flags &= ~AES_FLAGS_BUSY;
if (dd->is_async)
@@ -2091,10 +2091,14 @@
goto res_err;
}
- err = atmel_aes_hw_version_init(aes_dd);
+ err = clk_prepare(aes_dd->iclk);
if (err)
goto res_err;
+ err = atmel_aes_hw_version_init(aes_dd);
+ if (err)
+ goto iclk_unprepare;
+
atmel_aes_get_cap(aes_dd);
err = atmel_aes_buff_init(aes_dd);
@@ -2127,6 +2131,8 @@
err_aes_dma:
atmel_aes_buff_cleanup(aes_dd);
err_aes_buff:
+iclk_unprepare:
+ clk_unprepare(aes_dd->iclk);
res_err:
tasklet_kill(&aes_dd->done_task);
tasklet_kill(&aes_dd->queue_task);
@@ -2155,6 +2161,8 @@
atmel_aes_dma_cleanup(aes_dd);
atmel_aes_buff_cleanup(aes_dd);
+ clk_unprepare(aes_dd->iclk);
+
return 0;
}
diff --git a/drivers/crypto/caam/ctrl.c b/drivers/crypto/caam/ctrl.c
index 8abb4bc..69d4a13 100644
--- a/drivers/crypto/caam/ctrl.c
+++ b/drivers/crypto/caam/ctrl.c
@@ -534,8 +534,8 @@
* long pointers in master configuration register
*/
clrsetbits_32(&ctrl->mcr, MCFGR_AWCACHE_MASK, MCFGR_AWCACHE_CACH |
- MCFGR_WDENABLE | (sizeof(dma_addr_t) == sizeof(u64) ?
- MCFGR_LONG_PTR : 0));
+ MCFGR_AWCACHE_BUFF | MCFGR_WDENABLE |
+ (sizeof(dma_addr_t) == sizeof(u64) ? MCFGR_LONG_PTR : 0));
/*
* Read the Compile Time paramters and SCFGR to determine