| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Pull crypto updates from Herbert Xu:
"Here is the crypto update for 4.3:
API:
- the AEAD interface transition is now complete.
- add top-level skcipher interface.
Drivers:
- x86-64 acceleration for chacha20/poly1305.
- add sunxi-ss Allwinner Security System crypto accelerator.
- add RSA algorithm to qat driver.
- add SRIOV support to qat driver.
- add LS1021A support to caam.
- add i.MX6 support to caam"
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (163 commits)
crypto: algif_aead - fix for multiple operations on AF_ALG sockets
crypto: qat - enable legacy VFs
MPI: Fix mpi_read_buffer
crypto: qat - silence a static checker warning
crypto: vmx - Fixing opcode issue
crypto: caam - Use the preferred style for memory allocations
crypto: caam - Propagate the real error code in caam_probe
crypto: caam - Fix the error handling in caam_probe
crypto: caam - fix writing to JQCR_MS when using service interface
crypto: hash - Add AHASH_REQUEST_ON_STACK
crypto: testmgr - Use new skcipher interface
crypto: skcipher - Add top-level skcipher interface
crypto: cmac - allow usage in FIPS mode
crypto: sahara - Use dmam_alloc_coherent
crypto: caam - Add support for LS1021A
crypto: qat - Don't move data inside output buffer
crypto: vmx - Fixing GHASH Key issue on little endian
crypto: vmx - Fixing AES-CTR counter bug
crypto: null - Add missing Kconfig tristate for NULL2
crypto: nx - Add forward declaration for struct crypto_aead
...
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The tsgl scatterlist must be re-initialized after each
operation. Otherwise the sticky bits in the page_link will corrupt the
list with pre-mature termination or false chaining.
Signed-off-by: Lars Persson <larper@axis.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We need to support legacy VFs as well as VFs running on different OSes.
To do so the compatibility check need needs to be relaxed.
This patch moves the logic responsible for VF to PF version and
compatibility checking from adfsriov.c to adf_pf2vf_msg.c,
where it belongs, and changes the logic enable legacy VFs.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Change mpi_read_buffer to return a number without leading zeros
so that mpi_read_buffer and mpi_get_buffer return the same thing.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Add range check for ring number.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In build time vadduqm opcode is not being mapped
correctly.
Adding a new map in ppc-xlate to do this.
Signed-off-by: Leonidas S Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
"The preferred form for passing a size of a struct is the following:
p = kmalloc(sizeof(*p), ...);
....
The preferred form for allocating a zeroed array is the following:
p = kcalloc(n, sizeof(...), ...); "
,so do as suggested.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Reviewed-by: Horia Geant? <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Instead of propagating a 'fake' error code, just propagate the real
one in the case of caam_drv_identify_clk() failure.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Reviewed-by: Horia Geant? <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
In the error path we should disable the resources that were previously
acquired, so fix the error handling accordingly.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Reviewed-by: Horia Geant? <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Most significant part of JQCR (Job Queue Control Register) contains
bits that control endianness: ILE - Immediate Little Endian,
DWS - Double Word Swap.
The bits are automatically set by the Job Queue Controller HW.
Unfortunately these bits are cleared in SW when submitting descriptors
via the register-based service interface.
>From LS1021A:
JQCR_MS = 08080100 - before writing: ILE | DWS | SRC (JR0)
JQCR_MS = 30000100 - after writing: WHL | FOUR | SRC (JR0)
This would cause problems on little endian caam for descriptors
containing immediata data or double-word pointers.
Currently there is no problem since the only descriptors ran through
this interface are the ones that (un)instantiate RNG.
Signed-off-by: Horia Geant? <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
This patch adds the helper AHASH_REQUEST_ON_STACK for those users
of ahash that are synchronous only.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
This patch replaces uses of blkcipher and ablkcipher with the
new skcipher interface.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch introduces the crypto skcipher interface which aims
to replace both blkcipher and ablkcipher.
It's very similar to the existing ablkcipher interface. The
main difference is the removal of the givcrypt interface. In
order to make the transition easier for blkcipher users, there
is a helper SKCIPHER_REQUEST_ON_STACK which can be used to place
a request on the stack for synchronous transforms.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
CMAC is an approved cipher in FIPS 140-2. The patch allows the use
of CMAC with TDES and AES in FIPS mode.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch moves the data allocated using dma_alloc_coherent to the
corresponding managed interface. To be compatible with the change,
various gotos are replaced with direct returns and unneeded labels
are dropped.
Signed-off-by: Vaishali Thakkar <vthakkar1994@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
LS1021A is a QorIQ SoC having little endian CAAM.
There are a few differences b/w QorIQ and i.MX from CAAM perspective:
1. i.MX platforms are somewhat special wrt. 64-bit registers:
-big endian format at 64-bit level: MSW at address+0 and LSW at address+4
-little endian format at 32-bit level (within MSW and LSW)
and thus need special handling.
2. No CCM (clock controller module) for QorIQ.
No CAAM clocks to enable / disable.
A new Kconfig option - CRYPTO_DEV_FSL_CAAM_LE - is added to indicate
CAAM is little endian (*). It is hidden from the user (to avoid
misconfiguration); when adding support for a new platform with LE CAAM,
either the Kconfig needs to be updated or the corresponding defconfig
needs to indicate that CAAM is LE.
(*) Using a DT property to provide CAAM endianness would not allow
for the ifdeffery.
In order to keep changes to a minimum, the following changes
are postponed:
-endianness fix of the last word in the S/G (rsvd2, bpid, offset),
fields are always 0 anyway;
-S/G format fix for i.MX7 (yes, i.MX7 support was not added yet,
but still...)
Signed-off-by: Horia Geant? <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
Change memcpy to memmove because the copy is done within the same buffer.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
GHASH table algorithm is using a big endian key.
In little endian machines key will be LE ordered.
After a lxvd2x instruction key is loaded as it is,
LE/BE order, in first case it'll generate a wrong
table resulting in wrong hashes from the algorithm.
Bug affects only LE machines.
In order to fix it we do a swap for loaded key.
Cc: stable@vger.kernel.org
Signed-off-by: Leonidas S Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
AES-CTR is using a counter 8bytes-8bytes what miss match with
kernel specs.
In the previous code a vadduwm was done to increment counter.
Replacing this for a vadduqm now considering both cases counter
8-8 bytes and full 16bytes.
Cc: stable@vger.kernel.org
Signed-off-by: Leonidas S Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch adds a missing tristate statement to Kconfig for the
new CRYPTO_NULL2 option.
Fixes: 149a39717dcc ("crypto: aead - Add type-safe geniv init/exit helpers")
Reported-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The file nx.h has function prototypes that use struct crypto_aead.
However, as crypto/aead.h is not included we don't have a definition
for it. This patch adds a forward declaration to fix this.
Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The Kconfig option NULL2 has been added as CRYPTO_MANAGER now
depends indirectly on NULL2. However, the Makefile was not updated
to use the new option, resulting in potential build failures when
only NULL2 is enabled.
Fixes: 149a39717dcc ("crypto: aead - Add type-safe geniv init/exit helpers")
Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Compare pointer-typed values to NULL rather than 0.
The semantic patch that makes this change is available
in scripts/coccinelle/null/badzero.cocci
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
This patch removes the CRYPTO_ALG_AEAD_NEW flag now that everyone
has been converted.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
Now that the AEAD conversion is complete we can rip out the old
AEAD interafce and associated code.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
The qat driver uses crypto_aead_crt in order to get the authsize.
This patch replaces it with the crypto_aead_authsize helper instead.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Pretty soon the crypto_aead encrypt/decrypt hooks will disappear
as they are now always identical to those in struct aead_alg.
This patch replaces the references to these hooks with the ones
from aead_alg instead.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
This patch replaces the echainiv init/exit handlers with the generic
geniv helpers.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
This patch replaces the seqiv init/exit handlers with the generic
geniv helpers.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This patch adds the helpers aead_init_geniv and aead_exit_geniv
which are type-safe and intended the replace the existing geniv
init/exit helpers.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Now that we no longer have any legacy AEAD implementations the
compatibility code path can no longer be triggered. This patch
removes it.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Now that we no longer have any legacy AEAD implementations the
compatibility code path can no longer be triggered. This patch
removes it.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| | |
Now that IPsec no longer uses seqniv we can remove it.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
Now that seqniv is identical with seqiv we no longer need it.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
|
| | |
| |
| |
| |
| |
| |
| | |
As IV generators are now standalone AEAD transforms, we no longer
need to use the crypto_lookup_aead call.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
This patch removes a legacy reference to nivaead which is no longer
used.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Variable 'ret' is only used for returning the value 0.
We can make it simpler and just return 0 instead.
The semantic patch that makes this change is available
in scripts/coccinelle/misc/returnvar.cocci.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
In the error paths we should free the resources that were
previously acquired, so fix it accordingly.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Reviewed-by: Horia Geant? <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
drivers/crypto/qat/qat_common/adf_sriov.c:258:1-4: WARNING: end returns can be simpified and declaration on line 212 can be dropped
Simplify a trivial if-return sequence. Possibly combine with a
preceding function call.
Generated by: scripts/coccinelle/misc/simple_return.cocci
CC: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| | |
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
A31/A31s have the same "Security System" crypto engine as A10/A20,
but with a separate reset control.
Signed-off-by: Chen-Yu Tsai <wens@csie.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
On sun6i and later platforms, the reset control is split out of the
clock gates. Add support for an optional reset control.
Signed-off-by: Chen-Yu Tsai <wens@csie.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Later Allwinner SoCs split out the reset controls for individual modules
out of the clock gate controls. The "Security System" crypto engine is
no different.
Signed-off-by: Chen-Yu Tsai <wens@csie.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When both PF and VF drivers are build in linker complains about multiple
definition of adf_isr_resource_[alloc/free] functions.
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| | |
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
CTR hardware implementation does not match with kernel spec causing a counter bug
where just low 8 bytes are used for counter, when should be all 16bytes.
Since we already have other counter modes working according with specs
not worth to keep CTR itself on NX.
Signed-off-by: Leonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Marcelo and Fin are no long IBMers, thus no longer NX maintainers.
Updating with the new names.
Adding VMX crypto maintainers.
Signed-off-by: Leonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The PCI capabilities list for Intel DH895xCC VFs (device id 0x0443) with
QuickAssist Technology is prematurely terminated in hardware.
Workaround the issue by hard-coding the known expected next capability
pointer and saving the PCIE cap into internal buffer.
Patch generated against cryptodev-2.6
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
Some VF drivers need FW const table, so the PF driver needs to load it.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
| | |
| |
| |
| |
| |
| |
| | |
Add code specific for the dh895xcc virtual function.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
