1. 04 May, 2011 1 commit
  2. 22 Mar, 2011 1 commit
    • Jim Keniston's avatar
      zlib: slim down zlib_deflate() workspace when possible · 565d76cb
      Jim Keniston authored
      
      Instead of always creating a huge (268K) deflate_workspace with the
      maximum compression parameters (windowBits=15, memLevel=8), allow the
      caller to obtain a smaller workspace by specifying smaller parameter
      values.
      
      For example, when capturing oops and panic reports to a medium with
      limited capacity, such as NVRAM, compression may be the only way to
      capture the whole report.  In this case, a small workspace (24K works
      fine) is a win, whether you allocate the workspace when you need it (i.e.,
      during an oops or panic) or at boot time.
      
      I've verified that this patch works with all accepted values of windowBits
      (positive and negative), memLevel, and compression level.
      Signed-off-by: default avatarJim Keniston <jkenisto@us.ibm.com>
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Cc: David Miller <davem@davemloft.net>
      Cc: Chris Mason <chris.mason@oracle.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      565d76cb
  3. 13 Mar, 2011 1 commit
  4. 04 Mar, 2011 1 commit
  5. 16 Feb, 2011 1 commit
  6. 28 Jan, 2011 3 commits
  7. 04 Jan, 2011 2 commits
  8. 28 Dec, 2010 1 commit
  9. 21 Dec, 2010 1 commit
  10. 08 Dec, 2010 1 commit
  11. 02 Dec, 2010 1 commit
  12. 30 Nov, 2010 2 commits
    • Herbert Xu's avatar
      crypto: algif_skcipher - Handle unaligned receive buffer · bc97e57e
      Herbert Xu authored
      
      As it is if user-space passes through a receive buffer that's not
      aligned to to the cipher block size, we'll end up encrypting or
      decrypting a partial block which causes a spurious EINVAL to be
      returned.
      
      This patch fixes this by moving the partial block test after the
      af_alg_make_sg call.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      bc97e57e
    • Herbert Xu's avatar
      crypto: algif_skcipher - Fixed overflow when sndbuf is page aligned · 0f6bb83c
      Herbert Xu authored
      
      When sk_sndbuf is not a multiple of PAGE_SIZE, the limit tests
      in sendmsg fail as the limit variable becomes negative and we're
      using an unsigned comparison.
      
      The same thing can happen if sk_sndbuf is lowered after a sendmsg
      call.
      
      This patch fixes this by always taking the signed maximum of limit
      and 0 before we perform the comparison.
      
      It also rounds the value of sk_sndbuf down to a multiple of PAGE_SIZE
      so that we don't end up allocating a page only to use a small number
      of bytes in it because we're bound by sk_sndbuf.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      0f6bb83c
  13. 29 Nov, 2010 1 commit
  14. 28 Nov, 2010 1 commit
  15. 27 Nov, 2010 3 commits
  16. 26 Nov, 2010 1 commit
    • Herbert Xu's avatar
      crypto: algif_skcipher - User-space interface for skcipher operations · 8ff59090
      Herbert Xu authored
      
      This patch adds the af_alg plugin for symmetric key ciphers,
      corresponding to the ablkcipher kernel operation type.
      
      Keys can optionally be set through the setsockopt interface.
      
      Once a sendmsg call occurs without MSG_MORE no further writes
      may be made to the socket until all previous data has been read.
      
      IVs and and whether encryption/decryption is performed can be
      set through the setsockopt interface or as a control message
      to sendmsg.
      
      The interface is completely synchronous, all operations are
      carried out in recvmsg(2) and will complete prior to the system
      call returning.
      
      The splice(2) interface support reading the user-space data directly
      without copying (except that the Crypto API itself may copy the data
      if alignment is off).
      
      The recvmsg(2) interface supports directly writing to user-space
      without additional copying, i.e., the kernel crypto interface will
      receive the user-space address as its output SG list.
      
      Thakns to Miloslav Trmac for reviewing this and contributing
      fixes and improvements.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      Acked-by: default avatarDavid S. Miller <davem@davemloft.net>
      8ff59090
  17. 19 Nov, 2010 2 commits
    • Herbert Xu's avatar
      crypto: algif_hash - User-space interface for hash operations · fe869cdb
      Herbert Xu authored
      
      This patch adds the af_alg plugin for hash, corresponding to
      the ahash kernel operation type.
      
      Keys can optionally be set through the setsockopt interface.
      
      Each sendmsg call will finalise the hash unless sent with a MSG_MORE
      flag.
      
      Partial hash states can be cloned using accept(2).
      
      The interface is completely synchronous, all operations will
      complete prior to the system call returning.
      
      Both sendmsg(2) and splice(2) support reading the user-space
      data directly without copying (except that the Crypto API itself
      may copy the data if alignment is off).
      
      For now only the splice(2) interface supports performing digest
      instead of init/update/final.  In future the sendmsg(2) interface
      will also be modified to use digest/finup where possible so that
      hardware that cannot return a partial hash state can still benefit
      from this interface.
      
      Thakns to Miloslav Trmac for reviewing this and contributing
      fixes and improvements.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      Acked-by: default avatarDavid S. Miller <davem@davemloft.net>
      Tested-by: default avatarMartin Willi <martin@strongswan.org>
      fe869cdb
    • Herbert Xu's avatar
      crypto: af_alg - User-space interface for Crypto API · 03c8efc1
      Herbert Xu authored
      
      This patch creates the backbone of the user-space interface for
      the Crypto API, through a new socket family AF_ALG.
      
      Each session corresponds to one or more connections obtained from
      that socket.  The number depends on the number of inputs/outputs
      of that particular type of operation.  For most types there will
      be a s ingle connection/file descriptor that is used for both input
      and output.  AEAD is one of the few that require two inputs.
      
      Each algorithm type will provide its own implementation that plugs
      into af_alg.  They're keyed using a string such as "skcipher" or
      "hash".
      
      IOW this patch only contains the boring bits that is required
      to hold everything together.
      
      Thakns to Miloslav Trmac for reviewing this and contributing
      fixes and improvements.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      Acked-by: default avatarDavid S. Miller <davem@davemloft.net>
      Tested-by: default avatarMartin Willi <martin@strongswan.org>
      03c8efc1
  18. 13 Nov, 2010 2 commits
  19. 12 Nov, 2010 1 commit
  20. 04 Nov, 2010 1 commit
  21. 26 Oct, 2010 1 commit
  22. 07 Oct, 2010 2 commits
  23. 20 Sep, 2010 1 commit
  24. 11 Sep, 2010 1 commit
  25. 03 Sep, 2010 1 commit
  26. 05 Aug, 2010 3 commits
    • Herbert Xu's avatar
      crypto: testmgr - Default to no tests · 00ca28a5
      Herbert Xu authored
      
      On Thu, Aug 05, 2010 at 07:01:21PM -0700, Linus Torvalds wrote:
      > On Thu, Aug 5, 2010 at 6:40 PM, Herbert Xu <herbert@gondor.hengli.com.au> wrote:
      > >
      > > -config CRYPTO_MANAGER_TESTS
      > > -       bool "Run algolithms' self-tests"
      > > -       default y
      > > -       depends on CRYPTO_MANAGER2
      > > +config CRYPTO_MANAGER_DISABLE_TESTS
      > > +       bool "Disable run-time self tests"
      > > +       depends on CRYPTO_MANAGER2 && EMBEDDED
      >
      > Why do you still want to force-enable those tests? I was going to
      > complain about the "default y" anyway, now I'm _really_ complaining,
      > because you've now made it impossible to disable those tests. Why?
      
      As requested, this patch sets the default to y and removes the
      EMBEDDED dependency.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      00ca28a5
    • Herbert Xu's avatar
      crypto: testmgr - Fix test disabling option · 326a6346
      Herbert Xu authored
      
      This patch fixes a serious bug in the test disabling patch where
      it can cause an spurious load of the cryptomgr module even when
      it's compiled in.
      
      It also negates the test disabling option so that its absence
      causes tests to be enabled.
      
      The Kconfig option is also now behind EMBEDDED.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      326a6346
    • Szilveszter Ördög's avatar
      crypto: hash - Fix handling of small unaligned buffers · 23a75eee
      Szilveszter Ördög authored
      
      If a scatterwalk chain contains an entry with an unaligned offset then
      hash_walk_next() will cut off the next step at the next alignment point.
      
      However, if the entry ends before the next alignment point then we a loop,
      which leads to a kernel oops.
      
      Fix this by checking whether the next aligment point is before the end of the
      current entry.
      Signed-off-by: default avatarSzilveszter Ördög <slipszi@gmail.com>
      Acked-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      23a75eee
  27. 31 Jul, 2010 3 commits