| Age | Commit message (Collapse) | Author |
|---|
|
CAAM supports two interfaces for crypto job submission. These are job
ring based and QMAN based interfaces. QMAN based interfaces are present
of DPAA enabled platforms. This patch adds a platform device for
accessing the caam's queue interface. The requests are submitted to caam
using one frame queue per cryptographic context. Each crypto context
has one shared descriptor. This shared descriptor is attached to
frame queue associated with corresponding driver context using
context_a.
The driver hides the mechanics of FQ creation, initialisation from its
applications. Each cryptographic context needs to be associated with
driver context which houses the FQ to be used to transport the job to
SEC. The driver provides apis for:
(a) Context creation
(b) Job submission
(c) Context deletion
(d) Checking if path to SEC or from SEC is congested
The driver supports affining its context to a particular CPU. This means
that any responses from the SEC for the context in question would arrive
at the given CPU. This helps in implementing one cpu per pkt round trip
in ipsec application.
The driver processes the caam respones under NAPI contexts. NAPI
contexts are instantiated only on cores with affined portals since only
cores having their own portal can receive responses from DQRR.
The responses from CAAM for all cryptographic contexts ride on a fixed
set of FQs. We use one response FQ per portal owning core. The response
FQ is configured in each core's and thus portal's dedicated channel.
This gives the flexibility to direct the caam's responses for a crypto
context on a given core.
Change-Id: Id9661caae0ecda933e35eef40fb0b25013365397
Signed-off-by: Vakul Garg <vakul@freescale.com>
Change-Id: I79819af83d57c64acb4a76213452ce912cba0273
Reviewed-on: http://git.am.freescale.net:8181/2075
Reviewed-by: Geanta Neag Horia Ioan-B05471 <horia.geanta@freescale.com>
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
|
|
For SEC with RNG version >= 4, RNG init is performed.
However for secure boot scenarios, there may be a case where
RNG has already been instantiated by u-boot(B4860) or boot ROM
code (C290). In such SoCs, if RNG is instantiated again by crypto
driver, it returns "Instantiation error". RNG4 DRNG STATUS register
has the status bit to indicate if RNG has already been instantiated
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Change-Id: I15d4700f04d18687397c5b8e20461f2457652fad
Reviewed-on: http://git.am.freescale.net:8181/1676
Reviewed-by: Garg Vakul-B16394 <vakul@freescale.com>
Reviewed-by: Geanta Neag Horia Ioan-B05471 <horia.geanta@freescale.com>
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
|
|
Packed RNG vid function into caam_probe function
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Change-Id: I3fb28ee0ae4daec89725868900445d36fe7e8795
Reviewed-on: http://git.am.freescale.net:8181/1675
Reviewed-by: Garg Vakul-B16394 <vakul@freescale.com>
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
|
|
For SEC including a RNG block with a version greater than 4,
special initialization must occur before any descriptor can be
submitted. Not only SEC with a version greater than 5.0 need
this, but also any SEC that has RNG block version ID greater
or equal to 4.
Example platforms: BSC 9131/9132 have SEC v4.4 but RNG 4
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Signed-off-by: Andy Fleming <afleming@freescale.com>
(cherry picked from commit 77eb178a993e04e9f93e1a6e810a8bb7be4ab663)
Change-Id: I1613bba194fba7423764c785c20e7793c53502ca
Reviewed-on: http://git.am.freescale.net:8181/523
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
|
|
This patch adds support for retrieving the version of the RNG
block inside the SEC. This is done by retrieving the corresponding
value from the the CHAVID register.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Signed-off-by: Andy Fleming <afleming@freescale.com>
(cherry picked from commit b7319875be0ec106708aade88a9578c75bdfe8b3)
Change-Id: I4847b0f32bab6397551a2a1b01bd4edcedcaf9a3
Reviewed-on: http://git.am.freescale.net:8181/522
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
|
|
This change is required for post SEC-5.0 devices which have RNG4.
Setting RDB in security configuration register allows CAAM to use the
"Random Data Buffer" to be filled by a single request. The Random Data
Buffer is large enough for ten packets to get their IVs from a single
request. If the Random Data Buffer is not enabled, then each IV causes a
separate request, and RNG4 hardware cannot keep up resulting in lower
IPSEC throughput if random IVs are used.
Signed-off-by: Vakul Garg <vakul@freescale.com>
Signed-off-by: Andy Fleming <afleming@freescale.com>
(cherry picked from commit 6f06efb41aa4900d76e1ecd260b0811873f499dd)
Change-Id: I49fe9e61f70c4ad2562e1f0c0c6a1407f0f079e5
Reviewed-on: http://git.am.freescale.net:8181/525
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
|
|
CONFIG_HOTPLUG is going away as an option. As a result, the __dev*
markings need to be removed.
This change removes the use of __devinit, __devexit_p, __devinitdata,
and __devexit from these drivers.
Based on patches originally written by Bill Pemberton, but redone by me
in order to handle some of the coding style issues better, by hand.
Cc: Bill Pemberton <wfp5p@virginia.edu>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Kent Yoder <key@linux.vnet.ibm.com>
Cc: Jamie Iles <jamie@jamieiles.com>
Cc: Kim Phillips <kim.phillips@freescale.com>
Cc: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Cc: Alex Porosanu <alexandru.porosanu@freescale.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
we need to configure the TRNG to use more clocks per sample
to handle the two back-to-back 64KiB random descriptor requests
on higher frequency P5040s.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
This patch adds support for retrieving and printing of
SEC ERA information. It is useful for knowing beforehand
what features exist from the SEC point of view on a
certain SoC. Only era-s 1 to 4 are currently supported;
other eras will appear as unknown.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
- rebased onto current cryptodev master
- made caam_eras static
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
The SEC v4.x' RNGB h/w block self-initialized. RNG4, available
on SEC versions 5 and beyond, is based on a different standard
that requires manual initialization.
Also update any new errors From the SEC v5.2 reference manual:
The SEC v5.2's RNG4 unit reuses some error IDs, thus the addition
of rng_err_id_list over the CHA-independent err_id_list.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
SEC v4.x were only 36-bit, SEC v5+ are 40-bit capable.
Also set a DMA mask for any job ring devices created.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
In some device trees of previous version, there were string "fsl,sec4.0".
To be backward compatible with device trees, we have CAAM driver first
check "fsl,sec-v4.0", if it fails, then check for "fsl,sec4.0".
Signed-off-by: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Acked-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
drivers/crypto/caam/ctrl.c: In function 'caam_probe':
drivers/crypto/caam/ctrl.c:49:6: warning: unused variable 'd' [-Wunused-variable]
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Access to the SEC4 DECOs (DEscriptor COntrollers) (for debug purposes)
isn't supported or used, and its register access initialization code
erroneously makes illegal i/o accesses that show up as errors when
run under simulation. Remove it until proper support (via DECORR)
is added.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
This patch converts the drivers in drivers/crypto/* to use the
module_platform_driver() macro which makes the code smaller and a bit
simpler.
Cc: James Hsiao <jhsiao@amcc.com>
Cc: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Cc: Kim Phillips <kim.phillips@freescale.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Axel Lin <axel.lin@gmail.com>
Acked-by: Vladimir Zapolskiy <vzapolskiy@gmail.com>
Acked-by: Jamie Iles <jamie@jamieiles.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:
fs: take the ACL checks to common code
bury posix_acl_..._masq() variants
kill boilerplates around posix_acl_create_masq()
generic_acl: no need to clone acl just to push it to set_cached_acl()
kill boilerplate around posix_acl_chmod_masq()
reiserfs: cache negative ACLs for v1 stat format
xfs: cache negative ACLs if there is no attribute fork
9p: do no return 0 from ->check_acl without actually checking
vfs: move ACL cache lookup into generic code
CIFS: Fix oops while mounting with prefixpath
xfs: Fix wrong return value of xfs_file_aio_write
fix devtmpfs race
caam: don't pass bogus S_IFCHR to debugfs_create_...()
get rid of create_proc_entry() abuses - proc_mkdir() is there for purpose
asus-wmi: ->is_visible() can't return negative
fix jffs2 ACLs on big-endian with 16bit mode_t
9p: close ACL leaks
ocfs2_init_acl(): fix a leak
VFS : mount lock scalability for internal mounts
|
|
it will be replaced with S_IFREG anyway
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
|
drivers/crypto/caam/ctrl.c: In function 'caam_probe':
drivers/crypto/caam/ctrl.c:55:23: warning: unused variable 'perfmon'
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
this fixes a build error since cryptodev-2.6 got rebased
to include commit d714d1979d7b4df7e2c127407f4014ce71f73cd0
"dt: eliminate of_platform_driver shim code".
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Help clarify that the number trailing in compatible nomenclature
is the version number of the device, i.e., change:
"fsl,p4080-sec4.0", "fsl,sec4.0";
to:
"fsl,p4080-sec-v4.0", "fsl,sec-v4.0";
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Cc: Kumar Gala <kumar.gala@freescale.com>
Cc: Steve Cornelius <sec@pobox.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
The SEC4 supercedes the SEC2.x/3.x as Freescale's
Integrated Security Engine. Its programming model is
incompatible with all prior versions of the SEC (talitos).
The SEC4 is also known as the Cryptographic Accelerator
and Assurance Module (CAAM); this driver is named caam.
This initial submission does not include support for Data Path
mode operation - AEAD descriptors are submitted via the job
ring interface, while the Queue Interface (QI) is enabled
for use by others. Only AEAD algorithms are implemented
at this time, for use with IPsec.
Many thanks to the Freescale STC team for their contributions
to this driver.
Signed-off-by: Steve Cornelius <sec@pobox.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
