summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-02-19crypto: api - Use dedicated workqueue for crypto subsystemHuang Ying4-0/+50
Use dedicated workqueue for crypto subsystem A dedicated workqueue named kcrypto_wq is created to be used by crypto subsystem. The system shared keventd_wq is not suitable for encryption/decryption, because of potential starvation problem. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: testmgr - Test skciphers with no IVsHerbert Xu1-4/+16
As it is an skcipher with no IV escapes testing altogether because we only test givcipher objects. This patch fixes the bypass logic to test these algorithms. Conversely, we're currently testing nivaead algorithms with IVs, which would have deadlocked had it not been for the fact that no nivaead algorithms have any test vectors. This patch also fixes that case. Both fixes are ugly as hell, but this ugliness should hopefully disappear once we move them into the per-type code (i.e., the AEAD test would live in aead.c and the skcipher stuff in ablkcipher.c). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: aead - Avoid infinite loop when nivaead fails selftestHerbert Xu1-0/+16
When an aead constructed through crypto_nivaead_default fails its selftest, we'll loop forever trying to construct new aead objects but failing because it already exists. The crux of the issue is that once an aead fails the selftest, we'll ignore it on the next run through crypto_aead_lookup and attempt to construct a new aead. We should instead return an error to the caller if we find an an that has failed the test. This bug hasn't manifested itself yet because we don't have any test vectors for the existing nivaead algorithms. They're tested through the underlying algorithms only. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: skcipher - Avoid infinite loop when cipher fails selftestHerbert Xu2-1/+20
When an skcipher constructed through crypto_givcipher_default fails its selftest, we'll loop forever trying to construct new skcipher objects but failing because it already exists. The crux of the issue is that once a givcipher fails the selftest, we'll ignore it on the next run through crypto_skcipher_lookup and attempt to construct a new givcipher. We should instead return an error to the caller if we find a givcipher that has failed the test. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: api - Fix crypto_alloc_tfm/create_create_tfm return conventionHerbert Xu4-26/+16
This is based on a report and patch by Geert Uytterhoeven. The functions crypto_alloc_tfm and create_create_tfm return a pointer that needs to be adjusted by the caller when successful and otherwise an error value. This means that the caller has to check for the error and only perform the adjustment if the pointer returned is valid. Since all callers want to make the adjustment and we know how to adjust it ourselves, it's much easier to just return adjusted pointer directly. The only caveat is that we have to return a void * instead of struct crypto_tfm *. However, this isn't that bad because both of these functions are for internal use only (by types code like shash.c, not even algorithms code). This patch also moves crypto_alloc_tfm into crypto/internal.h (crypto_create_tfm is already there) to reflect this. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: api - crypto_alg_mod_lookup either tested or untestedHerbert Xu1-1/+1
As it stands crypto_alg_mod_lookup will search either tested or untested algorithms, but never both at the same time. However, we need exactly that when constructing givcipher and aead so this patch adds support for that by setting the tested bit in type but clearing it in mask. This combination is currently unused. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: amcc - Add crypt4xx driverJames Hsiao11-0/+2441
This patch adds support for AMCC ppc4xx security device driver. This is the initial release that includes the driver framework with AES and SHA1 algorithms support. The remaining algorithms will be released in the near future. Signed-off-by: James Hsiao <jhsiao@amcc.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: ansi_cprng - Add maintainerNeil Horman1-0/+6
Add myself as the maintainer for the CPRNG. Herbert shouldn't deal with it alone if (when?) it breaks :) Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: ansi_cprng - Panic on CPRNG test failure when in FIPS mode Neil Horman1-0/+6
FIPS 140-2 specifies that all access to various cryptographic modules be prevented in the event that any of the provided self tests fail on the various implemented algorithms. We already panic when any of the test in testmgr.c fail when we are operating in fips mode. The continuous test in the cprng here was missed when that was implmented. This code simply checks for the fips_enabled flag if the test fails, and warns us via syslog or panics the box accordingly. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: sha-s390 - Switch to shashHerbert Xu6-89/+103
This patch converts the S390 sha algorithms to the new shash interface. With fixes by Jan Glauber. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: shash - Add crypto_shash_blocksizeHerbert Xu1-0/+5
This function is needed by algorithms that don't know their own block size, e.g., in s390 where the code is common between multiple versions of SHA. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: ansi_cprng - Force reset on allocationNeil Horman1-1/+10
Pseudo RNGs provide predictable outputs based on input parateters {key, V, DT}, the idea behind them is that only the user should know what the inputs are. While its nice to have default known values for testing purposes, it seems dangerous to allow the use of those default values without some sort of safety measure in place, lest an attacker easily guess the output of the cprng. This patch forces the NEED_RESET flag on when allocating a cprng context, so that any user is forced to reseed it before use. The defaults can still be used for testing, but this will prevent their inadvertent use, and be more secure. Signed-off-by: Neil Horman <nhorman@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: aes-ni - Add support to Intel AES-NI instructions for x86_64 platformHuang Ying5-0/+1386
Intel AES-NI is a new set of Single Instruction Multiple Data (SIMD) instructions that are going to be introduced in the next generation of Intel processor, as of 2009. These instructions enable fast and secure data encryption and decryption, using the Advanced Encryption Standard (AES), defined by FIPS Publication number 197. The architecture introduces six instructions that offer full hardware support for AES. Four of them support high performance data encryption and decryption, and the other two instructions support the AES key expansion procedure. The white paper can be downloaded from: http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf AES may be used in soft_irq context, but MMX/SSE context can not be touched safely in soft_irq context. So in_interrupt() is checked, if in IRQ or soft_irq context, the general x86_64 implementation are used instead. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: cryptd - Add support to access underlying blkcipherHuang Ying2-0/+62
cryptd_alloc_ablkcipher() will allocate a cryptd-ed ablkcipher for specified algorithm name. The new allocated one is guaranteed to be cryptd-ed ablkcipher, so the blkcipher underlying can be gotten via cryptd_ablkcipher_child(). Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: shash - Remove superfluous check in init_tfmHerbert Xu1-2/+0
We're currently checking the frontend type in init_tfm. This is completely pointless because the fact that we're called at all means that the frontend is ours so the type must match as well. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: aes - Export x86 AES encrypt/decrypt functionsHuang Ying4-17/+38
Intel AES-NI AES acceleration instructions touch XMM state, to use that in soft_irq context, general x86 AES implementation is used as fallback. The first parameter is changed from struct crypto_tfm * to struct crypto_aes_ctx * to make it easier to deal with 16 bytes alignment requirement of AES-NI implementation. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-18crypto: aes - Move key_length in struct crypto_aes_ctx to be the last fieldHuang Ying3-6/+10
The Intel AES-NI AES acceleration instructions need key_enc, key_dec in struct crypto_aes_ctx to be 16 byte aligned, it make this easier to move key_length to be the last one. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-17crypto: lrw - Fix big endian supportHerbert Xu1-1/+7
It turns out that LRW has never worked properly on big endian. This was never discussed because nobody actually used it that way. In fact, it was only discovered when Geert Uytterhoeven loaded it through tcrypt which failed the test on it. The fix is straightforward, on big endian the to find the nth bit we should be grouping them by words instead of bytes. So setbit128_bbe should xor with 128 - BITS_PER_LONG instead of 128 - BITS_PER_BYTE == 0x78. Tested-by: Geert Uytterhoeven <Geert.Uytterhoeven@sonycom.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-02-13Linux 2.6.29-rc5v2.6.29-rc5Linus Torvalds1-1/+1
2009-02-13Merge branch 'for-linus' of ↵Linus Torvalds13-93/+112
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6: ASoC: Only register AC97 bus if it's not done already ALSA: hda - Add snd_hda_multi_out_dig_cleanup() ALSA: hda - Add missing terminator in slave dig-out array ALSA: hda - Change HP dv7 (103c:30f4) quirk from hp-m4 to hp-dv5 model ALSA: hda - Register (new) devices at reconfig ALSA: mtpav - Fix initial value for input hwport ALSA: hda - add id for Intel IbexPeak integrated HDMI codec ALSA: hda - compute checksum in HDMI audio infoframe ALSA: hda - enable HDMI audio pin out at module loading time ALSA: hda - allow multi-channel HDMI audio playback when ELD is not present ASoC: Update SDP3430 machine driver for snd_soc_card ALSA: hda - Add quirk for Asus z37e (1043:8284) sound: Remove OSSlib stuff from linux/soundcard.h ASoC: WM8990: Fix kcontrol's private value use in put callback ASoC: TLV320AIC3X: Fix kcontrol's private value use in put callback
2009-02-13User namespaces: Only put the userns when we unhash the uidSerge E. Hallyn1-2/+1
uids in namespaces other than init don't get a sysfs entry. For those in the init namespace, while we're waiting to remove the sysfs entry for the uid the uid is still hashed, and alloc_uid() may re-grab that uid without getting a new reference to the user_ns, which we've already put in free_user before scheduling remove_user_sysfs_dir(). Reported-and-tested-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Signed-off-by: Serge E. Hallyn <serue@us.ibm.com> Acked-by: David Howells <dhowells@redhat.com> Tested-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-02-13Merge branch 'fix/asoc' into for-linusTakashi Iwai4-8/+16
2009-02-13Merge branch 'fix/hda' into for-linusTakashi Iwai7-33/+71
2009-02-13Merge branch 'fix/misc' into for-linusTakashi Iwai1-1/+2
2009-02-13Merge branch 'fix/oss-header-fix' into for-linusTakashi Iwai1-51/+23
2009-02-13ASoC: Only register AC97 bus if it's not done alreadyMark Brown1-1/+4
ASoC supports both explicit codec drivers for AC97 devices and a simple driver which uses the standard ALSA AC97 framework for codec support. When used with the generic AC97 codec support that will provide the ad hoc AC97 device for drivers like touchscreens to attach to so the core shouldn't do so. Reported-by: Manuel Lauss <mano@roarinelk.homelinux.net> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
2009-02-13ALSA: hda - Add snd_hda_multi_out_dig_cleanup()Takashi Iwai4-2/+32
Added the helper function snd_hda_multi_out_dig_cleanup() to clean up the digital outputs with multi setup. This call is needed in cases the codec supports multiple digital outputs as slaves. Otherwise the slave widgets aren't properly cleaned up. For a single digital output (e.g. in patch_conexant.c), this call isn't needed. Signed-off-by: Takashi Iwai <tiwai@suse.de>
2009-02-13ALSA: hda - Add missing terminator in slave dig-out arrayTakashi Iwai1-2/+2
Added the missing terminator for ad1989b_slave_dig_outs[]. Cc: <stable@kernel.org> Signed-off-by: Takashi Iwai <tiwai@suse.de>
2009-02-13ALSA: hda - Change HP dv7 (103c:30f4) quirk from hp-m4 to hp-dv5 modelHerton Ronaldo Krzesinski1-1/+1
Change HP dv7 quirk: although reported to work with hp-m4 model (https://bugzilla.novell.com/show_bug.cgi?id=445321), the original report doesn't contain info about testing of internal microphone. Recently I received a report about internal mic not working (https://qa.mandriva.com/show_bug.cgi?id=44855#c193), this must be related with the forced line in on pin 0x0e done with hp-m4 model. Thus change the current quirk from STAC_HP_M4 to STAC_HP_DV5, later reported to be fixed on a provided kernel with this change (https://qa.mandriva.com/show_bug.cgi?id=44855#c196). Signed-off-by: Herton Ronaldo Krzesinski <herton@mandriva.com.br> Signed-off-by: Takashi Iwai <tiwai@suse.de>
2009-02-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds26-8901/+8767
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (32 commits) wimax: fix oops in wimax_dev_get_by_genl_info() when looking up non-wimax iface net: 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2 netxen: fix compile waring "label ‘set_32_bit_mask’ defined but not used" on IA64 platform bnx2: Update version to 1.9.2 and copyright. bnx2: Fix jumbo frames error handling. bnx2: Update 5709 firmware. bnx2: Update 5706/5708 firmware. 3c505: do not set pcb->data.raw beyond its size Documentation/connector/cn_test.c: don't use gfp_any() net: don't use in_atomic() in gfp_any() IRDA: cnt is off by 1 netxen: remove pcie workaround sun3: print when lance_open() fails qlge: bugfix: Add missing rx buf clean index on early exit. qlge: bugfix: Fix RX scaling values. qlge: bugfix: Fix TSO breakage. qlge: bugfix: Add missing dev_kfree_skb_any() call. qlge: bugfix: Add missing put_page() call. qlge: bugfix: Fix fatal error recovery hang. qlge: bugfix: Use netif_receive_skb() and vlan_hwaccel_receive_skb(). ...
2009-02-12wimax: fix oops in wimax_dev_get_by_genl_info() when looking up non-wimax ifaceInaky Perez-Gonzalez1-4/+5
When a non-wimax interface is looked up by the stack, a bad pointer is returned when the looked-up interface is not found in the list (of registered WiMAX interfaces). This causes an oops in the caller when trying to use the pointer. Fix by properly setting the pointer to NULL if we don't exit from the list_for_each() with a found entry. Signed-off-by: Inaky Perez-Gonzalez <inaky@linux.intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12net: 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2Clément Lecigne1-0/+2
In function sock_getsockopt() located in net/core/sock.c, optval v.val is not correctly initialized and directly returned in userland in case we have SO_BSDCOMPAT option set. This dummy code should trigger the bug: int main(void) { unsigned char buf[4] = { 0, 0, 0, 0 }; int len; int sock; sock = socket(33, 2, 2); getsockopt(sock, 1, SO_BSDCOMPAT, &buf, &len); printf("%x%x%x%x\n", buf[0], buf[1], buf[2], buf[3]); close(sock); } Here is a patch that fix this bug by initalizing v.val just after its declaration. Signed-off-by: Clément Lecigne <clement.lecigne@netasq.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12netxen: fix compile waring "label ‘set_32_bit_mask’ defined but not ↵Yang Hongyang1-1/+1
used" on IA64 platform When compile the latest kernel on IA64 platform,I got a warning: drivers/net/netxen/netxen_nic_main.c:203: warning: label ‘set_32_bit_mask’ defined but not used We do not need label ‘set_32_bit_mask’ on IA64 platform,So move it to #else. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12bnx2: Update version to 1.9.2 and copyright.Michael Chan2-4/+4
Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12bnx2: Fix jumbo frames error handling.Michael Chan1-11/+19
If errors are reported on a frame descriptor, we need to account for the buffer pages that may have been used for this error packet and recycle them. Otherwise, we may get the wrong pages for the next packet. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Signed-off-by: Benjamin Li <benli@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12bnx2: Update 5709 firmware.Michael Chan1-4432/+4363
New firmware fixes a data corruption issue when receiving and placing jumbo frames into host buffers. In some cases, the buffer descriptor is not updated correctly and this will lead to the driver linking the wrong number of pages into the SKB. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12bnx2: Update 5706/5708 firmware.Michael Chan1-4309/+4206
New firmware fixes a data corruption issue when receiving and placing jumbo frames into host buffers. In some cases, the buffer descriptor is not updated correctly and this will lead to the driver linking the wrong number of pages into the SKB. Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-123c505: do not set pcb->data.raw beyond its sizeRoel Kluin1-10/+16
Ensure that we do not set pcb->data.raw beyond its size, print an error message and return false if we attempt to. A timout message was printed one too early. Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12Documentation/connector/cn_test.c: don't use gfp_any()Andrew Morton1-4/+2
cn_test_timer_func() is a timer handler and can never use GFP_KERNEL - there's no point in using gfp_any() here. Also, use setup_timer(). Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12net: don't use in_atomic() in gfp_any()Andrew Morton1-1/+1
The problem is that in_atomic() will return false inside spinlocks if CONFIG_PREEMPT=n. This will lead to deadlockable GFP_KERNEL allocations from spinlocked regions. Secondly, if CONFIG_PREEMPT=y, this bug solves itself because networking will instead use GFP_ATOMIC from this callsite. Hence we won't get the might_sleep() debugging warnings which would have informed us of the buggy callsites. Solve both these problems by switching to in_interrupt(). Now, if someone runs a gfp_any() allocation from inside spinlock we will get the warning if CONFIG_PREEMPT=y. I reviewed all callsites and most of them were too complex for my little brain and none of them documented their interface requirements. I have no idea what this patch will do. Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12IRDA: cnt is off by 1Roel Kluin1-1/+1
If no prior break occurs, cnt reaches 101 after the loop, so we are still able to change speed when cnt has become 100. Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12netxen: remove pcie workaroundDhananjay Phadke1-64/+0
Remove workaround for pcie bug in early revisions of NX3031 (rev 41 or earlier). This is taken care of during firmware init. The workaround required writing pcie config reg of every pcie function on a card, not all of which are enabled. Signed-off-by: Dhananjay Phadke <dhananjay@netxen.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12sun3: print when lance_open() failsRoel Kluin1-1/+1
With while (--i > 0) { ... } i reaches 0; print when lance_open() fails Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12qlge: bugfix: Add missing rx buf clean index on early exit.Ron Mercer1-0/+2
The large receive buffer queue is not properly tracking the current index in the case where an early exit occurs. This can happen when a page alloc or dma mapping fails. If this occurs the queue will get out of sync and invalid indexes can be written to the hardware. Signed-off-by: Ron Mercer <ron.mercer@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12qlge: bugfix: Fix RX scaling values.Ron Mercer1-2/+2
Receive packets were only scaling across 2 of the receive queues. The value was hardcoded to 2 instead of being based on how many rx queues were running. Signed-off-by: Ron Mercer <ron.mercer@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12qlge: bugfix: Fix TSO breakage.Ron Mercer1-4/+6
Moved the buffer mapping to a point after TSO logic has modified the iph->check field. We were seeing stale data on the PCIe bus. Signed-off-by: Ron Mercer <ron.mercer@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12qlge: bugfix: Add missing dev_kfree_skb_any() call.Ron Mercer1-0/+2
We put the skb back if we can't get mapping for it. We don't want unmapped buffers on our receive buffer queue. Signed-off-by: Ron Mercer <ron.mercer@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12qlge: bugfix: Add missing put_page() call.Ron Mercer1-0/+2
We put the page back if we can't get mapping for it. We don't want unmapped buffers on our receive buffer queue. Signed-off-by: Ron Mercer <ron.mercer@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12qlge: bugfix: Fix fatal error recovery hang.Ron Mercer1-2/+11
Signed-off-by: Ron Mercer <ron.mercer@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2009-02-12qlge: bugfix: Use netif_receive_skb() and vlan_hwaccel_receive_skb().Ron Mercer1-2/+2
Replace calls to vlan_hwaccel_rx() and netif_rx(). Thanks to Dave Miller for pointing out the the driver was making the wrong upcall for passing packets into the stack. Signed-off-by: Ron Mercer <ron.mercer@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>