| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Pointer ctx is being re-assigned with the same value as it
was initialized with. The second assignment is redundant and
can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
When a PCI device will be removed, cxgb4(LLD) will notify chcr(ULD).
Incase if it's a last pci device, chcr should un-register all the crypto
algorithms.
Signed-off-by: Devulapally Shiva Krishna <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
This patch adds AES driver support for the Xilinx ZynqMP SoC.
Signed-off-by: Mohan Marutirao Dhanawade <[email protected]>
Signed-off-by: Kalyani Akula <[email protected]>
Acked-by: Michal Simek <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
kctx_len = (ntohl(KEY_CONTEXT_CTX_LEN_V(aeadctx->key_ctx_hdr)) << 4)
- sizeof(chcr_req->key_ctx);
can't possibly be endian-safe. Look: ->key_ctx_hdr is __be32. And
KEY_CONTEXT_CTX_LEN_V is "shift up by 24 bits". On little-endian hosts it
sees
b0 b1 b2 b3
in memory, inteprets that into b0 + (b1 << 8) + (b2 << 16) + (b3 << 24),
shifts up by 24, resulting in b0 << 24, does ntohl (byteswap on l-e),
gets b0 and shifts that up by 4. So we get b0 * 16 - sizeof(...).
Sounds reasonable, but on b-e we get
b3 + (b2 << 8) + (b1 << 16) + (b0 << 24), shift up by 24,
yielding b3 << 24, do ntohl (no-op on b-e) and then shift up by 4.
Resulting in b3 << 28 - sizeof(...), i.e. slightly under b3 * 256M.
Then we increase it some more and pass to alloc_skb() as size.
Somehow I doubt that we really want a quarter-gigabyte skb allocation
here...
Note that when you are building those values in
#define FILL_KEY_CTX_HDR(ck_size, mk_size, d_ck, opad, ctx_len) \
htonl(KEY_CONTEXT_VALID_V(1) | \
KEY_CONTEXT_CK_SIZE_V((ck_size)) | \
KEY_CONTEXT_MK_SIZE_V(mk_size) | \
KEY_CONTEXT_DUAL_CK_V((d_ck)) | \
KEY_CONTEXT_OPAD_PRESENT_V((opad)) | \
KEY_CONTEXT_SALT_PRESENT_V(1) | \
KEY_CONTEXT_CTX_LEN_V((ctx_len)))
ctx_len ends up in the first octet (i.e. b0 in the above), which
matches the current behaviour on l-e. If that's the intent, this
thing should've been
kctx_len = (KEY_CONTEXT_CTX_LEN_G(ntohl(aeadctx->key_ctx_hdr)) << 4)
- sizeof(chcr_req->key_ctx);
instead - fetch after ntohl() we get (b0 << 24) + (b1 << 16) + (b2 << 8) + b3,
shift it down by 24 (b0), resuling in b0 * 16 - sizeof(...) both on l-e and
on b-e.
PS: when sparse warns you about endianness problems, it might be worth checking
if there really is something wrong. And I don't mean "slap __force cast on it"...
Signed-off-by: Al Viro <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by
this change:
"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")
Signed-off-by: Gustavo A. R. Silva <[email protected]>
Acked-by: Kamil Konieczny <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by
this change:
"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")
Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add crypto_engine support for HASH algorithms, to make use of
the engine queue.
The requests, with backlog flag, will be listed into crypto-engine
queue and processed by CAAM when free.
Only the backlog request are sent to crypto-engine since the others
can be handled by CAAM, if free, especially since JR has up to 1024
entries (more than the 10 entries from crypto-engine).
Signed-off-by: Iuliana Prodan <[email protected]>
Reviewed-by: Horia Geantă <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add crypto_engine support for RSA algorithms, to make use of
the engine queue.
The requests, with backlog flag, will be listed into crypto-engine
queue and processed by CAAM when free. In case the queue is empty,
the request is directly sent to CAAM.
Only the backlog request are sent to crypto-engine since the others
can be handled by CAAM, if free, especially since JR has up to 1024
entries (more than the 10 entries from crypto-engine).
Signed-off-by: Iuliana Prodan <[email protected]>
Reviewed-by: Horia Geantă <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Add crypto_engine support for AEAD algorithms, to make use of
the engine queue.
The requests, with backlog flag, will be listed into crypto-engine
queue and processed by CAAM when free.
If sending just the backlog request to crypto-engine, and non-blocking
directly to CAAM, the latter requests have a better chance to be
executed since JR has up to 1024 entries, more than the 10 entries
from crypto-engine.
Signed-off-by: Iuliana Prodan <[email protected]>
Reviewed-by: Horia Geantă <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Integrate crypto_engine into CAAM, to make use of the engine queue.
Add support for SKCIPHER algorithms.
This is intended to be used for CAAM backlogging support.
The requests, with backlog flag (e.g. from dm-crypt) will be listed
into crypto-engine queue and processed by CAAM when free.
This changes the return codes for enqueuing a request:
-EINPROGRESS if OK, -EBUSY if request is backlogged (via
crypto-engine), -ENOSPC if the queue is full, -EIO if it
cannot map the caller's descriptor.
The requests, with backlog flag, will be listed into crypto-engine
queue and processed by CAAM when free. Only the backlog request are
sent to crypto-engine since the others can be handled by CAAM, if free,
especially since JR has up to 1024 entries (more than the 10 entries
from crypto-engine).
Signed-off-by: Iuliana Prodan <[email protected]>
Signed-off-by: Franck LENORMAND <[email protected]>
Reviewed-by: Horia Geantă <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Based on commit 6b80ea389a0b ("crypto: change transient busy return code to -ENOSPC"),
change the return code of caam_jr_enqueue function to -EINPROGRESS, in
case of success, -ENOSPC in case the CAAM is busy (has no space left
in job ring queue), -EIO if it cannot map the caller's descriptor.
Update, also, the cases for resource-freeing for each algorithm type.
This is done for later use, on backlogging support in CAAM.
Signed-off-by: Iuliana Prodan <[email protected]>
Reviewed-by: Horia Geanta <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Create a common rsa_priv_f_done function, which based
on private key form calls the specific unmap function.
Signed-off-by: Iuliana Prodan <[email protected]>
Reviewed-by: Horia Geanta <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Changed parameters for ahash_edesc_alloc function:
- remove flags since they can be computed in
ahash_edesc_alloc, the only place they are needed;
- use ahash_request instead of caam_hash_ctx, to be
able to compute gfp flags.
Signed-off-by: Iuliana Prodan <[email protected]>
Reviewed-by: Horia Geanta <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Create two common ahash_done_* functions with the dma
direction as parameter. Then, these 2 are called with
the proper direction for unmap.
Signed-off-by: Iuliana Prodan <[email protected]>
Reviewed-by: Horia Geanta <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Create a common crypt function for each skcipher/aead/gcm/chachapoly
algorithms and call it for encrypt/decrypt with the specific boolean -
true for encrypt and false for decrypt.
Signed-off-by: Iuliana Prodan <[email protected]>
Reviewed-by: Horia Geanta <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Fix a typo in a comment.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
As the lifetime of the hash data matches the lifetime of the driver,
hash data can be allocated using the managed allocators.
While at it, simplify cc_hash_free() by removing an unneeded check
(hash_handle is always valid here).
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
As the lifetime of the cipher data matches the lifetime of the driver,
cipher data can be allocated using the managed allocators.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
As the lifetime of the AEAD data matches the lifetime of the driver,
AEAD data can be allocated using the managed allocators.
While at it, simplify cc_aead_free() by removing an unneeded cast, and
an unneeded check (aead_handle is always valid here).
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the existing dev helper variable instead of plat_dev->dev.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Fix grammar in a comment.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Fix a typo in a comment.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Miscellaneous improvements:
- Start comment blocks with "/**" to enable kerneldoc,
- Mark parameters using "@" instead of "\param",
- Fix typos in parameter names,
- Add missing function names to kerneldoc headers,
- Add missing parameter and return value descriptions.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Miscellaneous improvements:
- Start comment blocks with "/**" to enable kerneldoc,
- Mark parameters using "@" instead of "\param",
- Fix copied is_dout parameter of cc_send_request(),
- Add missing function names to kerneldoc headers,
- Add missing parameter descriptions.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Miscellaneous improvements:
- Start comment blocks with "/**" to enable kerneldoc,
- Mark parameters using "@" instead of "\param",
- Add missing function names to kerneldoc headers,
- Add missing parameter descriptions.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Miscellaneous improvements:
- Add missing parameter and return value descriptions.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Miscellaneous improvements:
- Start comment blocks with "/**" to enable kerneldoc,
- Fix descriptor type of set_dout_mlli(),
- Fix copied config parameter of set_cipher_config1(),
- Fix copied config parameter of set_bytes_swap(),
- Add missing function names to kerneldoc headers,
- Add missing parameter descriptions,
- Remove descriptions for nonexistent parameters,
- Add missing colons,
- Remove references to obsolete camelcase parameter names,
- Sort according to actual parameter order,
- Fix grammar and spelling.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Normal comments should start with "/*".
"/**" is reserver for kerneldoc.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Extract the copy to SRAM of the initial values for a hash algorithm into
its own function, to improve readability and ease maintenance.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The cc_cipher_handle structure contains only a single member, and only
one instance exists. Simplify the code and reduce memory consumption by
moving this member to struct cc_drvdata.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The buff_mgr_handle structure contains only a single member, and only
one instance exists. Simplify the code and reduce memory consumption by
moving this member to struct cc_drvdata.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The cc_debugfs_ctx structure contains only a single member, and only one
instance exists. Simplify the code and reduce memory consumption by
moving this member to struct cc_drvdata.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The cc_sram_ctx structure contains only a single member, and only one
instance exists. Simplify the code and reduce memory consumption by
moving this member to struct cc_drvdata.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
cc_pm_suspend() and cc_pm_resume() are not used outside
drivers/crypto/ccree/cc_pm.c.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
If CONFIG_PM=y, cc_pm_is_dev_suspended() is just a wrapper around
pm_runtime_suspended().
If CONFIG_PM=n, cc_pm_is_dev_suspended() a dummy that behaves exactly
the same as the dummy for pm_runtime_suspended().
Hence remove cc_pm_is_dev_suspended(), and call pm_runtime_suspended()
directly.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
If the driver is probed, it means a match was found in
arm_ccree_dev_of_match[]. Hence we can just use the
of_device_get_match_data() helper.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Currently, a large part of the probe function runs before Runtime PM is
enabled. As the driver manages the device's clock manually, this may
work fine on some systems, but may break on platforms with a more
complex power hierarchy.
Fix this by moving the initialization of Runtime PM before the first
register access (in cc_wait_for_reset_completion()), and putting the
device to sleep only after the last access (in cc_set_ree_fips_status()).
This allows to remove the pm_on flag, which was used to track manually
if Runtime PM had been enabled or not.
Remove the cc_pm_{init,go,fini}() wrappers, as they are called only
once, and obscure operation.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
SRAM addresses are small integer offsets into local SRAM. Currently
they are stored using a mixture of cc_sram_addr_t (u64), u32, and
dma_addr_t types.
Settle on u32, and remove the cc_sram_addr_t typedefs.
This allows to drop several casts.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
The SRAM allocator does not support deallocating memory.
Hence remove all references to freeing SRAM.
Fix grammar while at it.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
While the larval digest addresses are not always used in
cc_get_plain_hmac_key() and cc_hash_digest(), they are always
calculated.
Defer their calculations to the points where needed.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use the existing lower_32_bits() and upper_32_bits() macros instead of
explicit casts and shifts to split a 64-bit address in its two 32-bit
parts.
Drop the superfluous cast to "u16", as the FIELD_PREP() macro already
masks it to the specified field width.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
mlli_params.mlli_virt_addr is just a buffer of memory.
This allows to drop a cast.
No change in generated code.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Use devm_clk_get_optional() instead of devm_clk_get() and explicit
optional clock handling.
As clk_prepare_enable() and clk_disable_unprepare() handle optional
clocks fine, the cc_clk_on() and cc_clk_off() wrappers can be removed.
While at it, use the new "%pe" format specifier to print error codes.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
cc_sram_mgr_fini() doesn't do anything, so it can just be removed.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
When no SRAM can be allocated, cc_sram_alloc() already prints an error
message. Hence there is no need to duplicate this in all callers.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Due to the way the hardware works, every double word in the SHA384 and
SHA512 larval hashes must be swapped. Currently this is done at run
time, during driver initialization.
However, this swapping can easily be done at build time. Treating each
double word as two words has the benefit of changing the larval hashes'
types from u64[] to u32[], like for all other hashes, and allows
dropping the casts and size doublings when calling cc_set_sram_desc().
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Unneeded casts prevent the compiler from performing valuable checks.
This is especially true for function pointers.
Remove these casts, to prevent silently introducing bugs when a
variable's type might be changed in the future.
No change in generated code.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
If cc_queues_status() indicates that the queue is full,
cc_send_sync_request() should loop and retry.
However, cc_queues_status() returns either 0 (for success), or -ENOSPC
(for queue full), while cc_send_sync_request() checks for real errors by
comparing with -EAGAIN. Hence -ENOSPC is always considered a real
error, and the code never retries the operation.
Fix this by just removing the check, as cc_queues_status() never returns
any other error value than -ENOSPC.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Acked-by: Gilad Ben-Yossef <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Reading the debugfs files under /sys/kernel/debug/ccree/ can be done by
the user at any time. On R-Car SoCs, the CCREE device is power-managed
using a moduile clock, and if this clock is not running, bogus register
values may be read.
Fix this by filling in the debugfs_regset32.dev field, so debugfs will
make sure the device is resumed while its registers are being read.
This fixes the bogus values (0x00000260) in the register dumps on R-Car
H3 ES1.0:
-e6601000.crypto/regs:HOST_IRR = 0x00000260
-e6601000.crypto/regs:HOST_POWER_DOWN_EN = 0x00000260
+e6601000.crypto/regs:HOST_IRR = 0x00000038
+e6601000.crypto/regs:HOST_POWER_DOWN_EN = 0x00000038
e6601000.crypto/regs:AXIM_MON_ERR = 0x00000000
e6601000.crypto/regs:DSCRPTR_QUEUE_CONTENT = 0x000002aa
-e6601000.crypto/regs:HOST_IMR = 0x00000260
+e6601000.crypto/regs:HOST_IMR = 0x017ffeff
e6601000.crypto/regs:AXIM_CFG = 0x001f0007
e6601000.crypto/regs:AXIM_CACHE_PARAMS = 0x00000000
-e6601000.crypto/regs:GPR_HOST = 0x00000260
+e6601000.crypto/regs:GPR_HOST = 0x017ffeff
e6601000.crypto/regs:AXIM_MON_COMP = 0x00000000
-e6601000.crypto/version:SIGNATURE = 0x00000260
-e6601000.crypto/version:VERSION = 0x00000260
+e6601000.crypto/version:SIGNATURE = 0xdcc63000
+e6601000.crypto/version:VERSION = 0xaf400001
Note that this behavior is system-dependent, and the issue does not show
up on all R-Car Gen3 SoCs and boards. Even when the device is
suspended, the module clock may be left enabled, if configured by the
firmware for Secure Mode, or when controlled by the Real-Time Core.
Signed-off-by: Geert Uytterhoeven <[email protected]>
Acked-by: Gilad Ben-Yossef <[email protected]>
Acked-by: Rafael J. Wysocki <[email protected]>
Reviewed-by: Niklas Söderlund <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|
|
Register qm to uacce framework for user crypto driver
Reviewed-by: Greg Kroah-Hartman <[email protected]>
Reviewed-by: Jonathan Cameron <[email protected]>
Signed-off-by: Zhangfei Gao <[email protected]>
Signed-off-by: Zhou Wang <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
|