Takashi Iwai [Wed, 11 Mar 2020 07:15:06 +0000 (08:15 +0100)]
crypto: bcm - Use scnprintf() for avoiding potential buffer overflow
Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit. Fix it by replacing with scnprintf().
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Jianhui Zhao [Tue, 10 Mar 2020 12:25:51 +0000 (20:25 +0800)]
crypto: atmel-i2c - Fix wakeup fail
The wake token cannot be sent without ignoring the nack for the
device address
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Kai Ye [Tue, 10 Mar 2020 08:42:52 +0000 (16:42 +0800)]
crypto: hisilicon/sec2 - Add new create qp process
Combine found device and created qp into one operation instead of found
device and create qp both are independent operations. when execute
multiple tasks, the different threads may find same device at the same
time, but the number of queues is insufficient on the device. causing
one of threads fail to create a qp. Now fix this, First find device then
create qp, if result failure. the current thread will find next device.
Signed-off-by: Kai Ye <yekai13@huawei.com>
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Reviewed-by: Zaibo Xu <xuzaibo@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Hui Tang [Tue, 10 Mar 2020 08:42:51 +0000 (16:42 +0800)]
crypto: hisilicon/hpre - Optimize finding hpre device process
Optimize finding hpre device process according to priority of numa
distance.
Signed-off-by: Hui Tang <tanghui20@huawei.com>
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Reviewed-by: Zaibo Xu <xuzaibo@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Shukun Tan [Tue, 10 Mar 2020 08:42:50 +0000 (16:42 +0800)]
crypto: hisilicon/zip - Use hisi_qm_alloc_qps_node() when init ctx
Encapsulate hisi_qm_alloc_qps_node() to new interface to replace
find_zip_device(), which will fix the bug of creating QP failure
especially in multi-thread scenario.
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Reviewed-by: Zaibo Xu <xuzaibo@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Weili Qian [Tue, 10 Mar 2020 08:42:49 +0000 (16:42 +0800)]
crypto: hisilicon/qm - Put device finding logic into QM
Use struct hisi_qm to maintain device list. Meanwhile, add two external
interface into qm, merge find proper device and create qp into QP alloc
logic, merge release qps into QP free logic.
Signed-off-by: Weili Qian <qianweili@huawei.com>
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Reviewed-by: Zhou Wang <wangzhou1@hisilicon.com>
Reviewed-by: Zaibo Xu <xuzaibo@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gilad Ben-Yossef [Sun, 8 Mar 2020 15:57:09 +0000 (17:57 +0200)]
crypto: ccree - refactor AEAD IV in AAD handling
Our handling of ciphers with IV trailing the AAD was correct
but overly complicated. Refactor to simplify and possibly
save one DMA burst.
This has the added bonus of behaving the same as the generic
rfc4543 implementation for none compliants inputs where the
IV in the iv field was not the same as the IV in the AAD.
There should be no change in behaviour with correct inputs.
Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gilad Ben-Yossef [Sun, 8 Mar 2020 15:57:08 +0000 (17:57 +0200)]
crypto: ccree - use crypto_ipsec_check_assoclen()
Use crypto_ipsec_check_assoclen() instead of home grown functions.
Clean up some unneeded code as a result. Delete stale comments
while we're at it.
Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gilad Ben-Yossef [Sun, 8 Mar 2020 15:57:07 +0000 (17:57 +0200)]
crypto: ccree - only check condition if needed
Move testing of condition to after the point we decide if
we need it or not.
Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gilad Ben-Yossef [Sun, 8 Mar 2020 15:57:06 +0000 (17:57 +0200)]
crypto: ccree - remove ancient TODO remarks
Remove left over ancient and now misleading TODO remarks.
Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Hadar Gat [Sun, 8 Mar 2020 15:57:05 +0000 (17:57 +0200)]
crypto: ccree - remove pointless comment
removed pointless comment
Signed-off-by: Hadar Gat <hadar.gat@arm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Hadar Gat [Sun, 8 Mar 2020 15:57:04 +0000 (17:57 +0200)]
crypto: ccree - update register handling macros
Changed CC_GENMASK macro so it can be used for all HW registers.
Signed-off-by: Hadar Gat <hadar.gat@arm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Connor Kuehl [Fri, 6 Mar 2020 17:20:10 +0000 (09:20 -0800)]
crypto: ccp - use file mode for sev ioctl permissions
Instead of using CAP_SYS_ADMIN which is restricted to the root user,
check the file mode for write permissions before executing commands that
can affect the platform. This allows for more fine-grained access
control to the SEV ioctl interface. This would allow a SEV-only user
or group the ability to administer the platform without requiring them
to be root or granting them overly powerful permissions.
For example:
chown root:root /dev/sev
chmod 600 /dev/sev
setfacl -m g:sev:r /dev/sev
setfacl -m g:sev-admin:rw /dev/sev
In this instance, members of the "sev-admin" group have the ability to
perform all ioctl calls (including the ones that modify platform state).
Members of the "sev" group only have access to the ioctls that do not
modify the platform state.
This also makes opening "/dev/sev" more consistent with how file
descriptors are usually handled. By only checking for CAP_SYS_ADMIN,
the file descriptor could be opened read-only but could still execute
ioctls that modify the platform state. This patch enforces that the file
descriptor is opened with write privileges if it is going to be used to
modify the platform state.
This flexibility is completely opt-in, and if it is not desirable by
the administrator then they do not need to give anyone else access to
/dev/sev.
Signed-off-by: Connor Kuehl <ckuehl@redhat.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Bandan Das <bsd@redhat.com>
Acked-by: David Rientjes <rientjes@google.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Martin Kaiser [Thu, 5 Mar 2020 20:58:24 +0000 (21:58 +0100)]
hwrng: imx-rngc - simplify interrupt mask/unmask
Use a simpler approach for masking / unmasking the rngc interrupt:
The interrupt is unmasked while self-test is running and when the rngc
driver is used by the hwrng core.
Mask the interrupt again when self test is finished, regardless of
self test success or failure.
Unmask the interrupt in the init function. Add a cleanup function where
the rngc interrupt is masked again.
Signed-off-by: Martin Kaiser <martin@kaiser.cx>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Martin Kaiser [Thu, 5 Mar 2020 20:58:23 +0000 (21:58 +0100)]
hwrng: imx-rngc - check the rng type
Read the rng type and hardware revision during probe. Fail the probe
operation if the type is not one of rngc or rngb.
(There's also an rnga type, which needs a different driver.)
Display the type and revision in a debug print if probe was successful.
Reviewed-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
Signed-off-by: Martin Kaiser <martin@kaiser.cx>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Martin Kaiser [Thu, 5 Mar 2020 20:58:22 +0000 (21:58 +0100)]
hwrng: imx-rngc - (trivial) simplify error prints
Remove the device name, it is added by the dev_...() routines.
Drop the error code as well. It will be shown by the driver core when
the probe operation failed.
Reviewed-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
Signed-off-by: Martin Kaiser <martin@kaiser.cx>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Martin Kaiser [Thu, 5 Mar 2020 20:58:21 +0000 (21:58 +0100)]
hwrng: imx-rngc - use automatic seeding
The rngc requires a new seed for its prng after generating 2^20 160-bit
words of random data. At the moment, we seed the prng only once during
initalisation.
Set the rngc to auto seed mode so that it kicks off the internal
reseeding operation when a new seed is required.
Keep the manual calculation of the initial seed when the device is
probed and switch to automatic seeding afterwards.
Reviewed-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
Signed-off-by: Martin Kaiser <martin@kaiser.cx>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Martin Kaiser [Thu, 5 Mar 2020 20:58:20 +0000 (21:58 +0100)]
hwrng: imx-rngc - fix an error path
Make sure that the rngc interrupt is masked if the rngc self test fails.
Self test failure means that probe fails as well. Interrupts should be
masked in this case, regardless of the error.
Cc: stable@vger.kernel.org
Fixes:
1d5449445bd0 ("hwrng: mx-rngc - add a driver for Freescale RNGC")
Reviewed-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
Signed-off-by: Martin Kaiser <martin@kaiser.cx>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Randy Dunlap [Thu, 5 Mar 2020 06:21:48 +0000 (22:21 -0800)]
hwrng: ks-sa - move TI Keystone driver into the config menu structure
Move the TI Keystone hardware random number generator into the
same menu as all of the other hardware random number generators.
This makes the driver config be listed in the correct place in
the kconfig tools.
Fixes:
eb428ee0e3ca ("hwrng: ks-sa - add hw_random driver")
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Vitaly Andrianov <vitalya@ti.com>
Cc: Tero Kristo <t-kristo@ti.com>
Cc: Murali Karicheri <m-karicheri2@ti.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Matt Mackall <mpm@selenic.com>
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Longfang Liu [Thu, 5 Mar 2020 02:06:25 +0000 (10:06 +0800)]
crypto: hisilicon/sec2 - Add pbuffer mode for SEC driver
In the scenario of SMMU translation, the SEC performance of short messages
(<512Bytes) cannot meet our expectations. To avoid this, we reserve the
plat buffer (PBUF) memory for small packets when creating TFM.
Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Zaibo Xu <xuzaibo@huawei.com>
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Longfang Liu [Thu, 5 Mar 2020 02:06:24 +0000 (10:06 +0800)]
crypto: hisilicon/sec2 - Update IV and MAC operation
We have updated the operation method of IV and MAC address
to prepare for pbuf patch and fixed coding style.
Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Zaibo Xu <xuzaibo@huawei.com>
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Longfang Liu [Thu, 5 Mar 2020 02:06:23 +0000 (10:06 +0800)]
crypto: hisilicon/sec2 - Add iommu status check
In order to improve performance of small packets (<512Bytes)
in SMMU translation scenario, we need to identify the type of IOMMU
in the SEC probe to process small packets by a different method.
Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Zaibo Xu <xuzaibo@huawei.com>
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Ye Kai [Thu, 5 Mar 2020 02:06:22 +0000 (10:06 +0800)]
crypto: hisilicon/sec2 - Add workqueue for SEC driver.
Allocate one workqueue for each QM instead of one for all QMs,
we found the throughput of SEC engine can be increased to
the hardware limit throughput during testing sec2 performance.
so we added this scheme.
Signed-off-by: Ye Kai <yekai13@huawei.com>
Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Zaibo Xu <xuzaibo@huawei.com>
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Shukun Tan [Thu, 5 Mar 2020 02:06:21 +0000 (10:06 +0800)]
crypto: hisilicon - Use one workqueue per qm instead of per qp
Since SEC need not so many workqueues as our test, we just use
one workqueue created by the device driver of QM if necessary,
which will also reduce CPU waste without any throughput decreasing.
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Zaibo Xu <xuzaibo@huawei.com>
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 4 Mar 2020 22:44:05 +0000 (14:44 -0800)]
crypto: aead - improve documentation for scatterlist layout
Properly document the scatterlist layout for AEAD ciphers.
Reported-by: Gilad Ben-Yossef <gilad@benyossef.com>
Cc: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 4 Mar 2020 22:44:04 +0000 (14:44 -0800)]
crypto: testmgr - do comparison tests before inauthentic input tests
Do test_aead_vs_generic_impl() before test_aead_inauthentic_inputs() so
that any differences with the generic driver are detected before getting
to the inauthentic input tests, which intentionally use only the driver
being tested (so that they run even if a generic driver is unavailable).
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 4 Mar 2020 22:44:03 +0000 (14:44 -0800)]
crypto: testmgr - use consistent IV copies for AEADs that need it
rfc4543 was missing from the list of algorithms that may treat the end
of the AAD buffer specially.
Also, with rfc4106, rfc4309, rfc4543, and rfc7539esp, the end of the AAD
buffer is actually supposed to contain a second copy of the IV, and
we've concluded that if the IV copies don't match the behavior is
implementation-defined. So, the fuzz tests can't easily test that case.
So, make the fuzz tests only use inputs where the two IV copies match.
Reported-by: Geert Uytterhoeven <geert+renesas@glider.be>
Fixes:
40153b10d91c ("crypto: testmgr - fuzz AEADs against their generic implementation")
Cc: Stephan Mueller <smueller@chronox.de>
Originally-from: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eneas U de Queiroz [Wed, 4 Mar 2020 18:24:55 +0000 (15:24 -0300)]
crypto: qce - fix wrong config symbol reference
The CONFIG_CRYPTO_DEV_QCE_SOFT_THRESHOLD symbol was renamed during
development, but the stringify reference in the parameter description
sneaked by unnoticed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tianjia Zhang [Tue, 3 Mar 2020 15:48:09 +0000 (23:48 +0800)]
crypto: qat - simplify the qat_crypto function
simplify code to remove unnecessary constant string copies.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
John Allen [Tue, 3 Mar 2020 13:57:24 +0000 (07:57 -0600)]
crypto: ccp - Cleanup sp_dev_master in psp_dev_destroy()
Introduce clear_psp_master_device() to ensure that sp_dev_master gets
properly cleared on the release of a psp device.
Fixes:
2a6170dfe755 ("crypto: ccp: Add Platform Security Processor (PSP) device support")
Signed-off-by: John Allen <john.allen@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
John Allen [Tue, 3 Mar 2020 13:57:23 +0000 (07:57 -0600)]
crypto: ccp - Cleanup misc_dev on sev_exit()
Explicitly free and clear misc_dev in sev_exit(). Since devm_kzalloc()
associates misc_dev with the first device that gets probed, change from
devm_kzalloc() to kzalloc() and explicitly free memory in sev_exit() as
the first device probed is not guaranteed to be the last device released.
To ensure that the variable gets properly set to NULL, remove the local
definition of misc_dev.
Fixes:
200664d5237f ("crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support")
Signed-off-by: John Allen <john.allen@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Stefan Agner [Sun, 1 Mar 2020 23:37:14 +0000 (00:37 +0100)]
crypto: arm/ghash-ce - define fpu before fpu registers are referenced
Building ARMv7 with Clang's integrated assembler leads to errors such
as:
arch/arm/crypto/ghash-ce-core.S:34:11: error: register name expected
t3l .req d16
^
Since no FPU has selected yet Clang considers d16 not a valid register.
Moving the FPU directive on-top allows Clang to parse the registers and
allows to successfully build this file with Clang's integrated assembler.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Jason A. Donenfeld [Sun, 1 Mar 2020 08:06:56 +0000 (16:06 +0800)]
crypto: x86/curve25519 - leave r12 as spare register
This updates to the newer register selection proved by HACL*, which
leads to a more compact instruction encoding, and saves around 100
cycles.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Andrei Botila [Fri, 28 Feb 2020 10:46:48 +0000 (12:46 +0200)]
crypto: caam - update xts sector size for large input length
Since in the software implementation of XTS-AES there is
no notion of sector every input length is processed the same way.
CAAM implementation has the notion of sector which causes different
results between the software implementation and the one in CAAM
for input lengths bigger than 512 bytes.
Increase sector size to maximum value on 16 bits.
Fixes:
c6415a6016bf ("crypto: caam - add support for acipher xts(aes)")
Cc: <stable@vger.kernel.org> # v4.12+
Signed-off-by: Andrei Botila <andrei.botila@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Horia Geantă [Fri, 28 Feb 2020 06:51:23 +0000 (08:51 +0200)]
crypto: caam/qi2 - fix chacha20 data size error
HW generates a Data Size error for chacha20 requests that are not
a multiple of 64B, since algorithm state (AS) does not have
the FINAL bit set.
Since updating req->iv (for chaining) is not required,
modify skcipher descriptors to set the FINAL bit for chacha20.
[Note that for skcipher decryption we know that ctx1_iv_off is 0,
which allows for an optimization by not checking algorithm type,
since append_dec_op1() sets FINAL bit for all algorithms except AES.]
Also drop the descriptor operations that save the IV.
However, in order to keep code logic simple, things like
S/G tables generation etc. are not touched.
Cc: <stable@vger.kernel.org> # v5.3+
Fixes:
334d37c9e263 ("crypto: caam - update IV using HW support")
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Tested-by: Valentin Ciocoi Radulescu <valentin.ciocoi@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Vinay Kumar Yadav [Fri, 28 Feb 2020 06:09:40 +0000 (11:39 +0530)]
crypto: chelsio/chtls - Fixed boolinit.cocci warning
crypto: chtls - Fixed boolinit.cocci warning
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Hongbo Yao [Thu, 27 Feb 2020 07:12:28 +0000 (15:12 +0800)]
crypto: hisilicon - qm depends on UACCE
If UACCE=m and CRYPTO_DEV_HISI_QM=y, the following error
is seen while building qm.o:
drivers/crypto/hisilicon/qm.o: In function `hisi_qm_init':
(.text+0x23c6): undefined reference to `uacce_alloc'
(.text+0x2474): undefined reference to `uacce_remove'
(.text+0x286b): undefined reference to `uacce_remove'
drivers/crypto/hisilicon/qm.o: In function `hisi_qm_uninit':
(.text+0x2918): undefined reference to `uacce_remove'
make[1]: *** [vmlinux] Error 1
make: *** [autoksyms_recursive] Error 2
This patch fixes the config dependency for QM and ZIP.
reported-by: Hulk Robot <hulkci@huawei.com>
Suggested-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Hongbo Yao <yaohongbo@huawei.com>
Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Zhangfei Gao [Wed, 26 Feb 2020 07:12:06 +0000 (15:12 +0800)]
uacce: unmap remaining mmapping from user space
When uacce parent device module is removed, user app may
still keep the mmaped area, which can be accessed unsafely.
When rmmod, Parent device driver will call uacce_remove,
which unmap all remaining mapping from user space for safety.
VM_FAULT_SIGBUS is also reported to user space accordingly.
Suggested-by: Dave Jiang <dave.jiang@intel.com>
Signed-off-by: Zhangfei Gao <zhangfei.gao@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:24 +0000 (20:59 -0800)]
crypto: xts - simplify error handling in ->create()
Simplify the error handling in the XTS template's ->create() function by
taking advantage of crypto_drop_skcipher() now accepting (as a no-op) a
spawn that hasn't been grabbed yet.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:23 +0000 (20:59 -0800)]
crypto: rsa-pkcs1pad - simplify error handling in pkcs1pad_create()
Simplify the error handling in pkcs1pad_create() by taking advantage of
crypto_grab_akcipher() now handling an ERR_PTR() name and by taking
advantage of crypto_drop_akcipher() now accepting (as a no-op) a spawn
that hasn't been grabbed yet.
While we're at it, also simplify the way the hash_name optional argument
is handled. We only need to check whether it's present in one place,
and we can just assign directly to ctx->digest_info.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:22 +0000 (20:59 -0800)]
crypto: pcrypt - simplify error handling in pcrypt_create_aead()
Simplify the error handling in pcrypt_create_aead() by taking advantage
of crypto_grab_aead() now handling an ERR_PTR() name and by taking
advantage of crypto_drop_aead() now accepting (as a no-op) a spawn that
hasn't been grabbed yet.
This required also making padata_free_shell() accept a NULL argument.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:21 +0000 (20:59 -0800)]
crypto: lrw - simplify error handling in create()
Simplify the error handling in the LRW template's ->create() function by
taking advantage of crypto_drop_skcipher() now accepting (as a no-op) a
spawn that hasn't been grabbed yet.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:20 +0000 (20:59 -0800)]
crypto: geniv - simply error handling in aead_geniv_alloc()
Simplify the error handling in aead_geniv_alloc() by taking advantage of
crypto_grab_aead() now handling an ERR_PTR() name and by taking
advantage of crypto_drop_aead() now accepting (as a no-op) a spawn that
hasn't been grabbed yet.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:19 +0000 (20:59 -0800)]
crypto: gcm - simplify error handling in crypto_rfc4543_create()
Simplify the error handling in crypto_rfc4543_create() by taking
advantage of crypto_grab_aead() now handling an ERR_PTR() name and by
taking advantage of crypto_drop_aead() now accepting (as a no-op) a
spawn that hasn't been grabbed yet.
Conveniently, this eliminates the 'ccm_name' variable which was
incorrectly named (it should have been 'gcm_name').
Also fix a weird case where a line was terminated by a comma rather than
a semicolon, causing the statement to be continued on the next line.
Fortunately the code still behaved as intended, though.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:18 +0000 (20:59 -0800)]
crypto: gcm - simplify error handling in crypto_rfc4106_create()
Simplify the error handling in crypto_rfc4106_create() by taking
advantage of crypto_grab_aead() now handling an ERR_PTR() name and by
taking advantage of crypto_drop_aead() now accepting (as a no-op) a
spawn that hasn't been grabbed yet.
Conveniently, this eliminates the 'ccm_name' variable which was
incorrectly named (it should have been 'gcm_name').
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:17 +0000 (20:59 -0800)]
crypto: cts - simplify error handling in crypto_cts_create()
Simplify the error handling in crypto_cts_create() by taking advantage
of crypto_grab_skcipher() now handling an ERR_PTR() name and by taking
advantage of crypto_drop_skcipher() now accepting (as a no-op) a spawn
that hasn't been grabbed yet.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:16 +0000 (20:59 -0800)]
crypto: ctr - simplify error handling in crypto_rfc3686_create()
Simplify the error handling in crypto_rfc3686_create() by taking
advantage of crypto_grab_skcipher() now handling an ERR_PTR() name and
by taking advantage of crypto_drop_skcipher() now accepting (as a no-op)
a spawn that hasn't been grabbed yet.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:15 +0000 (20:59 -0800)]
crypto: cryptd - simplify error handling in cryptd_create_*()
Simplify the error handling in the various cryptd_create_*() functions
by taking advantage of crypto_grab_*() now handling an ERR_PTR() name
and by taking advantage of crypto_drop_*() now accepting (as a no-op) a
spawn that hasn't been grabbed yet.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:14 +0000 (20:59 -0800)]
crypto: ccm - simplify error handling in crypto_rfc4309_create()
Simplify the error handling in crypto_rfc4309_create() by taking
advantage of crypto_grab_aead() now handling an ERR_PTR() name and by
taking advantage of crypto_drop_aead() now accepting (as a no-op) a
spawn that hasn't been grabbed yet.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Wed, 26 Feb 2020 04:59:13 +0000 (20:59 -0800)]
crypto: authencesn - fix weird comma-terminated line
Fix a weird case where a line was terminated by a comma rather than a
semicolon, causing the statement to be continued on the next line.
Fortunately the code still behaved as intended, though.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Zhangfei Gao [Wed, 26 Feb 2020 01:28:28 +0000 (09:28 +0800)]
MAINTAINERS: add maintainers for uacce
Add Zhangfei Gao and Zhou Wang as maintainers for uacce
Signed-off-by: Zhangfei Gao <zhangfei.gao@linaro.org>
Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Vinay Kumar Yadav [Tue, 25 Feb 2020 16:51:20 +0000 (22:21 +0530)]
crypto: chelsio/chtls - Fixed tls stats
Added tls rx stats and reset tls rx/tx stats when chtls driver unload.
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Rosioru Dragos [Tue, 25 Feb 2020 15:05:52 +0000 (17:05 +0200)]
crypto: mxs-dcp - fix scatterlist linearization for hash
The incorrect traversal of the scatterlist, during the linearization phase
lead to computing the hash value of the wrong input buffer.
New implementation uses scatterwalk_map_and_copy()
to address this issue.
Cc: <stable@vger.kernel.org>
Fixes:
15b59e7c3733 ("crypto: mxs - Add Freescale MXS DCP driver")
Signed-off-by: Rosioru Dragos <dragos.rosioru@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Corentin Labbe [Mon, 24 Feb 2020 20:26:03 +0000 (20:26 +0000)]
crypto: sun8i-ce - fix description of stat_fb
The description of stat_fb was wrong, let's fix it
Fixes:
06f751b61329 ("crypto: allwinner - Add sun8i-ce Crypto Engine")
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Corentin Labbe [Mon, 24 Feb 2020 20:26:02 +0000 (20:26 +0000)]
crypto: sun8i-ss - fix description of stat_fb
The description of stat_fb was wrong, let's fix it.
Fixes:
f08fcced6d00 ("crypto: allwinner - Add sun8i-ss cryptographic offloader")
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gustavo A. R. Silva [Mon, 24 Feb 2020 16:21:00 +0000 (10:21 -0600)]
crypto: Replace zero-length array with flexible-array member
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by
this change:
"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit
76497732932f ("cxgb3/l2t: Fix undefined behaviour")
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Corentin Labbe [Mon, 24 Feb 2020 14:47:41 +0000 (14:47 +0000)]
crypto: arm64/sha-ce - implement export/import
When an ahash algorithm fallback to another ahash and that fallback is
shaXXX-CE, doing export/import lead to error like this:
alg: ahash: sha1-sun8i-ce export() overran state buffer on test vector 0, cfg=\"import/export\"
This is due to the descsize of shaxxx-ce being larger than struct shaxxx_state
off by an u32.
For fixing this, let's implement export/import which rip the finalize
variant instead of using generic export/import.
Fixes:
6ba6c74dfc6b ("arm64/crypto: SHA-224/SHA-256 using ARMv8 Crypto Extensions")
Fixes:
2c98833a42cd ("arm64/crypto: SHA-1 using ARMv8 Crypto Extensions")
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Ayush Sawal [Mon, 24 Feb 2020 03:42:33 +0000 (09:12 +0530)]
crypto: chelsio - Use multiple txq/rxq per tfm to process the requests
This patch enables chcr to use multiple txq/rxq per tfm
to process the crypto requests. The txq/rxq are selected based
on cpu core-id.
Signed-off-by: Ayush Sawal <ayush.sawal@chelsio.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Ayush Sawal [Mon, 24 Feb 2020 03:42:32 +0000 (09:12 +0530)]
crypto: chelsio - Recalculate iv only if it is needed
Recalculate iv only if it is needed i.e. if the last req to hw
was partial for aes-xts.
Signed-off-by: Ayush Sawal <ayush.sawal@chelsio.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Colin Ian King [Sat, 22 Feb 2020 14:24:09 +0000 (14:24 +0000)]
crypto: hisilicon - remove redundant assignment of pointer ctx
Pointer ctx is being re-assigned with the same value as it
was initialized with. The second assignment is redundant and
can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sat, 22 Feb 2020 01:38:55 +0000 (12:38 +1100)]
hwrng: omap3-rom - Include linux/io.h for virt_to_phys
This patch adds linux/io.h to the header list to ensure that we
get virt_to_phys on all architectures.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
YueHaibing [Fri, 21 Feb 2020 13:55:15 +0000 (21:55 +0800)]
crypto: md5 - remove unused macros
crypto/md5.c:26:0: warning: macro "MD5_DIGEST_WORDS" is not used [-Wunused-macros]
crypto/md5.c:27:0: warning: macro "MD5_MESSAGE_BYTES" is not used [-Wunused-macros]
They are never used since commit
3c7eb3cc8360 ("md5: remove from
lib and only live in crypto").
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Devulapally Shiva Krishna [Wed, 19 Feb 2020 13:13:57 +0000 (18:43 +0530)]
crypto: chelsio - un-register crypto algorithms
When a PCI device will be removed, cxgb4(LLD) will notify chcr(ULD).
Incase if it's a last pci device, chcr should un-register all the crypto
algorithms.
Signed-off-by: Devulapally Shiva Krishna <shiva@chelsio.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Ayush Sawal [Mon, 17 Feb 2020 13:39:27 +0000 (19:09 +0530)]
MAINTAINERS: Update maintainers for chelsio crypto drivers
This updates the maintainer list for chelsio crypto drivers.
Signed-off-by: Ayush Sawal <ayush.sawal@chelsio.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Kalyani Akula [Mon, 17 Feb 2020 10:26:43 +0000 (15:56 +0530)]
crypto: xilinx - Add Xilinx AES driver
This patch adds AES driver support for the Xilinx ZynqMP SoC.
Signed-off-by: Mohan Marutirao Dhanawade <mohan.dhanawade@xilinx.com>
Signed-off-by: Kalyani Akula <kalyani.akula@xilinx.com>
Acked-by: Michal Simek <michal.simek@xilinx.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Kalyani Akula [Mon, 17 Feb 2020 10:26:42 +0000 (15:56 +0530)]
dt-bindings: crypto: Add bindings for ZynqMP AES-GCM driver
Add documentation to describe Xilinx ZynqMP AES-GCM driver bindings.
Signed-off-by: Kalyani Akula <kalyani.akula@xilinx.com>
Reviewed-by: Rob Herring <robh@kernel.org>
Acked-by: Michal Simek <michal.simek@xilinx.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Kalyani Akula [Mon, 17 Feb 2020 10:26:41 +0000 (15:56 +0530)]
firmware: xilinx: Add ZynqMP aes API for AES functionality
Add ZynqMP firmware AES API to perform encryption/decryption of given data.
Signed-off-by: Kalyani Akula <kalyani.akula@xilinx.com>
Acked-by: Michal Simek <michal.simek@xilinx.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Al Viro [Sat, 15 Feb 2020 06:14:16 +0000 (06:14 +0000)]
crypto: chelsio - Endianess bug in create_authenc_wr
kctx_len = (ntohl(KEY_CONTEXT_CTX_LEN_V(aeadctx->key_ctx_hdr)) << 4)
- sizeof(chcr_req->key_ctx);
can't possibly be endian-safe. Look: ->key_ctx_hdr is __be32. And
KEY_CONTEXT_CTX_LEN_V is "shift up by 24 bits". On little-endian hosts it
sees
b0 b1 b2 b3
in memory, inteprets that into b0 + (b1 << 8) + (b2 << 16) + (b3 << 24),
shifts up by 24, resulting in b0 << 24, does ntohl (byteswap on l-e),
gets b0 and shifts that up by 4. So we get b0 * 16 - sizeof(...).
Sounds reasonable, but on b-e we get
b3 + (b2 << 8) + (b1 << 16) + (b0 << 24), shift up by 24,
yielding b3 << 24, do ntohl (no-op on b-e) and then shift up by 4.
Resulting in b3 << 28 - sizeof(...), i.e. slightly under b3 * 256M.
Then we increase it some more and pass to alloc_skb() as size.
Somehow I doubt that we really want a quarter-gigabyte skb allocation
here...
Note that when you are building those values in
#define FILL_KEY_CTX_HDR(ck_size, mk_size, d_ck, opad, ctx_len) \
htonl(KEY_CONTEXT_VALID_V(1) | \
KEY_CONTEXT_CK_SIZE_V((ck_size)) | \
KEY_CONTEXT_MK_SIZE_V(mk_size) | \
KEY_CONTEXT_DUAL_CK_V((d_ck)) | \
KEY_CONTEXT_OPAD_PRESENT_V((opad)) | \
KEY_CONTEXT_SALT_PRESENT_V(1) | \
KEY_CONTEXT_CTX_LEN_V((ctx_len)))
ctx_len ends up in the first octet (i.e. b0 in the above), which
matches the current behaviour on l-e. If that's the intent, this
thing should've been
kctx_len = (KEY_CONTEXT_CTX_LEN_G(ntohl(aeadctx->key_ctx_hdr)) << 4)
- sizeof(chcr_req->key_ctx);
instead - fetch after ntohl() we get (b0 << 24) + (b1 << 16) + (b2 << 8) + b3,
shift it down by 24 (b0), resuling in b0 * 16 - sizeof(...) both on l-e and
on b-e.
PS: when sparse warns you about endianness problems, it might be worth checking
if there really is something wrong. And I don't mean "slap __force cast on it"...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gustavo A. R. Silva [Thu, 13 Feb 2020 17:21:30 +0000 (11:21 -0600)]
crypto: s5p-sss - Replace zero-length array with flexible-array member
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by
this change:
"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit
76497732932f ("cxgb3/l2t: Fix undefined behaviour")
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Acked-by: Kamil Konieczny <k.konieczny@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Gustavo A. R. Silva [Thu, 13 Feb 2020 16:50:54 +0000 (10:50 -0600)]
crypto: img-hash - Replace zero-length array with flexible-array member
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by
this change:
"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit
76497732932f ("cxgb3/l2t: Fix undefined behaviour")
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Iuliana Prodan [Wed, 12 Feb 2020 17:55:24 +0000 (19:55 +0200)]
crypto: caam - add crypto_engine support for HASH algorithms
Add crypto_engine support for HASH algorithms, to make use of
the engine queue.
The requests, with backlog flag, will be listed into crypto-engine
queue and processed by CAAM when free.
Only the backlog request are sent to crypto-engine since the others
can be handled by CAAM, if free, especially since JR has up to 1024
entries (more than the 10 entries from crypto-engine).
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Iuliana Prodan [Wed, 12 Feb 2020 17:55:23 +0000 (19:55 +0200)]
crypto: caam - add crypto_engine support for RSA algorithms
Add crypto_engine support for RSA algorithms, to make use of
the engine queue.
The requests, with backlog flag, will be listed into crypto-engine
queue and processed by CAAM when free. In case the queue is empty,
the request is directly sent to CAAM.
Only the backlog request are sent to crypto-engine since the others
can be handled by CAAM, if free, especially since JR has up to 1024
entries (more than the 10 entries from crypto-engine).
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Iuliana Prodan [Wed, 12 Feb 2020 17:55:22 +0000 (19:55 +0200)]
crypto: caam - add crypto_engine support for AEAD algorithms
Add crypto_engine support for AEAD algorithms, to make use of
the engine queue.
The requests, with backlog flag, will be listed into crypto-engine
queue and processed by CAAM when free.
If sending just the backlog request to crypto-engine, and non-blocking
directly to CAAM, the latter requests have a better chance to be
executed since JR has up to 1024 entries, more than the 10 entries
from crypto-engine.
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Iuliana Prodan [Wed, 12 Feb 2020 17:55:21 +0000 (19:55 +0200)]
crypto: caam - support crypto_engine framework for SKCIPHER algorithms
Integrate crypto_engine into CAAM, to make use of the engine queue.
Add support for SKCIPHER algorithms.
This is intended to be used for CAAM backlogging support.
The requests, with backlog flag (e.g. from dm-crypt) will be listed
into crypto-engine queue and processed by CAAM when free.
This changes the return codes for enqueuing a request:
-EINPROGRESS if OK, -EBUSY if request is backlogged (via
crypto-engine), -ENOSPC if the queue is full, -EIO if it
cannot map the caller's descriptor.
The requests, with backlog flag, will be listed into crypto-engine
queue and processed by CAAM when free. Only the backlog request are
sent to crypto-engine since the others can be handled by CAAM, if free,
especially since JR has up to 1024 entries (more than the 10 entries
from crypto-engine).
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Iuliana Prodan [Wed, 12 Feb 2020 17:55:20 +0000 (19:55 +0200)]
crypto: caam - change return code in caam_jr_enqueue function
Based on commit
6b80ea389a0b ("crypto: change transient busy return code to -ENOSPC"),
change the return code of caam_jr_enqueue function to -EINPROGRESS, in
case of success, -ENOSPC in case the CAAM is busy (has no space left
in job ring queue), -EIO if it cannot map the caller's descriptor.
Update, also, the cases for resource-freeing for each algorithm type.
This is done for later use, on backlogging support in CAAM.
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geanta <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Iuliana Prodan [Wed, 12 Feb 2020 17:55:19 +0000 (19:55 +0200)]
crypto: caam - refactor RSA private key _done callbacks
Create a common rsa_priv_f_done function, which based
on private key form calls the specific unmap function.
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geanta <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Iuliana Prodan [Wed, 12 Feb 2020 17:55:18 +0000 (19:55 +0200)]
crypto: caam - refactor ahash_edesc_alloc
Changed parameters for ahash_edesc_alloc function:
- remove flags since they can be computed in
ahash_edesc_alloc, the only place they are needed;
- use ahash_request instead of caam_hash_ctx, to be
able to compute gfp flags.
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geanta <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Iuliana Prodan [Wed, 12 Feb 2020 17:55:17 +0000 (19:55 +0200)]
crypto: caam - refactor ahash_done callbacks
Create two common ahash_done_* functions with the dma
direction as parameter. Then, these 2 are called with
the proper direction for unmap.
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geanta <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Iuliana Prodan [Wed, 12 Feb 2020 17:55:16 +0000 (19:55 +0200)]
crypto: caam - refactor skcipher/aead/gcm/chachapoly {en,de}crypt functions
Create a common crypt function for each skcipher/aead/gcm/chachapoly
algorithms and call it for encrypt/decrypt with the specific boolean -
true for encrypt and false for decrypt.
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geanta <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Wed, 12 Feb 2020 08:45:36 +0000 (09:45 +0100)]
crypto: qat - spelling s/Decrytp/Decrypt/
Fix a typo in a comment.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:28 +0000 (19:19 +0100)]
crypto: ccree - use devm_kzalloc() for hash data
As the lifetime of the hash data matches the lifetime of the driver,
hash data can be allocated using the managed allocators.
While at it, simplify cc_hash_free() by removing an unneeded check
(hash_handle is always valid here).
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:27 +0000 (19:19 +0100)]
crypto: ccree - use devm_k[mz]alloc() for cipher data
As the lifetime of the cipher data matches the lifetime of the driver,
cipher data can be allocated using the managed allocators.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:26 +0000 (19:19 +0100)]
crypto: ccree - use devm_k[mz]alloc() for AEAD data
As the lifetime of the AEAD data matches the lifetime of the driver,
AEAD data can be allocated using the managed allocators.
While at it, simplify cc_aead_free() by removing an unneeded cast, and
an unneeded check (aead_handle is always valid here).
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:25 +0000 (19:19 +0100)]
crypto: ccree - use existing dev helper in init_cc_resources()
Use the existing dev helper variable instead of plat_dev->dev.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:24 +0000 (19:19 +0100)]
crypto: ccree - grammar s/not room/no room/
Fix grammar in a comment.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:23 +0000 (19:19 +0100)]
crypto: ccree - spelling s/Crytpcell/Cryptocell/
Fix a typo in a comment.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:22 +0000 (19:19 +0100)]
crypto: ccree - improve kerneldoc in cc_sram_mgr.[ch]
Miscellaneous improvements:
- Start comment blocks with "/**" to enable kerneldoc,
- Mark parameters using "@" instead of "\param",
- Fix typos in parameter names,
- Add missing function names to kerneldoc headers,
- Add missing parameter and return value descriptions.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:21 +0000 (19:19 +0100)]
crypto: ccree - improve kerneldoc in cc_request_mgr.[ch]
Miscellaneous improvements:
- Start comment blocks with "/**" to enable kerneldoc,
- Mark parameters using "@" instead of "\param",
- Fix copied is_dout parameter of cc_send_request(),
- Add missing function names to kerneldoc headers,
- Add missing parameter descriptions.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:20 +0000 (19:19 +0100)]
crypto: ccree - improve kerneldoc in cc_hash.[ch]
Miscellaneous improvements:
- Start comment blocks with "/**" to enable kerneldoc,
- Mark parameters using "@" instead of "\param",
- Add missing function names to kerneldoc headers,
- Add missing parameter descriptions.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:19 +0000 (19:19 +0100)]
crypto: ccree - improve kerneldoc in cc_buffer_mgr.c
Miscellaneous improvements:
- Add missing parameter and return value descriptions.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:18 +0000 (19:19 +0100)]
crypto: ccree - improve kerneldoc in cc_hw_queue_defs.h
Miscellaneous improvements:
- Start comment blocks with "/**" to enable kerneldoc,
- Fix descriptor type of set_dout_mlli(),
- Fix copied config parameter of set_cipher_config1(),
- Fix copied config parameter of set_bytes_swap(),
- Add missing function names to kerneldoc headers,
- Add missing parameter descriptions,
- Remove descriptions for nonexistent parameters,
- Add missing colons,
- Remove references to obsolete camelcase parameter names,
- Sort according to actual parameter order,
- Fix grammar and spelling.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:17 +0000 (19:19 +0100)]
crypto: ccree - remove bogus kerneldoc markers
Normal comments should start with "/*".
"/**" is reserver for kerneldoc.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:16 +0000 (19:19 +0100)]
crypto: ccree - extract cc_init_copy_sram()
Extract the copy to SRAM of the initial values for a hash algorithm into
its own function, to improve readability and ease maintenance.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:15 +0000 (19:19 +0100)]
crypto: ccree - remove struct cc_cipher_handle
The cc_cipher_handle structure contains only a single member, and only
one instance exists. Simplify the code and reduce memory consumption by
moving this member to struct cc_drvdata.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:14 +0000 (19:19 +0100)]
crypto: ccree - remove struct buff_mgr_handle
The buff_mgr_handle structure contains only a single member, and only
one instance exists. Simplify the code and reduce memory consumption by
moving this member to struct cc_drvdata.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:13 +0000 (19:19 +0100)]
crypto: ccree - remove struct cc_debugfs_ctx
The cc_debugfs_ctx structure contains only a single member, and only one
instance exists. Simplify the code and reduce memory consumption by
moving this member to struct cc_drvdata.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:12 +0000 (19:19 +0100)]
crypto: ccree - remove struct cc_sram_ctx
The cc_sram_ctx structure contains only a single member, and only one
instance exists. Simplify the code and reduce memory consumption by
moving this member to struct cc_drvdata.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:11 +0000 (19:19 +0100)]
crypto: ccree - make cc_pm_{suspend,resume}() static
cc_pm_suspend() and cc_pm_resume() are not used outside
drivers/crypto/ccree/cc_pm.c.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:10 +0000 (19:19 +0100)]
crypto: ccree - remove cc_pm_is_dev_suspended() wrapper
If CONFIG_PM=y, cc_pm_is_dev_suspended() is just a wrapper around
pm_runtime_suspended().
If CONFIG_PM=n, cc_pm_is_dev_suspended() a dummy that behaves exactly
the same as the dummy for pm_runtime_suspended().
Hence remove cc_pm_is_dev_suspended(), and call pm_runtime_suspended()
directly.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Geert Uytterhoeven [Tue, 11 Feb 2020 18:19:09 +0000 (19:19 +0100)]
crypto: ccree - use of_device_get_match_data()
If the driver is probed, it means a match was found in
arm_ccree_dev_of_match[]. Hence we can just use the
of_device_get_match_data() helper.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>