1. 12 Jan, 2018 1 commit
    • Eric Biggers's avatar
      crypto: hash - annotate algorithms taking optional key · a208fa8f
      Eric Biggers authored
      We need to consistently enforce that keyed hashes cannot be used without
      setting the key.  To do this we need a reliable way to determine whether
      a given hash algorithm is keyed or not.  AF_ALG currently does this by
      checking for the presence of a ->setkey() method.  However, this is
      actually slightly broken because the CRC-32 algorithms implement
      ->setkey() but can also be used without a key.  (The CRC-32 "key" is not
      actually a cryptographic key but rather represents the initial state.
      If not overridden, then a default initial state is used.)
      
      Prepare to fix this by introducing a flag CRYPTO_ALG_OPTIONAL_KEY which
      indicates that the algorithm has a ->setkey() method, but it is not
      required to be called.  Then set it on all the CRC-32 algorithms.
      
      The same also applies to the Adler-32 implementation in Lustre.
      
      Also, the cryptd and mcryptd templates have to pass through the flag
      from their underlying algorithm.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: 's avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      a208fa8f
  2. 19 Jan, 2016 1 commit
    • Jean Delvare's avatar
      crypto: crc32c - Fix crc32c soft dependency · fd7f6727
      Jean Delvare authored
      I don't think it makes sense for a module to have a soft dependency
      on itself. This seems quite cyclic by nature and I can't see what
      purpose it could serve.
      
      OTOH libcrc32c calls crypto_alloc_shash("crc32c", 0, 0) so it pretty
      much assumes that some incarnation of the "crc32c" hash algorithm has
      been loaded. Therefore it makes sense to have the soft dependency
      there (as crc-t10dif does.)
      
      Cc: stable@vger.kernel.org
      Cc: Tim Chen <tim.c.chen@linux.intel.com>
      Cc: "David S. Miller" <davem@davemloft.net>
      Signed-off-by: 's avatarJean Delvare <jdelvare@suse.de>
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      fd7f6727
  3. 13 Jan, 2015 1 commit
    • Mathias Krause's avatar
      crypto: add missing crypto module aliases · 3e14dcf7
      Mathias Krause authored
      Commit 5d26a105 ("crypto: prefix module autoloading with "crypto-"")
      changed the automatic module loading when requesting crypto algorithms
      to prefix all module requests with "crypto-". This requires all crypto
      modules to have a crypto specific module alias even if their file name
      would otherwise match the requested crypto algorithm.
      
      Even though commit 5d26a105 added those aliases for a vast amount of
      modules, it was missing a few. Add the required MODULE_ALIAS_CRYPTO
      annotations to those files to make them get loaded automatically, again.
      This fixes, e.g., requesting 'ecb(blowfish-generic)', which used to work
      with kernels v3.18 and below.
      
      Also change MODULE_ALIAS() lines to MODULE_ALIAS_CRYPTO(). The former
      won't work for crypto modules any more.
      
      Fixes: 5d26a105 ("crypto: prefix module autoloading with "crypto-"")
      Cc: Kees Cook <keescook@chromium.org>
      Signed-off-by: 's avatarMathias Krause <minipli@googlemail.com>
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      3e14dcf7
  4. 24 Nov, 2014 1 commit
  5. 25 Feb, 2014 1 commit
  6. 23 Mar, 2012 1 commit
  7. 29 Jun, 2011 1 commit
  8. 16 Feb, 2010 1 commit
  9. 25 Dec, 2008 2 commits
  10. 10 Jul, 2008 1 commit
  11. 21 Apr, 2008 1 commit
    • Kamalesh Babulal's avatar
      [CRYPTO] all: Clean up init()/fini() · 3af5b90b
      Kamalesh Babulal authored
      On Thu, Mar 27, 2008 at 03:40:36PM +0100, Bodo Eggert wrote:
      > Kamalesh Babulal <kamalesh@linux.vnet.ibm.com> wrote:
      > 
      > > This patch cleanups the crypto code, replaces the init() and fini()
      > > with the <algorithm name>_init/_fini
      > 
      > This part ist OK.
      > 
      > > or init/fini_<algorithm name> (if the 
      > > <algorithm name>_init/_fini exist)
      > 
      > Having init_foo and foo_init won't be a good thing, will it? I'd start
      > confusing them.
      > 
      > What about foo_modinit instead?
      
      Thanks for the suggestion, the init() is replaced with
      
      	<algorithm name>_mod_init ()
      
      and fini () is replaced with <algorithm name>_mod_fini.
      Signed-off-by: 's avatarKamalesh Babulal <kamalesh@linux.vnet.ibm.com>
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      3af5b90b
  12. 21 Sep, 2006 2 commits
    • Herbert Xu's avatar
      [CRYPTO] api: Get rid of flags argument to setkey · 560c06ae
      Herbert Xu authored
      Now that the tfm is passed directly to setkey instead of the ctx, we no
      longer need to pass the &tfm->crt_flags pointer.
      
      This patch also gets rid of a few unnecessary checks on the key length
      for ciphers as the cipher layer guarantees that the key length is within
      the bounds specified by the algorithm.
      
      Rather than testing dia_setkey every time, this patch does it only once
      during crypto_alloc_tfm.  The redundant check from crypto_digest_setkey
      is also removed.
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      560c06ae
    • Herbert Xu's avatar
      [CRYPTO] crc32c: Fix unconventional setkey usage · 25cdbcd9
      Herbert Xu authored
      The convention for setkey is that once it is set it should not change,
      in particular, init must not wipe out the key set by it.  In fact, init
      should always be used after setkey before any digestion is performed.
      
      The only user of crc32c that sets the key is tcrypt.  This patch adds
      the necessary init calls there.
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      25cdbcd9
  13. 26 Jun, 2006 1 commit
    • Herbert Xu's avatar
      [CRYPTO] all: Pass tfm instead of ctx to algorithms · 6c2bb98b
      Herbert Xu authored
      Up until now algorithms have been happy to get a context pointer since
      they know everything that's in the tfm already (e.g., alignment, block
      size).
      
      However, once we have parameterised algorithms, such information will
      be specific to each tfm.  So the algorithm API needs to be changed to
      pass the tfm structure instead of the context pointer.
      
      This patch is basically a text substitution.  The only tricky bit is
      the assembly routines that need to get the context pointer offset
      through asm-offsets.h.
      Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
      6c2bb98b
  14. 09 Jan, 2006 1 commit
  15. 16 Apr, 2005 1 commit
    • Linus Torvalds's avatar
      Linux-2.6.12-rc2 · 1da177e4
      Linus Torvalds authored
      Initial git repository build. I'm not bothering with the full history,
      even though we have it. We can create a separate "historical" git
      archive of that later if we want to, and in the meantime it's about
      3.2GB when imported into git - space that would just make the early
      git days unnecessarily complicated, when we don't have a lot of good
      infrastructure for it.
      
      Let it rip!
      1da177e4