From: Greg Kroah-Hartman Date: Fri, 2 Sep 2016 13:55:54 +0000 (+0200) Subject: 4.7-stable patches X-Git-Tag: v3.14.78~14 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=47c9caacfabf69996de280304378831249def6b5;p=thirdparty%2Fkernel%2Fstable-queue.git 4.7-stable patches added patches: crypto-caam-defer-aead_set_sh_desc-in-case-of-zero-authsize.patch crypto-caam-fix-echainiv-authenc-encrypt-shared-descriptor.patch crypto-caam-fix-non-hmac-hashes.patch genirq-msi-make-sure-pci-msis-are-activated-early.patch genirq-msi-remove-unused-msi_flag_identity_map.patch --- diff --git a/queue-4.7/crypto-caam-defer-aead_set_sh_desc-in-case-of-zero-authsize.patch b/queue-4.7/crypto-caam-defer-aead_set_sh_desc-in-case-of-zero-authsize.patch new file mode 100644 index 00000000000..35f2f79632d --- /dev/null +++ b/queue-4.7/crypto-caam-defer-aead_set_sh_desc-in-case-of-zero-authsize.patch @@ -0,0 +1,43 @@ +From 2fdea258fde036a87d3396ec9c0ef66f10768530 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Horia=20Geant=C4=83?= +Date: Thu, 4 Aug 2016 20:02:47 +0300 +Subject: crypto: caam - defer aead_set_sh_desc in case of zero authsize +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Horia Geantă + +commit 2fdea258fde036a87d3396ec9c0ef66f10768530 upstream. + +To be able to generate shared descriptors for AEAD, the authentication size +needs to be known. However, there is no imposed order of calling .setkey, +.setauthsize callbacks. + +Thus, in case authentication size is not known at .setkey time, defer it +until .setauthsize is called. + +The authsize != 0 check was incorrectly removed when converting the driver +to the new AEAD interface. + +Fixes: 479bcc7c5b9e ("crypto: caam - Convert authenc to new AEAD interface") +Signed-off-by: Horia Geantă +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/caam/caamalg.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/drivers/crypto/caam/caamalg.c ++++ b/drivers/crypto/caam/caamalg.c +@@ -441,6 +441,9 @@ static int aead_set_sh_desc(struct crypt + OP_ALG_AAI_CTR_MOD128); + const bool is_rfc3686 = alg->caam.rfc3686; + ++ if (!ctx->authsize) ++ return 0; ++ + /* NULL encryption / decryption */ + if (!ctx->enckeylen) + return aead_null_set_sh_desc(aead); diff --git a/queue-4.7/crypto-caam-fix-echainiv-authenc-encrypt-shared-descriptor.patch b/queue-4.7/crypto-caam-fix-echainiv-authenc-encrypt-shared-descriptor.patch new file mode 100644 index 00000000000..05bfe0dde03 --- /dev/null +++ b/queue-4.7/crypto-caam-fix-echainiv-authenc-encrypt-shared-descriptor.patch @@ -0,0 +1,79 @@ +From 1d2d87e81ea21f64c19b95ef228b865a6880e17e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Horia=20Geant=C4=83?= +Date: Thu, 4 Aug 2016 20:02:46 +0300 +Subject: crypto: caam - fix echainiv(authenc) encrypt shared descriptor +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Horia Geantă + +commit 1d2d87e81ea21f64c19b95ef228b865a6880e17e upstream. + +There are a few things missed by the conversion to the +new AEAD interface: + +1 - echainiv(authenc) encrypt shared descriptor + +The shared descriptor is incorrect: due to the order of operations, +at some point in time MATH3 register is being overwritten. + +2 - buffer used for echainiv(authenc) encrypt shared descriptor + +Encrypt and givencrypt shared descriptors (for AEAD ops) are mutually +exclusive and thus use the same buffer in context state: sh_desc_enc. + +However, there's one place missed by s/sh_desc_givenc/sh_desc_enc, +leading to errors when echainiv(authenc(...)) algorithms are used: +DECO: desc idx 14: Header Error. Invalid length or parity, or +certain other problems. + +While here, also fix a typo: dma_mapping_error() is checking +for validity of sh_desc_givenc_dma instead of sh_desc_enc_dma. + +Fixes: 479bcc7c5b9e ("crypto: caam - Convert authenc to new AEAD interface") +Signed-off-by: Horia Geantă +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/caam/caamalg.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +--- a/drivers/crypto/caam/caamalg.c ++++ b/drivers/crypto/caam/caamalg.c +@@ -614,7 +614,7 @@ skip_enc: + keys_fit_inline = true; + + /* aead_givencrypt shared descriptor */ +- desc = ctx->sh_desc_givenc; ++ desc = ctx->sh_desc_enc; + + /* Note: Context registers are saved. */ + init_sh_desc_key_aead(desc, ctx, keys_fit_inline, is_rfc3686); +@@ -645,13 +645,13 @@ copy_iv: + append_operation(desc, ctx->class2_alg_type | + OP_ALG_AS_INITFINAL | OP_ALG_ENCRYPT); + +- /* ivsize + cryptlen = seqoutlen - authsize */ +- append_math_sub_imm_u32(desc, REG3, SEQOUTLEN, IMM, ctx->authsize); +- + /* Read and write assoclen bytes */ + append_math_add(desc, VARSEQINLEN, ZERO, REG3, CAAM_CMD_SZ); + append_math_add(desc, VARSEQOUTLEN, ZERO, REG3, CAAM_CMD_SZ); + ++ /* ivsize + cryptlen = seqoutlen - authsize */ ++ append_math_sub_imm_u32(desc, REG3, SEQOUTLEN, IMM, ctx->authsize); ++ + /* Skip assoc data */ + append_seq_fifo_store(desc, 0, FIFOST_TYPE_SKIP | FIFOLDST_VLF); + +@@ -697,7 +697,7 @@ copy_iv: + ctx->sh_desc_enc_dma = dma_map_single(jrdev, desc, + desc_bytes(desc), + DMA_TO_DEVICE); +- if (dma_mapping_error(jrdev, ctx->sh_desc_givenc_dma)) { ++ if (dma_mapping_error(jrdev, ctx->sh_desc_enc_dma)) { + dev_err(jrdev, "unable to map shared descriptor\n"); + return -ENOMEM; + } diff --git a/queue-4.7/crypto-caam-fix-non-hmac-hashes.patch b/queue-4.7/crypto-caam-fix-non-hmac-hashes.patch new file mode 100644 index 00000000000..fe444a2cda7 --- /dev/null +++ b/queue-4.7/crypto-caam-fix-non-hmac-hashes.patch @@ -0,0 +1,36 @@ +From a0118c8b2be9297aed8e915c60b4013326b256d4 Mon Sep 17 00:00:00 2001 +From: Russell King +Date: Tue, 9 Aug 2016 08:27:17 +0100 +Subject: crypto: caam - fix non-hmac hashes + +From: Russell King + +commit a0118c8b2be9297aed8e915c60b4013326b256d4 upstream. + +Since 6de62f15b581 ("crypto: algif_hash - Require setkey before +accept(2)"), the AF_ALG interface requires userspace to provide a key +to any algorithm that has a setkey method. However, the non-HMAC +algorithms are not keyed, so setting a key is unnecessary. + +Fix this by removing the setkey method from the non-keyed hash +algorithms. + +Fixes: 6de62f15b581 ("crypto: algif_hash - Require setkey before accept(2)") +Signed-off-by: Russell King +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/caam/caamhash.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/crypto/caam/caamhash.c ++++ b/drivers/crypto/caam/caamhash.c +@@ -1897,6 +1897,7 @@ caam_hash_alloc(struct caam_hash_templat + template->name); + snprintf(alg->cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s", + template->driver_name); ++ t_alg->ahash_alg.setkey = NULL; + } + alg->cra_module = THIS_MODULE; + alg->cra_init = caam_hash_cra_init; diff --git a/queue-4.7/genirq-msi-make-sure-pci-msis-are-activated-early.patch b/queue-4.7/genirq-msi-make-sure-pci-msis-are-activated-early.patch new file mode 100644 index 00000000000..5694e0bfb39 --- /dev/null +++ b/queue-4.7/genirq-msi-make-sure-pci-msis-are-activated-early.patch @@ -0,0 +1,101 @@ +From f3b0946d629c8bfbd3e5f038e30cb9c711a35f10 Mon Sep 17 00:00:00 2001 +From: Marc Zyngier +Date: Wed, 13 Jul 2016 17:18:33 +0100 +Subject: genirq/msi: Make sure PCI MSIs are activated early + +From: Marc Zyngier + +commit f3b0946d629c8bfbd3e5f038e30cb9c711a35f10 upstream. + +Bharat Kumar Gogada reported issues with the generic MSI code, where the +end-point ended up with garbage in its MSI configuration (both for the vector +and the message). + +It turns out that the two MSI paths in the kernel are doing slightly different +things: + +generic MSI: disable MSI -> allocate MSI -> enable MSI -> setup EP +PCI MSI: disable MSI -> allocate MSI -> setup EP -> enable MSI + +And it turns out that end-points are allowed to latch the content of the MSI +configuration registers as soon as MSIs are enabled. In Bharat's case, the +end-point ends up using whatever was there already, which is not what you +want. + +In order to make things converge, we introduce a new MSI domain flag +(MSI_FLAG_ACTIVATE_EARLY) that is unconditionally set for PCI/MSI. When set, +this flag forces the programming of the end-point as soon as the MSIs are +allocated. + +A consequence of this is that we have an extra activate in irq_startup, but +that should be without much consequence. + +tglx: + + - Several people reported a VMWare regression with PCI/MSI-X passthrough. It + turns out that the patch also cures that issue. + + - We need to have a look at the MSI disable interrupt path, where we write + the msg to all zeros without disabling MSI in the PCI device. Is that + correct? + +Fixes: 52f518a3a7c2 "x86/MSI: Use hierarchical irqdomains to manage MSI interrupts" +Reported-and-tested-by: Bharat Kumar Gogada +Reported-and-tested-by: Foster Snowhill +Reported-by: Matthias Prager +Reported-by: Jason Taylor +Signed-off-by: Marc Zyngier +Acked-by: Bjorn Helgaas +Cc: linux-pci@vger.kernel.org +Link: http://lkml.kernel.org/r/1468426713-31431-1-git-send-email-marc.zyngier@arm.com +Signed-off-by: Thomas Gleixner +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/pci/msi.c | 2 ++ + include/linux/msi.h | 2 ++ + kernel/irq/msi.c | 11 +++++++++++ + 3 files changed, 15 insertions(+) + +--- a/drivers/pci/msi.c ++++ b/drivers/pci/msi.c +@@ -1277,6 +1277,8 @@ struct irq_domain *pci_msi_create_irq_do + if (info->flags & MSI_FLAG_USE_DEF_CHIP_OPS) + pci_msi_domain_update_chip_ops(info); + ++ info->flags |= MSI_FLAG_ACTIVATE_EARLY; ++ + domain = msi_create_irq_domain(fwnode, info, parent); + if (!domain) + return NULL; +--- a/include/linux/msi.h ++++ b/include/linux/msi.h +@@ -268,6 +268,8 @@ enum { + MSI_FLAG_MULTI_PCI_MSI = (1 << 2), + /* Support PCI MSIX interrupts */ + MSI_FLAG_PCI_MSIX = (1 << 3), ++ /* Needs early activate, required for PCI */ ++ MSI_FLAG_ACTIVATE_EARLY = (1 << 4), + }; + + int msi_domain_set_affinity(struct irq_data *data, const struct cpumask *mask, +--- a/kernel/irq/msi.c ++++ b/kernel/irq/msi.c +@@ -357,6 +357,17 @@ int msi_domain_alloc_irqs(struct irq_dom + else + dev_dbg(dev, "irq [%d-%d] for MSI\n", + virq, virq + desc->nvec_used - 1); ++ /* ++ * This flag is set by the PCI layer as we need to activate ++ * the MSI entries before the PCI layer enables MSI in the ++ * card. Otherwise the card latches a random msi message. ++ */ ++ if (info->flags & MSI_FLAG_ACTIVATE_EARLY) { ++ struct irq_data *irq_data; ++ ++ irq_data = irq_domain_get_irq_data(domain, desc->irq); ++ irq_domain_activate_irq(irq_data); ++ } + } + + return 0; diff --git a/queue-4.7/genirq-msi-remove-unused-msi_flag_identity_map.patch b/queue-4.7/genirq-msi-remove-unused-msi_flag_identity_map.patch new file mode 100644 index 00000000000..9afcc288c7c --- /dev/null +++ b/queue-4.7/genirq-msi-remove-unused-msi_flag_identity_map.patch @@ -0,0 +1,70 @@ +From b6140914fd079e43ea75a53429b47128584f033a Mon Sep 17 00:00:00 2001 +From: Thomas Gleixner +Date: Mon, 4 Jul 2016 17:39:22 +0900 +Subject: genirq/msi: Remove unused MSI_FLAG_IDENTITY_MAP + +From: Thomas Gleixner + +commit b6140914fd079e43ea75a53429b47128584f033a upstream. + +No user and we definitely don't want to grow one. + +Signed-off-by: Thomas Gleixner +Reviewed-by: Bart Van Assche +Cc: Christoph Hellwig +Cc: linux-block@vger.kernel.org +Cc: linux-pci@vger.kernel.org +Cc: linux-nvme@lists.infradead.org +Cc: axboe@fb.com +Cc: agordeev@redhat.com +Link: http://lkml.kernel.org/r/1467621574-8277-2-git-send-email-hch@lst.de +Signed-off-by: Thomas Gleixner +Signed-off-by: Greg Kroah-Hartman + +--- + include/linux/msi.h | 6 ++---- + kernel/irq/msi.c | 8 ++------ + 2 files changed, 4 insertions(+), 10 deletions(-) + +--- a/include/linux/msi.h ++++ b/include/linux/msi.h +@@ -264,12 +264,10 @@ enum { + * callbacks. + */ + MSI_FLAG_USE_DEF_CHIP_OPS = (1 << 1), +- /* Build identity map between hwirq and irq */ +- MSI_FLAG_IDENTITY_MAP = (1 << 2), + /* Support multiple PCI MSI interrupts */ +- MSI_FLAG_MULTI_PCI_MSI = (1 << 3), ++ MSI_FLAG_MULTI_PCI_MSI = (1 << 2), + /* Support PCI MSIX interrupts */ +- MSI_FLAG_PCI_MSIX = (1 << 4), ++ MSI_FLAG_PCI_MSIX = (1 << 3), + }; + + int msi_domain_set_affinity(struct irq_data *data, const struct cpumask *mask, +--- a/kernel/irq/msi.c ++++ b/kernel/irq/msi.c +@@ -324,7 +324,7 @@ int msi_domain_alloc_irqs(struct irq_dom + struct msi_domain_ops *ops = info->ops; + msi_alloc_info_t arg; + struct msi_desc *desc; +- int i, ret, virq = -1; ++ int i, ret, virq; + + ret = msi_domain_prepare_irqs(domain, dev, nvec, &arg); + if (ret) +@@ -332,12 +332,8 @@ int msi_domain_alloc_irqs(struct irq_dom + + for_each_msi_entry(desc, dev) { + ops->set_desc(&arg, desc); +- if (info->flags & MSI_FLAG_IDENTITY_MAP) +- virq = (int)ops->get_hwirq(info, &arg); +- else +- virq = -1; + +- virq = __irq_domain_alloc_irqs(domain, virq, desc->nvec_used, ++ virq = __irq_domain_alloc_irqs(domain, -1, desc->nvec_used, + dev_to_node(dev), &arg, false); + if (virq < 0) { + ret = -ENOSPC; diff --git a/queue-4.7/series b/queue-4.7/series index 6b45eb1422c..9fbbec2c23f 100644 --- a/queue-4.7/series +++ b/queue-4.7/series @@ -19,3 +19,8 @@ libnvdimm-nd_blk-mask-off-reserved-status-bits.patch acpi-cppc-return-error-if-_cpc-is-invalid-on-a-cpu.patch acpi-cppc-prevent-cpc_desc_ptr-points-to-the-invalid-data.patch um-don-t-discard-.text.exit-section.patch +genirq-msi-remove-unused-msi_flag_identity_map.patch +genirq-msi-make-sure-pci-msis-are-activated-early.patch +crypto-caam-fix-non-hmac-hashes.patch +crypto-caam-fix-echainiv-authenc-encrypt-shared-descriptor.patch +crypto-caam-defer-aead_set_sh_desc-in-case-of-zero-authsize.patch