| Age | Commit message (Collapse) | Author |
|---|
|
For SEC with RNG version >= 4, RNG init is performed.
However for secure boot scenarios, there may be a case where
RNG has already been instantiated by u-boot(B4860) or boot ROM
code (C290). In such SoCs, if RNG is instantiated again by crypto
driver, it returns "Instantiation error". RNG4 DRNG STATUS register
has the status bit to indicate if RNG has already been instantiated
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Change-Id: I15d4700f04d18687397c5b8e20461f2457652fad
Reviewed-on: http://git.am.freescale.net:8181/1676
Reviewed-by: Garg Vakul-B16394 <vakul@freescale.com>
Reviewed-by: Geanta Neag Horia Ioan-B05471 <horia.geanta@freescale.com>
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
|
|
This patch adds support for retrieving the version of the RNG
block inside the SEC. This is done by retrieving the corresponding
value from the the CHAVID register.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Signed-off-by: Andy Fleming <afleming@freescale.com>
(cherry picked from commit b7319875be0ec106708aade88a9578c75bdfe8b3)
Change-Id: I4847b0f32bab6397551a2a1b01bd4edcedcaf9a3
Reviewed-on: http://git.am.freescale.net:8181/522
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
|
|
This change is required for post SEC-5.0 devices which have RNG4.
Setting RDB in security configuration register allows CAAM to use the
"Random Data Buffer" to be filled by a single request. The Random Data
Buffer is large enough for ten packets to get their IVs from a single
request. If the Random Data Buffer is not enabled, then each IV causes a
separate request, and RNG4 hardware cannot keep up resulting in lower
IPSEC throughput if random IVs are used.
Signed-off-by: Vakul Garg <vakul@freescale.com>
Signed-off-by: Andy Fleming <afleming@freescale.com>
(cherry picked from commit 6f06efb41aa4900d76e1ecd260b0811873f499dd)
Change-Id: I49fe9e61f70c4ad2562e1f0c0c6a1407f0f079e5
Reviewed-on: http://git.am.freescale.net:8181/525
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
|
|
This patch adds support for retrieving and printing of
SEC ERA information. It is useful for knowing beforehand
what features exist from the SEC point of view on a
certain SoC. Only era-s 1 to 4 are currently supported;
other eras will appear as unknown.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
- rebased onto current cryptodev master
- made caam_eras static
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
The SEC v4.x' RNGB h/w block self-initialized. RNG4, available
on SEC versions 5 and beyond, is based on a different standard
that requires manual initialization.
Also update any new errors From the SEC v5.2 reference manual:
The SEC v5.2's RNG4 unit reuses some error IDs, thus the addition
of rng_err_id_list over the CHA-independent err_id_list.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Access to the SEC4 DECOs (DEscriptor COntrollers) (for debug purposes)
isn't supported or used, and its register access initialization code
erroneously makes illegal i/o accesses that show up as errors when
run under simulation. Remove it until proper support (via DECORR)
is added.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
The presence of a h/w Queue Interface would fail due to this
cut-n-paste snafu.
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
The SEC4 supercedes the SEC2.x/3.x as Freescale's
Integrated Security Engine. Its programming model is
incompatible with all prior versions of the SEC (talitos).
The SEC4 is also known as the Cryptographic Accelerator
and Assurance Module (CAAM); this driver is named caam.
This initial submission does not include support for Data Path
mode operation - AEAD descriptors are submitted via the job
ring interface, while the Queue Interface (QI) is enabled
for use by others. Only AEAD algorithms are implemented
at this time, for use with IPsec.
Many thanks to the Freescale STC team for their contributions
to this driver.
Signed-off-by: Steve Cornelius <sec@pobox.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
