Skip to main content

Browse the archive

Revision 5ee88057889bbca5f5bb96031b62b3756b33e164 authored by Linus Torvalds on 15 January 2021, 04:10:06 UTC, committed by Linus Torvalds on 15 January 2021, 04:10:06 UTC 
Merge tag 'drm-fixes-2021-01-15' of git://anongit.freedesktop.org/drm/drm
 
Pull drm fixes from Dave Airlie:
 "Regular fixes for rc4, a bunch of fixes across i915, amdgpu and
  nouveau here, along with a couple of TTM fixes, and dma-buf and one
  core pageflip/modifier interaction fix.

  One notable i915 fix is a HSW GT1 regression fix that has been
  outstanding for quite a while. (Thanks to Matt Turner for kicking
  Intel into getting it fixed).

  dma-buf:
   - Fix a memory leak in CMAV heap

  core:
   - Fix format check for legacy pageflips

  ttm:
   - Pass correct address to dma_mapping_error()
   - Use mutex in pool shrinker

  i915:
   - Allow the sysadmin to override security mitigations
   - Restore clear-residual mitigations for ivb/byt
   - Limit VFE threads based on GT
   - GVT: fix vfio edid and full display detection
   - Fix DSI DSC power refcounting
   - Fix LPT CPU mode backlight takeover
   - Disable RPM wakeref assertions during driver shutdown
   - Fix DSI sequence sleeps

  amdgpu:
   - Update repo location in MAINTAINERS
   - Add some new renoir PCI IDs
   - Revert CRC UAPI changes
   - Revert OLED display fix which cases clocking problems for some systems
   - Misc vangogh fixes
   - GFX fix for sienna cichlid
   - DCN1.0 fix for pipe split
   - Fix incorrect PSP command

  amdkfd:
   - Fix possible out of bounds read in vcrat creation

  nouveau:
   - irq handling fix
   - expansion ROM fix
   - hw init dpcd disable
   - aux semaphore owner field fix
   - vram heap sizing fix
   - notifier at 0 is valid fix"

* tag 'drm-fixes-2021-01-15' of git://anongit.freedesktop.org/drm/drm: (37 commits)
  drm/nouveau/kms/nv50-: fix case where notifier buffer is at offset 0
  drm/nouveau/mmu: fix vram heap sizing
  drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields
  drm/nouveau/i2c/gk110-: disable hw-initiated dpcd reads
  drm/nouveau/i2c/gk110: split out from i2c/gk104
  drm/nouveau/privring: ack interrupts the same way as RM
  drm/nouveau/bios: fix issue shadowing expansion ROMs
  drm/amd/display: Fix to be able to stop crc calculation
  Revert "drm/amd/display: Expose new CRC window property"
  Revert "drm/amdgpu/disply: fix documentation warnings in display manager"
  Revert "drm/amd/display: Fix unused variable warning"
  drm/amdgpu: set power brake sequence
  drm/amdgpu: add new device id for Renior
  drm/amdgpu: add green_sardine device id (v2)
  drm/amdgpu: fix vram type and bandwidth error for DDR5 and DDR4
  drm/amdgpu/gfx10: add updated GOLDEN_TSC_COUNT_UPPER/LOWER register offsets for VGH
  drm/amdkfd: Fix out-of-bounds read in kdf_create_vcrat_image_cpu()
  Revert "drm/amd/display: Fixed Intermittent blue screen on OLED panel"
  drm/amd/display: disable dcn10 pipe split by default
  drm/amd/display: Add a missing DCN3.01 API mapping
  ...
2 parent s cdaed11 + c8f6364
Raw File
echainiv.c 
// SPDX-License-Identifier: GPL-2.0-or-later
/*
 * echainiv: Encrypted Chain IV Generator
 *
 * This generator generates an IV based on a sequence number by multiplying
 * it with a salt and then encrypting it with the same key as used to encrypt
 * the plain text.  This algorithm requires that the block size be equal
 * to the IV size.  It is mainly useful for CBC.
 *
 * This generator can only be used by algorithms where authentication
 * is performed after encryption (i.e., authenc).
 *
 * Copyright (c) 2015 Herbert Xu <herbert@gondor.apana.org.au>
 */

#include <crypto/internal/geniv.h>
#include <crypto/scatterwalk.h>
#include <crypto/skcipher.h>
#include <linux/err.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/slab.h>
#include <linux/string.h>

static int echainiv_encrypt(struct aead_request *req)
{
	struct crypto_aead *geniv = crypto_aead_reqtfm(req);
	struct aead_geniv_ctx *ctx = crypto_aead_ctx(geniv);
	struct aead_request *subreq = aead_request_ctx(req);
	__be64 nseqno;
	u64 seqno;
	u8 *info;
	unsigned int ivsize = crypto_aead_ivsize(geniv);
	int err;

	if (req->cryptlen < ivsize)
		return -EINVAL;

	aead_request_set_tfm(subreq, ctx->child);

	info = req->iv;

	if (req->src != req->dst) {
		SYNC_SKCIPHER_REQUEST_ON_STACK(nreq, ctx->sknull);

		skcipher_request_set_sync_tfm(nreq, ctx->sknull);
		skcipher_request_set_callback(nreq, req->base.flags,
					      NULL, NULL);
		skcipher_request_set_crypt(nreq, req->src, req->dst,
					   req->assoclen + req->cryptlen,
					   NULL);

		err = crypto_skcipher_encrypt(nreq);
		if (err)
			return err;
	}

	aead_request_set_callback(subreq, req->base.flags,
				  req->base.complete, req->base.data);
	aead_request_set_crypt(subreq, req->dst, req->dst,
			       req->cryptlen, info);
	aead_request_set_ad(subreq, req->assoclen);

	memcpy(&nseqno, info + ivsize - 8, 8);
	seqno = be64_to_cpu(nseqno);
	memset(info, 0, ivsize);

	scatterwalk_map_and_copy(info, req->dst, req->assoclen, ivsize, 1);

	do {
		u64 a;

		memcpy(&a, ctx->salt + ivsize - 8, 8);

		a |= 1;
		a *= seqno;

		memcpy(info + ivsize - 8, &a, 8);
	} while ((ivsize -= 8));

	return crypto_aead_encrypt(subreq);
}

static int echainiv_decrypt(struct aead_request *req)
{
	struct crypto_aead *geniv = crypto_aead_reqtfm(req);
	struct aead_geniv_ctx *ctx = crypto_aead_ctx(geniv);
	struct aead_request *subreq = aead_request_ctx(req);
	crypto_completion_t compl;
	void *data;
	unsigned int ivsize = crypto_aead_ivsize(geniv);

	if (req->cryptlen < ivsize)
		return -EINVAL;

	aead_request_set_tfm(subreq, ctx->child);

	compl = req->base.complete;
	data = req->base.data;

	aead_request_set_callback(subreq, req->base.flags, compl, data);
	aead_request_set_crypt(subreq, req->src, req->dst,
			       req->cryptlen - ivsize, req->iv);
	aead_request_set_ad(subreq, req->assoclen + ivsize);

	scatterwalk_map_and_copy(req->iv, req->src, req->assoclen, ivsize, 0);

	return crypto_aead_decrypt(subreq);
}

static int echainiv_aead_create(struct crypto_template *tmpl,
				struct rtattr **tb)
{
	struct aead_instance *inst;
	int err;

	inst = aead_geniv_alloc(tmpl, tb);

	if (IS_ERR(inst))
		return PTR_ERR(inst);

	err = -EINVAL;
	if (inst->alg.ivsize & (sizeof(u64) - 1) || !inst->alg.ivsize)
		goto free_inst;

	inst->alg.encrypt = echainiv_encrypt;
	inst->alg.decrypt = echainiv_decrypt;

	inst->alg.init = aead_init_geniv;
	inst->alg.exit = aead_exit_geniv;

	inst->alg.base.cra_ctxsize = sizeof(struct aead_geniv_ctx);
	inst->alg.base.cra_ctxsize += inst->alg.ivsize;

	err = aead_register_instance(tmpl, inst);
	if (err) {
free_inst:
		inst->free(inst);
	}
	return err;
}

static struct crypto_template echainiv_tmpl = {
	.name = "echainiv",
	.create = echainiv_aead_create,
	.module = THIS_MODULE,
};

static int __init echainiv_module_init(void)
{
	return crypto_register_template(&echainiv_tmpl);
}

static void __exit echainiv_module_exit(void)
{
	crypto_unregister_template(&echainiv_tmpl);
}

subsys_initcall(echainiv_module_init);
module_exit(echainiv_module_exit);

MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Encrypted Chain IV Generator");
MODULE_ALIAS_CRYPTO("echainiv");
back to top