From: Greg Kroah-Hartman Date: Sat, 8 Feb 2020 16:40:18 +0000 (+0100) Subject: 4.14-stable patches X-Git-Tag: v4.19.103~75 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=150bcdb385efec88b50afce72ad9b6f9e255670b;p=thirdparty%2Fkernel%2Fstable-queue.git 4.14-stable patches added patches: crypto-api-fix-race-condition-in-crypto_spawn_alg.patch crypto-atmel-aes-fix-counter-overflow-in-ctr-mode.patch crypto-ccp-set-max-rsa-modulus-size-for-v3-platform-devices-as-well.patch crypto-pcrypt-do-not-clear-may_sleep-flag-in-original-request.patch crypto-picoxcell-adjust-the-position-of-tasklet_init-and-fix-missed-tasklet_kill.patch samples-bpf-don-t-try-to-remove-user-s-homedir-on-clean.patch --- diff --git a/queue-4.14/crypto-api-fix-race-condition-in-crypto_spawn_alg.patch b/queue-4.14/crypto-api-fix-race-condition-in-crypto_spawn_alg.patch new file mode 100644 index 00000000000..7e9a256b8d6 --- /dev/null +++ b/queue-4.14/crypto-api-fix-race-condition-in-crypto_spawn_alg.patch @@ -0,0 +1,82 @@ +From 73669cc556462f4e50376538d77ee312142e8a8a Mon Sep 17 00:00:00 2001 +From: Herbert Xu +Date: Sat, 7 Dec 2019 22:15:15 +0800 +Subject: crypto: api - Fix race condition in crypto_spawn_alg + +From: Herbert Xu + +commit 73669cc556462f4e50376538d77ee312142e8a8a upstream. + +The function crypto_spawn_alg is racy because it drops the lock +before shooting the dying algorithm. The algorithm could disappear +altogether before we shoot it. + +This patch fixes it by moving the shooting into the locked section. + +Fixes: 6bfd48096ff8 ("[CRYPTO] api: Added spawns") +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/algapi.c | 16 +++++----------- + crypto/api.c | 3 +-- + crypto/internal.h | 1 - + 3 files changed, 6 insertions(+), 14 deletions(-) + +--- a/crypto/algapi.c ++++ b/crypto/algapi.c +@@ -662,22 +662,16 @@ EXPORT_SYMBOL_GPL(crypto_drop_spawn); + static struct crypto_alg *crypto_spawn_alg(struct crypto_spawn *spawn) + { + struct crypto_alg *alg; +- struct crypto_alg *alg2; + + down_read(&crypto_alg_sem); + alg = spawn->alg; +- alg2 = alg; +- if (alg2) +- alg2 = crypto_mod_get(alg2); +- up_read(&crypto_alg_sem); +- +- if (!alg2) { +- if (alg) +- crypto_shoot_alg(alg); +- return ERR_PTR(-EAGAIN); ++ if (alg && !crypto_mod_get(alg)) { ++ alg->cra_flags |= CRYPTO_ALG_DYING; ++ alg = NULL; + } ++ up_read(&crypto_alg_sem); + +- return alg; ++ return alg ?: ERR_PTR(-EAGAIN); + } + + struct crypto_tfm *crypto_spawn_tfm(struct crypto_spawn *spawn, u32 type, +--- a/crypto/api.c ++++ b/crypto/api.c +@@ -339,13 +339,12 @@ static unsigned int crypto_ctxsize(struc + return len; + } + +-void crypto_shoot_alg(struct crypto_alg *alg) ++static void crypto_shoot_alg(struct crypto_alg *alg) + { + down_write(&crypto_alg_sem); + alg->cra_flags |= CRYPTO_ALG_DYING; + up_write(&crypto_alg_sem); + } +-EXPORT_SYMBOL_GPL(crypto_shoot_alg); + + struct crypto_tfm *__crypto_alloc_tfm(struct crypto_alg *alg, u32 type, + u32 mask) +--- a/crypto/internal.h ++++ b/crypto/internal.h +@@ -84,7 +84,6 @@ void crypto_alg_tested(const char *name, + void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list, + struct crypto_alg *nalg); + void crypto_remove_final(struct list_head *list); +-void crypto_shoot_alg(struct crypto_alg *alg); + struct crypto_tfm *__crypto_alloc_tfm(struct crypto_alg *alg, u32 type, + u32 mask); + void *crypto_create_tfm(struct crypto_alg *alg, diff --git a/queue-4.14/crypto-atmel-aes-fix-counter-overflow-in-ctr-mode.patch b/queue-4.14/crypto-atmel-aes-fix-counter-overflow-in-ctr-mode.patch new file mode 100644 index 00000000000..bb9b546a825 --- /dev/null +++ b/queue-4.14/crypto-atmel-aes-fix-counter-overflow-in-ctr-mode.patch @@ -0,0 +1,104 @@ +From 781a08d9740afa73357f1a60d45d7c93d7cca2dd Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Thu, 5 Dec 2019 09:54:01 +0000 +Subject: crypto: atmel-aes - Fix counter overflow in CTR mode + +From: Tudor Ambarus + +commit 781a08d9740afa73357f1a60d45d7c93d7cca2dd upstream. + +32 bit counter is not supported by neither of our AES IPs, all implement +a 16 bit block counter. Drop the 32 bit block counter logic. + +Fixes: fcac83656a3e ("crypto: atmel-aes - fix the counter overflow in CTR mode") +Signed-off-by: Tudor Ambarus +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/atmel-aes.c | 37 ++++++++++++------------------------- + 1 file changed, 12 insertions(+), 25 deletions(-) + +--- a/drivers/crypto/atmel-aes.c ++++ b/drivers/crypto/atmel-aes.c +@@ -91,7 +91,6 @@ + struct atmel_aes_caps { + bool has_dualbuff; + bool has_cfb64; +- bool has_ctr32; + bool has_gcm; + bool has_xts; + bool has_authenc; +@@ -990,8 +989,9 @@ static int atmel_aes_ctr_transfer(struct + struct atmel_aes_ctr_ctx *ctx = atmel_aes_ctr_ctx_cast(dd->ctx); + struct ablkcipher_request *req = ablkcipher_request_cast(dd->areq); + struct scatterlist *src, *dst; +- u32 ctr, blocks; + size_t datalen; ++ u32 ctr; ++ u16 blocks, start, end; + bool use_dma, fragmented = false; + + /* Check for transfer completion. */ +@@ -1003,27 +1003,17 @@ static int atmel_aes_ctr_transfer(struct + datalen = req->nbytes - ctx->offset; + blocks = DIV_ROUND_UP(datalen, AES_BLOCK_SIZE); + ctr = be32_to_cpu(ctx->iv[3]); +- if (dd->caps.has_ctr32) { +- /* Check 32bit counter overflow. */ +- u32 start = ctr; +- u32 end = start + blocks - 1; +- +- if (end < start) { +- ctr |= 0xffffffff; +- datalen = AES_BLOCK_SIZE * -start; +- fragmented = true; +- } +- } else { +- /* Check 16bit counter overflow. */ +- u16 start = ctr & 0xffff; +- u16 end = start + (u16)blocks - 1; +- +- if (blocks >> 16 || end < start) { +- ctr |= 0xffff; +- datalen = AES_BLOCK_SIZE * (0x10000-start); +- fragmented = true; +- } ++ ++ /* Check 16bit counter overflow. */ ++ start = ctr & 0xffff; ++ end = start + blocks - 1; ++ ++ if (blocks >> 16 || end < start) { ++ ctr |= 0xffff; ++ datalen = AES_BLOCK_SIZE * (0x10000 - start); ++ fragmented = true; + } ++ + use_dma = (datalen >= ATMEL_AES_DMA_THRESHOLD); + + /* Jump to offset. */ +@@ -2536,7 +2526,6 @@ static void atmel_aes_get_cap(struct atm + { + dd->caps.has_dualbuff = 0; + dd->caps.has_cfb64 = 0; +- dd->caps.has_ctr32 = 0; + dd->caps.has_gcm = 0; + dd->caps.has_xts = 0; + dd->caps.has_authenc = 0; +@@ -2547,7 +2536,6 @@ static void atmel_aes_get_cap(struct atm + case 0x500: + dd->caps.has_dualbuff = 1; + dd->caps.has_cfb64 = 1; +- dd->caps.has_ctr32 = 1; + dd->caps.has_gcm = 1; + dd->caps.has_xts = 1; + dd->caps.has_authenc = 1; +@@ -2556,7 +2544,6 @@ static void atmel_aes_get_cap(struct atm + case 0x200: + dd->caps.has_dualbuff = 1; + dd->caps.has_cfb64 = 1; +- dd->caps.has_ctr32 = 1; + dd->caps.has_gcm = 1; + dd->caps.max_burst_size = 4; + break; diff --git a/queue-4.14/crypto-ccp-set-max-rsa-modulus-size-for-v3-platform-devices-as-well.patch b/queue-4.14/crypto-ccp-set-max-rsa-modulus-size-for-v3-platform-devices-as-well.patch new file mode 100644 index 00000000000..539f6baad5a --- /dev/null +++ b/queue-4.14/crypto-ccp-set-max-rsa-modulus-size-for-v3-platform-devices-as-well.patch @@ -0,0 +1,39 @@ +From 11548f5a5747813ff84bed6f2ea01100053b0d8d Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Wed, 27 Nov 2019 13:01:36 +0100 +Subject: crypto: ccp - set max RSA modulus size for v3 platform devices as well + +From: Ard Biesheuvel + +commit 11548f5a5747813ff84bed6f2ea01100053b0d8d upstream. + +AMD Seattle incorporates a non-PCI version of the v3 CCP crypto +accelerator, and this version was left behind when the maximum +RSA modulus size was parameterized in order to support v5 hardware +which supports larger moduli than v3 hardware does. Due to this +oversight, RSA acceleration no longer works at all on these systems. + +Fix this by setting the .rsamax property to the appropriate value +for v3 platform hardware. + +Fixes: e28c190db66830c0 ("csrypto: ccp - Expand RSA support for a v5 ccp") +Cc: Gary R Hook +Signed-off-by: Ard Biesheuvel +Acked-by: Gary R Hook +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/ccp/ccp-dev-v3.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/crypto/ccp/ccp-dev-v3.c ++++ b/drivers/crypto/ccp/ccp-dev-v3.c +@@ -590,6 +590,7 @@ const struct ccp_vdata ccpv3_platform = + .setup = NULL, + .perform = &ccp3_actions, + .offset = 0, ++ .rsamax = CCP_RSA_MAX_WIDTH, + }; + + const struct ccp_vdata ccpv3 = { diff --git a/queue-4.14/crypto-pcrypt-do-not-clear-may_sleep-flag-in-original-request.patch b/queue-4.14/crypto-pcrypt-do-not-clear-may_sleep-flag-in-original-request.patch new file mode 100644 index 00000000000..44b907eb0b3 --- /dev/null +++ b/queue-4.14/crypto-pcrypt-do-not-clear-may_sleep-flag-in-original-request.patch @@ -0,0 +1,33 @@ +From e8d998264bffade3cfe0536559f712ab9058d654 Mon Sep 17 00:00:00 2001 +From: Herbert Xu +Date: Fri, 29 Nov 2019 16:40:24 +0800 +Subject: crypto: pcrypt - Do not clear MAY_SLEEP flag in original request + +From: Herbert Xu + +commit e8d998264bffade3cfe0536559f712ab9058d654 upstream. + +We should not be modifying the original request's MAY_SLEEP flag +upon completion. It makes no sense to do so anyway. + +Reported-by: Eric Biggers +Fixes: 5068c7a883d1 ("crypto: pcrypt - Add pcrypt crypto...") +Signed-off-by: Herbert Xu +Tested-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/pcrypt.c | 1 - + 1 file changed, 1 deletion(-) + +--- a/crypto/pcrypt.c ++++ b/crypto/pcrypt.c +@@ -130,7 +130,6 @@ static void pcrypt_aead_done(struct cryp + struct padata_priv *padata = pcrypt_request_padata(preq); + + padata->info = err; +- req->base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; + + padata_do_serial(padata); + } diff --git a/queue-4.14/crypto-picoxcell-adjust-the-position-of-tasklet_init-and-fix-missed-tasklet_kill.patch b/queue-4.14/crypto-picoxcell-adjust-the-position-of-tasklet_init-and-fix-missed-tasklet_kill.patch new file mode 100644 index 00000000000..b5857ebdeee --- /dev/null +++ b/queue-4.14/crypto-picoxcell-adjust-the-position-of-tasklet_init-and-fix-missed-tasklet_kill.patch @@ -0,0 +1,62 @@ +From 7f8c36fe9be46862c4f3c5302f769378028a34fa Mon Sep 17 00:00:00 2001 +From: Chuhong Yuan +Date: Tue, 10 Dec 2019 00:21:44 +0800 +Subject: crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill + +From: Chuhong Yuan + +commit 7f8c36fe9be46862c4f3c5302f769378028a34fa upstream. + +Since tasklet is needed to be initialized before registering IRQ +handler, adjust the position of tasklet_init to fix the wrong order. + +Besides, to fix the missed tasklet_kill, this patch adds a helper +function and uses devm_add_action to kill the tasklet automatically. + +Fixes: ce92136843cb ("crypto: picoxcell - add support for the picoxcell crypto engines") +Signed-off-by: Chuhong Yuan +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/picoxcell_crypto.c | 15 +++++++++++++-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +--- a/drivers/crypto/picoxcell_crypto.c ++++ b/drivers/crypto/picoxcell_crypto.c +@@ -1616,6 +1616,11 @@ static const struct of_device_id spacc_o + MODULE_DEVICE_TABLE(of, spacc_of_id_table); + #endif /* CONFIG_OF */ + ++static void spacc_tasklet_kill(void *data) ++{ ++ tasklet_kill(data); ++} ++ + static int spacc_probe(struct platform_device *pdev) + { + int i, err, ret = -EINVAL; +@@ -1659,6 +1664,14 @@ static int spacc_probe(struct platform_d + return -ENXIO; + } + ++ tasklet_init(&engine->complete, spacc_spacc_complete, ++ (unsigned long)engine); ++ ++ ret = devm_add_action(&pdev->dev, spacc_tasklet_kill, ++ &engine->complete); ++ if (ret) ++ return ret; ++ + if (devm_request_irq(&pdev->dev, irq->start, spacc_spacc_irq, 0, + engine->name, engine)) { + dev_err(engine->dev, "failed to request IRQ\n"); +@@ -1721,8 +1734,6 @@ static int spacc_probe(struct platform_d + INIT_LIST_HEAD(&engine->completed); + INIT_LIST_HEAD(&engine->in_progress); + engine->in_flight = 0; +- tasklet_init(&engine->complete, spacc_spacc_complete, +- (unsigned long)engine); + + platform_set_drvdata(pdev, engine); + diff --git a/queue-4.14/samples-bpf-don-t-try-to-remove-user-s-homedir-on-clean.patch b/queue-4.14/samples-bpf-don-t-try-to-remove-user-s-homedir-on-clean.patch new file mode 100644 index 00000000000..f1596ba550b --- /dev/null +++ b/queue-4.14/samples-bpf-don-t-try-to-remove-user-s-homedir-on-clean.patch @@ -0,0 +1,44 @@ +From b2e5e93ae8af6a34bca536cdc4b453ab1e707b8b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Toke=20H=C3=B8iland-J=C3=B8rgensen?= +Date: Mon, 20 Jan 2020 14:06:41 +0100 +Subject: samples/bpf: Don't try to remove user's homedir on clean +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Toke Høiland-Jørgensen + +commit b2e5e93ae8af6a34bca536cdc4b453ab1e707b8b upstream. + +The 'clean' rule in the samples/bpf Makefile tries to remove backup +files (ending in ~). However, if no such files exist, it will instead try +to remove the user's home directory. While the attempt is mostly harmless, +it does lead to a somewhat scary warning like this: + +rm: cannot remove '~': Is a directory + +Fix this by using find instead of shell expansion to locate any actual +backup files that need to be removed. + +Fixes: b62a796c109c ("samples/bpf: allow make to be run from samples/bpf/ directory") +Signed-off-by: Toke Høiland-Jørgensen +Signed-off-by: Alexei Starovoitov +Acked-by: Jesper Dangaard Brouer +Link: https://lore.kernel.org/bpf/157952560126.1683545.7273054725976032511.stgit@toke.dk +Signed-off-by: Greg Kroah-Hartman + +--- + samples/bpf/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/samples/bpf/Makefile ++++ b/samples/bpf/Makefile +@@ -184,7 +184,7 @@ all: $(LIBBPF) + + clean: + $(MAKE) -C ../../ M=$(CURDIR) clean +- @rm -f *~ ++ @find $(CURDIR) -type f -name '*~' -delete + + $(LIBBPF): FORCE + $(MAKE) -C $(dir $@) $(notdir $@) diff --git a/queue-4.14/series b/queue-4.14/series index f23160d69c2..f980662d55e 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -59,3 +59,9 @@ tracing-annotate-ftrace_graph_hash-pointer-with-__rc.patch tracing-annotate-ftrace_graph_notrace_hash-pointer-w.patch ftrace-add-comment-to-why-rcu_dereference_sched-is-o.patch ftrace-protect-ftrace_graph_hash-with-ftrace_sync.patch +samples-bpf-don-t-try-to-remove-user-s-homedir-on-clean.patch +crypto-ccp-set-max-rsa-modulus-size-for-v3-platform-devices-as-well.patch +crypto-pcrypt-do-not-clear-may_sleep-flag-in-original-request.patch +crypto-atmel-aes-fix-counter-overflow-in-ctr-mode.patch +crypto-api-fix-race-condition-in-crypto_spawn_alg.patch +crypto-picoxcell-adjust-the-position-of-tasklet_init-and-fix-missed-tasklet_kill.patch