Backport of upstream fixes to 4.19.y, which also applies to 5.0.y and 5.1.y.
Gilad Ben-Yossef (2): crypto: ccree: zap entire sg on aead request unmap crypto: ccree: fix backlog notifications
drivers/crypto/ccree/cc_aead.c | 4 ++++ drivers/crypto/ccree/cc_buffer_mgr.c | 18 ++--------------- drivers/crypto/ccree/cc_cipher.c | 4 ++++ drivers/crypto/ccree/cc_hash.c | 28 +++++++++++++++++++-------- drivers/crypto/ccree/cc_request_mgr.c | 11 ++++++++--- 5 files changed, 38 insertions(+), 27 deletions(-)
We were trying to be clever zapping out of the cache only the required length out of scatter list on AEAD request completion and getting it wrong.
As Knuth said: "when in douby, use brute force". Zap the whole length of the scatter list.
Signed-off-by: Gilad Ben-Yossef gilad@benyossef.com --- drivers/crypto/ccree/cc_buffer_mgr.c | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-)
diff --git a/drivers/crypto/ccree/cc_buffer_mgr.c b/drivers/crypto/ccree/cc_buffer_mgr.c index 0ee1c52da0a4..0774bf54fcab 100644 --- a/drivers/crypto/ccree/cc_buffer_mgr.c +++ b/drivers/crypto/ccree/cc_buffer_mgr.c @@ -568,11 +568,7 @@ void cc_unmap_aead_request(struct device *dev, struct aead_request *req) { struct aead_req_ctx *areq_ctx = aead_request_ctx(req); unsigned int hw_iv_size = areq_ctx->hw_iv_size; - struct crypto_aead *tfm = crypto_aead_reqtfm(req); struct cc_drvdata *drvdata = dev_get_drvdata(dev); - u32 dummy; - bool chained; - u32 size_to_unmap = 0;
if (areq_ctx->mac_buf_dma_addr) { dma_unmap_single(dev, areq_ctx->mac_buf_dma_addr, @@ -629,22 +625,12 @@ void cc_unmap_aead_request(struct device *dev, struct aead_request *req) dev_dbg(dev, "Unmapping src sgl: req->src=%pK areq_ctx->src.nents=%u areq_ctx->assoc.nents=%u assoclen:%u cryptlen=%u\n", sg_virt(req->src), areq_ctx->src.nents, areq_ctx->assoc.nents, req->assoclen, req->cryptlen); - size_to_unmap = req->assoclen + req->cryptlen; - if (areq_ctx->gen_ctx.op_type == DRV_CRYPTO_DIRECTION_ENCRYPT) - size_to_unmap += areq_ctx->req_authsize; - if (areq_ctx->is_gcm4543) - size_to_unmap += crypto_aead_ivsize(tfm);
- dma_unmap_sg(dev, req->src, - cc_get_sgl_nents(dev, req->src, size_to_unmap, - &dummy, &chained), - DMA_BIDIRECTIONAL); + dma_unmap_sg(dev, req->src, sg_nents(req->src), DMA_BIDIRECTIONAL); if (req->src != req->dst) { dev_dbg(dev, "Unmapping dst sgl: req->dst=%pK\n", sg_virt(req->dst)); - dma_unmap_sg(dev, req->dst, - cc_get_sgl_nents(dev, req->dst, size_to_unmap, - &dummy, &chained), + dma_unmap_sg(dev, req->dst, sg_nents(req->dst), DMA_BIDIRECTIONAL); } if (drvdata->coherent &&
On Mon, May 20, 2019 at 02:50:23PM +0300, Gilad Ben-Yossef wrote:
We were trying to be clever zapping out of the cache only the required length out of scatter list on AEAD request completion and getting it wrong.
As Knuth said: "when in douby, use brute force". Zap the whole length of the scatter list.
Signed-off-by: Gilad Ben-Yossef gilad@benyossef.com
drivers/crypto/ccree/cc_buffer_mgr.c | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-)
This does not apply on top of my latest 4.19 tree with the current pending queue applied, nor does it apply to 5.1 or 5.0.
How about waiting a few days and resending after I do the next round of stable updates, so you can rebase on top of them easier?
thanks,
greg k-h
On Mon, May 20, 2019 at 3:09 PM Greg KH gregkh@linuxfoundation.org wrote:
On Mon, May 20, 2019 at 02:50:23PM +0300, Gilad Ben-Yossef wrote:
We were trying to be clever zapping out of the cache only the required length out of scatter list on AEAD request completion and getting it wrong.
As Knuth said: "when in douby, use brute force". Zap the whole length of the scatter list.
Signed-off-by: Gilad Ben-Yossef gilad@benyossef.com
drivers/crypto/ccree/cc_buffer_mgr.c | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-)
This does not apply on top of my latest 4.19 tree with the current pending queue applied, nor does it apply to 5.1 or 5.0.
How about waiting a few days and resending after I do the next round of stable updates, so you can rebase on top of them easier?
Yes, will do.
Thanks, Gilad
We were doing backlog notification callbacks via a cipher/hash/aead request structure cast to the base structure, which may or may not work based on how the structure is laid in memory and is not safe.
Fix it by delegating the backlog notification to the appropriate internal callbacks which are type aware.
Signed-off-by: Gilad Ben-Yossef gilad@benyossef.com --- drivers/crypto/ccree/cc_aead.c | 4 ++++ drivers/crypto/ccree/cc_cipher.c | 4 ++++ drivers/crypto/ccree/cc_hash.c | 28 +++++++++++++++++++-------- drivers/crypto/ccree/cc_request_mgr.c | 11 ++++++++--- 4 files changed, 36 insertions(+), 11 deletions(-)
diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c index a3527c00b29a..8c08a50a4008 100644 --- a/drivers/crypto/ccree/cc_aead.c +++ b/drivers/crypto/ccree/cc_aead.c @@ -220,6 +220,10 @@ static void cc_aead_complete(struct device *dev, void *cc_req, int err) struct crypto_aead *tfm = crypto_aead_reqtfm(cc_req); struct cc_aead_ctx *ctx = crypto_aead_ctx(tfm);
+ /* BACKLOG notification */ + if (err == -EINPROGRESS) + goto done; + cc_unmap_aead_request(dev, areq);
/* Restore ordinary iv pointer */ diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c index d9c17078517b..202526648e4a 100644 --- a/drivers/crypto/ccree/cc_cipher.c +++ b/drivers/crypto/ccree/cc_cipher.c @@ -654,6 +654,9 @@ static void cc_cipher_complete(struct device *dev, void *cc_req, int err) unsigned int ivsize = crypto_skcipher_ivsize(sk_tfm); unsigned int len;
+ if (err == -EINPROGRESS) + goto done; + cc_unmap_cipher_request(dev, req_ctx, ivsize, src, dst);
switch (ctx_p->cipher_mode) { @@ -687,6 +690,7 @@ static void cc_cipher_complete(struct device *dev, void *cc_req, int err)
kzfree(req_ctx->iv);
+done: skcipher_request_complete(req, err); }
diff --git a/drivers/crypto/ccree/cc_hash.c b/drivers/crypto/ccree/cc_hash.c index 2c4ddc8fb76b..e824ab60b59c 100644 --- a/drivers/crypto/ccree/cc_hash.c +++ b/drivers/crypto/ccree/cc_hash.c @@ -280,8 +280,12 @@ static void cc_update_complete(struct device *dev, void *cc_req, int err)
dev_dbg(dev, "req=%pK\n", req);
- cc_unmap_hash_request(dev, state, req->src, false); - cc_unmap_req(dev, state, ctx); + if (err != -EINPROGRESS) { + /* Not a BACKLOG notification */ + cc_unmap_hash_request(dev, state, req->src, false); + cc_unmap_req(dev, state, ctx); + } + req->base.complete(&req->base, err); }
@@ -295,9 +299,13 @@ static void cc_digest_complete(struct device *dev, void *cc_req, int err)
dev_dbg(dev, "req=%pK\n", req);
- cc_unmap_hash_request(dev, state, req->src, false); - cc_unmap_result(dev, state, digestsize, req->result); - cc_unmap_req(dev, state, ctx); + if (err != -EINPROGRESS) { + /* Not a BACKLOG notification */ + cc_unmap_hash_request(dev, state, req->src, false); + cc_unmap_result(dev, state, digestsize, req->result); + cc_unmap_req(dev, state, ctx); + } + req->base.complete(&req->base, err); }
@@ -311,9 +319,13 @@ static void cc_hash_complete(struct device *dev, void *cc_req, int err)
dev_dbg(dev, "req=%pK\n", req);
- cc_unmap_hash_request(dev, state, req->src, false); - cc_unmap_result(dev, state, digestsize, req->result); - cc_unmap_req(dev, state, ctx); + if (err != -EINPROGRESS) { + /* Not a BACKLOG notification */ + cc_unmap_hash_request(dev, state, req->src, false); + cc_unmap_result(dev, state, digestsize, req->result); + cc_unmap_req(dev, state, ctx); + } + req->base.complete(&req->base, err); }
diff --git a/drivers/crypto/ccree/cc_request_mgr.c b/drivers/crypto/ccree/cc_request_mgr.c index 83a8aaae61c7..ddaa41de7ae7 100644 --- a/drivers/crypto/ccree/cc_request_mgr.c +++ b/drivers/crypto/ccree/cc_request_mgr.c @@ -336,10 +336,12 @@ static void cc_enqueue_backlog(struct cc_drvdata *drvdata, struct cc_bl_item *bli) { struct cc_req_mgr_handle *mgr = drvdata->request_mgr_handle; + struct device *dev = drvdata_to_dev(drvdata);
spin_lock_bh(&mgr->bl_lock); list_add_tail(&bli->list, &mgr->backlog); ++mgr->bl_len; + dev_dbg(dev, "+++bl len: %d\n", mgr->bl_len); spin_unlock_bh(&mgr->bl_lock); tasklet_schedule(&mgr->comptask); } @@ -349,7 +351,7 @@ static void cc_proc_backlog(struct cc_drvdata *drvdata) struct cc_req_mgr_handle *mgr = drvdata->request_mgr_handle; struct cc_bl_item *bli; struct cc_crypto_req *creq; - struct crypto_async_request *req; + void *req; bool ivgen; unsigned int total_len; struct device *dev = drvdata_to_dev(drvdata); @@ -359,17 +361,20 @@ static void cc_proc_backlog(struct cc_drvdata *drvdata)
while (mgr->bl_len) { bli = list_first_entry(&mgr->backlog, struct cc_bl_item, list); + dev_dbg(dev, "---bl len: %d\n", mgr->bl_len); + spin_unlock(&mgr->bl_lock);
+ creq = &bli->creq; - req = (struct crypto_async_request *)creq->user_arg; + req = creq->user_arg;
/* * Notify the request we're moving out of the backlog * but only if we haven't done so already. */ if (!bli->notif) { - req->complete(req, -EINPROGRESS); + creq->user_cb(dev, req, -EINPROGRESS); bli->notif = true; }
On Mon, May 20, 2019 at 02:50:22PM +0300, Gilad Ben-Yossef wrote:
Backport of upstream fixes to 4.19.y, which also applies to 5.0.y and 5.1.y.
Gilad Ben-Yossef (2): crypto: ccree: zap entire sg on aead request unmap crypto: ccree: fix backlog notifications
drivers/crypto/ccree/cc_aead.c | 4 ++++ drivers/crypto/ccree/cc_buffer_mgr.c | 18 ++--------------- drivers/crypto/ccree/cc_cipher.c | 4 ++++ drivers/crypto/ccree/cc_hash.c | 28 +++++++++++++++++++-------- drivers/crypto/ccree/cc_request_mgr.c | 11 ++++++++--- 5 files changed, 38 insertions(+), 27 deletions(-)
As the "FAILED:" emails said, I need these for 5.1 and 5.0 as well, can't just move from 4.19 to a newer kernel and have regressions. I'll go see if these apply there too.
Also, giving me the git commit ids of the original patches in Linus's tree is necessary, so I don't have to go dig it up by hand. I'll do it this time...
let me see how this goes...
greg k-h
linux-stable-mirror@lists.linaro.org