Pull crypto updates from Herbert Xu:
"Here is the crypto update for 3.15:
- Added 3DES driver for OMAP4/AM43xx
- Added AVX2 acceleration for SHA
- Added hash-only AEAD algorithms in caam
- Removed tegra driver as it is not functioning and the hardware is
too slow
- Allow blkcipher walks over AEAD (needed for ARM)
- Fixed unprotected FPU/SSE access in ghash-clmulni-intel
- Fixed highmem crash in omap-sham
- Add (zero entropy) randomness when initialising hardware RNGs
- Fixed unaligned ahash comletion functions
- Added soft module depedency for crc32c for initrds that use crc32c"
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (60 commits)
crypto: ghash-clmulni-intel - use C implementation for setkey()
crypto: x86/sha1 - reduce size of the AVX2 asm implementation
crypto: x86/sha1 - fix stack alignment of AVX2 variant
crypto: x86/sha1 - re-enable the AVX variant
crypto: sha - SHA1 transform x86_64 AVX2
crypto: crypto_wq - Fix late crypto work queue initialization
crypto: caam - add missing key_dma unmap
crypto: caam - add support for aead null encryption
crypto: testmgr - add aead null encryption test vectors
crypto: export NULL algorithms defines
crypto: caam - remove error propagation handling
crypto: hash - Simplify the ahash_finup implementation
crypto: hash - Pull out the functions to save/restore request
crypto: hash - Fix the pointer voodoo in unaligned ahash
crypto: caam - Fix first parameter to caam_init_rng
crypto: omap-sham - Map SG pages if they are HIGHMEM before accessing
crypto: caam - Dynamic memory allocation for caam_rng_ctx object
crypto: allow blkcipher walks over AEAD data
crypto: remove direct blkcipher_walk dependency on transform
hwrng: add randomness to system from rng sources
...
(struct caam_ctx) ctx->key_dma needs to be unmapped
when context is cleaned up.
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commit 61bb86bba1
("crypto: caam - set descriptor sharing type to SERIAL")
changed the descriptor sharing mode from SHARE_WAIT to SHARE_SERIAL.
All descriptor commands that handle the "ok to share" and
"error propagation" settings should also go away, since they have no
meaning for SHARE_SERIAL.
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Found by the kbuild test robot, the first argument to caam_init_rng
has a spurious ampersand.
Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
HIGHMEM pages may not be mapped so we must kmap them before accessing.
This resolves a random OOPs error that was showing up during OpenSSL SHA tests.
Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This patch allocates memory from DMAable region to the caam_rng_ctx object,
earlier it had been statically allocated which resulted in errorneous
behaviour on inserting the caamrng module at the runtime.
Signed-off-by: Nitesh Lal <NiteshNarayanLal@freescale.com>
Acked-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Optimize the hashing operation in the MXS-DCP by doing two adjustments:
1) Given that the output buffer for the hash is now always correctly aligned,
we can just use the buffer for the DCP DMA to store the resulting hash.
We thus get rid of one copying of data. Moreover, we remove an entry from
dcp_coherent_block{} and thus lower the memory footprint of the driver.
2) We map the output buffer for the hash for DMA only in case we will output
the hash, not always, as it was now.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: David S. Miller <davem@davemloft.net>
Cc: Fabio Estevam <fabio.estevam@freescale.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Shawn Guo <shawn.guo@linaro.org>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The DCP needs the bounce buffers, DMA descriptors and result buffers aligned
to 64 bytes (yet another hardware limitation). Make sure they are aligned by
properly aligning the structure which contains them during allocation.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: David S. Miller <davem@davemloft.net>
Cc: Fabio Estevam <fabio.estevam@freescale.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Shawn Guo <shawn.guo@linaro.org>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Make omap_des_copy_needed(), omap_des_copy_sgs(), because these
functions are used only in this file.
Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Acked-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use SIMPLE_DEV_PM_OPS macro in order to make the code simpler.
Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use SIMPLE_DEV_PM_OPS macro in order to make the code simpler.
Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use SIMPLE_DEV_PM_OPS macro in order to make the code simpler.
Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Acked-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
1) SSYNC instruction is blackfin specific and takes no effect in this driver.
2) DMA descriptor and SG middle buffer are in DMA coherent memory. No need
to flush.
3) Turn kzalloc, ioremap and request_irq into managed device APIs respectively.
Signed-off-by: Sonic Zhang <sonic.zhang@analog.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
When the crypto layer is able to queue up a command for processing
by the CCP on the initial call to ccp_crypto_enqueue_request and
the CCP returns -EBUSY, then if the backlog flag is not set the
command needs to be freed and not added to the active command list.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Invoke the callback routine associated with the crypto context
if an error is encountered sending the command to the CCP during
backlog processing. This is needed to free any resources used
by the command.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
If a CCP command has been queued for processing at the
crypto layer then, when dequeueing it for processing, the
"can backlog" flag must be set so that the request isn't
lost if the CCP backlog queue limit is reached.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
My guess is that this little endian configuration is never found in real
life, but if it were then the writel() arguments are in the wrong order
so the driver would crash immediately.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This driver has never been hooked up in any board file, and cannot be
instantiated via device tree. I've been told that, at least on Tegra20,
the HW is slower at crypto than the main CPU. I have no test-case for
it. Hence, remove it.
Cc: Varun Wadekar <vwadekar@nvidia.com>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Add config and build options for the omap-des driver.
Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Add omap-des driver with platform data for OMAP4/AM43xx. Support added for DES
ECB and CBC modes. Also add support for 3DES operation where 3 64-bit keys are
used to perform a DES encrypt-decrypt-encrypt (des3_ede) operation on a buffer.
Tests have been conducted with the CRYPTO test manager, and functionality is
verified at different page length alignments.
Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
We should test the error case for each platform_get_irq() assignment and
propagate the error accordingly.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Marek Vasut <marex@denx.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_ioremap_resource() in order to make the code simpler,
and remove redundant return value check of platform_get_resource()
because the value is checked by devm_ioremap_resource().
Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_ioremap_resource() in order to make the code simpler,
and remove redundant return value check of platform_get_resource()
because the value is checked by devm_ioremap_resource().
Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_ioremap_resource() in order to make the code simpler,
and remove redundant return value check of platform_get_resource()
because the value is checked by devm_ioremap_resource().
Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The powerpc specific nx-842 compression driver does not currently
handle translating a vmalloc address to a physical address.
The current driver uses __pa() for all addresses which does not
properly handle vmalloc addresses and thus causes a failure since
we do not pass a proper physical address to the hypervisor.
This patch adds a routine to convert an address to a physical
address by checking for vmalloc addresses and handling them properly.
Signed-off-by: Nathan Fontenot <nfont@linux.vnet.ibm.com>
---
drivers/crypto/nx/nx-842.c | 29 +++++++++++++++++++----------
1 file changed, 19 insertions(+), 10 deletions(-)
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
SEC ERA has to be retrieved by reading the "fsl,sec-era" property
from the device tree. This property is updated/filled in by
u-boot.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Reviewed-by: Horia Geanta <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
stmp_reset_block() may fail, so check its return value and propagate it in the
case of error.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Marek Vasut <marex@denx.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Using devm_kzalloc() can make the code cleaner.
While at it, remove the devm_kzalloc error message as there is standard OOM
message done by the core.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Marek Vasut <marex@denx.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
In function talitos_probe(), it will jump to err_out when getting an
error in talitos_probe_irq(). Then the uninitialized list head
priv->alg_list will be used in function talitos_remove(). In this case
we would get a call trace like the following. So move up the
initialization of priv->alg_list.
Unable to handle kernel paging request for data at address 0x00000000
Faulting instruction address: 0xc0459ff4
Oops: Kernel access of bad area, sig: 11 [#1]
SMP NR_CPUS=8 P1020 RDB
Modules linked in:
CPU: 1 PID: 1 Comm: swapper/0 Tainted: G W 3.13.0-08789-g54c0a4b46150 #33
task: cf050000 ti: cf04c000 task.ti: cf04c000
NIP: c0459ff4 LR: c0459fd4 CTR: c02f2438
REGS: cf04dcb0 TRAP: 0300 Tainted: G W (3.13.0-08789-g54c0a4b46150)
MSR: 00029000 <CE,EE,ME> CR: 82000028 XER: 20000000
DEAR: 00000000 ESR: 00000000
GPR00: c045ac28 cf04dd60 cf050000 cf2579c0 00021000 00000000 c02f35b0 0000014e
GPR08: c07e702c cf104300 c07e702c 0000014e 22000024 00000000 c0002a3c 00000000
GPR16: 00000000 00000000 00000000 00000000 00000000 00000000 c082e4e0 000000df
GPR24: 00000000 00100100 00200200 cf257a2c cf0efe10 cf2579c0 cf0efe10 00000000
NIP [c0459ff4] talitos_remove+0x3c/0x1c8
LR [c0459fd4] talitos_remove+0x1c/0x1c8
Call Trace:
[cf04dd60] [c07485d8] __func__.13331+0x1241c8/0x1391c0 (unreliable)
[cf04dd90] [c045ac28] talitos_probe+0x244/0x998
[cf04dde0] [c0306a74] platform_drv_probe+0x28/0x68
[cf04ddf0] [c0304d38] really_probe+0x78/0x250
[cf04de10] [c030505c] __driver_attach+0xc8/0xcc
[cf04de30] [c0302e98] bus_for_each_dev+0x6c/0xb8
[cf04de60] [c03043cc] bus_add_driver+0x168/0x220
[cf04de80] [c0305798] driver_register+0x88/0x130
[cf04de90] [c0002458] do_one_initcall+0x14c/0x198
[cf04df00] [c079f904] kernel_init_freeable+0x138/0x1d4
[cf04df30] [c0002a50] kernel_init+0x14/0x124
[cf04df40] [c000ec40] ret_from_kernel_thread+0x5c/0x64
Signed-off-by: Kevin Hao <haokexin@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Change from scheduling work to scheduling a tasklet to perform
the callback operations.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Move to a single queue to serialize requests within a tfm. When
testing using IPSec with a large number of network connections
the per cpu tfm queuing logic was not working properly.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Move the support to perform an HMAC calculation into
the CCP operations file. This eliminates the need to
perform a synchronous SHA operation used to calculate
the HMAC.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Introduce module parameters that allow for disabling of a
crypto algorithm by not registering the algorithm with the
crypto API.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
There are some suspicious looking lines of code in the new ccp driver, including
one that assigns a variable to itself, and another that overwrites a previous assignment.
This may have been a cut-and-paste error where 'src' was forgotten to be changed to 'dst'.
I have no hardware to test this, so this is untested.
Signed-off-by: Dave Jones <davej@fedoraproject.org>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The SEC Controller driver creates platform devices for it's child job ring nodes.
Currently the driver uses for_each_compatible routine which traverses
the whole device tree to create the job rings for the platform device.
The patch changes this to search for the compatible property of job ring
only in the child nodes i.e., the job rings are created as per the number
of children associated with the crypto node.
Signed-off-by: Nitesh Lal <NiteshNarayanLal@freescale.com>
Reviewed-by: Horia Geanta <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Move the AES operation type and mode from async crypto context to
crypto request context. This allows for recycling of the async crypto
context for different kinds of operations.
I found this problem when I used dm-crypt, which uses the same async
crypto context (actx) for both encryption and decryption requests.
Since the requests are enqueued into the processing queue, immediatelly
storing the type of operation into async crypto context (actx) caused
corruption of this information when encryption and decryption operations
followed imediatelly one after the other. When the first operation was
dequeued, the second operation was already enqueued and overwritten the
type of operation in actx, thus causing incorrect result of the first
operation.
Fix this problem by storing the type of operation into the crypto request
context.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: David S. Miller <davem@davemloft.net>
Cc: Fabio Estevam <fabio.estevam@freescale.com>
Cc: Shawn Guo <shawn.guo@linaro.org>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Updates of SoC-near drivers and other driver updates that makes more sense to
take through our tree.
The largest part of this is a conversion of device registration for some
renesas shmobile/sh devices over to use resources. This has required
coordination with the corresponding arch/sh changes, and we've agreed
to merge the arch/sh changes through our tree.
Added in this branch is support for Trusted Foundations secure firmware,
which is what is used on many of the commercial Nvidia Tegra products
that are in the market, including the Nvidia Shield. The code is local
to arch/arm at this time since it's uncertain whether it will be shared
with arm64 longer-term, if needed we will refactor later.
A couple of new RTC drivers used on ARM boards, merged through our tree
on request by the RTC maintainer.
... plus a bunch of smaller updates across the board, gpio conversions
for davinci, etc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJS4ViqAAoJEIwa5zzehBx3m4QP/07VXVE77RFRyly5Bky5AaMY
zo7ZpoJyg/IT9lxtSAQDhbQq49tKZQVS16oJ7LWXzjAyCY9XrVDX2IkcuqudmYSy
Xtx+R0jZGK4czqljgjwdHgNCSwugCmO/kgNY3h8ar53dTmGIFiq5boPeMDizRTGD
g3sgYuQbIqepcHd2jUjJSBXNyvZIlwBJ4wDyZgxRfzyM7unS8T46BpYNJz0esAL+
0DwIk0nv1eJ6LI0aEL+7bgFaitjUNLpcrroToi1IiIEJuTvZY4AuBjAKt5/181zL
i1ugimsHahmbwNclAmUimc0rtW4Nn+YHGa8WpYiQ9O7+kPFsYkfLRplHPOjaUBPz
r76ucgBMGH6i04tvstwlONznO4NhkACWmb4wrfJfRoDTglELLoOd6QGAYKyRublH
SnrKKmuXzBvtmj2zgUU+S0ka9LdYrjzxoSYprrXQpDr89pUs/AZrlAm9yRjQ3hGw
0eL9UsDFtYAQwCQtPvin2bjKRgNNDbgdwNYNbA7n8jvE/uZ4rlYr3Ot+oxdfs75e
K4fY6JwtbZxQVcOU25M3WBYXLl0V61ZISFa16XhYC2hjzgMZ3bfmFUn+TW9C8V4V
03QqtFyT3FP+VfA3QUS3PuBxALT0HWXmDqp0VJc6UCiXX2InWR+uZQp7a30EawOZ
WHLqgf+nT3bD3kfagCZN
=JJlw
-----END PGP SIGNATURE-----
Merge tag 'drivers-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
Pull ARM driver updates from Olof Johansson:
"Updates of SoC-near drivers and other driver updates that makes more
sense to take through our tree.
The largest part of this is a conversion of device registration for
some renesas shmobile/sh devices over to use resources. This has
required coordination with the corresponding arch/sh changes, and
we've agreed to merge the arch/sh changes through our tree.
Added in this branch is support for Trusted Foundations secure
firmware, which is what is used on many of the commercial Nvidia Tegra
products that are in the market, including the Nvidia Shield. The
code is local to arch/arm at this time since it's uncertain whether it
will be shared with arm64 longer-term, if needed we will refactor
later.
A couple of new RTC drivers used on ARM boards, merged through our
tree on request by the RTC maintainer.
... plus a bunch of smaller updates across the board, gpio conversions
for davinci, etc"
* tag 'drivers-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (45 commits)
watchdog: davinci: rename platform driver to davinci-wdt
tty: serial: Limit msm_serial_hs driver to platforms that use it
mmc: msm_sdcc: Limit driver to platforms that use it
usb: phy: msm: Move mach dependent code to platform data
clk: versatile: fixup IM-PD1 clock implementation
clk: versatile: pass a name to ICST clock provider
ARM: integrator: pass parent IRQ to the SIC
irqchip: versatile FPGA: support cascaded interrupts from DT
gpio: davinci: don't create irq_domain in case of unbanked irqs
gpio: davinci: use chained_irq_enter/chained_irq_exit API
gpio: davinci: add OF support
gpio: davinci: remove unused variable intc_irq_num
gpio: davinci: convert to use irqdomain support.
gpio: introduce GPIO_DAVINCI kconfig option
gpio: davinci: get rid of DAVINCI_N_GPIO
gpio: davinci: use {readl|writel}_relaxed() instead of __raw_*
serial: sh-sci: Add OF support
serial: sh-sci: Add device tree bindings documentation
serial: sh-sci: Remove platform data mapbase and irqs fields
serial: sh-sci: Remove platform data scbrr_algo_id field
...
Fixes the following sparse warning:
drivers/crypto/mxs-dcp.c:103:1: warning:
symbol 'global_mutex' was not declared. Should it be static?
Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Acked-by: Marek Vasut <marex@denx.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The CCP cannot be hot-plugged so it will either be there
or it won't. Do not allow the driver to stay loaded if the
CCP does not successfully initialize.
Provide stub routines in the ccp.h file that return -ENODEV
if the CCP has not been configured in the build.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Cleanup the ahash digest invocations to check the init
return code and make use of the finup routine.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
When performing a hash operation if the amount of data buffered and a
request at or near the maximum data length is received then the length
calcuation could wrap causing an error in executing the hash operation.
Fix this by using a u64 type for the input and output data lengths in
all CCP operations.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
For a hash operation, the caller doesn't have to supply a result
area on every call so don't use it / update it if it hasn't
been supplied.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Cleanup up the usage of scatterlists to make the code cleaner
and avoid extra memory allocations when not needed.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Fix some memory allocations to use the appropriate gfp_t type based
on the CRYPTO_TFM_REQ_MAY_SLEEP flag.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The order in the Makefile was a mess, sort it.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: David S. Miller <davem@davemloft.net>
Cc: Fabio Estevam <fabio.estevam@freescale.com>
Cc: Shawn Guo <shawn.guo@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>