diff options
author | Christian Lamparter <chunkeey@gmail.com> | 2020-03-07 16:58:32 +0100 |
---|---|---|
committer | Christian Lamparter <chunkeey@gmail.com> | 2020-03-14 15:17:32 +0100 |
commit | b052b62efc3d49f61eb12d48b16851a48cfb928c (patch) | |
tree | 1a23d3e3707c5e52f42471cbe0bc173eed02ec2f /target/linux/apm821xx/patches-4.14/023-0015-crypto-crypto4xx-block-ciphers-should-only-accept-co.patch | |
parent | 0a06fcf608ddf1f5db389decf266283392344784 (diff) | |
download | upstream-b052b62efc3d49f61eb12d48b16851a48cfb928c.tar.gz upstream-b052b62efc3d49f61eb12d48b16851a48cfb928c.tar.bz2 upstream-b052b62efc3d49f61eb12d48b16851a48cfb928c.zip |
apm821xx: 4.14: remove kernel config and patches
This patch removes the 4.14 kernel support from the apm821xx target.
The 4.19 kernel has been available and stable for a while and the 5.4
kernel support has been tested successfully on real hardware as well.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Diffstat (limited to 'target/linux/apm821xx/patches-4.14/023-0015-crypto-crypto4xx-block-ciphers-should-only-accept-co.patch')
-rw-r--r-- | target/linux/apm821xx/patches-4.14/023-0015-crypto-crypto4xx-block-ciphers-should-only-accept-co.patch | 172 |
1 files changed, 0 insertions, 172 deletions
diff --git a/target/linux/apm821xx/patches-4.14/023-0015-crypto-crypto4xx-block-ciphers-should-only-accept-co.patch b/target/linux/apm821xx/patches-4.14/023-0015-crypto-crypto4xx-block-ciphers-should-only-accept-co.patch deleted file mode 100644 index 324a7406b0..0000000000 --- a/target/linux/apm821xx/patches-4.14/023-0015-crypto-crypto4xx-block-ciphers-should-only-accept-co.patch +++ /dev/null @@ -1,172 +0,0 @@ -From 0f7a81374060828280fcfdfbaa162cb559017f9f Mon Sep 17 00:00:00 2001 -From: Christian Lamparter <chunkeey@gmail.com> -Date: Sat, 18 May 2019 23:28:12 +0200 -Subject: [PATCH 15/15] crypto: crypto4xx - block ciphers should only accept - complete blocks - -The hardware automatically zero pads incomplete block ciphers -blocks without raising any errors. This is a screw-up. This -was noticed by CONFIG_CRYPTO_MANAGER_EXTRA_TESTS tests that -sent a incomplete blocks and expect them to fail. - -This fixes: -cbc-aes-ppc4xx encryption unexpectedly succeeded on test vector -"random: len=2409 klen=32"; expected_error=-22, cfg="random: -may_sleep use_digest src_divs=[96.90%@+2295, 2.34%@+4066, -0.32%@alignmask+12, 0.34%@+4087, 0.9%@alignmask+1787, 0.1%@+3767] -iv_offset=6" - -ecb-aes-ppc4xx encryption unexpectedly succeeded on test vector -"random: len=1011 klen=32"; expected_error=-22, cfg="random: -may_sleep use_digest src_divs=[100.0%@alignmask+20] -dst_divs=[3.12%@+3001, 96.88%@+4070]" - -Cc: Eric Biggers <ebiggers@kernel.org> -Cc: stable@vger.kernel.org [4.19, 5.0 and 5.1] -Signed-off-by: Christian Lamparter <chunkeey@gmail.com> -Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> ---- - drivers/crypto/amcc/crypto4xx_alg.c | 36 +++++++++++++++++++--------- - drivers/crypto/amcc/crypto4xx_core.c | 16 ++++++------- - drivers/crypto/amcc/crypto4xx_core.h | 10 ++++---- - 3 files changed, 39 insertions(+), 23 deletions(-) - ---- a/drivers/crypto/amcc/crypto4xx_alg.c -+++ b/drivers/crypto/amcc/crypto4xx_alg.c -@@ -76,12 +76,16 @@ static void set_dynamic_sa_command_1(str - } - - static inline int crypto4xx_crypt(struct skcipher_request *req, -- const unsigned int ivlen, bool decrypt) -+ const unsigned int ivlen, bool decrypt, -+ bool check_blocksize) - { - struct crypto_skcipher *cipher = crypto_skcipher_reqtfm(req); - struct crypto4xx_ctx *ctx = crypto_skcipher_ctx(cipher); - __le32 iv[AES_IV_SIZE]; - -+ if (check_blocksize && !IS_ALIGNED(req->cryptlen, AES_BLOCK_SIZE)) -+ return -EINVAL; -+ - if (ivlen) - crypto4xx_memcpy_to_le32(iv, req->iv, ivlen); - -@@ -90,24 +94,34 @@ static inline int crypto4xx_crypt(struct - ctx->sa_len, 0, NULL); - } - --int crypto4xx_encrypt_noiv(struct skcipher_request *req) -+int crypto4xx_encrypt_noiv_block(struct skcipher_request *req) -+{ -+ return crypto4xx_crypt(req, 0, false, true); -+} -+ -+int crypto4xx_encrypt_iv_stream(struct skcipher_request *req) -+{ -+ return crypto4xx_crypt(req, AES_IV_SIZE, false, false); -+} -+ -+int crypto4xx_decrypt_noiv_block(struct skcipher_request *req) - { -- return crypto4xx_crypt(req, 0, false); -+ return crypto4xx_crypt(req, 0, true, true); - } - --int crypto4xx_encrypt_iv(struct skcipher_request *req) -+int crypto4xx_decrypt_iv_stream(struct skcipher_request *req) - { -- return crypto4xx_crypt(req, AES_IV_SIZE, false); -+ return crypto4xx_crypt(req, AES_IV_SIZE, true, false); - } - --int crypto4xx_decrypt_noiv(struct skcipher_request *req) -+int crypto4xx_encrypt_iv_block(struct skcipher_request *req) - { -- return crypto4xx_crypt(req, 0, true); -+ return crypto4xx_crypt(req, AES_IV_SIZE, false, true); - } - --int crypto4xx_decrypt_iv(struct skcipher_request *req) -+int crypto4xx_decrypt_iv_block(struct skcipher_request *req) - { -- return crypto4xx_crypt(req, AES_IV_SIZE, true); -+ return crypto4xx_crypt(req, AES_IV_SIZE, true, true); - } - - /** -@@ -272,8 +286,8 @@ crypto4xx_ctr_crypt(struct skcipher_requ - return ret; - } - -- return encrypt ? crypto4xx_encrypt_iv(req) -- : crypto4xx_decrypt_iv(req); -+ return encrypt ? crypto4xx_encrypt_iv_stream(req) -+ : crypto4xx_decrypt_iv_stream(req); - } - - static int crypto4xx_sk_setup_fallback(struct crypto4xx_ctx *ctx, ---- a/drivers/crypto/amcc/crypto4xx_core.c -+++ b/drivers/crypto/amcc/crypto4xx_core.c -@@ -1211,8 +1211,8 @@ static struct crypto4xx_alg_common crypt - .max_keysize = AES_MAX_KEY_SIZE, - .ivsize = AES_IV_SIZE, - .setkey = crypto4xx_setkey_aes_cbc, -- .encrypt = crypto4xx_encrypt_iv, -- .decrypt = crypto4xx_decrypt_iv, -+ .encrypt = crypto4xx_encrypt_iv_block, -+ .decrypt = crypto4xx_decrypt_iv_block, - .init = crypto4xx_sk_init, - .exit = crypto4xx_sk_exit, - } }, -@@ -1231,8 +1231,8 @@ static struct crypto4xx_alg_common crypt - .max_keysize = AES_MAX_KEY_SIZE, - .ivsize = AES_IV_SIZE, - .setkey = crypto4xx_setkey_aes_cfb, -- .encrypt = crypto4xx_encrypt_iv, -- .decrypt = crypto4xx_decrypt_iv, -+ .encrypt = crypto4xx_encrypt_iv_stream, -+ .decrypt = crypto4xx_decrypt_iv_stream, - .init = crypto4xx_sk_init, - .exit = crypto4xx_sk_exit, - } }, -@@ -1291,8 +1291,8 @@ static struct crypto4xx_alg_common crypt - .min_keysize = AES_MIN_KEY_SIZE, - .max_keysize = AES_MAX_KEY_SIZE, - .setkey = crypto4xx_setkey_aes_ecb, -- .encrypt = crypto4xx_encrypt_noiv, -- .decrypt = crypto4xx_decrypt_noiv, -+ .encrypt = crypto4xx_encrypt_noiv_block, -+ .decrypt = crypto4xx_decrypt_noiv_block, - .init = crypto4xx_sk_init, - .exit = crypto4xx_sk_exit, - } }, -@@ -1311,8 +1311,8 @@ static struct crypto4xx_alg_common crypt - .max_keysize = AES_MAX_KEY_SIZE, - .ivsize = AES_IV_SIZE, - .setkey = crypto4xx_setkey_aes_ofb, -- .encrypt = crypto4xx_encrypt_iv, -- .decrypt = crypto4xx_decrypt_iv, -+ .encrypt = crypto4xx_encrypt_iv_stream, -+ .decrypt = crypto4xx_decrypt_iv_stream, - .init = crypto4xx_sk_init, - .exit = crypto4xx_sk_exit, - } }, ---- a/drivers/crypto/amcc/crypto4xx_core.h -+++ b/drivers/crypto/amcc/crypto4xx_core.h -@@ -183,10 +183,12 @@ int crypto4xx_setkey_rfc3686(struct cryp - const u8 *key, unsigned int keylen); - int crypto4xx_encrypt_ctr(struct skcipher_request *req); - int crypto4xx_decrypt_ctr(struct skcipher_request *req); --int crypto4xx_encrypt_iv(struct skcipher_request *req); --int crypto4xx_decrypt_iv(struct skcipher_request *req); --int crypto4xx_encrypt_noiv(struct skcipher_request *req); --int crypto4xx_decrypt_noiv(struct skcipher_request *req); -+int crypto4xx_encrypt_iv_stream(struct skcipher_request *req); -+int crypto4xx_decrypt_iv_stream(struct skcipher_request *req); -+int crypto4xx_encrypt_iv_block(struct skcipher_request *req); -+int crypto4xx_decrypt_iv_block(struct skcipher_request *req); -+int crypto4xx_encrypt_noiv_block(struct skcipher_request *req); -+int crypto4xx_decrypt_noiv_block(struct skcipher_request *req); - int crypto4xx_rfc3686_encrypt(struct skcipher_request *req); - int crypto4xx_rfc3686_decrypt(struct skcipher_request *req); - int crypto4xx_sha1_alg_init(struct crypto_tfm *tfm); |