| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
crypto_rfc3686_alloc() in crypto/ctr.c expects to be used with a stream
cipher (alg->cra_blocksize == 1).
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch only creates sections to regroup functions by usage.
This will help to integrate the GCM support patch later by making the
difference between shared/common and specific code. Hence current
sections are:
- Shared functions: common code which will be reused by the GCM support.
- CPU transfer: handles transfers monitored by the CPU (PIO accesses).
- DMA transfer: handles transfers monitored by the DMA controller.
- AES async block ciphers: dedicated to the already supported block ciphers
- Probe functions: used to register all crypto algorithms.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Dummy patch to fix typo and indentation.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This is a dummy cosmetic patch.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch totally reworks data transfer.
1 - DMA
The new code now fully supports scatter-gather lists hence reducing the
number of interrupts in some cases. Also buffer alignments are better
managed to avoid useless copies.
2 - CPU
The new code allows to use PIO accesses even when transferring more than
one AES block, so futher patches could tune the DMA threshold
(ATMEL_AES_DMA_THRESHOLD).
Moreover, CPU transfers now have a chance to be processed synchronously,
hence reducing the latency by avoiding context switches when possible
(less interrupts to process, less scheduling of the 'done' task).
Indeed the 'DATA READY' bit is polled only one time in the Interrupt
Status Register before enabling then waiting for the associated interrupt.
In some condition, this single poll is enough as the data have already
been processed by the AES hardware and so are ready.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add missing call to atmel_aes_buff_cleanup().
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Since the 'done' task code was split into atmel_aes_cpu_complete() and
atmel_aes_dma_complete(), the AES_FLAGS_DMA flag has become useless.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
atmel_aes_dma_callback() now directly calls the 'resume' callback instead
of scheduling the done task, which in turn only calls the very same
'resume' callback.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This 'err' member was initialized to 0 but its value never changed.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch introduces a new callback 'resume' in the struct atmel_aes_dev.
This callback is run to resume/complete the processing of the crypto
request when woken up by I/O events such as AES interrupts or DMA
completion.
This callback will help implementing the GCM mode support in further
patches.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch reworks the AES_FLAGS_* to simplify the configuration of the
AES IP.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
As claimed by the datasheet, writing 0 into the Control Register has no
effet. So we remove this useless register access.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch changes atmel_aes_handle_queue() to make it more generic.
The function argument is now a pointer to struct crypto_async_request,
which is the common base of struct ablkcipher_request and
struct aead_request.
Also this patch introduces struct atmel_aes_base_ctx which will be the
common base of all the transformation contexts.
Hence the very same queue will be used to manage both block cipher and
AEAD requests (such as gcm and authenc implemented in further patches).
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch changes the signature of atmel_aes_write_ctrl() to make it more
generic. This will be used by future patches when implementing new block
cipher modes such as GCM.
Especially atmel_aes_hw_init() is now called outside
atmel_aes_write_ctrl(): this allows to call atmel_aes_write_ctrl() many
times, still initializing the hardware only once.
Indeed, the support of GCM will require to update the Mode Register and
the IV when processing a single request.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Before this patch atmel_aes_hw_version_init() had no returned value.
However it calls atmel_aes_hw_init(), which may fail. So check the
returned code of atmel_aes_hw_init() and propagate error if needed.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Hash headers have nothing to do with AES block ciphers.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This dummy patch fixes atmel_aes_unregister_algs() so crypto algorithms
are unregistered in the reverse order they were registered by
atmel_aes_register_algs().
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Increase the algorithm priorities so the hardware acceleration is now
preferred to the software computation: the "aes-generice" driver uses 100
as priority.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
atmel_aes_write_n() should not modify its value argument.
Signed-off-by: Cyrille Pitchen <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add new version of atmel-aes available with SAMA5D2 devices.
Signed-off-by: Leilei Zhao <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use list_for_each_entry*() instead of list_for_each*() to simplify
the code.
Signed-off-by: Geliang Tang <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Precalculated hash for empty message are now present in hash headers.
This patch just use them.
Signed-off-by: LABBE Corentin <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Precalculated hash for empty message are now present in hash headers.
This patch just use them.
Signed-off-by: LABBE Corentin <[email protected]>
Tested-by: Tom Lendacky <[email protected]>
Acked-by: Tom Lendacky <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Precalculated hash for empty message are now present in hash headers.
This patch just use them.
Signed-off-by: LABBE Corentin <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Some crypto drivers cannot process empty data message and return a
precalculated hash for md5/sha1/sha224/sha256.
This patch add thoses precalculated hash in include/crypto.
Signed-off-by: LABBE Corentin <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Change the timeout condition since the times value would be -1 after
running MAX_RETRY_TIMES.
Reported-by: Dan Carpenter <[email protected]>
Signed-off-by: Yang Pingchao <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
AE CTX bits should be 8-15 in CTX_ENABLES, so the mask
value 0xff should be left shifted 0x8.
Reported-by: Dan Carpenter <[email protected]>
Signed-off-by: Yang Pingchao <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Avoid the s390 compile "warning: 'pkcs1pad_encrypt_sign_complete'
uses dynamic stack allocation" reported by kbuild test robot. Don't
use a flat zero-filled buffer, instead zero the contents of the SGL.
Signed-off-by: Andrew Zaborowski <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Removed unused variable "err" and directly return "0"
Reported by coccicheck -
./drivers/crypto/omap-aes.c:542:5-8: Unneeded variable: "err". Return "0" on line 551
./drivers/crypto/omap-des.c:530:5-8: Unneeded variable: "err". Return "0" on line 539
Signed-off-by: Rahul Pathak <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Removed unused variable "err" and directly return "0"
Reported by coccicheck -
./drivers/crypto/atmel-sha.c:758:5-8: Unneeded variable: "err". Return "0" on line 766
Signed-off-by: Rahul Pathak <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
NX842 coprocessor sets 3rd bit in CR register with XER[S0] which is
nothing to do with NX request. Since this bit can be set with other
valuable return status, mast this bit.
One of other bits (INITIATED, BUSY or REJECTED) will be returned for
any given NX request.
Signed-off-by: Haren Myneni <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
accel_id has to be large enough to hold ADF_MAX_DEVICES + 1
(which is > 1025) so uint8_t is too small.
Reported-by: Dan Carpenter <[email protected]>
Signed-off-by: Tadeusz Struk <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
When using DES module the next bug appears:
BUG: scheduling while atomic: kworker/0:1/63/0x00000102
With backtrace as follows:
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< cut here >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
[<c0012294>] (dump_backtrace) from [<c00124ac>] (show_stack+0x18/0x1c)
[<c0012494>] (show_stack) from [<c0752554>] (dump_stack+0x84/0xc4)
[<c07524d0>] (dump_stack) from [<c0750218>] (__schedule_bug+0x54/0x64)
[<c07501c4>] (__schedule_bug) from [<c07548a4>] (__schedule+0x4ac/0x53c)
[<c07543f8>] (__schedule) from [<c075496c>] (schedule+0x38/0x88)
[<c0754934>] (schedule) from [<c03c3984>] (rpm_resume+0x158/0x59c)
[<c03c382c>] (rpm_resume) from [<c03c3e1c>] (__pm_runtime_resume+0x54/0x6c)
[<c03c3dc8>] (__pm_runtime_resume) from [<c0568ff8>] (omap_des_handle_queue+0x154/0x7bc)
[<c0568ea4>] (omap_des_handle_queue) from [<c05696b8>] (omap_des_crypt+0x58/0xbc)
[<c0569660>] (omap_des_crypt) from [<c0569730>] (omap_des_cbc_decrypt+0x14/0x18)
[<c056971c>] (omap_des_cbc_decrypt) from [<c0297534>] (authenc_verify_ahash_done+0xe0/0xe8)
[<c0297454>] (authenc_verify_ahash_done) from [<c056a330>] (omap_sham_finish_req+0x58/0xa8)
[<c056a2d8>] (omap_sham_finish_req) from [<c056b714>] (omap_sham_done_task+0x1c0/0x1e0)
[<c056b554>] (omap_sham_done_task) from [<c003e53c>] (tasklet_action+0x80/0x118)
[<c003e4bc>] (tasklet_action) from [<c003e740>] (__do_softirq+0x11c/0x260)
[<c003e624>] (__do_softirq) from [<c003eb64>] (irq_exit+0xc0/0xfc)
[<c003eaa4>] (irq_exit) from [<c000f1c4>] (handle_IRQ+0x4c/0x98)
[<c000f178>] (handle_IRQ) from [<c0008568>] (gic_handle_irq+0x34/0x64)
[<c0008534>] (gic_handle_irq) from [<c0758540>] (__irq_svc+0x40/0x70)
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< cut here >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Insight was seen in drivers/crypto/omap-sham.c driver.
All credits for this patch go to Grygorii Strashko.
Signed-off-by: Sam Protsenko <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The VF bundle interrupt is not triggered any more in
the case when guest is shut down with sample app running.
Need to clear the flag interrupt bit when restarting to fix
this irrecoverable state.
Signed-off-by: Zeng Xin <[email protected]>
Signed-off-by: Tadeusz Struk <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This file does not contain any modular related function calls. So get
rid of module.h since it drags in a lot of other headers and adds to
the preprocessing load. It does export some symbols though, so we'll
need to ensure it has export.h present instead.
Cc: Herbert Xu <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: [email protected]
Signed-off-by: Paul Gortmaker <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Fix i386-randconfig-x004-12092241.
PCI_IOV needs to be selected when VFs are enabled
Reported-by: <[email protected]>
Signed-off-by: Tadeusz Struk <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
When many threads submit multiple requests they get blocked until all
responses are processed, which prevents them from submitting more requests
even though there is space on the rings.
To fix this we need to decrement the inflight counter early to in the callback.
Signed-off-by: Harvijay Saini <[email protected]>
Signed-off-by: Tadeusz Struk <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Fix numerous spelling error in include/crypto/akcipher.h
Signed-off-by: LABBE Corentin <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The sahara_dump_descriptors and sahara_dump_links functions attempt
to print a dma_addr_t value with a 0x%08x format string, which
produces a warning when dma_addr_t is 64-bit wide:
drivers/crypto/sahara.c:419:120: warning: format '%x' expects argument of type 'unsigned int', but argument 5 has type 'dma_addr_t {aka long long unsigned int}' [-Wformat=]
This changes the code to use the %pad format string that is meant
for dma_addr_t, which avoids the warning and gives us the correct
output in all configurations.
Signed-off-by: Arnd Bergmann <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The sahara hardware uses DMA descriptors with 32-bit addresses, but
dma_addr_t is variable size depending on whether we want to support
any devices that use 64-bit DMA addresses in hardware.
This means that the definition of the DMA descriptor structure is wrong,
and we helpfully get a compiler warning about them too:
drivers/crypto/sahara.c:423:372: warning: format '%x' expects argument of type 'unsigned int', but argument 4 has type 'dma_addr_t {aka long long unsigned int}' [-Wformat=]
This changes the definition of the sahara_hw_desc and sahara_hw_link
structures to only contain fixed-length members, which is required
to make the driver work on ARM LPAE mode, and avoids most of the
gcc warnings we get.
Signed-off-by: Arnd Bergmann <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The drbg_state_ops structures are never modified, so declare them as const.
Done with the help of Coccinelle.
Signed-off-by: Julia Lawall <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
If the length of the plaintext is zero, there's no need to waste cycles
on encryption and decryption. Using the chacha20poly1305 construction
for zero-length plaintexts is a common way of using a shared encryption
key for AAD authentication.
Signed-off-by: Jason A. Donenfeld <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch adds PKCS#1 v1.5 standard RSA padding as a separate template.
This way an RSA cipher with padding can be obtained by instantiating
"pkcs1pad(rsa)". The reason for adding this is that RSA is almost
never used without this padding (or OAEP) so it will be needed for
either certificate work in the kernel or the userspace, and I also hear
that it is likely implemented by hardware RSA in which case hardware
implementations of the whole of pkcs1pad(rsa) can be provided.
Signed-off-by: Andrew Zaborowski <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add a struct akcipher_instance and struct akcipher_spawn similar to
how AEAD declares them and the macros for converting to/from
crypto_instance/crypto_spawn. Also add register functions to
avoid exposing crypto_akcipher_type.
Signed-off-by: Andrew Zaborowski <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add support for c62x accelerator Virtual Function
Signed-off-by: Tadeusz Struk <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add support for c3xxx accelerator Virtual Function
Signed-off-by: Tadeusz Struk <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add support for qat c62x accel type
Signed-off-by: Tadeusz Struk <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add support for c3xxx accel type.
Signed-off-by: Tadeusz Struk <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Move qat_isr.c and qat_isrvf.c files to qat_common dir
so that they can be reused by all devices.
Remove adf_drv.h files because thay are not longer needed.
Move adf_dev_configure() function to qat_common so it can be reused.
Also some minor updates to common code for multidevice.
Signed-off-by: Tadeusz Struk <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
FW loader updates for new qat devices
Signed-off-by: Tadeusz Struk <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|