Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v4.2 2015-06-22T07:49:18Z 2015-06-22T07:49:18Z Herbert Xu herbert@gondor.apana.org.au 2015-06-21T11:11:43Z urn:sha1:7cecadb7cca83953e7857fe9f7273b705cb8ebe7 Currently we free the default RNG when its use count hits zero. This was OK when the IV generators would latch onto the RNG at instance creation time and keep it until the instance is torn down. Now that IV generators only keep the RNG reference during init time this scheme causes the default RNG to come and go at a high frequencey. This is highly undesirable as we want to keep a single RNG in use unless the admin wants it to be removed. This patch changes the scheme so that the system RNG once allocated is never removed unless a specifically requested. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-19T06:16:30Z Herbert Xu herbert@gondor.apana.org.au 2015-06-18T06:00:49Z urn:sha1:f5d8660acb9623470adcef426c6ff7b07cbe4b74 The struct aead_instance is meant to extend struct crypto_instance by incorporating the extra members of struct aead_alg. However, the current layout which is copied from shash/ahash does not specify the struct fully. In particular only aead_alg is present. For shash/ahash this works because users there add extra headroom to sizeof(struct crypto_instance) when allocating the instance. Unfortunately for aead, this bit was lost when the new aead_instance was added. Rather than fixing it like shash/ahash, this patch simply expands struct aead_instance to contain what is supposed to be there, i.e., adding struct crypto_instance. In order to not break existing AEAD users, this is done through an anonymous union. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-17T09:03:53Z Tadeusz Struk tadeusz.struk@intel.com 2015-06-16T17:31:01Z urn:sha1:cfc2bb32b31371d6bffc6bf2da3548f20ad48c83 Add a new rsa generic SW implementation. This implements only cryptographic primitives. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Added select on ASN1. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-17T09:03:14Z Tadeusz Struk tadeusz.struk@intel.com 2015-06-16T17:30:55Z urn:sha1:3c339ab83fc09d9d91fb7e8b4a60e8ddc91de417 Add Public Key Encryption API. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Made CRYPTO_AKCIPHER invisible like other type config options. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-10T11:14:05Z Stephan Mueller smueller@chronox.de 2015-06-10T01:33:37Z urn:sha1:42ea507fae1ac4b4af0d9d715ab56fa4de2a0341 As required by SP800-90A, the DRBG implements are reseeding threshold. This threshold is at 2**48 (64 bit) and 2**32 bit (32 bit) as implemented in drbg_max_requests. With the recently introduced changes, the DRBG is now always used as a stdrng which is initialized very early in the boot cycle. To ensure that sufficient entropy is present, the Jitter RNG is added to even provide entropy at early boot time. However, the 2nd seed source, the nonblocking pool, is usually degraded at that time. Therefore, the DRBG is seeded with the Jitter RNG (which I believe contains good entropy, which however is questioned by others) and is seeded with a degradded nonblocking pool. This seed is now used for quasi the lifetime of the system (2**48 requests is a lot). The patch now changes the reseed threshold as follows: up until the time the DRBG obtains a seed from a fully iniitialized nonblocking pool, the reseeding threshold is lowered such that the DRBG is forced to reseed itself resonably often. Once it obtains the seed from a fully initialized nonblocking pool, the reseed threshold is set to the value required by SP800-90A. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-10T11:14:01Z Stephan Mueller smueller@chronox.de 2015-06-09T13:55:38Z urn:sha1:57225e6797885e31302e76fc5926c0bedd7e5ad4 The get_blocking_random_bytes API is broken because the wait can be arbitrarily long (potentially forever) so there is no safe way of calling it from within the kernel. This patch replaces it with the new callback API which does not have this problem. The patch also removes the entropy buffer registered with the DRBG handle in favor of stack variables to hold the seed data. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-04T07:05:08Z Masanari Iida standby24x7@gmail.com 2015-06-03T15:01:21Z urn:sha1:12f7c14aa602f15ad60e5a9da459271f63b92917 This patch fix some typos found in crypto-API.xml. It is because the file is generated from comments in sources, so I had to fix typo in sources. Signed-off-by: Masanari Iida <standby24x7@gmail.com> Acked-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-03T02:48:35Z Herbert Xu herbert@gondor.apana.org.au 2015-05-28T14:07:59Z urn:sha1:caab94612ac677523d2bf4a4904c8d080c2c7f73 This patch adds the helpers that allow the registration and removal of multiple algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-03T02:48:34Z Herbert Xu herbert@gondor.apana.org.au 2015-05-28T14:07:57Z urn:sha1:43615369ab79f2c06532ea1607266b8307ccce82 No new code should be using the return value of crypto_unregister_alg as it will become void soon. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-03T02:48:33Z Herbert Xu herbert@gondor.apana.org.au 2015-05-28T14:07:55Z urn:sha1:5c98d62059faf7c59211cb591da671eaac7b7c3c Now that type-safe init/exit functions exist, they often need to access the underlying aead_instance. So this patch adds the helper aead_alg_instance to access aead_instance from a crypto_aead object. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>