| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
You can't reach init() if parent alg_name is invalid. Moreover,
cypto_alloc_base() will return ENOENT if alg_name is NULL.
Found while grasping the fallback mechanism.
Signed-off-by: Tudor Ambarus <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
of_device_ids are not supposed to change at runtime. All functions
working with of_device_ids provided by <linux/of.h> work with const
of_device_ids. So mark the non-const structs as const.
File size before:
text data bss dec hex filename
2001 2168 48 4217 1079 drivers/crypto/n2_core.o
File size after constify dummy_tlb_ops.:
text data bss dec hex filename
3601 536 48 4185 1059 drivers/crypto/n2_core.o
Signed-off-by: Arvind Yadav <[email protected]>
Acked-by: David S. Miller <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
A base_end pointer is set and provided. Use it in the ring rollback
function to avoid using build-in defines.
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Increase the batch size to the maximum number of requests a ring can
handle at a time (its size). This is possible now that the request
queues are per hw ring. This improves performances.
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This force the need_dequeue flag to be unset whenever the dequeue
function is called, to avoid calling it when it is not necessary.
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Get the backlog before dequeuing the request otherwise we'll miss the
first request in line.
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This update the dequeue function of the inside-secure safexcel driver so
that failed requests aren't requeued when they fail (for whatever
reason, which can be because the hw ring is full).
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Update the inside-secure safexcel driver from using one global queue to
one queue per hw ring. This ease the request management and keep the hw
in sync with what's done in sw.
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This move the context and request updates at the end of the cipher and
hash send() functions. This way the context and request fields are set
only when everything else was successful in the send() functions.
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The cipher and hash send functions both set the results variable, to be
used later by the caller. Align the way they're setting this variable.
Signed-off-by: Ofer Heifetz <[email protected]>
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Configure the data write bufferability to always buffer packets in the
DSE. This change slightly improves performance.
Signed-off-by: Igal Liberman <[email protected]>
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
When enable_single_wr is not enabled, the DSE will only write those
parts of a result descriptor that need updating, which means a final
result descriptor will be written in 2 or 3 smaller transfers.
When enable_single_wr is enabled the DSE will combine these 2-3
updates into one large write transfer, generally improving performance.
Signed-off-by: Igal Liberman <[email protected]>
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Set the correct value to the DSE data cache, using WR_CACHE_3BITS
instead of RD_CACHE_3BITS. This fixes an incorrect setting and helps
improving performances.
Reported-by: Igal Liberman <[email protected]>
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The EIP197_HIA_xDR_CFG_WR_CACHE macro was defined to use an offset of
23, which is wrong as it's actually 25. Fix this.
Reported-by: Igal Liberman <[email protected]>
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Replace the hmac ipad/opad values by their defined constants.
Signed-off-by: Antoine Tenart <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
When multiple devices are present in system select device
in round-robin fashion for crypto operations
Signed-off-by: Atul Gupta <[email protected]>
Reviewed-by: Ganesh Goudar <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Allocate new sg list in case received destination sg list has entry
greater that 2k.
Signed-off-by: Harsh Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add myself as maintainer for chcr.
Signed-off-by: Harsh Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Count types of operation done by HW.
Signed-off-by: Harsh Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
It send multiple WRs to H/W to handle large sg lists. Adds ctr(aes)
and rfc(ctr(aes)) modes.
Signed-off-by: Harsh Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Do not update assoclen received in aead_request.
Signed-off-by: Harsh Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Return correct error instead of EINVAL.
Signed-off-by: Harsh Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Set key of fallback tfm for rfc4309.
Signed-off-by: Harsh Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
GCM and CBC mode of operation requires Last Cipher Block.
This patch set lcb bit in WR header when required.
Signed-off-by: Harsh Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Trivial fix to spelling mistake in seq_printf message
Signed-off-by: Colin Ian King <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Trivial fix to spelling mistake in pr_err message
Signed-off-by: Colin Ian King <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The PKCS#1 RSA implementation is provided with a self test with RSA 2048
and SHA-256. This self test implicitly covers other RSA keys and other
hashes. Also, this self test implies that the pkcs1pad(rsa) is FIPS
140-2 compliant.
Signed-off-by: Stephan Mueller <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
I work for MediaTek on maintaining the MediaTek RNG driver
for the existing SoCs and adding support for the following
SoCs.
Signed-off-by: Sean Wang <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add runtime PM support. There will be the benefit on SoCs where the
clock to the RNG used can be shutdown.
Signed-off-by: Sean Wang <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Document the bindings used by MediaTek MT7622 SoC hardware random number
generator.
Signed-off-by: Sean Wang <[email protected]>
Reviewed-by: Matthias Brugger <[email protected]>
Acked-by: Rob Herring <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Otherwise, we enable all sorts of forgeries via timing attack.
Signed-off-by: Jason A. Donenfeld <[email protected]>
Suggested-by: Stephan Müller <[email protected]>
Cc: [email protected]
Cc: Herbert Xu <[email protected]>
Cc: [email protected]
Signed-off-by: Herbert Xu <[email protected]>
|
|
If 'kzalloc' fails, we return 0 which means success.
return -ENOMEM instead as already done a few lines above.
Signed-off-by: Christophe JAILLET <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
By adding a struct device *dev to struct engine, we could store the
device used at register time and so use all dev_xxx functions instead of
pr_xxx.
Signed-off-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Fix inconsistent format and spelling in hash tests error messages.
Signed-off-by: Gilad Ben-Yossef <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Trivial fix to spelling mistake in flow_log message
Signed-off-by: Colin Ian King <[email protected]>
Reviewed-by: Steve Lin <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The run-time self-tests fail quite early, as soon as the input block
size is larger than 64 bytes:
alg: hash: Test 4 failed for sha1-sun4i-ss
00000000: b9 c9 1e 52 c0 26 d8 39 81 ff f2 3c 99 b1 27 b2
00000010: 30 d6 c9 85
One thing to notice is the value of the last word, which is the one
expected (it can sometime be the last two words). The datasheet isn't
very clear about when the digest is ready to retrieve and is seems the
bit SS_DATA_END is cleared when the digest was computed *but* that
doesn't mean the digest is ready to retrieve in the registers.
A ndelay(1) is added before reading the computed digest to ensure it is
available in the SS_MD[] registers.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The CRYPTO_ALG_KERN_DRIVER_ONLY flag is set for hardware accelerated
ciphers accessible through a kernel driver only. This is the case for
ciphers exposed by the sun4i-ss driver. This patch sets this flag.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Update the sun4i-ss driver to use the skcipher API instead of the old
ablkcipher one. It's a bit more tricky than s/ablkcipher/skcipher/, but
still nothing special and the driver's logic stays the same.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the GENMASK helper instead of custom calculations to generate masks,
It also helps the readability.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
A bit is appended at the end of the input buffer for sha1. Simplify the
code assigning it.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
When sending the last block of data to the engine, it should be padded
so that the total length of the request can be given to the engine as
the last 2 words of the last 64 bytes block.
Simplify the calculation of this pad offset.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Parts of the bf buffer were dynamically set to 0. Change this to set the
whole buffer to 0 by default to avoid any mistake.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Do not use DMA is the request is 0 length.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Replace custom bit shifts and masks with lower/upper_32_bits helpers.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Cosmetic clean up if conditional checks on 0s values.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Cosmetic change to avoid having a full screen a variable definitions. It
also helps to see which variables share the same type.
Signed-off-by: Antoine Tenart <[email protected]>
Tested-by: Corentin Labbe <[email protected]>
Acked-by: Corentin Labbe <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use more common error logging style.
Signed-off-by: Karim Eshapa <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
- Fixed bugs in example for shash and rng (added missing "*" and " *").
- Corrected pr_info() in calc_hash().
- Added example usage of calc_hash().
- No need for negate PTR_ERR to get error code, as crypto_alloc_rng
already returns negative values like ERR_PTR(-ENOMEM). Fixed.
Signed-off-by: Kamil Konieczny <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
We checked (nbytes < bsize) inside the loops so it's not possible to hit
the "goto done;" here. This code is cut and paste from other slightly
different loops where we don't have the check inside the loop.
Signed-off-by: Dan Carpenter <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
mix_columns() contains a comment which shows the matrix used by the
MixColumns step of AES, but the last entry in this matrix was incorrect
Signed-off-by: Herbert Xu <[email protected]>
|