From: Greg Kroah-Hartman Date: Sat, 8 Feb 2020 16:40:01 +0000 (+0100) Subject: 4.9-stable patches X-Git-Tag: v4.19.103~76 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7f29fe28f2f866f2254c8b0b6c01196f2ab070fd;p=thirdparty%2Fkernel%2Fstable-queue.git 4.9-stable patches added patches: crypto-api-fix-race-condition-in-crypto_spawn_alg.patch crypto-atmel-aes-fix-counter-overflow-in-ctr-mode.patch crypto-pcrypt-do-not-clear-may_sleep-flag-in-original-request.patch crypto-picoxcell-adjust-the-position-of-tasklet_init-and-fix-missed-tasklet_kill.patch --- diff --git a/queue-4.9/crypto-api-fix-race-condition-in-crypto_spawn_alg.patch b/queue-4.9/crypto-api-fix-race-condition-in-crypto_spawn_alg.patch new file mode 100644 index 00000000000..c2dfb33c1d9 --- /dev/null +++ b/queue-4.9/crypto-api-fix-race-condition-in-crypto_spawn_alg.patch @@ -0,0 +1,82 @@ +From 73669cc556462f4e50376538d77ee312142e8a8a Mon Sep 17 00:00:00 2001 +From: Herbert Xu +Date: Sat, 7 Dec 2019 22:15:15 +0800 +Subject: crypto: api - Fix race condition in crypto_spawn_alg + +From: Herbert Xu + +commit 73669cc556462f4e50376538d77ee312142e8a8a upstream. + +The function crypto_spawn_alg is racy because it drops the lock +before shooting the dying algorithm. The algorithm could disappear +altogether before we shoot it. + +This patch fixes it by moving the shooting into the locked section. + +Fixes: 6bfd48096ff8 ("[CRYPTO] api: Added spawns") +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/algapi.c | 16 +++++----------- + crypto/api.c | 3 +-- + crypto/internal.h | 1 - + 3 files changed, 6 insertions(+), 14 deletions(-) + +--- a/crypto/algapi.c ++++ b/crypto/algapi.c +@@ -662,22 +662,16 @@ EXPORT_SYMBOL_GPL(crypto_drop_spawn); + static struct crypto_alg *crypto_spawn_alg(struct crypto_spawn *spawn) + { + struct crypto_alg *alg; +- struct crypto_alg *alg2; + + down_read(&crypto_alg_sem); + alg = spawn->alg; +- alg2 = alg; +- if (alg2) +- alg2 = crypto_mod_get(alg2); +- up_read(&crypto_alg_sem); +- +- if (!alg2) { +- if (alg) +- crypto_shoot_alg(alg); +- return ERR_PTR(-EAGAIN); ++ if (alg && !crypto_mod_get(alg)) { ++ alg->cra_flags |= CRYPTO_ALG_DYING; ++ alg = NULL; + } ++ up_read(&crypto_alg_sem); + +- return alg; ++ return alg ?: ERR_PTR(-EAGAIN); + } + + struct crypto_tfm *crypto_spawn_tfm(struct crypto_spawn *spawn, u32 type, +--- a/crypto/api.c ++++ b/crypto/api.c +@@ -355,13 +355,12 @@ static unsigned int crypto_ctxsize(struc + return len; + } + +-void crypto_shoot_alg(struct crypto_alg *alg) ++static void crypto_shoot_alg(struct crypto_alg *alg) + { + down_write(&crypto_alg_sem); + alg->cra_flags |= CRYPTO_ALG_DYING; + up_write(&crypto_alg_sem); + } +-EXPORT_SYMBOL_GPL(crypto_shoot_alg); + + struct crypto_tfm *__crypto_alloc_tfm(struct crypto_alg *alg, u32 type, + u32 mask) +--- a/crypto/internal.h ++++ b/crypto/internal.h +@@ -87,7 +87,6 @@ void crypto_alg_tested(const char *name, + void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list, + struct crypto_alg *nalg); + void crypto_remove_final(struct list_head *list); +-void crypto_shoot_alg(struct crypto_alg *alg); + struct crypto_tfm *__crypto_alloc_tfm(struct crypto_alg *alg, u32 type, + u32 mask); + void *crypto_create_tfm(struct crypto_alg *alg, diff --git a/queue-4.9/crypto-atmel-aes-fix-counter-overflow-in-ctr-mode.patch b/queue-4.9/crypto-atmel-aes-fix-counter-overflow-in-ctr-mode.patch new file mode 100644 index 00000000000..c0585523390 --- /dev/null +++ b/queue-4.9/crypto-atmel-aes-fix-counter-overflow-in-ctr-mode.patch @@ -0,0 +1,103 @@ +From 781a08d9740afa73357f1a60d45d7c93d7cca2dd Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus +Date: Thu, 5 Dec 2019 09:54:01 +0000 +Subject: crypto: atmel-aes - Fix counter overflow in CTR mode + +From: Tudor Ambarus + +commit 781a08d9740afa73357f1a60d45d7c93d7cca2dd upstream. + +32 bit counter is not supported by neither of our AES IPs, all implement +a 16 bit block counter. Drop the 32 bit block counter logic. + +Fixes: fcac83656a3e ("crypto: atmel-aes - fix the counter overflow in CTR mode") +Signed-off-by: Tudor Ambarus +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/atmel-aes.c | 37 ++++++++++++------------------------- + 1 file changed, 12 insertions(+), 25 deletions(-) + +--- a/drivers/crypto/atmel-aes.c ++++ b/drivers/crypto/atmel-aes.c +@@ -87,7 +87,6 @@ + struct atmel_aes_caps { + bool has_dualbuff; + bool has_cfb64; +- bool has_ctr32; + bool has_gcm; + u32 max_burst_size; + }; +@@ -923,8 +922,9 @@ static int atmel_aes_ctr_transfer(struct + struct atmel_aes_ctr_ctx *ctx = atmel_aes_ctr_ctx_cast(dd->ctx); + struct ablkcipher_request *req = ablkcipher_request_cast(dd->areq); + struct scatterlist *src, *dst; +- u32 ctr, blocks; + size_t datalen; ++ u32 ctr; ++ u16 blocks, start, end; + bool use_dma, fragmented = false; + + /* Check for transfer completion. */ +@@ -936,27 +936,17 @@ static int atmel_aes_ctr_transfer(struct + datalen = req->nbytes - ctx->offset; + blocks = DIV_ROUND_UP(datalen, AES_BLOCK_SIZE); + ctr = be32_to_cpu(ctx->iv[3]); +- if (dd->caps.has_ctr32) { +- /* Check 32bit counter overflow. */ +- u32 start = ctr; +- u32 end = start + blocks - 1; +- +- if (end < start) { +- ctr |= 0xffffffff; +- datalen = AES_BLOCK_SIZE * -start; +- fragmented = true; +- } +- } else { +- /* Check 16bit counter overflow. */ +- u16 start = ctr & 0xffff; +- u16 end = start + (u16)blocks - 1; +- +- if (blocks >> 16 || end < start) { +- ctr |= 0xffff; +- datalen = AES_BLOCK_SIZE * (0x10000-start); +- fragmented = true; +- } ++ ++ /* Check 16bit counter overflow. */ ++ start = ctr & 0xffff; ++ end = start + blocks - 1; ++ ++ if (blocks >> 16 || end < start) { ++ ctr |= 0xffff; ++ datalen = AES_BLOCK_SIZE * (0x10000 - start); ++ fragmented = true; + } ++ + use_dma = (datalen >= ATMEL_AES_DMA_THRESHOLD); + + /* Jump to offset. */ +@@ -1926,7 +1916,6 @@ static void atmel_aes_get_cap(struct atm + { + dd->caps.has_dualbuff = 0; + dd->caps.has_cfb64 = 0; +- dd->caps.has_ctr32 = 0; + dd->caps.has_gcm = 0; + dd->caps.max_burst_size = 1; + +@@ -1935,14 +1924,12 @@ static void atmel_aes_get_cap(struct atm + case 0x500: + dd->caps.has_dualbuff = 1; + dd->caps.has_cfb64 = 1; +- dd->caps.has_ctr32 = 1; + dd->caps.has_gcm = 1; + dd->caps.max_burst_size = 4; + break; + case 0x200: + dd->caps.has_dualbuff = 1; + dd->caps.has_cfb64 = 1; +- dd->caps.has_ctr32 = 1; + dd->caps.has_gcm = 1; + dd->caps.max_burst_size = 4; + break; diff --git a/queue-4.9/crypto-pcrypt-do-not-clear-may_sleep-flag-in-original-request.patch b/queue-4.9/crypto-pcrypt-do-not-clear-may_sleep-flag-in-original-request.patch new file mode 100644 index 00000000000..44b907eb0b3 --- /dev/null +++ b/queue-4.9/crypto-pcrypt-do-not-clear-may_sleep-flag-in-original-request.patch @@ -0,0 +1,33 @@ +From e8d998264bffade3cfe0536559f712ab9058d654 Mon Sep 17 00:00:00 2001 +From: Herbert Xu +Date: Fri, 29 Nov 2019 16:40:24 +0800 +Subject: crypto: pcrypt - Do not clear MAY_SLEEP flag in original request + +From: Herbert Xu + +commit e8d998264bffade3cfe0536559f712ab9058d654 upstream. + +We should not be modifying the original request's MAY_SLEEP flag +upon completion. It makes no sense to do so anyway. + +Reported-by: Eric Biggers +Fixes: 5068c7a883d1 ("crypto: pcrypt - Add pcrypt crypto...") +Signed-off-by: Herbert Xu +Tested-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/pcrypt.c | 1 - + 1 file changed, 1 deletion(-) + +--- a/crypto/pcrypt.c ++++ b/crypto/pcrypt.c +@@ -130,7 +130,6 @@ static void pcrypt_aead_done(struct cryp + struct padata_priv *padata = pcrypt_request_padata(preq); + + padata->info = err; +- req->base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; + + padata_do_serial(padata); + } diff --git a/queue-4.9/crypto-picoxcell-adjust-the-position-of-tasklet_init-and-fix-missed-tasklet_kill.patch b/queue-4.9/crypto-picoxcell-adjust-the-position-of-tasklet_init-and-fix-missed-tasklet_kill.patch new file mode 100644 index 00000000000..e9b73f07781 --- /dev/null +++ b/queue-4.9/crypto-picoxcell-adjust-the-position-of-tasklet_init-and-fix-missed-tasklet_kill.patch @@ -0,0 +1,62 @@ +From 7f8c36fe9be46862c4f3c5302f769378028a34fa Mon Sep 17 00:00:00 2001 +From: Chuhong Yuan +Date: Tue, 10 Dec 2019 00:21:44 +0800 +Subject: crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill + +From: Chuhong Yuan + +commit 7f8c36fe9be46862c4f3c5302f769378028a34fa upstream. + +Since tasklet is needed to be initialized before registering IRQ +handler, adjust the position of tasklet_init to fix the wrong order. + +Besides, to fix the missed tasklet_kill, this patch adds a helper +function and uses devm_add_action to kill the tasklet automatically. + +Fixes: ce92136843cb ("crypto: picoxcell - add support for the picoxcell crypto engines") +Signed-off-by: Chuhong Yuan +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/picoxcell_crypto.c | 15 +++++++++++++-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +--- a/drivers/crypto/picoxcell_crypto.c ++++ b/drivers/crypto/picoxcell_crypto.c +@@ -1632,6 +1632,11 @@ static bool spacc_is_compatible(struct p + return false; + } + ++static void spacc_tasklet_kill(void *data) ++{ ++ tasklet_kill(data); ++} ++ + static int spacc_probe(struct platform_device *pdev) + { + int i, err, ret = -EINVAL; +@@ -1674,6 +1679,14 @@ static int spacc_probe(struct platform_d + return -ENXIO; + } + ++ tasklet_init(&engine->complete, spacc_spacc_complete, ++ (unsigned long)engine); ++ ++ ret = devm_add_action(&pdev->dev, spacc_tasklet_kill, ++ &engine->complete); ++ if (ret) ++ return ret; ++ + if (devm_request_irq(&pdev->dev, irq->start, spacc_spacc_irq, 0, + engine->name, engine)) { + dev_err(engine->dev, "failed to request IRQ\n"); +@@ -1736,8 +1749,6 @@ static int spacc_probe(struct platform_d + INIT_LIST_HEAD(&engine->completed); + INIT_LIST_HEAD(&engine->in_progress); + engine->in_flight = 0; +- tasklet_init(&engine->complete, spacc_spacc_complete, +- (unsigned long)engine); + + platform_set_drvdata(pdev, engine); + diff --git a/queue-4.9/series b/queue-4.9/series index f33a553c108..93614c373cd 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -33,3 +33,7 @@ power-supply-ltc2941-battery-gauge-fix-use-after-free.patch of-add-of_dma_default_coherent-select-it-on-powerpc.patch dm-space-map-common-fix-to-ensure-new-block-isn-t-already-in-use.patch padata-remove-broken-queue-flushing.patch +crypto-pcrypt-do-not-clear-may_sleep-flag-in-original-request.patch +crypto-atmel-aes-fix-counter-overflow-in-ctr-mode.patch +crypto-api-fix-race-condition-in-crypto_spawn_alg.patch +crypto-picoxcell-adjust-the-position-of-tasklet_init-and-fix-missed-tasklet_kill.patch