Age | Commit message (Collapse) | Author |
|
Use dma_mapping_error for every dma_map_single / dma_map_page.
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Acked-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(cherry picked from commit ce572085282128d57324aabf415673dfbfa32d54)
Conflicts:
drivers/crypto/caam/caamalg.c
Change-Id: I1e2466043f87dc74c955ebfae0aad45be7ac8de9
Reviewed-on: http://git.am.freescale.net:8181/17741
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
Reviewed-by: Zhengxiong Jin <Jason.Jin@freescale.com>
Tested-by: Zhengxiong Jin <Jason.Jin@freescale.com>
|
|
dma_mapping_error checks for an incorrect DMA address:
s/ctx->sh_desc_enc_dma/ctx->sh_desc_dec_dma
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Acked-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(cherry picked from commit 71c65f7c90a176877ad1aa87b752217db61148a8)
Change-Id: If55f0e154763c9a293adc6fbc44e9eb01e5fcbc5
Reviewed-on: http://git.am.freescale.net:8181/17740
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Zhengxiong Jin <Jason.Jin@freescale.com>
Tested-by: Zhengxiong Jin <Jason.Jin@freescale.com>
|
|
At few places in caamhash and caamalg, after allocating a dmable
buffer for sg table , the buffer was being modified. As per
definition of DMA_FROM_DEVICE ,afer allocation the memory should
be treated as read-only by the driver. This patch shifts the
allocation of dmable buffer for sg table after it is populated
by the driver, making it read-only as per the DMA API's requirement.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(cherry picked from commit 1da2be33ad4c30a2b1d5fe3053b5b7f63e6e2baa)
Change-Id: I485040b955e27772c20623f037e8a5167404c18d
Reviewed-on: http://git.am.freescale.net:8181/17736
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Zhengxiong Jin <Jason.Jin@freescale.com>
Tested-by: Zhengxiong Jin <Jason.Jin@freescale.com>
|
|
The variable 'keys_fit_inline' is initialised correctly to avoid using
its stale value while creating shared descriptor for decryption and
given-iv-encryption.
Signed-off-by: Vakul Garg <vakul@freescale.com>
Change-Id: I4e1482a7c9ea21b02523f90fc9ed68a61817c0be
Reviewed-on: http://git.am.freescale.net:8181/11546
Reviewed-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
The Shared Descriptor's relative offsets vary depending on the keys length.
Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
Change-Id: Iaf72d57ceb2c048057ca33a2bb5c9a02ca4680db
Reviewed-on: http://git.am.freescale.net:8181/11470
Reviewed-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
Reviewed-by: Madalin-Cristian Bucur <madalin.bucur@freescale.com>
|
|
Replace instructions that are not supported in Era3 and Era2.
Change-Id: I6e22625a23acfc300bb55dc56a444568cdf04fc5
Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/10817
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
There is only one key for the aes gcm algorithm.
Change-Id: I1f53edf41319083aa34ac9b948bc35c3d7886dde
Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/10816
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
Only one DECO can access a given shared CHA, so waiting for CHAs
to be done is not necessary when jumping the keys.
SELF condition has no sense for the SERIAL sharing since the jobs
are executed in the same DECO.
Change-Id: I5501a9646a55913ca8a2f98dc246bf6ff2f08df0
Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/10814
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
Add support for AES working in Galois Counter Mode.
There is a limitation related to IV size, similar to the one present in
SW implementation (crypto/gcm.c):
The only IV size allowed is 12 bytes. It will be padded by HW to the right
with 0x0000_0001 (up to 16 bytes - AES block size), according to the GCM
specification.
Change-Id: I3cca960678049bae3e387bc13f399c787ac6ac80
Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/10492
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Alexandru Porosanu <alexandru.porosanu@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
Add support for the following combinations:
-encryption: null
-authentication: md5, sha* (1, 224, 256, 384, 512)
Change-Id: I610815e59527b75277d8af45bac4b37467ac24c0
Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/10491
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Alexandru Porosanu <alexandru.porosanu@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
Commit 61bb86bba169507a5f223b94b9176c32c84b4721
("crypto: caam - set descriptor sharing type to SERIAL")
changed the descriptor sharing mode from SHARE_WAIT to SHARE_SERIAL.
All descriptor commands that handle the "ok to share" and
"error propagation" settings should also go away, since they have no
meaning for SHARE_SERIAL.
Change-Id: Ia4343fec64b653fa231abca7cd2660c0b653c8b1
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/10488
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Tudor-Dan Ambarus <tudor.ambarus@freescale.com>
Reviewed-by: Alexandru Porosanu <alexandru.porosanu@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
(struct caam_ctx) ctx->key_dma needs to be unmapped
when context is cleaned up.
Change-Id: I547568ab769a88241970950dad56666b4acf5516
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/10487
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
Reviewed-by: Tudor-Dan Ambarus <tudor.ambarus@freescale.com>
Reviewed-by: Alexandru Porosanu <alexandru.porosanu@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
The descriptor tries to push more data into the IFIFO
than its size (128 bytes) or existing free space and the DECO hangs.
Drain the IFIFO before loading data into it.
Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
Change-Id: Ie59760908b821f9c64273d83f4a8cf00e45e08df
Reviewed-on: http://git.am.freescale.net:8181/9991
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
Reviewed-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
Reviewed-by: Alexandru Porosanu <alexandru.porosanu@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
(cherry picked from commit 215baf1dc9baf5504cec0e176b390499862e4b09)
Reviewed-on: http://git.am.freescale.net:8181/10378
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
|
|
The tls1.0 decrypt crypto engine descriptor did not handle correctly
the case when the ciphertext contained only the authentication tag and
padding (i.e. pre ICV length is zero).
While here, add a test vector in test manager for this case.
Change-Id: Ic3b12f1f9581b992b49d73f335d2ec991d92f1ad
Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/7063
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
Reviewed-by: Thomas Trefny <Tom.Trefny@freescale.com>
Tested-by: Zhenhua Luo <zhenhua.luo@freescale.com>
(cherry picked from commit 5c235b1ce4ad0b53e86fe157b4add7079934f614)
Reviewed-on: http://git.am.freescale.net:8181/10377
Reviewed-by: Alexandru Porosanu <alexandru.porosanu@freescale.com>
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
Commit 33de5f5c7455aea05b48d46f3024f78ecc83dc4b
(crypto: caam - add support for TLS 1.0 record)
added support for TLS 1.0 offloading, mentioning that the feature is
available for platforms having SEC Era 4 or above.
However, this doesn't stop one to actually run this feature on platforms
not supported (for e.g. P3041DS), leading to errors like:
platform ffe303000.jr: 40002807: DECO: desc idx 40: Invalid LOAD Command
Add a .min_era member for each algorithm registered by the driver,
specifying the lowest (compatible) SEC Era on which the descriptors
can run.
Change-Id: Idf929591361d244a4d7cd8352d0fb8ad7feff830
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/7118
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Thomas Trefny <Tom.Trefny@freescale.com>
(cherry picked from commit 351d2c869e446187bc78f47dccb0213f0a5e9f17)
Conflicts:
drivers/crypto/caam/caamalg.c
drivers/crypto/caam/ctrl.c
drivers/crypto/caam/intern.h
Change-Id: I615578f0d0693eb46742e65004435821f6eb7de7
Reviewed-on: http://git.am.freescale.net:8181/10374
Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
Reviewed-by: Alexandru Porosanu <alexandru.porosanu@freescale.com>
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
TLS 1.0 descriptors run on SEC Era 4 or higher.
For now, only tls10(hmac(sha1),cbc(aes)) algorithm
is registered by the driver.
Change-Id: I98a71d8eb61a0e5f2dd65835e99b1c906468bf52
Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/10376
Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
Reviewed-by: Alexandru Porosanu <alexandru.porosanu@freescale.com>
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
layer
The layer which registers with the crypto API should check for the presence of
the CAAM device it is going to use. If the platform's device tree doesn't have
the required CAAM node, the layer should return an error and not register the
algorithms with crypto API layer.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Change-Id: Idf361e8ae971929c55abdefaa29f9d7bc8441a72
Reviewed-on: http://git.am.freescale.net:8181/10043
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
|
|
For aead case when source and destination buffers are different,
there is an incorrect assumption that the source length includes the ICV
length. Fix this, since it leads to an oops when using sg_count() to
find the number of nents in the scatterlist:
Unable to handle kernel paging request for data at address 0x00000004
Faulting instruction address: 0xf91f7634
Oops: Kernel access of bad area, sig: 11 [#1]
SMP NR_CPUS=8 P4080 DS
Modules linked in: caamalg(+) caam_jr caam
CPU: 1 PID: 1053 Comm: cryptomgr_test Not tainted 3.11.0 #16
task: eeb24ab0 ti: eeafa000 task.ti: eeafa000
NIP: f91f7634 LR: f91f7f24 CTR: f91f7ef0
REGS: eeafbbc0 TRAP: 0300 Not tainted (3.11.0)
MSR: 00029002 <CE,EE,ME> CR: 44044044 XER: 00000000
DEAR: 00000004, ESR: 00000000
GPR00: f91f7f24 eeafbc70 eeb24ab0 00000002 ee8e0900 ee8e0800 00000024 c45c4462
GPR08: 00000010 00000000 00000014 0c0e4000 24044044 00000000 00000000 c0691590
GPR16: eeab0000 eeb23000 00000000 00000000 00000000 00000001 00000001 eeafbcc8
GPR24: 000000d1 00000010 ee2d5000 ee49ea10 ee49ea10 ee46f640 ee46f640 c0691590
NIP [f91f7634] aead_edesc_alloc.constprop.14+0x144/0x780 [caamalg]
LR [f91f7f24] aead_encrypt+0x34/0x288 [caamalg]
Call Trace:
[eeafbc70] [a1004000] 0xa1004000 (unreliable)
[eeafbcc0] [f91f7f24] aead_encrypt+0x34/0x288 [caamalg]
[eeafbcf0] [c020d77c] __test_aead+0x3ec/0xe20
[eeafbe20] [c020f35c] test_aead+0x6c/0xe0
[eeafbe40] [c020f420] alg_test_aead+0x50/0xd0
[eeafbe60] [c020e5e4] alg_test+0x114/0x2e0
[eeafbee0] [c020bd1c] cryptomgr_test+0x4c/0x60
[eeafbef0] [c0047058] kthread+0xa8/0xb0
[eeafbf40] [c000eb0c] ret_from_kernel_thread+0x5c/0x64
Instruction dump:
69084321 7d080034 5508d97e 69080001 0f080000 81290024 552807fe 0f080000
3a600001 5529003a 2f8a0000 40dd0028 <80e90004> 3ab50001 8109000c 70e30002
---[ end trace b3c3e23925c7484e ]---
While here, add a tcrypt mode for making it easy to test authenc
(needed for triggering case above).
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
- Earlier interface layers - caamalg, caamhash, caamrng were
directly using the Controller driver private structure to access
the Job ring.
- Changed the above to use alloc/free API's provided by Job Ring Drive
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: Garg Vakul-B16394 <vakul@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
The SEC Job Rings are now available as individual devices.
This would enable sharing of job rings between kernel and
user space. Job Rings can now be dynamically bound/unbound
from kernel.
Changes are made in the following layers of CAAM Driver
1. Controller driver
- Does basic initialization of CAAM Block.
- Creates platform devices for Job Rings.
(Earlier the initialization of Job ring was done
by the controller driver)
2. JobRing Platform driver
- Manages the platform Job Ring devices created
by the controller driver
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: Garg Vakul-B16394 <vakul@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
If the CAAM driver initialization failed (due to various reasons, e.g. RNG4
initialization failed), then the registration of hash/algorithms/rng shouldn't
take place. This patch adds the necessary code to prevent this registration.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
CAAM driver contains one macro (xstr) used for printing
the line location in a file where a memdump is done. This patch
replaces the xstr macro with the already existing __stringify
macro that performs the same function.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
DESC_JOB_IO_LEN is a generic macro which indicates the space required in
the descriptor for placing SEQIN/OUT commands, job descriptor header,
shared descriptor pointer. Moving it to descriptor construction file
which can be supposedly included by different algo offload files.
Change-Id: Ic8900990d465e9079827b0c7fcacc61766d7efb6
Signed-off-by: Vakul Garg <vakul@freescale.com>
Reviewed-by: Geanta Neag Horia Ioan-B05471 <horia.geanta@freescale.com>
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
req->assoc is dma mapped BIDIRECTIONAL and unmapped TO_DEVICE.
Since it is read-only for the device, use TO_DEVICE both for mapping
and unmapping.
Cc: <stable@vger.kernel.org> # 3.9, 3.8
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Pull crypto update from Herbert Xu:
- XTS mode optimisation for twofish/cast6/camellia/aes on x86
- AVX2/x86_64 implementation for blowfish/twofish/serpent/camellia
- SSSE3/AVX/AVX2 optimisations for sha256/sha512
- Added driver for SAHARA2 crypto accelerator
- Fix for GMAC when used in non-IPsec secnarios
- Added generic CMAC implementation (including IPsec glue)
- IP update for crypto/atmel
- Support for more than one device in hwrng/timeriomem
- Added Broadcom BCM2835 RNG driver
- Misc fixes
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (59 commits)
crypto: caam - fix job ring cleanup code
crypto: camellia - add AVX2/AES-NI/x86_64 assembler implementation of camellia cipher
crypto: serpent - add AVX2/x86_64 assembler implementation of serpent cipher
crypto: twofish - add AVX2/x86_64 assembler implementation of twofish cipher
crypto: blowfish - add AVX2/x86_64 implementation of blowfish cipher
crypto: tcrypt - add async cipher speed tests for blowfish
crypto: testmgr - extend camellia test-vectors for camellia-aesni/avx2
crypto: aesni_intel - fix Kconfig problem with CRYPTO_GLUE_HELPER_X86
crypto: aesni_intel - add more optimized XTS mode for x86-64
crypto: x86/camellia-aesni-avx - add more optimized XTS code
crypto: cast6-avx: use new optimized XTS code
crypto: x86/twofish-avx - use optimized XTS code
crypto: x86 - add more optimized XTS-mode for serpent-avx
xfrm: add rfc4494 AES-CMAC-96 support
crypto: add CMAC support to CryptoAPI
crypto: testmgr - add empty test vectors for null ciphers
crypto: testmgr - add AES GMAC test vectors
crypto: gcm - fix rfc4543 to handle async crypto correctly
crypto: gcm - make GMAC work when dst and src are different
hwrng: timeriomem - added devicetree hooks
...
|
|
Following AEAD algo templates are updated for '.type' initialization.
(a) authenc(hmac(sha224),cbc(aes))
(b) authenc(hmac(sha384),cbc(aes))
(c) authenc(hmac(sha224),cbc(des3_ede))
(d) authenc(hmac(sha384),cbc(des3_ede))
(e) authenc(hmac(sha224),cbc(des))
(f) authenc(hmac(sha384),cbc(des))
Signed-off-by: Vakul Garg <vakul@freescale.com>
Reviewed-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Andy Fleming <afleming@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
This reverts commit 891104ed008e8646c7860fe5bc70b0aac55dcc6c.
Current IPsec ESN implementation for authencesn(cbc(aes), hmac(sha))
(separate encryption and integrity algorithms) does not conform
to RFC4303.
ICV is generated by hashing the sequence
SPI, SeqNum-High, SeqNum-Low, IV, Payload
instead of
SPI, SeqNum-Low, IV, Payload, SeqNum-High.
Cc: <stable@vger.kernel.org> # 3.8, 3.7
Reported-by: Chaoxing Lin <Chaoxing.Lin@ultra-3eti.com>
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Reviewed-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Support for ESNs (extended sequence numbers).
Tested with strongswan by connecting back-to-back P1010RDB with P2020RDB.
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
use true/false for bool, fix code alignment, and fix two allocs with
no test.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
SHARE_WAIT, whilst more optimal for association-less crypto,
has the ability to start thrashing the CCB descriptor/key
caches, given high levels of traffic across multiple security
associations (and thus keys).
Switch to using the SERIAL sharing type, which prefers
the last used CCB for the SA. On a 2-DECO platform
such as the P3041, this can improve performance by
about 3.7%.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
support chained scatterlists for aead, ablkcipher and ahash.
Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com>
- fix dma unmap leak
- un-unlikely src == dst, due to experience with AF_ALG
Signed-off-by: Kudupudi Ugendreshwar <B38865@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
- rename scatterlist and link_tbl functions
- link_tbl changed to sec4_sg
- sg_to_link_tbl_one changed to dma_to_sec4_sg_one,
since no scatterlist is use
Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
create separate files for split key generation and scatterlist functions.
Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
remove caam_jr_register and caam_jr_deregister
to allow sharing of job rings.
Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
functions for external storage of seq in/out lengths,
i.e., for 32-bit lengths.
These type-dependent functions automatically determine whether to
store the length internally (embedded in the command header word) or
externally (after the address pointer), based on size of the type
given.
Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
presumably leftovers from possible macro development.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
In some device trees of previous version, there were string "fsl,sec4.0".
To be backward compatible with device trees, we have CAAM driver first
check "fsl,sec-v4.0", if it fails, then check for "fsl,sec4.0".
Signed-off-by: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Acked-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
sha224 and 384 support extends caam noise to 21 lines. Do the same
as commit 5b859b6 "crypto: talitos - be less noisy on startup", but
for caam, and display:
caam ffe300000.crypto: fsl,sec-v4.0 algorithms registered in /proc/crypto
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Signed-off-by: Hemant Agrawal <hemant@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
The added CRYPTO_ALG_KERN_DRIVER_ONLY indicates whether a cipher
is only available via a kernel driver. If the cipher implementation
might be available by using an instruction set or by porting the
kernel code, then it must not be set.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
the polarity of the definition for error propagation was reverse
in the initial desc.h. Fix desc.h and its users.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
specifically, add these algorithm combinations:
authenc-hmac-md5-cbc-aes-caam
authenc-hmac-md5-cbc-des3_ede-caam
authenc-hmac-md5-cbc-des-caam
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
caam now supports encrypt and decrypt
for aes, des and 3des
Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Job descriptors only contain header and seq pointers.
Other commands are stored in separate shared descriptors
for encrypt, decrypt and givencrypt, stored as arrays
in caam_ctx.
This requires additional macros to create math commands
to calculate assoclen and cryptlen.
Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
caam_ctx.key_phys to key_dma
caam_alg_template supports multiple algorithm types
listed in union, which requires cases for
different types in function caam_alg_alloc
Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
"aead_authenc" and "ipsec_esp" changed to "aead,"
except for function "ipsec_esp," which is changed
to "init_aead_job."
Variable name of aead_request structures changed
to "req" and name of aead_givcrypt_request structure
changed to "areq"
Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
setkey allocates 16 bytes (CAAM_CMD_SZ *
DESC_AEAD_SHARED_TEXT_LEN) shy of what is needed to
store the shared descriptor, resulting in memory
corruption. Fix this.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
In doing so, sha512 sized keys would not fit with the current
descriptor inlining mechanism, so we now calculate whether keys
should be referenced instead by pointers in the shared descriptor.
also, use symbols for descriptor text lengths, and, ahem, unmap and
free key i/o memory in cra_exit.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Key sharing is enabled by default in the shared descriptor.
Using CBC decrypt, AES has to alter the key in order to decrypt.
During high traffic decryption rates, i.e, when sharing starts to
take place, we need to use a different OPERATION option to tell AES
that the key was already altered by the PRIOR descriptor - we need
the following kind of logic:
if ( shared )
operation where AES uses decryption key (DK=1)
else
operation where AES uses encryption key (DK=0)
this patch implements this logic using a conditional and
a non-conditional local jump within the decryption job
descriptor.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|