summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* crypto: akcipher - default implementation for setting a private keyIgnat Korchagin2022-09-091-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes from v1: * removed the default implementation from set_pub_key: it is assumed that an implementation must always have this callback defined as there are no use case for an algorithm, which doesn't need a public key Many akcipher implementations (like ECDSA) support only signature verifications, so they don't have all callbacks defined. Commit 78a0324f4a53 ("crypto: akcipher - default implementations for request callbacks") introduced default callbacks for sign/verify operations, which just return an error code. However, these are not enough, because before calling sign the caller would likely call set_priv_key first on the instantiated transform (as the in-kernel testmgr does). This function does not have a default stub, so the kernel crashes, when trying to set a private key on an akcipher, which doesn't support signature generation. I've noticed this, when trying to add a KAT vector for ECDSA signature to the testmgr. With this patch the testmgr returns an error in dmesg (as it should) instead of crashing the kernel NULL ptr dereference. Fixes: 78a0324f4a53 ("crypto: akcipher - default implementations for request callbacks") Signed-off-by: Ignat Korchagin <ignat@cloudflare.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aspeed - fix return value check in aspeed_hace_probe()Sun Ke2022-09-091-2/+2
| | | | | | | | | | | In case of error, the function devm_ioremap_resource() returns ERR_PTR() not NULL. The NULL test in the return value check must be replaced with IS_ERR(). Fixes: 108713a713c7 ("crypto: aspeed - Add HACE hash driver") Signed-off-by: Sun Ke <sunke32@huawei.com> Reviewed-by: Neal Liu<neal_liu@aspeedtech.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aspeed - Fix sparse warningsHerbert Xu2022-09-072-40/+40
| | | | | | | | | This patch fixes a bunch of bit endianness warnings and two missing static modifiers. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Neal Liu <neal_liu@aspeedtech.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aspeed: fix format unexpected build warningNeal Liu2022-09-071-3/+3
| | | | | | | | | | | | | | This fixes the following similar build warning when enabling compile test: aspeed-hace-hash.c:188:9: warning: format '%x' expects argument of type 'unsigned int', but argument 7 has type 'size_t' {aka 'long unsigned int'} [-Wformat=] Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Neal Liu <neal_liu@aspeedtech.com> Acked-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aspeed - fix build module errorNeal Liu2022-09-061-7/+4
| | | | | | | | | | | | | | | | | | If CONFIG_MODULES=y and CONFIG_CRYPTO_DEV_ASPEED=m, build modpost would be failed. Error messages: ERROR: modpost: "aspeed_register_hace_hash_algs" [drivers/crypto/aspeed/aspeed_crypto.ko] undefined! ERROR: modpost: "aspeed_unregister_hace_hash_algs" [drivers/crypto/aspeed/aspeed_crypto.ko] undefined! Change build sequence to fix this. Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Neal Liu <neal_liu@aspeedtech.com> Tested-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon/qm - return failure if vfs_num exceeds total VFsWeili Qian2022-09-021-1/+7
| | | | | | | | | | | The accelerator drivers supports users to enable VFs through the module parameter 'vfs_num'. If the number of VFs to be enabled exceeds the total VFs, all VFs are enabled. Change it to the same as enabling VF through the 'sriov_numvfs' file. Returns -ERANGE if the number of VFs to be enabled exceeds total VFs. Signed-off-by: Weili Qian <qianweili@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon/qm - fix missing put dfx accessWeili Qian2022-09-021-2/+4
| | | | | | | | | | In function qm_cmd_write(), if function returns from branch 'atomic_read(&qm->status.flags) == QM_STOP', the got dfx access is forgotten to put. Fixes: 607c191b371d ("crypto: hisilicon - support runtime PM for accelerator device") Signed-off-by: Weili Qian <qianweili@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon/qm - check mailbox operation resultWeili Qian2022-09-021-1/+14
| | | | | | | | | After the mailbox operation is complete, the result may be unsuccessful. It needs to check the status bits of the mailbox register, if it fails, -EIO is returned. Signed-off-by: Weili Qian <qianweili@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aspeed - Enable compile testingHerbert Xu2022-09-021-1/+1
| | | | | | | | This driver compile tests just fine. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Neal Liu <neal_liu@aspeedtech.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qat - fix default value of WDT timerLucas Segarra Fernandez2022-09-021-1/+1
| | | | | | | | | | | | | | The QAT HW supports an hardware mechanism to detect an accelerator hang. The reporting of a hang occurs after a watchdog timer (WDT) expires. The value of the WDT set previously was too small and was causing false positives. Change the default value of the WDT to 0x7000000ULL to avoid this. Fixes: 1c4d9d5bbb5a ("crypto: qat - enable detection of accelerators hang") Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Lucas Segarra Fernandez <lucas.segarra.fernandez@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - fix indentation for test_acomp() argsLucas Segarra Fernandez2022-09-021-1/+1
| | | | | | | | Set right indentation for test_acomp(). Signed-off-by: Lucas Segarra Fernandez <lucas.segarra.fernandez@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: bcm - fix repeated words in commentswangjianli2022-09-021-1/+1
| | | | | | | Delete the redundant word 'in'. Signed-off-by: wangjianli <wangjianli@cdjrlc.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: marvell/octeontx - fix repeated words in commentswangjianli2022-09-021-1/+1
| | | | | | | Delete the redundant word 'is'. Signed-off-by: wangjianli <wangjianli@cdjrlc.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: n2 - fix repeated words in commentswangjianli2022-09-021-1/+1
| | | | | | | Delete the redundant word 'to'. Signed-off-by: wangjianli <wangjianli@cdjrlc.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* hwrng: imx-rngc - Moving IRQ handler registering after imx_rngc_irq_mask_clear()Kshitiz Varshney2022-09-021-7/+7
| | | | | | | | | | | | | | Issue: While servicing interrupt, if the IRQ happens to be because of a SEED_DONE due to a previous boot stage, you end up completing the completion prematurely, hence causing kernel to crash while booting. Fix: Moving IRQ handler registering after imx_rngc_irq_mask_clear() Fixes: 1d5449445bd0 (hwrng: mx-rngc - add a driver for Freescale RNGC) Signed-off-by: Kshitiz Varshney <kshitiz.varshney@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Revert "crypto: allwinner - Fix dma_map_sg error check"Herbert Xu2022-09-024-7/+7
| | | | | | | | | This reverts commit 2b02187bdb0bb75000850bd0309e70eb8664159e. The original code was correct and arguably more robust than the patched version. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Revert "crypto: gemini - Fix error check for dma_map_sg"Herbert Xu2022-09-021-3/+3
| | | | | | | | | This reverts commit 545665ad1e84eb8f047018a2f607e78cef29c7fa. The original code was correct and arguably more robust than the patched version. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - simplify compression/RNG entriesRobert Elliott2022-08-261-32/+50
| | | | | | | | | | | | | | | Shorten menu titles and make them consistent: - acronym - name - architecture features in parenthesis - no suffixes like "<something> algorithm", "support", or "hardware acceleration", or "optimized" Simplify help text descriptions, update references, and ensure that https references are still valid. Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - simplify cipher entriesRobert Elliott2022-08-268-344/+410
| | | | | | | | | | | | | | | Shorten menu titles and make them consistent: - acronym - name - architecture features in parenthesis - no suffixes like "<something> algorithm", "support", or "hardware acceleration", or "optimized" Simplify help text descriptions, update references, and ensure that https references are still valid. Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - simplify userspace entriesRobert Elliott2022-08-261-24/+41
| | | | | | | | | | | | | | | Shorten menu titles and make them consistent: - acronym - name - architecture features in parenthesis - no suffixes like "<something> algorithm", "support", or "hardware acceleration", or "optimized" Simplify help text descriptions, update references, and ensure that https references are still valid. Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - simplify hash entriesRobert Elliott2022-08-268-216/+366
| | | | | | | | | | | | | | | Shorten menu titles and make them consistent: - acronym - name - architecture features in parenthesis - no suffixes like "<something> algorithm", "support", or "hardware acceleration", or "optimized" Simplify help text descriptions, update references, and ensure that https references are still valid. Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - simplify aead entriesRobert Elliott2022-08-262-20/+36
| | | | | | | | | | | | | | | Shorten menu titles and make them consistent: - acronym - name - architecture features in parenthesis - no suffixes like "<something> algorithm", "support", or "hardware acceleration", or "optimized" Simplify help text descriptions, update references, and ensure that https references are still valid. Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - simplify CRC entriesRobert Elliott2022-08-268-57/+91
| | | | | | | | | | | | | | | Shorten menu titles and make them consistent: - acronym - name - architecture features in parenthesis - no suffixes like "<something> algorithm", "support", or "hardware acceleration", or "optimized" Simplify help text descriptions, update references, and ensure that https references are still valid. Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - simplify public-key entriesRobert Elliott2022-08-263-23/+46
| | | | | | | | | | | | | | | Shorten menu titles and make them consistent: - acronym - name - architecture features in parenthesis - no suffixes like "<something> algorithm", "support", or "hardware acceleration", or "optimized" Simplify help text descriptions, update references, and ensure that https references are still valid. Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - add submenusRobert Elliott2022-08-261-458/+479
| | | | | | | | | | | | | | | | | | | | | | | | | | Convert each comment section into a submenu: Cryptographic API Crypto core or helper Public-key cryptography Block ciphers Length-preserving ciphers and modes AEAD (authenticated encryption with associated data) ciphers Hashes, digests, and MACs CRCs (cyclic redundancy checks) Compression Random number generation Userspace interface That helps find entries (e.g., searching for a name like SHA512 doesn't just report the location is Main menu -> Cryptography API, leaving you to wade through 153 entries; it points you to the Digests page). Move entries so they fall into the correct submenus and are better sorted. Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - sort the arm entriesRobert Elliott2022-08-261-55/+56
| | | | | | | Sort the arm entries so all like entries are together. Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - sort the arm64 entriesRobert Elliott2022-08-261-53/+54
| | | | | | | Sort the arm64 entries so all like entries are together. Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - submenus for arm and arm64Robert Elliott2022-08-2613-34/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Move ARM- and ARM64-accelerated menus into a submenu under the Crypto API menu (paralleling all the architectures). Make each submenu always appear if the corresponding architecture is supported. Get rid of the ARM_CRYPTO and ARM64_CRYPTO symbols. The "ARM Accelerated" or "ARM64 Accelerated" entry disappears from: General setup ---> Platform selection ---> Kernel Features ---> Boot options ---> Power management options ---> CPU Power Management ---> [*] ACPI (Advanced Configuration and Power Interface) Support ---> [*] Virtualization ---> [*] ARM Accelerated Cryptographic Algorithms ---> (or) [*] ARM64 Accelerated Cryptographic Algorithms ---> ... -*- Cryptographic API ---> Library routines ---> Kernel hacking ---> and moves into the Cryptographic API menu, which now contains: ... Accelerated Cryptographic Algorithms for CPU (arm) ---> (or) Accelerated Cryptographic Algorithms for CPU (arm64) ---> [*] Hardware crypto devices ---> ... Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - remove AES_ARM64 ref by SA2ULRobert Elliott2022-08-261-1/+0
| | | | | | | | | | | | | | | | Remove the CRYPTO_AES_ARM64 selection by the TI security accelerator driver (SA2UL), which leads to this problem when running make allmodconfig for arm (32-bit): WARNING: unmet direct dependencies detected for CRYPTO_AES_ARM64 Depends on [n]: CRYPTO [=y] && ARM64 Selected by [m]: - CRYPTO_DEV_SA2UL [=m] && CRYPTO [=y] && CRYPTO_HW [=y] && (ARCH_K3 || COMPILE_TEST [=y]) Fixes: 7694b6ca649fe ("crypto: sa2ul - Add crypto driver") Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - move x86 entries to a submenuRobert Elliott2022-08-262-495/+503
| | | | | | | | | Move CPU-specific crypto/Kconfig entries to arch/xxx/crypto/Kconfig and create a submenu for them under the Crypto API menu. Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - move sparc entries to a submenuRobert Elliott2022-08-262-98/+106
| | | | | | | | | Move CPU-specific crypto/Kconfig entries to arch/xxx/crypto/Kconfig and create a submenu for them under the Crypto API menu. Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - move s390 entries to a submenuRobert Elliott2022-08-262-115/+123
| | | | | | | | | Move CPU-specific crypto/Kconfig entries to arch/xxx/crypto/Kconfig and create a submenu for them under the Crypto API menu. Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - move powerpc entries to a submenuRobert Elliott2022-08-262-73/+80
| | | | | | | | | Move CPU-specific crypto/Kconfig entries to arch/xxx/crypto/Kconfig and create a submenu for them under the Crypto API menu. Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: Kconfig - move mips entries to a submenuRobert Elliott2022-08-262-55/+64
| | | | | | | | | Move CPU-specific crypto/Kconfig entries to arch/xxx/crypto/Kconfig and create a submenu for them under the Crypto API menu. Suggested-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Robert Elliott <elliott@hpe.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: hisilicon/qm - no judgment in the back processKai Ye2022-08-261-5/+3
| | | | | | | Judgment should not be added in the back process. So clean it. Signed-off-by: Kai Ye <yekai13@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ccree - Fix dma_map_sg error checkJack Wang2022-08-261-1/+1
| | | | | | | | | | | | | | | dma_map_sg return 0 on error, and dma_map_error is not supposed to use here. Cc: Gilad Ben-Yossef <gilad@benyossef.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Jack Wang <jinpu.wang@ionos.com> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: allwinner - Fix dma_map_sg error checkJack Wang2022-08-264-7/+7
| | | | | | | | | | | | | | | | | | | | | | dma_map_sg return 0 on error. Cc: Corentin Labbe <clabbe.montjoie@gmail.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: Chen-Yu Tsai <wens@csie.org> Cc: Jernej Skrabec <jernej.skrabec@gmail.com> Cc: Samuel Holland <samuel@sholland.org> Cc: Dan Carpenter <dan.carpenter@oracle.com> Cc: Minghao Chi <chi.minghao@zte.com.cn> Cc: Peng Wu <wupeng58@huawei.com> Cc: Alexey Khoroshilov <khoroshilov@ispras.ru> Cc: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org Cc: linux-sunxi@lists.linux.dev Cc: linux-kernel@vger.kernel.org Signed-off-by: Jack Wang <jinpu.wang@ionos.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: amlogic - Fix dma_map_sg error checkJack Wang2022-08-261-3/+3
| | | | | | | | | | | | | | dma_map_sg return 0 on error. Cc: Corentin Labbe <clabbe@baylibre.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-amlogic@lists.infradead.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Jack Wang <jinpu.wang@ionos.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: qce - Fix dma_map_sg error checkJack Wang2022-08-263-9/+11
| | | | | | | | | | | | | | | dma_map_sg return 0 on error, fix the error check and return -EIO to caller. Cc: Thara Gopinath <thara.gopinath@gmail.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-arm-msm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Jack Wang <jinpu.wang@ionos.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sahara - Fix error check for dma_map_sgJack Wang2022-08-261-2/+2
| | | | | | | | | | | | | | | | dma_map_sg return 0 on error, it returns the number of DMA address segments mapped (this may be shorter than <nents> passed in if some elements of the scatter/gather list are physically or virtually adjacent and an IOMMU maps them with a single entry). Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Jack Wang <jinpu.wang@ionos.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: gemini - Fix error check for dma_map_sgJack Wang2022-08-261-3/+3
| | | | | | | | | | | | | | | | dma_map_sg return 0 on error. Cc: Corentin Labbe <clabbe@baylibre.com> Cc: Hans Ulli Kroll <ulli.kroll@googlemail.com> Cc: Linus Walleij <linus.walleij@linaro.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Jack Wang <jinpu.wang@ionos.com> Reviewed-by: Linus Walleij <linus.walleij@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: drivers - move from strlcpy with unused retval to strscpyWolfram Sang2022-08-265-10/+10
| | | | | | | | | | | Follow the advice of the below link and prefer 'strscpy' in this subsystem. Conversion is 1:1 because the return value is not used. Generated by a coccinelle script. Link: https://lore.kernel.org/r/CAHk-=wgfRnXz0W3D37d01q3JFkr_i_uTL=V6A6G1oUZcprmknw@mail.gmail.com/ Signed-off-by: Wolfram Sang <wsa+renesas@sang-engineering.com> Acked-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: core - move from strlcpy with unused retval to strscpyWolfram Sang2022-08-262-2/+2
| | | | | | | | | | Follow the advice of the below link and prefer 'strscpy' in this subsystem. Conversion is 1:1 because the return value is not used. Generated by a coccinelle script. Link: https://lore.kernel.org/r/CAHk-=wgfRnXz0W3D37d01q3JFkr_i_uTL=V6A6G1oUZcprmknw@mail.gmail.com/ Signed-off-by: Wolfram Sang <wsa+renesas@sang-engineering.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aspeed - add HACE crypto driverNeal Liu2022-08-265-3/+1352
| | | | | | | | | | | Add HACE crypto driver to support symmetric-key encryption and decryption with multiple modes of operation. Signed-off-by: Neal Liu <neal_liu@aspeedtech.com> Signed-off-by: Johnny Huang <johnny_huang@aspeedtech.com> Reviewed-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* dt-bindings: crypto: add documentation for aspeed haceNeal Liu2022-08-261-0/+53
| | | | | | | | | | Add device tree binding documentation for the Aspeed Hash and Crypto Engines (HACE) Controller. Signed-off-by: Neal Liu <neal_liu@aspeedtech.com> Signed-off-by: Johnny Huang <johnny_huang@aspeedtech.com> Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* ARM: dts: aspeed: Add HACE device controller nodeNeal Liu2022-08-262-0/+16
| | | | | | | | | Add hace node to device tree for AST2500/AST2600. Signed-off-by: Neal Liu <neal_liu@aspeedtech.com> Signed-off-by: Johnny Huang <johnny_huang@aspeedtech.com> Reviewed-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* dt-bindings: clock: Add AST2500/AST2600 HACE reset definitionNeal Liu2022-08-262-0/+2
| | | | | | | | | Add HACE reset bit definition for AST2500/AST2600. Signed-off-by: Neal Liu <neal_liu@aspeedtech.com> Signed-off-by: Johnny Huang <johnny_huang@aspeedtech.com> Acked-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: aspeed - Add HACE hash driverNeal Liu2022-08-268-0/+1828
| | | | | | | | | | | | | | Hash and Crypto Engine (HACE) is designed to accelerate the throughput of hash data digest, encryption, and decryption. Basically, HACE can be divided into two independently engines - Hash Engine and Crypto Engine. This patch aims to add HACE hash engine driver for hash accelerator. Signed-off-by: Neal Liu <neal_liu@aspeedtech.com> Signed-off-by: Johnny Huang <johnny_huang@aspeedtech.com> Reviewed-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ccp - Fail the PSP initialization when writing psp data file failedJacky Li2022-08-261-11/+15
| | | | | | | | | | | | | | | | Currently the OS continues the PSP initialization when there is a write failure to the init_ex_file. Therefore, the userspace would be told that SEV is properly INIT'd even though the psp data file is not updated. This is problematic because later when asked for the SEV data, the OS won't be able to provide it. Fixes: 3d725965f836 ("crypto: ccp - Add SEV_INIT_EX support") Reported-by: Peter Gonda <pgonda@google.com> Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Jacky Li <jackyli@google.com> Acked-by: David Rientjes <rientjes@google.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ccp - Initialize PSP when reading psp data file failedJacky Li2022-08-262-17/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the OS fails the PSP initialization when the file specified at 'init_ex_path' does not exist or has invalid content. However the SEV spec just requires users to allocate 32KB of 0xFF in the file, which can be taken care of by the OS easily. To improve the robustness during the PSP init, leverage the retry mechanism and continue the init process: Before the first INIT_EX call, if the content is invalid or missing, continue the process by feeding those contents into PSP instead of aborting. PSP will then override it with 32KB 0xFF and return SEV_RET_SECURE_DATA_INVALID status code. In the second INIT_EX call, this 32KB 0xFF content will then be fed and PSP will write the valid data to the file. In order to do this, sev_read_init_ex_file should only be called once for the first INIT_EX call. Calling it again for the second INIT_EX call will cause the invalid file content overwriting the valid 32KB 0xFF data provided by PSP in the first INIT_EX call. Co-developed-by: Peter Gonda <pgonda@google.com> Signed-off-by: Peter Gonda <pgonda@google.com> Signed-off-by: Jacky Li <jackyli@google.com> Reported-by: Alper Gun <alpergun@google.com> Acked-by: David Rientjes <rientjes@google.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>