summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* crypto: aegis128 - add support for SIMD accelerationArd Biesheuvel2019-08-152-4/+49
| | | | | | | | | Add some plumbing to allow the AEGIS128 code to be built with SIMD routines for acceleration. Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: xts - add support for ciphertext stealingArd Biesheuvel2019-08-151-20/+132
| | | | | | | | | | | Add support for the missing ciphertext stealing part of the XTS-AES specification, which permits inputs of any size >= the block size. Cc: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Cc: Ondrej Mosnacek <omosnace@redhat.com> Tested-by: Milan Broz <gmazyland@gmail.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aead - Do not allow authsize=0 if auth. alg has digestsize>0Pascal van Leeuwen2019-08-151-1/+2
| | | | | | | | | | | | | Return -EINVAL on an attempt to set the authsize to 0 with an auth. algorithm with a non-zero digestsize (i.e. anything but digest_null) as authenticating the data and then throwing away the result does not make any sense at all. The digestsize zero exception is for use with digest_null for testing purposes only. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: streebog - remove two unused variablesYueHaibing2019-08-151-46/+0
| | | | | | | | | | | | | | crypto/streebog_generic.c:162:17: warning: Pi defined but not used [-Wunused-const-variable=] crypto/streebog_generic.c:151:17: warning: Tau defined but not used [-Wunused-const-variable=] They are never used, so can be removed. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Reviewed-by: Vitaly Chikunov <vt@altlinux.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aes-generic - remove unused variable 'rco_tab'YueHaibing2019-08-151-2/+0
| | | | | | | | | | | | crypto/aes_generic.c:64:18: warning: rco_tab defined but not used [-Wunused-const-variable=] It is never used, so can be removed. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Documentation: crypto: crypto_engine: Fix Sphinx warningJonathan Neuschäfer2019-08-151-0/+1
| | | | | | | | | | This fixes the following Sphinx warning: Documentation/crypto/crypto_engine.rst:2: WARNING: Explicit markup ends without a blank line; unexpected unindent. Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: cavium/nitrox - Configure asymmetric queue manager Hardware unitPhani Kiran Hemadri2019-08-155-17/+265
| | | | | | | | This patch configures and initializes CNN55XX device AQM hardware unit. Signed-off-by: Phani Kiran Hemadri <phemadri@marvell.com> Reviewed-by: Srikanth Jampala <jsrikanth@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: cavium/nitrox - Allocate asymmetric crypto command queuesPhani Kiran Hemadri2019-08-153-1/+99
| | | | | | | | | This patch adds support to allocate CNN55XX device AQMQ command queues required for submitting asymmetric crypto requests. Signed-off-by: Phani Kiran Hemadri <phemadri@marvell.com> Reviewed-by: Srikanth Jampala <jsrikanth@marvell.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: cryptd - Use refcount_t for refcountChuhong Yuan2019-08-151-22/+22
| | | | | | | | | | | Reference counters are preferred to use refcount_t instead of atomic_t. This is because the implementation of refcount_t can prevent overflows and detect possible use-after-free. So convert atomic_t ref counters to refcount_t. Signed-off-by: Chuhong Yuan <hslester96@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* hwrng: core - Freeze khwrng thread during suspendStephen Boyd2019-08-151-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | The hwrng_fill() function can run while devices are suspending and resuming. If the hwrng is behind a bus such as i2c or SPI and that bus is suspended, the hwrng may hang the bus while attempting to add some randomness. It's been observed on ChromeOS devices with suspend-to-idle (s2idle) and an i2c based hwrng that this kthread may run and ask the hwrng device for randomness before the i2c bus has been resumed. Let's make this kthread freezable so that we don't try to touch the hwrng during suspend/resume. This ensures that we can't cause the hwrng backing driver to get into a bad state because the device is guaranteed to be resumed before the hwrng kthread is thawed. Cc: Andrey Pronin <apronin@chromium.org> Cc: Duncan Laurie <dlaurie@chromium.org> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Guenter Roeck <groeck@chromium.org> Cc: Alexander Steffen <Alexander.Steffen@infineon.com> Signed-off-by: Stephen Boyd <swboyd@chromium.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam/qi - execute library only on DPAA 1.xHoria Geantă2019-08-151-4/+3
| | | | | | | | | | | | | | | | | In the process of turning caam/qi into a library, the check of MCFGR[QI] bit has been inadvertently dropped. Fix the condition for DPAA 1.x QI detection, which should be: MCFGR[QI] && !MCFGR[DPAA2] A check in the library exit point is currently not needed, since the list of registered algorithms is empty. While here, silence the library initialization abort - since jr.c calls it unconditionally. Fixes: 1b46c90c8e00 ("crypto: caam - convert top level drivers to libraries") Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon - fix error handle in hisi_zip_create_req_qZhou Wang2019-08-151-2/+4
| | | | | | | | Directly return error in the first loop in hisi_zip_create_req_q. Fixes: 62c455ca853e ("crypto: hisilicon - add HiSilicon ZIP accelerator support") Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon - add missing single_releaseZhou Wang2019-08-151-0/+1
| | | | | | | | Fix to add missing single_release in qm_regs_fops. Fixes: 263c9959c937 ("crypto: hisilicon - add queue management driver for HiSilicon QM module") Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon - init curr_sgl_dma to fix compile warningZhou Wang2019-08-151-1/+1
| | | | | | | | | Just init curr_sgl_dma = 0 to avoid compile warning. Fixes: dfed0098ab91 ("crypto: hisilicon - add hardware SGL support") Reported-by: kbuild test robot <lkp@intel.com> Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon - add dependency for CRYPTO_DEV_HISI_ZIPZhou Wang2019-08-151-0/+1
| | | | | | | | | Add ARM64/PCI/PCI_MSI dependency for CRYPTO_DEV_HISI_ZIP. Fixes: 62c455ca853e ("crypto: hisilicon - add HiSilicon ZIP accelerator support") Reported-by: kbuild test robot <lkp@intel.com> Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon - fix kbuild warningsZhou Wang2019-08-151-3/+3
| | | | | | | | | Fix to use proper type of argument for dma_addr_t and size_t. Fixes: 263c9959c937 ("crypto: hisilicon - add queue management driver for HiSilicon QM module") Reported-by: kbuild test robot <lkp@intel.com> Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* padata: initialize pd->cpu with effective cpumaskDaniel Jordan2019-08-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Exercising CPU hotplug on a 5.2 kernel with recent padata fixes from cryptodev-2.6.git in an 8-CPU kvm guest... # modprobe tcrypt alg="pcrypt(rfc4106(gcm(aes)))" type=3 # echo 0 > /sys/devices/system/cpu/cpu1/online # echo c > /sys/kernel/pcrypt/pencrypt/parallel_cpumask # modprobe tcrypt mode=215 ...caused the following crash: BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] SMP PTI CPU: 2 PID: 134 Comm: kworker/2:2 Not tainted 5.2.0-padata-base+ #7 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-<snip> Workqueue: pencrypt padata_parallel_worker RIP: 0010:padata_reorder+0xcb/0x180 ... Call Trace: padata_do_serial+0x57/0x60 pcrypt_aead_enc+0x3a/0x50 [pcrypt] padata_parallel_worker+0x9b/0xe0 process_one_work+0x1b5/0x3f0 worker_thread+0x4a/0x3c0 ... In padata_alloc_pd, pd->cpu is set using the user-supplied cpumask instead of the effective cpumask, and in this case cpumask_first picked an offline CPU. The offline CPU's reorder->list.next is NULL in padata_reorder because the list wasn't initialized in padata_init_pqueues, which only operates on CPUs in the effective mask. Fix by using the effective mask in padata_alloc_pd. Fixes: 6fc4dbcf0276 ("padata: Replace delayed timer with immediate workqueue in padata_reorder") Signed-off-by: Daniel Jordan <daniel.m.jordan@oracle.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Steffen Klassert <steffen.klassert@secunet.com> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ccp - Remove unnecessary linux/pci.h includeBjorn Helgaas2019-08-097-7/+0
| | | | | | | | Remove unused includes of linux/pci.h. Signed-off-by: Bjorn Helgaas <bhelgaas@google.com> Acked-by: Gary R Hook <gary.hook@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ccp - Include DMA declarations explicitlyBjorn Helgaas2019-08-092-0/+2
| | | | | | | | | | | | | | | | | ccp-dev.h uses dma_direction, which is defined in linux/dma-direction.h. Include that explicitly instead of relying on it being included via linux/pci.h, since ccp-dev.h requires nothing else from linux/pci.h. Similarly, ccp-dmaengine.c uses dma_get_mask(), which is defined in linux/dma-mapping.h, so include that explicitly since it requires nothing else from linux/pci.h. A future patch will remove the includes of linux/pci.h where it is not needed. Signed-off-by: Bjorn Helgaas <bhelgaas@google.com> Acked-by: Gary R Hook <gary.hook@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qcom-rng - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-3/+1
| | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qce - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-3/+1
| | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: stm32 - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-092-6/+2
| | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: rockchip - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-3/+1
| | | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Reviewed-by: Heiko Stuebner <heiko@sntech.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sunxi-ss - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-3/+1
| | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: picoxcell - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-3/+2
| | | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Acked-by: Jamie Iles <jamie@jamieiles.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: mediatek - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-2/+1
| | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: inside-secure - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-3/+1
| | | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Acked-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: img-hash - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-3/+1
| | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: exynos - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-3/+1
| | | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Reviewed-by: Krzysztof Kozlowski <krzk@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ccp - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-3/+1
| | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: artpec6 - use devm_platform_ioremap_resource() to simplify codeYueHaibing2019-08-091-3/+1
| | | | | | | | | Use devm_platform_ioremap_resource() to simplify the code a bit. This is detected by coccinelle. Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: YueHaibing <yuehaibing@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: gcm - restrict assoclen for rfc4543Iuliana Prodan2019-08-091-2/+4
| | | | | | | | | | | | | | | Based on seqiv, IPsec ESP and rfc4543/rfc4106 the assoclen can be 16 or 20 bytes. From esp4/esp6, assoclen is sizeof IP Header. This includes spi, seq_no and extended seq_no, that is 8 or 12 bytes. In seqiv, to asscolen is added the IV size (8 bytes). Therefore, the assoclen, for rfc4543, should be restricted to 16 or 20 bytes, as for rfc4106. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* MAINTAINERS: add maintainer for HiSilicon QM and ZIP controller driverZhou Wang2019-08-091-0/+11
| | | | | | | | Add Zhou Wang as a maintainer for HiSilicon QM and ZIP controller driver. Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Reviewed-by: John Garry <john.garry@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon - add debugfs for ZIP and QMZhou Wang2019-08-093-1/+704
| | | | | | | | HiSilicon ZIP engine driver uses debugfs to provide debug information, the usage can be found in /Documentation/ABI/testing/debugfs-hisi-zip. Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Documentation: Add debugfs doc for hisi_zipZhou Wang2019-08-091-0/+50
| | | | | | | | Add debugfs descriptions for HiSilicon ZIP and QM driver. Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon - add SRIOV support for ZIPZhou Wang2019-08-093-25/+226
| | | | | | | | | HiSilicon ZIP engine supports PCI SRIOV. This patch enable this feature. User can enable VFs and pass through them to VM, same ZIP driver can work in VM to provide ZLIB and GZIP algorithm by crypto acomp interface. Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon - add HiSilicon ZIP accelerator supportZhou Wang2019-08-096-0/+1237
| | | | | | | | | | | | | | | | The HiSilicon ZIP accelerator implements the zlib and gzip algorithm. It uses Hisilicon QM as the interface to the CPU. This patch provides PCIe driver to the accelerator and registers it to crypto acomp interface. It also uses sgl as data input/output interface. Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Shiju Jose <shiju.jose@huawei.com> Signed-off-by: Kenneth Lee <liguozhu@hisilicon.com> Signed-off-by: Hao Fang <fanghao11@huawei.com> Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> Reviewed-by: John Garry <john.garry@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon - add hardware SGL supportZhou Wang2019-08-094-0/+247
| | | | | | | | | | | | | | | HiSilicon accelerators in Hip08 use same hardware scatterlist for data format. We support it in this module. Specific accelerator drivers can use hisi_acc_create_sgl_pool to allocate hardware SGLs ahead. Then use hisi_acc_sg_buf_map_to_hw_sgl to get one hardware SGL and pass related information to hardware SGL. The DMA address of mapped hardware SGL can be passed to SGL src/dst field in QM SQE. Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon - add queue management driver for HiSilicon QM moduleZhou Wang2019-08-094-0/+1740
| | | | | | | | | | | | | | | | | | | | | | QM is a general IP used by HiSilicon accelerators. It provides a general PCIe interface for the CPU and the accelerator to share a group of queues. A QM integrated in an accelerator provides queue management service. Queues can be assigned to PF and VFs, and queues can be controlled by unified mailboxes and doorbells. Specific task request are descripted by specific description buffer, which will be controlled and pass to related accelerator IP by QM. This patch adds a QM driver used by the accelerator driver to access the QM hardware. Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com> Signed-off-by: Kenneth Lee <liguozhu@hisilicon.com> Signed-off-by: Shiju Jose <shiju.jose@huawei.com> Signed-off-by: Hao Fang <fanghao11@huawei.com> Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> Reviewed-by: John Garry <john.garry@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: engine - Reduce default RT priorityPeter Zijlstra2019-08-091-1/+1
| | | | | | | | | | | | | | | | | The crypto engine initializes its kworker thread to FIFO-99 (when requesting RT priority), reduce this to FIFO-50. FIFO-99 is the very highest priority available to SCHED_FIFO and it not a suitable default; it would indicate the crypto work is the most important work on the machine. Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - change return value in case CAAM has no MDHAIuliana Prodan2019-08-091-1/+1
| | | | | | | | | | | | | To be consistent with other CAAM modules, caamhash should return 0 instead of -ENODEV in case CAAM has no MDHA. Based on commit 1b46c90c8e00 ("crypto: caam - convert top level drivers to libraries") the value returned by entry point is never checked and the exit point is always executed. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - unregister algorithm only if the registration succeededIuliana Prodan2019-08-091-19/+30
| | | | | | | | | | | | To know if a registration succeeded added a new struct, caam_akcipher_alg, that keeps, also, the registration status. This status is updated in caam_pkc_init and verified in caam_pkc_exit to unregister an algorithm. Fixes: 1b46c90c8e00 ("crypto: caam - convert top level drivers to libraries") Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - execute module exit point only if necessaryIuliana Prodan2019-08-092-1/+24
| | | | | | | | | | | | | | | | | | | | | | | | Commit 1b46c90c8e00 ("crypto: caam - convert top level drivers to libraries") changed entry and exit points behavior for caamalg, caamalg_qi, caamalg_qi2, caamhash, caampkc, caamrng. For example, previously caam_pkc_init() and caam_pkc_exit() were module entry/exit points. This means that if an error would happen in caam_pkc_init(), then caam_pkc_exit() wouldn't have been called. After the mentioned commit, caam_pkc_init() and caam_pkc_exit() are manually called - from jr.c. caam_pkc_exit() is called unconditionally, even if caam_pkc_init() failed. Added a global variable to keep the status of the algorithm registration and free of resources. The exit point of caampkc/caamrng module is executed only if the registration was successful. Therefore we avoid double free of resources in case the algorithm registration failed. Fixes: 1b46c90c8e00 ("crypto: caam - convert top level drivers to libraries") Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - free resources in case caam_rng registration failedIuliana Prodan2019-08-091-1/+4
| | | | | | | | | | Check the return value of the hardware registration for caam_rng and free resources in case of failure. Fixes: e24f7c9e87d4 ("crypto: caam - hwrng support") Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - fix MDHA key derivation for certain user key lengthsHoria Geantă2019-08-096-105/+132
| | | | | | | | | | | | | | | | | | | | | | | | | Fuzz testing uncovered an issue when |user key| > |derived key|. Derived key generation has to be fixed in two cases: 1. Era >= 6 (DKP is available) DKP cannot be used with immediate input key if |user key| > |derived key|, since the resulting descriptor (after DKP execution) would be invalid - having a few bytes from user key left in descriptor buffer as incorrect opcodes. Fix DKP usage both in standalone hmac and in authenc algorithms. For authenc the logic is simplified, by always storing both virtual and dma key addresses. 2. Era < 6 The same case (|user key| > |derived key|) fails when DKP is not available. Make sure gen_split_key() dma maps max(|user key|, |derived key|), since this is an in-place (bidirectional) operation. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Reviewed-by: Iuliana Prodan <iuliana.prodan@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - keep both virtual and dma key addressesHoria Geantă2019-08-094-30/+24
| | | | | | | | | | | | Update alginfo struct to keep both virtual and dma key addresses, so that descriptors have them at hand. One example where this is needed is in the xcbc(aes) shared descriptors, which are updated in current patch. Another example is the upcoming fix for DKP. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Reviewed-by: Iuliana Prodan <iuliana.prodan@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - update rfc4106 sh desc to support zero length inputIuliana Prodan2019-08-092-16/+33
| | | | | | | | | | Update share descriptor for rfc4106 to skip instructions in case cryptlen is zero. If no instructions are jumped the DECO hangs and a timeout error is thrown. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - check zero-length inputIuliana Prodan2019-08-093-0/+14
| | | | | | | | | Check zero-length input, for skcipher algorithm, to solve the extra tests. This is a valid operation, therefore the API will return no error. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - check assoclenIuliana Prodan2019-08-093-24/+8
| | | | | | | | | | | | | | | Check assoclen to solve the extra tests that expect -EINVAL to be returned when the associated data size is not valid. Validated assoclen for RFC4106 and RFC4543 which expects an assoclen of 16 or 20. Based on seqiv, IPsec ESP and RFC4543/RFC4106 the assoclen is sizeof IP Header (spi, seq_no, extended seq_no) and IV len. This can be 16 or 20 bytes. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - check authsizeIuliana Prodan2019-08-093-0/+39
| | | | | | | | | | | Check authsize to solve the extra tests that expect -EINVAL to be returned when the authentication tag size is not valid. Validated authsize for GCM, RFC4106 and RFC4543. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>