| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: yinbo zhu <yinbo.zhu@nxp.com>
|
|
For the patch to update struct map_info's swap field based on device
characteristics defined in device tree, big-endian parameter is added
for LS1021A.
Signed-off-by: Alison Wang <alison.wang@nxp.com>
|
|
For the patch to update struct map_info's swap field based on device
characteristics defined in device tree, big-endian parameter is added
for LS1043A/LS1046A.
Signed-off-by: Alison Wang <alison.wang@nxp.com>
|
|
It is not necessary for all device's maps to be CFI_HOST_ENDIAN. Maps
device can be big endian or little endian.
Currently it is being taken care using CONFIG_MTD_CFI_LE_BYTE_SWAP or
CONFIG_MTD_CFI_BE_BYTE_SWAP i.e. compile time.
Now update struct map_info's swap field based on device characteristics
defined in device tree.
Signed-off-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
|
|
Bufnum mask is used to calculate page position in the internal SRAM.
As IFC version 2.0.0 has 16KB of internal SRAM as compared to older
versions which had 8KB. Hence bufnum mask needs to be updated.
Signed-off-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
|
|
All IFC version >= 1.0 use 28nm technology for SRAM. Here SRAM has
a requirement to initialize before any read operation performed for
avoiding ECC Error.
So update condition check to initialize SRAM for all IFC version >=
1.0.0.
Signed-off-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
|
|
SPI_NOR_DDR_QUAD_READ is set to the wrong number. This patch will fix the
bug and set SPI_NOR_DDR_QUAD_READ to the correct number.
Signed-off-by: Alison Wang <alison.wang@nxp.com>
|
|
Add a synchronous back-end (scomp) to acomp. This allows to easily
expose the already present compression algorithms in LKCF via acomp.
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Add acomp, an asynchronous compression api that uses scatterlist
buffers.
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Driver does not properly handle the case when signals interrupt
wait_for_completion_interruptible():
-it does not check for return value
-completion structure is allocated on stack; in case a signal interrupts
the sleep, it will go out of scope, causing the worker thread
(caam_jr_dequeue) to fail when it accesses it
wait_for_completion_interruptible() is replaced with uninterruptable
wait_for_completion().
We choose to block all signals while waiting for I/O (device executing
the split key generation job descriptor) since the alternative - in
order to have a deterministic device state - would be to flush the job
ring (aborting *all* in-progress jobs).
Cc: <stable@vger.kernel.org>
Fixes: 045e36780f115 ("crypto: caam - ahash hmac support")
Fixes: 4c1ec1f930154 ("crypto: caam - refactor key_gen, sg")
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(cherry picked from commit 7459e1d25ffefa2b1be799477fcc1f6c62f6cec7)
|
|
TLS 1.0 descriptors run on SEC 4.x or higher. For now, only
tls10(hmac(sha1),cbc(aes)) algorithm is registered by the driver.
Known limitations:
- when src == dst - there should be no element in the src scatterlist
array that contains both associated data and message data.
- when src != dst - associated data is not copied from source into
destination.
- for decryption when src != dst the size of the destination should be
large enough so that the buffer may contain the decrypted authenc and
padded data.
Signed-off-by: Radu Alexe <radu.alexe@nxp.com>
|
|
TLS 1.0 descriptors run on SEC 4.x or higher.
For now, only tls10(hmac(sha1),cbc(aes)) algorithm
is registered by the driver.
Known limitations:
- when src == dst - there should be no element in the src scatterlist array
that contains both associated data and message data.
- when src != dst - associated data is not copied from source into
destination.
- for decryption when src != dst the size of the destination should be
large enough so that the buffer may contain the decrypted authenc and
padded data.
Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com>
Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Radu Alexe <radu.alexe@nxp.com>
|
|
CHAs of SEC work natively in BE mode. When moving
data to the alignment blocks, swapping is needed
for LE platforms. This is done by means of the MOVEB
command. This patch adds support
to DCL for this command.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Signed-off-by: Radu Alexe <radu.alexe@nxp.com>
|
|
This patch adds kernel support for encryption/decryption of TLS 1.0
records using block ciphers. Implementation is similar to authenc in the
sense that the base algorithms (AES, SHA1) are combined in a template to
produce TLS encapsulation frames. The composite algorithm will be called
"tls10(hmac(<digest>),cbc(<cipher>))". The cipher and hmac keys are
wrapped in the same format used by authenc.c.
Signed-off-by: Radu Alexe <radu.alexe@nxp.com>
Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
|
|
3DES is missing the fips_allowed flag for CTR mode.
Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
Acked-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Cryptographic test vectors should never be modified, so constify them to
enforce this at both compile-time and run-time. This moves a significant
amount of data from .data to .rodata when the crypto tests are enabled.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
In preparation of splitting off the CBC-MAC transform in the CCM
driver into a separate algorithm, define some test cases for the
AES incarnation of cbcmac.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
When working on AES in CCM mode for ARM, my code passed the internal
tcrypt test before I had even bothered to implement the AES-192 and
AES-256 code paths, which is strange because the tcrypt does contain
AES-192 and AES-256 test vectors for CCM.
As it turned out, the define AES_CCM_ENC_TEST_VECTORS was out of sync
with the actual number of test vectors, causing only the AES-128 ones
to be executed.
So get rid of the defines, and wrap the test vector references in a
macro that calculates the number of vectors automatically.
The following test vector counts were out of sync with the respective
defines:
BF_CTR_ENC_TEST_VECTORS 2 -> 3
BF_CTR_DEC_TEST_VECTORS 2 -> 3
TF_CTR_ENC_TEST_VECTORS 2 -> 3
TF_CTR_DEC_TEST_VECTORS 2 -> 3
SERPENT_CTR_ENC_TEST_VECTORS 2 -> 3
SERPENT_CTR_DEC_TEST_VECTORS 2 -> 3
AES_CCM_ENC_TEST_VECTORS 8 -> 14
AES_CCM_DEC_TEST_VECTORS 7 -> 17
AES_CCM_4309_ENC_TEST_VECTORS 7 -> 23
AES_CCM_4309_DEC_TEST_VECTORS 10 -> 23
CAMELLIA_CTR_ENC_TEST_VECTORS 2 -> 3
CAMELLIA_CTR_DEC_TEST_VECTORS 2 -> 3
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
There are some hashes (e.g. sha224) that have some internal trickery
to make sure that only the correct number of output bytes are
generated. If something goes wrong, they could potentially overrun
the output buffer.
Make the test more robust by allocating only enough space for the
correct output size so that memory debugging will catch the error if
the output is overrun.
Tested by intentionally breaking sha224 to output all 256
internally-generated bits while running on KASAN.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
It's recommended to use kmemdup instead of kmalloc followed by memcpy.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Christopher Covington reported a crash on aarch64 on recent Fedora
kernels:
kernel BUG at ./include/linux/scatterlist.h:140!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP
Modules linked in:
CPU: 2 PID: 752 Comm: cryptomgr_test Not tainted 4.9.0-11815-ge93b1cc #162
Hardware name: linux,dummy-virt (DT)
task: ffff80007c650080 task.stack: ffff800008910000
PC is at sg_init_one+0xa0/0xb8
LR is at sg_init_one+0x24/0xb8
...
[<ffff000008398db8>] sg_init_one+0xa0/0xb8
[<ffff000008350a44>] test_acomp+0x10c/0x438
[<ffff000008350e20>] alg_test_comp+0xb0/0x118
[<ffff00000834f28c>] alg_test+0x17c/0x2f0
[<ffff00000834c6a4>] cryptomgr_test+0x44/0x50
[<ffff0000080dac70>] kthread+0xf8/0x128
[<ffff000008082ec0>] ret_from_fork+0x10/0x50
The test vectors used for input are part of the kernel image. These
inputs are passed as a buffer to sg_init_one which eventually blows up
with BUG_ON(!virt_addr_valid(buf)). On arm64, virt_addr_valid returns
false for the kernel image since virt_to_page will not return the
correct page. Fix this by copying the input vectors to heap buffer
before setting up the scatterlist.
Reported-by: Christopher Covington <cov@codeaurora.org>
Fixes: d7db7a882deb ("crypto: acomp - update testmgr with support for acomp")
Signed-off-by: Laura Abbott <labbott@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Commit 7e4c7f17cde2 ("crypto: testmgr - avoid overlap in chunked tests")
attempted to address a problem in the crypto testmgr code where chunked
test cases are copied to memory in a way that results in overlap.
However, the fix recreated the exact same issue for other chunked tests,
by putting IDX3 within 492 bytes of IDX1, which causes overlap if the
first chunk exceeds 492 bytes, which is the case for at least one of
the xts(aes) test cases.
So increase IDX3 by another 1000 bytes.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
The IDXn offsets are chosen such that tap values (which may go up to
255) end up overlapping in the xbuf allocation. In particular, IDX1
and IDX3 are too close together, so update IDX3 to avoid this issue.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
With virtually-mapped stacks (CONFIG_VMAP_STACK=y), using the
scatterlist crypto API with stack buffers is not allowed, and with
appropriate debugging options will cause the
'BUG_ON(!virt_addr_valid(buf));' in sg_set_buf() to be triggered.
Use a heap buffer instead.
Fixes: d7db7a882deb ("crypto: acomp - update testmgr with support for acomp")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Currently we manually filter out internal algorithms using a list
in testmgr. This is dangerous as internal algorithms cannot be
safely used even by testmgr. This patch ensures that they're never
processed by testmgr at all.
This patch also removes an obsolete bypass for nivciphers which
no longer exist.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Add tests to the test manager for algorithms exposed through acomp.
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
The existing test cases only exercise a small slice of the various
possible code paths through the x86 SSE/PCLMULQDQ implementation,
and the upcoming ports of it for arm64. So add one that exceeds 256
bytes in size, and convert another to a chunked test.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
caam/qi frontend (i.e. caamalg_qi) mustn't be used in case it runs on a
DPAA2 part (this could happen when using a multiplatform kernel).
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
|
|
sg_sw_sec4.h header is not used by caam/qi, thus remove its inclusion.
This also solves the compilation failure due to name clashes between
functions in sg_sw_qm.h and sg_sw_sec4.h -> sg_sw_qm2.h.
Fixes: dd1bcf32df59 ("crypto: caam/jr - add support for DPAA2 parts")
Reported-by: Radu Alexe <radu.alexe@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
|
|
Since ARM64 commit 1dccb598df549 ("arm64: simplify dma_get_ops"),
dma_ops no longer default to swiotlb_dma_ops, but to dummy_dma_ops.
We have to explicitly set dma_ops in the driver - at least for ARM64.
Fixes: 67c2315def06 ("crypto: caam - add Queue Interface (QI) backend support")
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
|
|
Associated data (AD) length is read by CAAM from an S/G entry
that is initially filled by the GPP.
Accordingly, AD length has to be stored in CAAM endianness.
Fixes: b189817cf789 ("crypto: caam/qi - add ablkcipher and authenc algorithms")
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
|
|
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
This patch adds support to read and write ioctls for
fsl-mc devices. Only read-write to DPRC/DPMCP devices
are supported while read writes on other fsl-mc devices
is not supported by this patch.
Also current patch limits userspace to write complete
64byte command once and read 64byte response by one ioctl.
This will be reworked later to add support read/write to
any offset
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
dprc_reset_container() does complete cleanup and thus
allows re-run guest/user-space after abrupt guest kill.
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
This patch allows to set an eventfd for fsl-mc device interrupt
and also to trigger the interrupt eventfd from userspace for testing.
All fsl-mc device interrupts are MSI type. This does not yet handler
correctly DPRC container interrupt where re-scanning on container is
required.
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
This patch add interface of VFIO_DEVICE_SET_IRQS ioctl
for fsl-mc devices.
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
This patch add support for VFIO_DEVICE_GET_IRQ_INFO
for fsl-mc devices
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
Allow userspace to mmap device regions for direct access of
fsl-mc devices.
QBman CENA registers are cacheable and non-shareable but map
CENA region (marked as REGION_TYPE_CACHEABLE) to be the non-cacheable
to avoid coherency issues if a user migrates to another core.
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
Add support for VFIO_DEVICE_GET_REGION_INFO ioctl call.
This allows usespace to know device mmap-able region details.
MC device (DPIO) have a region which is cacheable and
non-shareable. Describe these regions as cacheable
so that during mmap() they will be mapped accordingly.
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
Allow userspace to get fsl-mc device info by making
VFIO_DEVICE_GET_INFO ioctl. With this usespace will get
basic device info such as number of regions and irqs.
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
commit 7a3d5ea46413924daefb7d4af24d04d7c5f54b98
[context adjustment]
Enable building vfio FSL-MC driver to allow FSL-MC devices
binding with VFIO.
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
Integrated-by: Zhao Qiang <qiang.zhao@nxp.com>
|
|
Non-DPRC devices shares it's parent container MC portal
to communicate to MC hardware.
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
DPRC (Data Path Resource Container) device is a bus devices and
have child devices within it. This patch add support for
initializing and scanning the DPRC container.
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
|
|
commit f8adf3ce07cf0623b3e8e0df67f3bc12a110416f
[context adjustment]
This patch add framework of VFIO support for FSL-MC devices.
Subsequent patches will add support for binding and secure
assigning these devices using VFIO.
FSL-MC is a new bus (driver/bus/fsl-mc/) which is different
from PCI and Platform bus.
Signed-off-by: Bharat Bhushan <Bharat.Bhushan@nxp.com>
Integrated-by: Zhao Qiang <qiang.zhao@nxp.com>
|
|
Implement bus specific support for the fsl-mc bus including
registering the arm_smmu_ops and bus specific device add operations.
Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
|
|
For software initiated address translation, when domain type is
IOMMU_DOMAIN_IDENTITY i.e SMMU is bypassed, mimic HW behavior
i.e return the same IOVA as translated address.
This patch is an extension to Will Deacon's patchset
"Implement SMMU passthrough using the default domain".
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
|
|
Signed-off-by: Madalin Bucur <madalin.bucur@freescale.com>
|
|
Signed-off-by: Shaohui Xie <Shaohui.Xie@freescale.com>
Signed-off-by: Constantin Tudor <constantin.tudor@nxp.com>
|
|
There are number of function calls, originating from user-space,
typically through the Ethernet driver that can make us crash by
dereferencing phydev->drv which will be NULL once we unbind the driver
from the PHY.
There are still functional issues that prevent an unbind then rebind to
work, but these will be addressed separately.
Suggested-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
The TX/RX Buffer Data Register in QSPI is 32-bit register.
So the 32bit data need transform to 4bytes data.
But the "*((u32 *)rxbuf) = tmp" will depend on endian of the core.
We add endian independence function to do the 32bit data to 4bytes
transition.
Signed-off-by: Yuan Yao <yao.yuan@nxp.com>
|
