| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
asm/unaligned.h is always an include of asm-generic/unaligned.h;
might as well move that thing to linux/unaligned.h and include
that - there's nothing arch-specific in that header.
auto-generated by the following:
for i in `git grep -l -w asm/unaligned.h`; do
sed -i -e "s/asm\/unaligned.h/linux\/unaligned.h/" $i
done
for i in `git grep -l -w asm-generic/unaligned.h`; do
sed -i -e "s/asm-generic\/unaligned.h/linux\/unaligned.h/" $i
done
git mv include/asm-generic/unaligned.h include/linux/unaligned.h
git mv tools/include/asm-generic/unaligned.h tools/include/linux/unaligned.h
sed -i -e "/unaligned.h/d" include/asm-generic/Kbuild
sed -i -e "s/__ASM_GENERIC/__LINUX/" include/linux/unaligned.h tools/include/linux/unaligned.h
|
|
Because hardware will read in multiples of 4 SG entries, ensure
the allocated length is always padded. This was already done
by some callers of ahash_edesc_alloc, but ahash_digest was conspicuously
missing.
In any case, doing it in the allocation function ensures that the
memory is always there.
Reported-by: Guangwu Zhang <[email protected]>
Fixes: a5e5c13398f3 ("crypto: caam - fix S/G table passing page boundary")
Signed-off-by: Herbert Xu <[email protected]>
|
|
Instead of directly casting and returning (void *) pointer, use ERR_CAST
to explicitly return an error-valued pointer. This makes the error handling
more explicit and improves code clarity.
Signed-off-by: Chen Yufan <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Switch cpumask_t to cpumask_var_t as the former may be too big
for the stack:
CC [M] drivers/crypto/caam/qi.o
CC [M] drivers/crypto/caam/caamalg_qi2.o
../drivers/crypto/caam/qi.c: In function ‘caam_qi_init’:
../drivers/crypto/caam/qi.c:808:1: warning: the frame size of 1056 bytes is larger than 1024 bytes [-Wframe-larger-than=]
808 | }
| ^
CHECK ../drivers/crypto/caam/qi.c
../drivers/crypto/caam/caamalg_qi2.c: In function ‘dpaa2_dpseci_setup’:
../drivers/crypto/caam/caamalg_qi2.c:5135:1: warning: the frame size of 1032 bytes is larger than 1024 bytes [-Wframe-larger-than=]
5135 | }
| ^
Also fix the error path handling in qi.c.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Embedding net_device into structures prohibits the usage of flexible
arrays in the net_device structure. For more details, see the discussion
at [1].
Un-embed the net_devices from struct dpaa2_caam_priv_per_cpu by
converting them into pointers, and allocating them dynamically. Use the
leverage alloc_netdev_dummy() to allocate the net_device object at
dpaa2_dpseci_setup().
The free of the device occurs at dpaa2_dpseci_disable().
Link: https://lore.kernel.org/all/[email protected]/ [1]
Signed-off-by: Breno Leitao <[email protected]>
Link: https://patch.msgid.link/[email protected]
Signed-off-by: Jakub Kicinski <[email protected]>
|
|
Embedding net_device into structures prohibits the usage of flexible
arrays in the net_device structure. For more details, see the discussion
at [1].
Un-embed the net_devices from struct caam_qi_pcpu_priv by converting them
into pointers, and allocating them dynamically. Use the leverage
alloc_netdev_dummy() to allocate the net_device object at
caam_qi_init().
The free of the device occurs at caam_qi_shutdown().
Link: https://lore.kernel.org/all/[email protected]/ [1]
Signed-off-by: Breno Leitao <[email protected]>
Link: https://patch.msgid.link/[email protected]
Signed-off-by: Jakub Kicinski <[email protected]>
|
|
As most of the drivers that depend on ARCH_LAYERSCAPE, make
CRYPTO_DEV_FSL_CAAM depend on COMPILE_TEST for compilation and testing.
# grep -r depends.\*ARCH_LAYERSCAPE.\*COMPILE_TEST | wc -l
29
Signed-off-by: Breno Leitao <[email protected]>
Link: https://patch.msgid.link/[email protected]
Signed-off-by: Jakub Kicinski <[email protected]>
|
|
If caam module is built without OF support, the compiler returns the
following warning:
drivers/crypto/caam/ctrl.c:83:34: warning: 'imx8m_machine_match' defined but not used [-Wunused-const-variable=]
imx8m_machine_match is only referenced by of_match_node(), which is set
to NULL if CONFIG_OF is not set, as of commit 5762c20593b6b ("dt: Add
empty of_match_node() macro"):
#define of_match_node(_matches, _node) NULL
Do not create imx8m_machine_match if CONFIG_OF is not set.
Reported-by: kernel test robot <[email protected]>
Closes: https://lore.kernel.org/oe-kbuild-all/[email protected]/
Suggested-by: Jakub Kicinski <[email protected]>
Signed-off-by: Breno Leitao <[email protected]>
Link: https://patch.msgid.link/[email protected]
Signed-off-by: Jakub Kicinski <[email protected]>
|
|
iMX8ULP have a secure-enclave hardware IP called EdgeLock Enclave(ELE),
that control access to caam controller's register page, i.e., page0.
At all, if the ELE release access to CAAM controller's register page,
it will release to secure-world only.
Clocks are turned on automatically for iMX8ULP. There exists the caam
clock gating bit, but it is not advised to gate the clock at linux, as
optee-os or any other entity might be using it.
Signed-off-by: Pankaj Gupta <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Reviewed-by: Horia Geanta <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
CAAM clock initializat is done based on the basis of soc specific
info stored in struct caam_imx_data:
- caam-page0-access flag
- num_clks
CAAM driver needs to be aware of access rights to CAAM control page
i.e., page0, to do things differently.
Signed-off-by: Pankaj Gupta <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
ahash_alg->setkey is updated to ahash_nosetkey in ahash.c
so checking setkey() function to determine hmac algorithm is not valid.
to fix this added is_hmac variable in structure caam_hash_alg to determine
whether the algorithm is hmac or not.
Fixes: 2f1f34c1bf7b ("crypto: ahash - optimize performance when wrapping shash")
Signed-off-by: Gaurav Jain <[email protected]>
Reviewed-by: Eric Biggers <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The .remove() callback for a platform driver returns an int which makes
many driver authors wrongly assume it's possible to do error handling by
returning an error code. However the value returned is (mostly) ignored
and this typically results in resource leaks. To improve here there is a
quest to make the remove callback return void. In the first step of this
quest all drivers are converted to .remove_new() which already returns
void.
The driver adapted here suffers from this wrong assumption. Returning
-EBUSY if there are still users results in resource leaks and probably a
crash. Also further down passing the error code of caam_jr_shutdown() to
the caller only results in another error message and has no further
consequences compared to returning zero.
Still convert the driver to return no value in the remove callback. This
also allows to drop caam_jr_platform_shutdown() as the only function
called by it now has the same prototype.
Signed-off-by: Uwe Kleine-König <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
key buffer is not copied in chachapoly_setkey function,
results in wrong output for encryption/decryption operation.
fix this by memcpy the key in caam_ctx key arrary
Fixes: d6bbd4eea243 ("crypto: caam/jr - add support for Chacha20 + Poly1305")
Signed-off-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
key buffer is not copied in chachapoly_setkey function,
results in wrong output for encryption/decryption operation.
fix this by memcpy the key in caam_ctx key arrary
Fixes: c10a53367901 ("crypto: caam/qi2 - add support for Chacha20 + Poly1305")
Signed-off-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu:
"API:
- Move crypto engine callback from tfm ctx into algorithm object
- Fix atomic sleep bug in crypto_destroy_instance
- Move lib/mpi into lib/crypto
Algorithms:
- Add chacha20 and poly1305 implementation for powerpc p10
Drivers:
- Add AES skcipher and aead support to starfive
- Add Dynamic Boost Control support to ccp
- Add support for STM32P13 platform to stm32"
* tag 'v6.6-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (149 commits)
Revert "dt-bindings: crypto: qcom,prng: Add SM8450"
crypto: chelsio - Remove unused declarations
X.509: if signature is unsupported skip validation
crypto: qat - fix crypto capability detection for 4xxx
crypto: drivers - Explicitly include correct DT includes
crypto: engine - Remove crypto_engine_ctx
crypto: zynqmp - Use new crypto_engine_op interface
crypto: virtio - Use new crypto_engine_op interface
crypto: stm32 - Use new crypto_engine_op interface
crypto: jh7110 - Use new crypto_engine_op interface
crypto: rk3288 - Use new crypto_engine_op interface
crypto: omap - Use new crypto_engine_op interface
crypto: keembay - Use new crypto_engine_op interface
crypto: sl3516 - Use new crypto_engine_op interface
crypto: caam - Use new crypto_engine_op interface
crypto: aspeed - Remove non-standard sha512 algorithms
crypto: aspeed - Use new crypto_engine_op interface
crypto: amlogic - Use new crypto_engine_op interface
crypto: sun8i-ss - Use new crypto_engine_op interface
crypto: sun8i-ce - Use new crypto_engine_op interface
...
|
|
The DT of_device.h and of_platform.h date back to the separate
of_platform_bus_type before it as merged into the regular platform bus.
As part of that merge prepping Arm DT support 13 years ago, they
"temporarily" include each other. They also include platform_device.h
and of.h. As a result, there's a pretty much random mix of those include
files used throughout the tree. In order to detangle these headers and
replace the implicit includes with struct declarations, users need to
explicitly include the correct includes.
Signed-off-by: Rob Herring <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the new crypto_engine_op interface where the callback is stored
in the algorithm object.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Inlucde internal/engine.h because this driver uses directly
accesses attributes inside struct crypto_engine.
Signed-off-by: Herbert Xu <[email protected]>
|
|
There are cases when the interrupt status register (JRINTR) is non-zero,
even though:
1. An interrupt was generated, but it was masked OR
2. There was no interrupt generated at all
for the corresponding job ring.
1. The case when interrupt is masked (JRCFGR_LS[IMSK]=1b'1)
while other events have happened and are being accounted for, e.g.
-JRINTR[HALT]=2b'10 - input job ring underwent a flush of all on-going
jobs and processing of still-existing jobs (sitting in the ring) has been
halted
-JRINTR[HALT]=2b'01 - input job ring is currently undergoing a flush
-JRINTR[ENTER_FAIL]=1b'1 - SecMon / SNVS transitioned to FAIL MODE
It doesn't matter whether these events would assert the interrupt signal
or not, interrupt is anyhow masked.
2. The case when interrupt is not masked (JRCFGR_LS[IMSK]=1b'0), however
the events accounted for in JRINTR do not generate interrupts, e.g.:
-JRINTR[HALT]=2b'01
-JRINTR[ENTER_FAIL]=1b'1 and JRCFGR_MS[FAIL_MODE]=1b'0
Currently in these cases, when the JR interrupt handler is invoked (as a
consequence of JR sharing the interrupt line with other devices - e.g.
the two JRs on i.MX7ULP) it continues execution instead of returning
IRQ_NONE.
This could lead to situations like interrupt handler clearing JRINTR (and
thus also the JRINTR[HALT] field) while corresponding job ring is
suspended and then that job ring failing on resume path, due to expecting
JRINTR[HALT]=b'10 and reading instead JRINTR[HALT]=b'00.
Fix this by checking status of JRINTR[JRI] in the JR interrupt handler.
If JRINTR[JRI]=1b'0, there was no interrupt generated for this JR and
handler must return IRQ_NONE.
Signed-off-by: Horia Geantă <[email protected]>
Signed-off-by: Meenakshi Aggarwal <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
In caam_jr_enqueue, under heavy DDR load, smp_wmb() or dma_wmb()
fail to make the input ring be updated before the CAAM starts
reading it. So, CAAM will process, again, an old descriptor address
and will put it in the output ring. This will make caam_jr_dequeue()
to fail, since this old descriptor is not in the software ring.
To fix this, use wmb() which works on the full system instead of
inner/outer shareable domains.
Signed-off-by: Iuliana Prodan <[email protected]>
Signed-off-by: Meenakshi Aggarwal <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
error:
Unchecked return value (CHECKED_RETURN)
check_return: Calling sg_miter_next without checking return value
fix:
added check if(!sg_miter_next)
Fixes: 8a2a0dd35f2e ("crypto: caam - strip input zeros from RSA input buffer")
Signed-off-by: Gaurav Jain <[email protected]>
Signed-off-by: Meenakshi Aggarwal <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The newly added PM operations use the deprecated SIMPLE_DEV_PM_OPS() macro,
causing a warning in some configurations:
drivers/crypto/caam/ctrl.c:828:12: error: 'caam_ctrl_resume' defined but not used [-Werror=unused-function]
828 | static int caam_ctrl_resume(struct device *dev)
| ^~~~~~~~~~~~~~~~
drivers/crypto/caam/ctrl.c:818:12: error: 'caam_ctrl_suspend' defined but not used [-Werror=unused-function]
818 | static int caam_ctrl_suspend(struct device *dev)
| ^~~~~~~~~~~~~~~~~
drivers/crypto/caam/jr.c:732:12: error: 'caam_jr_resume' defined but not used [-Werror=unused-function]
732 | static int caam_jr_resume(struct device *dev)
| ^~~~~~~~~~~~~~
drivers/crypto/caam/jr.c:687:12: error: 'caam_jr_suspend' defined but not used [-Werror=unused-function]
687 | static int caam_jr_suspend(struct device *dev)
| ^~~~~~~~~~~~~~~
Use the normal DEFINE_SIMPLE_DEV_PM_OPS() variant now, and use pm_ptr() to
completely eliminate the structure in configs without CONFIG_PM.
Fixes: 322d74752c28a ("crypto: caam - add power management support")
Signed-off-by: Arnd Bergmann <[email protected]>
Reviewed-by: Meenakshi Aggarwal <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This reverts commit ef492d080302913e85122a2d92efa2ca174930f8.
This patch breaks the RNG on i.MX8MM.
Reported-by: Bastian Krause <[email protected]>
Link: https://lore.kernel.org/all/[email protected]/
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add support for suspend and resume operation for PM in CAAM driver.
When the CAAM goes in suspend, the hardware is considered to do nothing.
On some platforms, the power of the CAAM is not turned off so it keeps
its configuration.
On other platforms, it doesn't so it is necessary to save the state of
the CAAM:
- JRs MID
- Address of input and output rings
Signed-off-by: Horia Geanta <[email protected]>
Signed-off-by: Victoria Milhoan <[email protected]>
Signed-off-by: Dan Douglass <[email protected]>
Signed-off-by: Vipul Kumar <[email protected]>
Signed-off-by: Franck LENORMAND <[email protected]>
Signed-off-by: Meenakshi Aggarwal <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The structure partid is not suitable to represent the DECO MID register.
This patch replace partid by masterid which is more appropriate.
Signed-off-by: Franck LENORMAND <[email protected]>
Signed-off-by: Horia Geantă <[email protected]>
Signed-off-by: Meenakshi Aggarwal <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
On memory allocation failure, the function calling stack is already logged.
So there is no need to explicitly log an extra message.
Remove them, ans simplify some code accordingly.
Signed-off-by: Christophe JAILLET <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use struct_size() instead of hand-writing it, when allocating a structure
with a flex array.
This is less verbose, more robust and more informative.
Signed-off-by: Christophe JAILLET <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu:
"API:
- Add linear akcipher/sig API
- Add tfm cloning (hmac, cmac)
- Add statesize to crypto_ahash
Algorithms:
- Allow only odd e and restrict value in FIPS mode for RSA
- Replace LFSR with SHA3-256 in jitter
- Add interface for gathering of raw entropy in jitter
Drivers:
- Fix race on data_avail and actual data in hwrng/virtio
- Add hash and HMAC support in starfive
- Add RSA algo support in starfive
- Add support for PCI device 0x156E in ccp"
* tag 'v6.5-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (85 commits)
crypto: akcipher - Do not copy dst if it is NULL
crypto: sig - Fix verify call
crypto: akcipher - Set request tfm on sync path
crypto: sm2 - Provide sm2_compute_z_digest when sm2 is disabled
hwrng: imx-rngc - switch to DEFINE_SIMPLE_DEV_PM_OPS
hwrng: st - keep clock enabled while hwrng is registered
hwrng: st - support compile-testing
hwrng: imx-rngc - fix the timeout for init and self check
KEYS: asymmetric: Use new crypto interface without scatterlists
KEYS: asymmetric: Move sm2 code into x509_public_key
KEYS: Add forward declaration in asymmetric-parser.h
crypto: sig - Add interface for sign/verify
crypto: akcipher - Add sync interface without SG lists
crypto: cipher - On clone do crypto_mod_get()
crypto: api - Add __crypto_alloc_tfmgfp
crypto: api - Remove crypto_init_ops()
crypto: rsa - allow only odd e and restrict value in FIPS mode
crypto: geniv - Split geniv out of AEAD Kconfig option
crypto: algboss - Add missing dependency on RNG2
crypto: starfive - Add RSA algo support
...
|
|
TRNG "sample size" (the total number of entropy samples that will be taken
during entropy generation) default / POR value is very conservatively
set to 2500.
Let's set it to 512, the same as the caam driver in U-boot
(drivers/crypto/fsl_caam.c) does.
This solves the issue of RNG performance dropping after a suspend/resume
cycle on parts where caam loses power, since the initial U-boot setttings
are lost and kernel does not restore them when resuming.
Note: when changing the sample size, the self-test parameters need to be
updated accordingly.
Signed-off-by: Horia Geantă <[email protected]>
Signed-off-by: Meenakshi Aggarwal <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
CAAM includes a Random Number Generator. This change adds
a kernel configuration option to test the RNG's capabilities via the
hw_random framework.
Signed-off-by: Victoria Milhoan <[email protected]>
Signed-off-by: Dan Douglass <[email protected]>
Signed-off-by: Vipul Kumar <[email protected]>
Signed-off-by: Horia Geantă <[email protected]>
Signed-off-by: Meenakshi Aggarwal <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Adjust RNG timing parameters to support more i.MX6 devices.
Signed-off-by: Victoria Milhoan <[email protected]>
Signed-off-by: Dan Douglass <[email protected]>
Signed-off-by: Vipul Kumar <[email protected]>
Signed-off-by: Horia Geantă <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The value returned by an fsl-mc driver's remove function is mostly
ignored. (Only an error message is printed if the value is non-zero
and then device removal continues unconditionally.)
So change the prototype of the remove function to return no value. This
way driver authors are not tempted to assume that passing an error to
the upper layer is a good idea. All drivers are adapted accordingly.
There is no intended change of behaviour, all callbacks were prepared to
return 0 before.
Signed-off-by: Uwe Kleine-König <[email protected]>
Reviewed-by: Ioana Ciornei <[email protected]>
Tested-by: Ioana Ciornei <[email protected]> # sanity checks
Reviewed-by: Laurentiu Tudor <[email protected]>
Tested-by: Laurentiu Tudor <[email protected]>
Signed-off-by: Li Yang <[email protected]>
|
|
Since, CAAM driver is probed before soc_device_attribute done as part of:
- drivers/soc/imx/soc-imx8m.c (for i.MX8M)
- drivers/firmware/imx/ele_mu.c (EdgeLock Enclave kernel driver, for i.MX8ULP)
It is needed to return -EPROBE_DEFER, after calling soc_device_match() in
drivers/crypto/caam/ctrl.c.
soc_device_match returns NULL for:
- i.MX8M
- i.MX8ULP,
can be considered that the SoC device has not been probed yet.
Hence, it returns -EPROBE_DEFER directly.
caam: imx: change to use of_match_node in run_descriptor_deco0
Providing imx8m_machine_match to match:
- i.MX8M{Q,M,N,P},
- i.MX8ULP,
so as to start using of_match_node, to simplify the code.
Signed-off-by: Alice Guo <[email protected]>
Signed-off-by: Pankaj Gupta <[email protected]>
Reviewed-by: Dong Aisheng <[email protected]>
Reviewed-by: Horia Geanta <[email protected]>
Acked-by: Peng Fan <[email protected]>
Acked-by: Alice Guo <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
RNG (re-)initialization will be needed on pm resume path,
thus refactor the corresponding code out of the probe callback.
Signed-off-by: Horia GeantA <[email protected]>
Signed-off-by: Leonard Crestez <[email protected]>
Signed-off-by: Dong Aisheng <[email protected]>
Signed-off-by: Meenakshi Aggarwal <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
caam driver needs to be aware of OP-TEE f/w presence, since some things
are done differently:
1. there is no access to controller's register page (note however that
some registers are aliased in job rings' register pages)
2 Due to this, MCFGR[PS] cannot be read and driver assumes
MCFGR[PS] = b'0 - engine using 32-bit address pointers.
This is in sync with the fact that:
-all i.MX SoCs currently use MCFGR[PS] = b'0
-only i.MX OP-TEE use cases don't allow access to controller register page
Signed-off-by: Horia GeantA <[email protected]>
Signed-off-by: Meenakshi Aggarwal <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use job ring register map, in place of controller register map
to access page 0 registers, as access to the controller register
map is not permitted.
Signed-off-by: Horia GeantA <[email protected]>
Signed-off-by: Gaurav Jain <[email protected]>
Signed-off-by: Meenakshi Aggarwal <[email protected]>
Reviewed-by: Varun Sethi <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
According to the comment at the end of the 'for' loop just a few lines
below, it looks needed to clear 'desc'.
So it should also be cleared for the first iteration.
Move the memset() to the beginning of the loop to be safe.
Fixes: 281922a1d4f5 ("crypto: caam - add support for SEC v5.x RNG4")
Signed-off-by: Christophe JAILLET <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Pointer variables of void * type do not require type cast.
Signed-off-by: Yu Zhe <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
add .shutdown hook in caam_jr driver to support kexec boot
Signed-off-by: Gaurav Jain <[email protected]>
Tested-by: Vijay Balakrishna <[email protected]>
Reviewed-by: Pankaj Gupta <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Issues:
- Job ring device is busy when do kexec reboot
- Failed to flush job ring when do system suspend-resume
Fix:
Flush the job ring to stop the running jobs.
Signed-off-by: Horia Geanta <[email protected]>
Signed-off-by: Franck LENORMAND <[email protected]>
Reviewed-by: Pankaj Gupta <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The attempt to add DMA alignment padding by moving IV to the front
of edesc was completely broken as it didn't change the places where
edesc was freed.
It's also wrong as the IV may still share a cache-line with the
edesc.
Fix this by restoring the original layout and simply reserving
enough memmory so that the IV is on a DMA cache-line by itself.
Reported-by: Meenakshi Aggarwal <[email protected]>
Fixes: 199354d7fb6e ("crypto: caam - Remove GFP_DMA and add DMA alignment padding")
Signed-off-by: Herbert Xu <[email protected]>
|
|
Instead of calling the base completion function directly, use the
correct ahash helper which is ahash_request_complete.
Signed-off-by: Herbert Xu <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
GFP_DMA does not guarantee that the returned memory is aligned
for DMA. It should be removed where it is superfluous.
However, kmalloc may start returning DMA-unaligned memory in future
so fix this by adding the alignment by hand.
Signed-off-by: Herbert Xu <[email protected]>
|
|
Certain versions of gcc don't like the memcpy with a NULL dst
(which only happens with a zero length). This only happens
when debugging is enabled so add an if clause to work around
these warnings.
A similar warning used to be generated by sparse but that was
fixed years ago.
Link: https://lore.kernel.org/lkml/[email protected]
Reported-by: kernel test robot <[email protected]>
Reported-by: Kees Cook <[email protected]>
Reported-by: Uwe Kleine-König <[email protected]>
Tested-by: Uwe Kleine-König <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
IO memory access has to be done with accessors defined in caam/regs.h
as there are little-endian architectures with a big-endian CAAM unit.
Fixes: 6a83830f649a ("crypto: caam - warn if blob_gen key is insecure")
Signed-off-by: Nikolaus Voss <[email protected]>
Reviewed-by: Ahmad Fatoum <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This driver has been implicitly relying on kmalloc alignment
to be sufficient for DMA. This may no longer be the case with
upcoming arm64 changes.
This patch changes it to explicitly request DMA alignment from
the Crypto API.
Signed-off-by: Herbert Xu <[email protected]>
|
|
The value of reqsize must only be changed through the helper.
Signed-off-by: Herbert Xu <[email protected]>
Reviewed-by: Gaurav Jain <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
If CAAM is not in "trusted" or "secure" state, a fixed non-volatile key
is used instead of the unique device key. This is the default mode of
operation without secure boot (HAB). In this scenario, CAAM encrypted
blobs should be used only for testing but not in a production
environment, so issue a warning.
Signed-off-by: Nikolaus Voss <[email protected]>
Reviewed-by: Ahmad Fatoum <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Most hw_random devices return entropy which is assumed to be of full
quality, but driver authors don't bother setting the quality knob. Some
hw_random devices return less than full quality entropy, and then driver
authors set the quality knob. Therefore, the entropy crediting should be
opt-out rather than opt-in per-driver, to reflect the actual reality on
the ground.
For example, the two Raspberry Pi RNG drivers produce full entropy
randomness, and both EDK2 and U-Boot's drivers for these treat them as
such. The result is that EFI then uses these numbers and passes the to
Linux, and Linux credits them as boot, thereby initializing the RNG.
Yet, in Linux, the quality knob was never set to anything, and so on the
chance that Linux is booted without EFI, nothing is ever credited.
That's annoying.
The same pattern appears to repeat itself throughout various drivers. In
fact, very very few drivers have bothered setting quality=1024.
Looking at the git history of existing drivers and corresponding mailing
list discussion, this conclusion tracks. There's been a decent amount of
discussion about drivers that set quality < 1024 -- somebody read and
interepreted a datasheet, or made some back of the envelope calculation
somehow. But there's been very little, if any, discussion about most
drivers where the quality is just set to 1024 or unset (or set to 1000
when the authors misunderstood the API and assumed it was base-10 rather
than base-2); in both cases the intent was fairly clear of, "this is a
hardware random device; it's fine."
So let's invert this logic. A hw_random struct's quality knob now
controls the maximum quality a driver can produce, or 0 to specify 1024.
Then, the module-wide switch called "default_quality" is changed to
represent the maximum quality of any driver. By default it's 1024, and
the quality of any particular driver is then given by:
min(default_quality, rng->quality ?: 1024);
This way, the user can still turn this off for weird reasons (and we can
replace whatever driver-specific disabling hacks existed in the past),
yet we get proper crediting for relevant RNGs.
Cc: Dominik Brodowski <[email protected]>
Cc: Ard Biesheuvel <[email protected]>
Cc: Herbert Xu <[email protected]>
Signed-off-by: Jason A. Donenfeld <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
caam has its own special NAPI weights. It's also a crypto device
so presumably it can't be used for packet Rx. Switch to the (new)
correct API.
Signed-off-by: Jakub Kicinski <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|