From 8fd91151ebcb21b3f2f2bf158ac6092192550b2b Mon Sep 17 00:00:00 2001 From: Christophe JAILLET Date: Mon, 17 Apr 2023 22:25:09 +0200 Subject: [PATCH 1/3] crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs() SS_ENCRYPTION is (0 << 7 = 0), so the test can never be true. Use a direct comparison to SS_ENCRYPTION instead. The same king of test is already done the same way in sun8i_ss_run_task(). Fixes: 359e893e8af4 ("crypto: sun8i-ss - rework handling of IV") Signed-off-by: Christophe JAILLET Signed-off-by: Herbert Xu --- drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c index 83c6dfad77e1..16966cc94e24 100644 --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c @@ -151,7 +151,7 @@ static int sun8i_ss_setup_ivs(struct skcipher_request *areq) } rctx->p_iv[i] = a; /* we need to setup all others IVs only in the decrypt way */ - if (rctx->op_dir & SS_ENCRYPTION) + if (rctx->op_dir == SS_ENCRYPTION) return 0; todo = min(len, sg_dma_len(sg)); len -= todo; From 4140aafcff167b5b9e8dae6a1709a6de7cac6f74 Mon Sep 17 00:00:00 2001 From: Olivier Bacon Date: Thu, 20 Apr 2023 11:00:35 -0400 Subject: [PATCH 2/3] crypto: engine - fix crypto_queue backlog handling CRYPTO_TFM_REQ_MAY_BACKLOG tells the crypto driver that it should internally backlog requests until the crypto hw's queue becomes full. At that point, crypto_engine backlogs the request and returns -EBUSY. Calling driver such as dm-crypt then waits until the complete() function is called with a status of -EINPROGRESS before sending a new request. The problem lies in the call to complete() with a value of -EINPROGRESS that is made when a backlog item is present on the queue. The call is done before the successful execution of the crypto request. In the case that do_one_request() returns < 0 and the retry support is available, the request is put back in the queue. This leads upper drivers to send a new request even if the queue is still full. The problem can be reproduced by doing a large dd into a crypto dm-crypt device. This is pretty easy to see when using Freescale CAAM crypto driver and SWIOTLB dma. Since the actual amount of requests that can be hold in the queue is unlimited we get IOs error and dma allocation. The fix is to call complete with a value of -EINPROGRESS only if the request is not enqueued back in crypto_queue. This is done by calling complete() later in the code. In order to delay the decision, crypto_queue is modified to correctly set the backlog pointer when a request is enqueued back. Fixes: 6a89f492f8e5 ("crypto: engine - support for parallel requests based on retry mechanism") Co-developed-by: Sylvain Ouellet Signed-off-by: Sylvain Ouellet Signed-off-by: Olivier Bacon Signed-off-by: Herbert Xu --- crypto/algapi.c | 3 +++ crypto/crypto_engine.c | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/crypto/algapi.c b/crypto/algapi.c index d7eb8f9e9883..5e7cd603d489 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -961,6 +961,9 @@ EXPORT_SYMBOL_GPL(crypto_enqueue_request); void crypto_enqueue_request_head(struct crypto_queue *queue, struct crypto_async_request *request) { + if (unlikely(queue->qlen >= queue->max_qlen)) + queue->backlog = queue->backlog->prev; + queue->qlen++; list_add(&request->list, &queue->list); } diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c index 21f791615114..74fcc0897041 100644 --- a/crypto/crypto_engine.c +++ b/crypto/crypto_engine.c @@ -129,9 +129,6 @@ start_request: if (!engine->retry_support) engine->cur_req = async_req; - if (backlog) - crypto_request_complete(backlog, -EINPROGRESS); - if (engine->busy) was_busy = true; else @@ -217,6 +214,9 @@ req_err_2: crypto_request_complete(async_req, ret); retry: + if (backlog) + crypto_request_complete(backlog, -EINPROGRESS); + /* If retry mechanism is supported, send new requests to engine */ if (engine->retry_support) { spin_lock_irqsave(&engine->queue_lock, flags); From b8969a1b69672b163d057e7745ebc915df689211 Mon Sep 17 00:00:00 2001 From: Ondrej Mosnacek Date: Tue, 2 May 2023 10:02:33 +0200 Subject: [PATCH 3/3] crypto: api - Fix CRYPTO_USER checks for report function Checking the config via ifdef incorrectly compiles out the report functions when CRYPTO_USER is set to =m. Fix it by using IS_ENABLED() instead. Fixes: c0f9e01dd266 ("crypto: api - Check CRYPTO_USER instead of NET for report") Signed-off-by: Ondrej Mosnacek Signed-off-by: Herbert Xu --- crypto/acompress.c | 2 +- crypto/aead.c | 2 +- crypto/ahash.c | 2 +- crypto/akcipher.c | 2 +- crypto/kpp.c | 2 +- crypto/rng.c | 2 +- crypto/scompress.c | 2 +- crypto/shash.c | 2 +- crypto/skcipher.c | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/crypto/acompress.c b/crypto/acompress.c index 82a290df2822..1c682810a484 100644 --- a/crypto/acompress.c +++ b/crypto/acompress.c @@ -125,7 +125,7 @@ static const struct crypto_type crypto_acomp_type = { #ifdef CONFIG_PROC_FS .show = crypto_acomp_show, #endif -#ifdef CONFIG_CRYPTO_USER +#if IS_ENABLED(CONFIG_CRYPTO_USER) .report = crypto_acomp_report, #endif #ifdef CONFIG_CRYPTO_STATS diff --git a/crypto/aead.c b/crypto/aead.c index ffc48a7dfb34..d5ba204ebdbf 100644 --- a/crypto/aead.c +++ b/crypto/aead.c @@ -242,7 +242,7 @@ static const struct crypto_type crypto_aead_type = { #ifdef CONFIG_PROC_FS .show = crypto_aead_show, #endif -#ifdef CONFIG_CRYPTO_USER +#if IS_ENABLED(CONFIG_CRYPTO_USER) .report = crypto_aead_report, #endif #ifdef CONFIG_CRYPTO_STATS diff --git a/crypto/ahash.c b/crypto/ahash.c index b8a607928e72..324651040446 100644 --- a/crypto/ahash.c +++ b/crypto/ahash.c @@ -509,7 +509,7 @@ static const struct crypto_type crypto_ahash_type = { #ifdef CONFIG_PROC_FS .show = crypto_ahash_show, #endif -#ifdef CONFIG_CRYPTO_USER +#if IS_ENABLED(CONFIG_CRYPTO_USER) .report = crypto_ahash_report, #endif #ifdef CONFIG_CRYPTO_STATS diff --git a/crypto/akcipher.c b/crypto/akcipher.c index 186e762b509a..7960ceb528c3 100644 --- a/crypto/akcipher.c +++ b/crypto/akcipher.c @@ -98,7 +98,7 @@ static const struct crypto_type crypto_akcipher_type = { #ifdef CONFIG_PROC_FS .show = crypto_akcipher_show, #endif -#ifdef CONFIG_CRYPTO_USER +#if IS_ENABLED(CONFIG_CRYPTO_USER) .report = crypto_akcipher_report, #endif #ifdef CONFIG_CRYPTO_STATS diff --git a/crypto/kpp.c b/crypto/kpp.c index 74f2e8e918fa..33d44e59387f 100644 --- a/crypto/kpp.c +++ b/crypto/kpp.c @@ -96,7 +96,7 @@ static const struct crypto_type crypto_kpp_type = { #ifdef CONFIG_PROC_FS .show = crypto_kpp_show, #endif -#ifdef CONFIG_CRYPTO_USER +#if IS_ENABLED(CONFIG_CRYPTO_USER) .report = crypto_kpp_report, #endif #ifdef CONFIG_CRYPTO_STATS diff --git a/crypto/rng.c b/crypto/rng.c index ffde0f64fb25..279dffdebf59 100644 --- a/crypto/rng.c +++ b/crypto/rng.c @@ -118,7 +118,7 @@ static const struct crypto_type crypto_rng_type = { #ifdef CONFIG_PROC_FS .show = crypto_rng_show, #endif -#ifdef CONFIG_CRYPTO_USER +#if IS_ENABLED(CONFIG_CRYPTO_USER) .report = crypto_rng_report, #endif #ifdef CONFIG_CRYPTO_STATS diff --git a/crypto/scompress.c b/crypto/scompress.c index 24138b42a648..442a82c9de7d 100644 --- a/crypto/scompress.c +++ b/crypto/scompress.c @@ -240,7 +240,7 @@ static const struct crypto_type crypto_scomp_type = { #ifdef CONFIG_PROC_FS .show = crypto_scomp_show, #endif -#ifdef CONFIG_CRYPTO_USER +#if IS_ENABLED(CONFIG_CRYPTO_USER) .report = crypto_scomp_report, #endif #ifdef CONFIG_CRYPTO_STATS diff --git a/crypto/shash.c b/crypto/shash.c index 5845b7d59b2f..717b42df3495 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -548,7 +548,7 @@ static const struct crypto_type crypto_shash_type = { #ifdef CONFIG_PROC_FS .show = crypto_shash_show, #endif -#ifdef CONFIG_CRYPTO_USER +#if IS_ENABLED(CONFIG_CRYPTO_USER) .report = crypto_shash_report, #endif #ifdef CONFIG_CRYPTO_STATS diff --git a/crypto/skcipher.c b/crypto/skcipher.c index 6caca02d7e55..7b275716cf4e 100644 --- a/crypto/skcipher.c +++ b/crypto/skcipher.c @@ -776,7 +776,7 @@ static const struct crypto_type crypto_skcipher_type = { #ifdef CONFIG_PROC_FS .show = crypto_skcipher_show, #endif -#ifdef CONFIG_CRYPTO_USER +#if IS_ENABLED(CONFIG_CRYPTO_USER) .report = crypto_skcipher_report, #endif #ifdef CONFIG_CRYPTO_STATS