Commit Graph

1785 Commits

Author SHA1 Message Date
Leonidas S. Barbosa
c07f5d3da6 crypto: vmx - Adding support for XTS
This patch add XTS support using VMX-crypto driver.

Signed-off-by: Leonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: Paulo Flabiano Smorigo <pfsmorigo@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-19 15:42:43 +08:00
Paulo Flabiano Smorigo
11c6e16ee1 crypto: vmx - Adding asm subroutines for XTS
This patch add XTS subroutines using VMX-crypto driver.

It gives a boost of 20 times using XTS.

These code has been adopted from OpenSSL project in collaboration
with the original author (Andy Polyakov <appro@openssl.org>).

Signed-off-by: Leonidas S. Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: Paulo Flabiano Smorigo <pfsmorigo@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-19 15:42:43 +08:00
Romain Perier
aa6416ee46 crypto: marvell - Fix wrong flag used for GFP in mv_cesa_dma_add_iv_op
Use the parameter 'gfp_flags' instead of 'flag' as second argument of
dma_pool_alloc(). The parameter 'flag' is for the TDMA descriptor, its
content has no sense for the allocator.

Fixes: bac8e805a3 ("crypto: marvell - Copy IV vectors by DMA...")
Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-19 15:42:40 +08:00
Dan Carpenter
e514cc0a49 crypto: nx - off by one bug in nx_of_update_msc()
The props->ap[] array is defined like this:

	struct alg_props ap[NX_MAX_FC][NX_MAX_MODE][3];

So we can see that if msc->fc and msc->mode are == to NX_MAX_FC or
NX_MAX_MODE then we're off by one.

Fixes: ae0222b728 ('powerpc/crypto: nx driver code supporting nx encryption')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-19 12:01:47 +08:00
Herbert Xu
7c001a8650 crypto: omap - Stop using crypto scatterwalk_bytes_sglen
We already have a generic function sg_nents_for_len which does
the same thing.  This patch switches omap over to it and also
adds error handling in case the SG list is short.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-18 17:35:48 +08:00
Salvatore Benedetto
bd76ad4abf crypto: qat - Stop dropping leading zeros from RSA output
There is not need to drop leading zeros from the RSA output
operations results.

Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-11 18:03:11 +08:00
Salvatore Benedetto
c9839143eb crypto: qat - Add DH support
Add DH support under kpp api. Drop struct qat_rsa_request and
introduce a more generic struct qat_asym_request and share it
between RSA and DH requests.

Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-11 18:03:10 +08:00
Salvatore Benedetto
879f77e907 crypto: qat - Add RSA CRT mode
Extend qat driver to use RSA CRT mode when all CRT related components are
present in the private key. Simplify code in qat_rsa_setkey by adding
qat_rsa_clear_ctx.

Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-05 23:05:28 +08:00
Conor McLoughlin
e24860f2a6 crypto: qat - Use alternative reset methods depending on the specific device
Different product families will use FLR or SBR.
Virtual Function devices have no reset method.

Signed-off-by: Conor McLoughlin <conor.mcloughlin@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-05 23:05:25 +08:00
Amitoj Kaur Chawla
8d63a6d53b crypto: bfin_crc - Simplify use of devm_ioremap_resource
Remove unneeded error handling on the result of a call to
platform_get_resource when the value is passed to
devm_ioremap_resource.

The Coccinelle semantic patch that makes this change is as follows:

// <smpl>
@@
expression pdev,res,n,e,e1;
expression ret != 0;
identifier l;
@@

- res = platform_get_resource(pdev, IORESOURCE_MEM, n);
  ... when != res
- if (res == NULL) { ... \(goto l;\|return ret;\) }
  ... when != res
+ res = platform_get_resource(pdev, IORESOURCE_MEM, n);
  e = devm_ioremap_resource(e1, res);
// </smpl>

Signed-off-by: Amitoj Kaur Chawla <amitoj1606@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-05 23:05:24 +08:00
Tudor Ambarus
8c419778ab crypto: caam - add support for RSA algorithm
Add RSA support to caam driver.

Initial author is Yashpal Dutta <yashpal.dutta@freescale.com>.

Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-05 23:05:24 +08:00
Salvatore Benedetto
6889621fd2 crypto: qat - Switch to new rsa_helper functions
Drop all asn1 related code and use the new rsa_helper
functions rsa_parse_[pub|priv]_key for parsing the key

Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-05 23:05:21 +08:00
Bin Liu
eb3547859d crypto: omap-sham - increase cra_proirity to 400
The arm-neon-sha implementations have cra_priority of 150...300, so
increase omap-sham priority to 400 to ensure it is on top of any
software alg.

Signed-off-by: Bin Liu <b-liu@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-01 23:45:22 +08:00
Herbert Xu
678adecd11 crypto: sahara - Use skcipher for fallback
This patch replaces use of the obsolete ablkcipher with skcipher.

It also removes shash_fallback which is totally unused.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-01 23:45:10 +08:00
Herbert Xu
2d20ce070d crypto: qce - Use skcipher for fallback
This patch replaces use of the obsolete ablkcipher with skcipher.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-01 23:45:09 +08:00
Herbert Xu
1eb60ff82d crypto: picoxcell - Use skcipher for fallback
This patch replaces use of the obsolete ablkcipher with skcipher.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-01 23:45:09 +08:00
Herbert Xu
29406bb923 crypto: mxs-dcp - Use skcipher for fallback
This patch replaces use of the obsolete ablkcipher with skcipher.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-01 23:45:08 +08:00
Herbert Xu
241118de58 crypto: ccp - Use skcipher for fallback
This patch replaces use of the obsolete ablkcipher with skcipher.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-01 23:45:08 +08:00
Arnd Bergmann
9ac1c3200c crypto: ux500 - do not build with -O0
The ARM allmodconfig build currently warngs because of the
ux500 crypto driver not working well with the jump label
implementation that we started using for dynamic debug, which
breaks building with 'gcc -O0':

In file included from /git/arm-soc/include/linux/jump_label.h:105:0,
                 from /git/arm-soc/include/linux/dynamic_debug.h:5,
                 from /git/arm-soc/include/linux/printk.h:289,
                 from /git/arm-soc/include/linux/kernel.h:13,
                 from /git/arm-soc/include/linux/clk.h:16,
                 from /git/arm-soc/drivers/crypto/ux500/hash/hash_core.c:16:
/git/arm-soc/arch/arm/include/asm/jump_label.h: In function 'hash_set_dma_transfer':
/git/arm-soc/arch/arm/include/asm/jump_label.h:13:7: error: asm operand 0 probably doesn't match constraints [-Werror]
  asm_volatile_goto("1:\n\t"

Turning off compiler optimizations has never really been supported
here, and it's only used when debugging the driver. I have not found
a good reason for doing this here, other than a misguided attempt
to produce more readable assembly output. Also, the driver is only
used in obsolete hardware that almost certainly nobody will spend
time debugging any more.

This just removes the -O0 flag from the compiler options.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-28 16:06:33 +08:00
Bin Liu
85e0687f8f crypto: omap-sham - set sw fallback to 240 bytes
Adds software fallback support for small crypto requests. In these cases,
it is undesirable to use DMA, as setting it up itself is rather heavy
operation. Gives about 40% extra performance in ipsec usecase.

Signed-off-by: Bin Liu <b-liu@ti.com>
[t-kristo@ti.com: dropped the extra traces, updated some comments
 on the code]
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-24 21:24:58 +08:00
Lokesh Vutla
b973eaab68 crypto: omap - do not call dmaengine_terminate_all
The extra call to dmaengine_terminate_all is not needed, as the DMA
is not running at this point. This improves performance slightly.

Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-24 21:24:57 +08:00
Tero Kristo
65e7a549af crypto: omap-sham - change queue size from 1 to 10
Change crypto queue size from 1 to 10 for omap SHA driver. This should
allow clients to enqueue requests more effectively to avoid serializing
whole crypto sequences, giving extra performance.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-24 21:24:57 +08:00
Tero Kristo
e93f767bec crypto: omap-sham - use runtime_pm autosuspend for clock handling
Calling runtime PM API for every block causes serious performance hit to
crypto operations that are done on a long buffer. As crypto is performed
on a page boundary, encrypting large buffers can cause a series of crypto
operations divided by page. The runtime PM API is also called those many
times.

Convert the driver to use runtime_pm autosuspend instead, with a default
timeout value of 1 second. This results in upto ~50% speedup.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-24 21:24:57 +08:00
Romain Perier
47a1f0b2d1 crypto: marvell - Increase the size of the crypto queue
Now that crypto requests are chained together at the DMA level, we
increase the size of the crypto queue for each engine. The result is
that as the backlog list is reached later, it does not stop the crypto
stack from sending asychronous requests, so more cryptographic tasks
are processed by the engines.

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-23 18:29:52 +08:00
Romain Perier
85030c5168 crypto: marvell - Add support for chaining crypto requests in TDMA mode
The Cryptographic Engines and Security Accelerators (CESA) supports the
Multi-Packet Chain Mode. With this mode enabled, multiple tdma requests
can be chained and processed by the hardware without software
intervention. This mode was already activated, however the crypto
requests were not chained together. By doing so, we reduce significantly
the number of IRQs. Instead of being interrupted at the end of each
crypto request, we are interrupted at the end of the last cryptographic
request processed by the engine.

This commits re-factorizes the code, changes the code architecture and
adds the required data structures to chain cryptographic requests
together before sending them to an engine (stopped or possibly already
running).

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-23 18:29:51 +08:00
Romain Perier
bf8f91e711 crypto: marvell - Add load balancing between engines
This commits adds support for fine grained load balancing on
multi-engine IPs. The engine is pre-selected based on its current load
and on the weight of the crypto request that is about to be processed.
The global crypto queue is also moved to each engine. These changes are
required to allow chaining crypto requests at the DMA level. By using
a crypto queue per engine, we make sure that we keep the state of the
tdma chain synchronized with the crypto queue. We also reduce contention
on 'cesa_dev->lock' and improve parallelism.

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-23 18:29:51 +08:00
Romain Perier
2786cee8e5 crypto: marvell - Move SRAM I/O operations to step functions
Currently the crypto requests were sent to engines sequentially.
This commit moves the SRAM I/O operations from the prepare to the step
functions. It provides flexibility for future works and allow to prepare
a request while the engine is running.

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-23 18:17:25 +08:00
Romain Perier
1bf6682cb3 crypto: marvell - Add a complete operation for async requests
So far, the 'process' operation was used to check if the current request
was correctly handled by the engine, if it was the case it copied
information from the SRAM to the main memory. Now, we split this
operation. We keep the 'process' operation, which still checks if the
request was correctly handled by the engine or not, then we add a new
operation for completion. The 'complete' method copies the content of
the SRAM to memory. This will soon become useful if we want to call
the process and the complete operations from different locations
depending on the type of the request (different cleanup logic).

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-23 18:17:24 +08:00
Romain Perier
53da740fed crypto: marvell - Move tdma chain out of mv_cesa_tdma_req and remove it
Currently, the only way to access the tdma chain is to use the 'req'
union from a mv_cesa_{ablkcipher,ahash}. This will soon become a problem
if we want to handle the TDMA chaining vs standard/non-DMA processing in
a generic way (with generic functions at the cesa.c level detecting
whether the request should be queued at the DMA level or not). Hence the
decision to move the chain field a the mv_cesa_req level at the expense
of adding 2 void * fields to all request contexts (including non-DMA
ones) and to remove the type completly. To limit the overhead, we get
rid of the type field, which can now be deduced from the req->chain.first
value. Once these changes are done the union is no longer needed, so
remove it and move mv_cesa_ablkcipher_std_req and mv_cesa_req
to mv_cesa_ablkcipher_req directly. There are also no needs to keep the
'base' field into the union of mv_cesa_ahash_req, so move it into the
upper structure.

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-23 18:17:23 +08:00
Romain Perier
bac8e805a3 crypto: marvell - Copy IV vectors by DMA transfers for acipher requests
Add a TDMA descriptor at the end of the request for copying the
output IV vector via a DMA transfer. This is a good way for offloading
as much as processing as possible to the DMA and the crypto engine.
This is also required for processing multiple cipher requests
in chained mode, otherwise the content of the IV vector would be
overwritten by the last processed request.

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-23 18:14:03 +08:00
Romain Perier
b99acf79a1 crypto: marvell - Fix wrong type check in dma functions
So far, the way that the type of a TDMA operation was checked was wrong.
We have to use the type mask in order to get the right part of the flag
containing the type of the operation.

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-23 18:14:01 +08:00
Romain Perier
f62830886f crypto: marvell - Check engine is not already running when enabling a req
Add a BUG_ON() call when the driver tries to launch a crypto request
while the engine is still processing the previous one. This replaces
a silent system hang by a verbose kernel panic with the associated
backtrace to let the user know that something went wrong in the CESA
driver.

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-23 18:14:00 +08:00
Romain Perier
e26df73f80 crypto: marvell - Add a macro constant for the size of the crypto queue
Adding a macro constant to be used for the size of the crypto queue,
instead of using a numeric value directly. It will be easier to
maintain in case we add more than one crypto queue of the same size.

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-23 18:13:59 +08:00
Tudor Ambarus
6999d504d4 crypto: caam - replace deprecated EXTRA_CFLAGS
EXTRA_CFLAGS is still supported but its usage is deprecated.

Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-20 19:25:00 +08:00
Arnd Bergmann
a6ed42dac4 crypto: caam - fix misspelled upper_32_bits
An endianess fix mistakenly used higher_32_bits() instead of
upper_32_bits(), and that doesn't exist:

drivers/crypto/caam/desc_constr.h: In function 'append_ptr':
drivers/crypto/caam/desc_constr.h:84:75: error: implicit declaration of function 'higher_32_bits' [-Werror=implicit-function-declaration]
  *offset = cpu_to_caam_dma(ptr);

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Fixes: 261ea058f0 ("crypto: caam - handle core endianness != caam endianness")
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-20 19:24:39 +08:00
Hendrik Brueckner
f848dbd3bc s390/crc32-vx: add crypto API module for optimized CRC-32 algorithms
Add a crypto API module to access the vector extension based CRC-32
implementations.  Users can request the optimized implementation through
the shash crypto API interface.

Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2016-06-15 16:36:34 +02:00
Bhaktipriya Shridhar
773b197972 crypto: qat - Remove deprecated create_workqueue
alloc_workqueue replaces deprecated create_workqueue().

The workqueue device_reset_wq has workitem &reset_data->reset_work per
adf_reset_dev_data. The workqueue  pf2vf_resp_wq is a workqueue for
PF2VF responses has workitem &pf2vf_resp->pf2vf_resp_work per pf2vf_resp.
The workqueue adf_vf_stop_wq is used to call adf_dev_stop()
asynchronously.

Dedicated workqueues have been used in all cases since the workitems
on the workqueues are involved in operation of crypto which can be used in
the IO path which is depended upon during memory reclaim. Hence,
WQ_MEM_RECLAIM has been set to gurantee forward progress under memory
pressure.
Since there are only a fixed number of work items, explicit concurrency
limit is unnecessary.

Signed-off-by: Bhaktipriya Shridhar <bhaktipriya96@gmail.com>
Acked-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-13 17:47:48 +08:00
Linus Walleij
19ced623db crypto: ux500 - memmove the right size
The hash buffer is really HASH_BLOCK_SIZE bytes, someone
must have thought that memmove takes n*u32 words by mistake.
Tests work as good/bad as before after this patch.

Cc: Joakim Bech <joakim.bech@linaro.org>
Cc: stable@vger.kernel.org
Reported-by: David Binderman <linuxdev.baldrick@gmail.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-13 17:43:05 +08:00
Anton Blanchard
12d3f49e1f crypto: vmx - Increase priority of aes-cbc cipher
All of the VMX AES ciphers (AES, AES-CBC and AES-CTR) are set at
priority 1000. Unfortunately this means we never use AES-CBC and
AES-CTR, because the base AES-CBC cipher that is implemented on
top of AES inherits its priority.

To fix this, AES-CBC and AES-CTR have to be a higher priority. Set
them to 2000.

Testing on a POWER8 with:

cryptsetup benchmark --cipher aes --key-size 256

Shows decryption speed increase from 402.4 MB/s to 3069.2 MB/s,
over 7x faster. Thanks to Mike Strosaker for helping me debug
this issue.

Fixes: 8c755ace35 ("crypto: vmx - Adding CBC routines for VMX module")
Cc: stable@vger.kernel.org
Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-13 17:43:05 +08:00
Anton Blanchard
975f57fdff crypto: vmx - Fix ABI detection
When calling ppc-xlate.pl, we pass it either linux-ppc64 or
linux-ppc64le. The script however was expecting linux64le, a result
of its OpenSSL origins. This means we aren't obeying the ppc64le
ABIv2 rules.

Fix this by checking for linux-ppc64le.

Fixes: 5ca5573820 ("crypto: vmx - comply with ABIs that specify vrsave as reserved.")
Cc: stable@vger.kernel.org
Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-13 17:43:04 +08:00
LEROY Christophe
7405c8d7ff crypto: talitos - templates for AEAD using HMAC_SNOOP_NO_AFEU
This will allow IPSEC on SEC1

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-08 16:20:04 +08:00
LEROY Christophe
b00577639d crypto: talitos - implement cra_priority
SEC1 doesn't have IPSEC_ESP descriptor type but it is able to perform
IPSEC using HMAC_SNOOP_NO_AFEU, which is also existing on SEC2
In order to be able to define descriptors templates for SEC1 without
breaking SEC2+, we have to give lower priority to HMAC_SNOOP_NO_AFEU
so that SEC2+ selects IPSEC_ESP and not HMAC_SNOOP_NO_AFEU which is
less performant.

This is done by adding a priority field in the template. If the field
is 0, we use the default priority, otherwise we used the one in the
field.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-08 16:20:04 +08:00
LEROY Christophe
e968b49f4d crypto: talitos - sg_to_link_tbl() not used anymore, remove it
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-08 16:20:03 +08:00
LEROY Christophe
549bd8bc59 crypto: talitos - Implement AEAD for SEC1 using HMAC_SNOOP_NO_AFEU
This patchs enhances the IPSEC_ESP related functions for them to
also supports the same operations with descriptor type
HMAC_SNOOP_NO_AFEU.

The differences between the two descriptor types are:
* pointeurs 2 and 3 are swaped (Confidentiality key and
    Primary EU Context IN)
* HMAC_SNOOP_NO_AFEU has CICV out in pointer 6
* HMAC_SNOOP_NO_AFEU has no primary EU context out so we get it
from the end of data out

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-08 16:20:03 +08:00
LEROY Christophe
6a1e8d1415 crypto: talitos - making mapping helpers more generic
In preparation of IPSEC for SEC1, first step is to make the mapping
helpers more generic so that they can also be used by AEAD functions.

First, the functions are moved before IPSEC functions in talitos.c

talitos_sg_unmap() and unmap_sg_talitos_ptr() are merged as they
are quite similar, the second one handling the SEC1 case an calling
the first one for SEC2

map_sg_in_talitos_ptr() and map_sg_out_talitos_ptr() are merged
into talitos_sg_map() and enhenced to support offseted zones
as used for AEAD. The actual mapping is now performed outside that
helper. The DMA sync is also done outside to not make it several
times.

talitos_edesc_alloc() size calculation are fixed to also take into
account AEAD specific parts also for SEC1

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-08 16:20:02 +08:00
LEROY Christophe
246a87cda0 crypto: talitos - move mapping helpers before IPSEC functions
In order to be able to use the mapping/unmapping helpers for IPSEC
it needs to be move upper in the file

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-08 16:20:02 +08:00
LEROY Christophe
b096b544d6 crypto: talitos - using helpers for all talitos_ptr operations
Use helper for all modifications to talitos_ptr in preparation to
the implementation of AEAD for SEC1

to_talitos_ptr_extent_clear() has been removed in favor of
to_talitos_ptr_ext_set() to set any value and
to_talitos_ptr_ext_or() to or the extent field with a value
name has been shorten to help keeping single lines of 80 chars

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-08 16:20:01 +08:00
Lokesh Vutla
3741bbb207 crypto: omap-aes - Fix registration of algorithms
Algorithms can be registered only once. So skip registration of
algorithms if already registered (i.e. in case we have two AES cores
in the system.)

Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-06-07 18:41:52 +08:00
Krzysztof Kozlowski
5318c53d5b crypto: s5p-sss - Use consistent indentation for variables and members
Bring some consistency by:
1. Replacing fixed-space indentation of structure members with just
   tabs.
2. Remove indentation in declaration of local variable between type and
   name.  Driver was mixing usage of such indentation and lack of it.
   When removing indentation, reorder variables in
   reversed-christmas-tree order with first variables being initialized
   ones.

Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Acked-by: Vladimir Zapolskiy <vz@mleia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-31 17:52:30 +08:00
Horia Geantă
9e217795e0 crypto: caam - add ARCH_LAYERSCAPE to supported architectures
This basically adds support for ls1043a platform.

Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-31 16:41:54 +08:00
Horia Geantă
261ea058f0 crypto: caam - handle core endianness != caam endianness
There are SoCs like LS1043A where CAAM endianness (BE) does not match
the default endianness of the core (LE).
Moreover, there are requirements for the driver to handle cases like
CPU_BIG_ENDIAN=y on ARM-based SoCs.
This requires for a complete rewrite of the I/O accessors.

PPC-specific accessors - {in,out}_{le,be}XX - are replaced with
generic ones - io{read,write}[be]XX.

Endianness is detected dynamically (at runtime) to allow for
multiplatform kernels, for e.g. running the same kernel image
on LS1043A (BE CAAM) and LS2080A (LE CAAM) armv8-based SoCs.

While here: debugfs entries need to take into consideration the
endianness of the core when displaying data. Add the necessary
glue code so the entries remain the same, but they are properly
read, regardless of the core and/or SEC endianness.

Note: pdb.h fixes only what is currently being used (IPsec).

Reviewed-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-31 16:41:54 +08:00
Cristian Stoica
bd52f1c232 crypto: caam - fix offset field in hw sg entries
The offset field is 13 bits wide; make sure we don't overwrite more than
that in the caam hardware scatter gather structure.

Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-31 16:41:53 +08:00
Tadeusz Struk
21a3d3b234 crypto: qat - fix typos sizeof for ctx
The sizeof(*ctx->dec_cd) and sizeof(*ctx->enc_cd) are equal,
but we should use the correct one for freeing memory anyway.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-31 16:41:48 +08:00
Linus Torvalds
446985428d Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
 "This fixes the following issues:

   - missing selection in public_key that may result in a build failure

   - Potential crash in error path in omap-sham

   - ccp AES XTS bug that affects requests larger than 4096"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: ccp - Fix AES XTS error for request sizes above 4096
  crypto: public_key: select CRYPTO_AKCIPHER
  crypto: omap-sham - potential Oops on error in probe
2016-05-30 15:20:18 -07:00
Arnd Bergmann
287980e49f remove lots of IS_ERR_VALUE abuses
Most users of IS_ERR_VALUE() in the kernel are wrong, as they
pass an 'int' into a function that takes an 'unsigned long'
argument. This happens to work because the type is sign-extended
on 64-bit architectures before it gets converted into an
unsigned type.

However, anything that passes an 'unsigned short' or 'unsigned int'
argument into IS_ERR_VALUE() is guaranteed to be broken, as are
8-bit integers and types that are wider than 'unsigned long'.

Andrzej Hajda has already fixed a lot of the worst abusers that
were causing actual bugs, but it would be nice to prevent any
users that are not passing 'unsigned long' arguments.

This patch changes all users of IS_ERR_VALUE() that I could find
on 32-bit ARM randconfig builds and x86 allmodconfig. For the
moment, this doesn't change the definition of IS_ERR_VALUE()
because there are probably still architecture specific users
elsewhere.

Almost all the warnings I got are for files that are better off
using 'if (err)' or 'if (err < 0)'.
The only legitimate user I could find that we get a warning for
is the (32-bit only) freescale fman driver, so I did not remove
the IS_ERR_VALUE() there but changed the type to 'unsigned long'.
For 9pfs, I just worked around one user whose calling conventions
are so obscure that I did not dare change the behavior.

I was using this definition for testing:

 #define IS_ERR_VALUE(x) ((unsigned long*)NULL == (typeof (x)*)NULL && \
       unlikely((unsigned long long)(x) >= (unsigned long long)(typeof(x))-MAX_ERRNO))

which ends up making all 16-bit or wider types work correctly with
the most plausible interpretation of what IS_ERR_VALUE() was supposed
to return according to its users, but also causes a compile-time
warning for any users that do not pass an 'unsigned long' argument.

I suggested this approach earlier this year, but back then we ended
up deciding to just fix the users that are obviously broken. After
the initial warning that caused me to get involved in the discussion
(fs/gfs2/dir.c) showed up again in the mainline kernel, Linus
asked me to send the whole thing again.

[ Updated the 9p parts as per Al Viro  - Linus ]

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Cc: Andrzej Hajda <a.hajda@samsung.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Link: https://lkml.org/lkml/2016/1/7/363
Link: https://lkml.org/lkml/2016/5/27/486
Acked-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> # For nvmem part
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-05-27 15:26:11 -07:00
Tom Lendacky
ab6a11a7c8 crypto: ccp - Fix AES XTS error for request sizes above 4096
The ccp-crypto module for AES XTS support has a bug that can allow requests
greater than 4096 bytes in size to be passed to the CCP hardware. The CCP
hardware does not support request sizes larger than 4096, resulting in
incorrect output. The request should actually be handled by the fallback
mechanism instantiated by the ccp-crypto module.

Add a check to insure the request size is less than or equal to the maximum
supported size and use the fallback mechanism if it is not.

Cc: <stable@vger.kernel.org> # 3.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-25 18:33:47 +08:00
Dan Carpenter
d462e32259 crypto: omap-sham - potential Oops on error in probe
This if statement is reversed so we end up either leaking or Oopsing on
error.

Fixes: dbe246209b ('crypto: omap-sham - Use dma_request_chan() for requesting DMA channel')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-19 18:03:00 +08:00
Tadeusz Struk
256b1cfb9a crypto: qat - change the adf_ctl_stop_devices to void
Change the adf_ctl_stop_devices to a void function.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-13 17:30:18 +08:00
Catalin Vasile
e930c765ca crypto: caam - fix caam_jr_alloc() ret code
caam_jr_alloc() used to return NULL if a JR device could not be
allocated for a session. In turn, every user of this function used
IS_ERR() function to verify if anything went wrong, which does NOT look
for NULL values. This made the kernel crash if the sanity check failed,
because the driver continued to think it had allocated a valid JR dev
instance to the session and at some point it tries to do a caam_jr_free()
on a NULL JR dev pointer.
This patch is a fix for this issue.

Cc: <stable@vger.kernel.org>
Signed-off-by: Catalin Vasile <cata.vasile@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-10 17:49:21 +08:00
Paulo Flabiano Smorigo
5ca5573820 crypto: vmx - comply with ABIs that specify vrsave as reserved.
It gives significant improvements ( ~+15%) on some modes.

These code has been adopted from OpenSSL project in collaboration
with the original author (Andy Polyakov <appro@openssl.org>).

Signed-off-by: Paulo Flabiano Smorigo <pfsmorigo@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-10 17:49:21 +08:00
Julia Lawall
bc197b2a9c crypto: ccp - constify ccp_actions structure
The ccp_actions structure is never modified, so declare it as const.

Done with the help of Coccinelle.

Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Acked-by: Gary Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-03 16:10:14 +08:00
Julia Lawall
472d640bd0 crypto: marvell/cesa - Use dma_pool_zalloc
Dma_pool_zalloc combines dma_pool_alloc and memset 0.  The semantic patch
that makes this transformation is as follows: (http://coccinelle.lip6.fr/)

// <smpl>
@@
expression d,e;
statement S;
@@

        d =
-            dma_pool_alloc
+            dma_pool_zalloc
             (...);
        if (!d) S
-       memset(d, 0, sizeof(*d));
// </smpl>

Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-03 16:10:13 +08:00
Tadeusz Struk
d0c15bd506 crypto: qat - make adf_vf_isr.c dependant on IOV config
The adf_vf_isr.c should only be build if CONFIG_PCI_IOV is enabled

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-03 16:10:13 +08:00
Tadeusz Struk
cca0a7b0ac crypto: qat - Fix typo in comments
Fix copy and paste typo adf_isr.c

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-03 16:10:13 +08:00
Peter Ujfalusi
dbe246209b crypto: omap-sham - Use dma_request_chan() for requesting DMA channel
With the new dma_request_chan() the client driver does not need to look for
the DMA resource and it does not need to pass filter_fn anymore.
By switching to the new API the driver can now support deferred probing
against DMA.

Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
CC: Herbert Xu <herbert@gondor.apana.org.au>
CC: David S. Miller <davem@davemloft.net>
CC: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-03 16:09:14 +08:00
Peter Ujfalusi
2f6f0680c7 crypto: omap-des - Use dma_request_chan() for requesting DMA channel
With the new dma_request_chan() the client driver does not need to look for
the DMA resource and it does not need to pass filter_fn anymore.
By switching to the new API the driver can now support deferred probing
against DMA.

Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
CC: Herbert Xu <herbert@gondor.apana.org.au>
CC: David S. Miller <davem@davemloft.net>
CC: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-03 16:09:14 +08:00
Peter Ujfalusi
da8b29a6c1 crypto: omap-aes - Use dma_request_chan() for requesting DMA channel
With the new dma_request_chan() the client driver does not need to look for
the DMA resource and it does not need to pass filter_fn anymore.
By switching to the new API the driver can now support deferred probing
against DMA.

Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
CC: Herbert Xu <herbert@gondor.apana.org.au>
CC: David S. Miller <davem@davemloft.net>
CC: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-03 16:08:49 +08:00
Baolin Wang
f1b77aaca8 crypto: omap-des - Integrate with the crypto engine framework
Since the crypto engine framework had been merged, thus this patch integrates
with the newly added crypto engine framework to make the crypto hardware
engine under utilized as each block needs to be processed before the crypto
hardware can start working on the next block.

The crypto engine framework can manage and process the requests automatically,
so remove the 'queue' and 'queue_task' things in omap des driver.

Signed-off-by: Baolin <baolin.wang@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-03 16:08:48 +08:00
Herbert Xu
6dd4c83ed7 Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Merge the crypto tree to pull in the qat adf_init_pf_wq fix.
2016-05-03 16:01:52 +08:00
Tadeusz Struk
6dc5df71ee crypto: qat - fix adf_ctl_drv.c:undefined reference to adf_init_pf_wq
Fix undefined reference issue reported by kbuild test robot.

Cc: <stable@vger.kernel.org>
Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-05-03 15:53:48 +08:00
Marek Szyprowski
d1497977fe crypto: s5p-sss - fix incorrect usage of scatterlists api
sg_dma_len() macro can be used only on scattelists which are mapped, so
all calls to it before dma_map_sg() are invalid. Replace them by proper
check for direct sg segment length read.

Fixes: a49e490c7a ("crypto: s5p-sss - add S5PV210 advanced crypto engine support")
Fixes: 9e4a1100a4 ("crypto: s5p-sss - Handle unaligned buffers")
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Reviewed-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Acked-by: Vladimir Zapolskiy <vz@mleia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-28 09:15:50 +08:00
Herbert Xu
6f6438975d Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Merge the crypto tree to pull in the qat adf_init_pf_wq change.
2016-04-28 09:13:03 +08:00
Tadeusz Struk
9e209fcfb8 crypto: qat - fix invalid pf2vf_resp_wq logic
The pf2vf_resp_wq is a global so it has to be created at init
and destroyed at exit, instead of per device.

Cc: <stable@vger.kernel.org>
Tested-by: Suresh Marikkannu <sureshx.marikkannu@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-28 08:58:07 +08:00
Krzysztof Kozlowski
79152e8d08 crypto: s5p-sss - Fix missed interrupts when working with 8 kB blocks
The tcrypt testing module on Exynos5422-based Odroid XU3/4 board failed on
testing 8 kB size blocks:

	$ sudo modprobe tcrypt sec=1 mode=500
	testing speed of async ecb(aes) (ecb-aes-s5p) encryption
	test 0 (128 bit key, 16 byte blocks): 21971 operations in 1 seconds (351536 bytes)
	test 1 (128 bit key, 64 byte blocks): 21731 operations in 1 seconds (1390784 bytes)
	test 2 (128 bit key, 256 byte blocks): 21932 operations in 1 seconds (5614592 bytes)
	test 3 (128 bit key, 1024 byte blocks): 21685 operations in 1 seconds (22205440 bytes)
	test 4 (128 bit key, 8192 byte blocks):

This was caused by a race issue of missed BRDMA_DONE ("Block cipher
Receiving DMA") interrupt. Device starts processing the data in DMA mode
immediately after setting length of DMA block: receiving (FCBRDMAL) or
transmitting (FCBTDMAL). The driver sets these lengths from interrupt
handler through s5p_set_dma_indata() function (or xxx_setdata()).

However the interrupt handler was first dealing with receive buffer
(dma-unmap old, dma-map new, set receive block length which starts the
operation), then with transmit buffer and finally was clearing pending
interrupts (FCINTPEND). Because of the time window between setting
receive buffer length and clearing pending interrupts, the operation on
receive buffer could end already and driver would miss new interrupt.

User manual for Exynos5422 confirms in example code that setting DMA
block lengths should be the last operation.

The tcrypt hang could be also observed in following blocked-task dmesg:

INFO: task modprobe:258 blocked for more than 120 seconds.
      Not tainted 4.6.0-rc4-next-20160419-00005-g9eac8b7b7753-dirty #42
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
modprobe        D c06b09d8     0   258    256 0x00000000
[<c06b09d8>] (__schedule) from [<c06b0f24>] (schedule+0x40/0xac)
[<c06b0f24>] (schedule) from [<c06b49f8>] (schedule_timeout+0x124/0x178)
[<c06b49f8>] (schedule_timeout) from [<c06b17fc>] (wait_for_common+0xb8/0x144)
[<c06b17fc>] (wait_for_common) from [<bf0013b8>] (test_acipher_speed+0x49c/0x740 [tcrypt])
[<bf0013b8>] (test_acipher_speed [tcrypt]) from [<bf003e8c>] (do_test+0x2240/0x30ec [tcrypt])
[<bf003e8c>] (do_test [tcrypt]) from [<bf008048>] (tcrypt_mod_init+0x48/0xa4 [tcrypt])
[<bf008048>] (tcrypt_mod_init [tcrypt]) from [<c010177c>] (do_one_initcall+0x3c/0x16c)
[<c010177c>] (do_one_initcall) from [<c0191ff0>] (do_init_module+0x5c/0x1ac)
[<c0191ff0>] (do_init_module) from [<c0185610>] (load_module+0x1a30/0x1d08)
[<c0185610>] (load_module) from [<c0185ab0>] (SyS_finit_module+0x8c/0x98)
[<c0185ab0>] (SyS_finit_module) from [<c01078c0>] (ret_fast_syscall+0x0/0x3c)

Fixes: a49e490c7a ("crypto: s5p-sss - add S5PV210 advanced crypto engine support")
Cc: <stable@vger.kernel.org>
Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Tested-by: Marek Szyprowski <m.szyprowski@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-25 19:14:54 +08:00
Krzysztof Kozlowski
5e00c6040d crypto: s5p-sss - Use common BIT macro
The BIT() macro is obvious and well known, so prefer to use it instead
of crafted own macro.

Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-25 19:14:54 +08:00
Dan Carpenter
4c048af708 crypto: mxc-scc - fix unwinding in mxc_scc_crypto_register()
There are two issues here:

1) We need to decrement "i" otherwise we unregister something that was
   not successfully registered.
2) The original code did not unregister the first element in the array
   where i is zero.

Fixes: d293b640eb ('crypto: mxc-scc - add basic driver for the MXC SCC')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-25 19:14:53 +08:00
Dan Carpenter
b908bd3d4c crypto: mxc-scc - signedness bugs in mxc_scc_ablkcipher_req_init()
->src_nents and ->dst_nents are unsigned so they can't be less than
zero.  I fixed this by introducing a temporary "nents" variable.

Fixes: d293b640eb ('crypto: mxc-scc - add basic driver for the MXC SCC')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-25 19:14:52 +08:00
Horia Geant?
3639ca840d crypto: talitos - fix ahash algorithms registration
Provide hardware state import/export functionality, as mandated by
commit 8996eafdcb ("crypto: ahash - ensure statesize is non-zero")

Cc: <stable@vger.kernel.org> # 4.3+
Reported-by: Jonas Eymann <J.Eymann@gmx.net>
Signed-off-by: Horia Geant? <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-25 19:14:52 +08:00
Gary R Hook
b3c2fee5d6 crypto: ccp - Ensure all dependencies are specified
A DMA_ENGINE requires DMADEVICES in Kconfig

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-25 19:14:51 +08:00
Romain Perier
21ec757d2d crypto: marvell/cesa - Improving code readability
When looking for available engines, the variable "engine" is
assigned to "&cesa->engines[i]" at the beginning of the for loop. Replacing
next occurences of "&cesa->engines[i]" by "engine" and in order to improve
readability.

Signed-off-by: Romain Perier <romain.perier@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-20 17:50:07 +08:00
Krzysztof Kozlowski
5512442553 crypto: s5p-sss - Remove useless hash interrupt handler
Beside regular feed control interrupt, the driver requires also hash
interrupt for older SoCs (samsung,s5pv210-secss). However after
requesting it, the interrupt handler isn't doing anything with it, not
even clearing the hash interrupt bit.

Driver does not provide hash functions so it is safe to remove the hash
interrupt related code and to not require the interrupt in Device Tree.

Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-20 17:50:07 +08:00
Krzysztof Kozlowski
07c8fccbf7 crypto: s5p-sss - Fix use after free of copied input buffer in error path
The driver makes copies of memory (input or output scatterlists) if they
are not aligned. In s5p_aes_crypt_start() error path (on unsuccessful
initialization of output scatterlist), if input scatterlist was not
aligned, the driver first freed copied input memory and then unmapped it
from the device, instead of doing otherwise (unmap and then free).

This was wrong in two ways:
1. Freed pages were still mapped to the device.
2. The dma_unmap_sg() iterated over freed scatterlist structure.

The call to s5p_free_sg_cpy() in this error path is not needed because
the copied scatterlists will be freed by s5p_aes_complete().

Fixes: 9e4a1100a4 ("crypto: s5p-sss - Handle unaligned buffers")
Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-20 17:50:06 +08:00
Gary R Hook
58ea8abf49 crypto: ccp - Register the CCP as a DMA resource
The CCP has the ability to provide DMA services to the
kernel using pass-through mode of the device. Register
these services as general purpose DMA channels.

Changes since v2:
- Add a Signed-off-by

Changes since v1:
- Allocate memory for a string in ccp_dmaengine_register
- Ensure register/unregister calls are properly ordered
- Verified all changed files are listed in the diffstat
- Undo some superfluous changes
- Added a cc:

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-20 17:50:06 +08:00
Christian Lamparter
5343e674f3 crypto4xx: integrate ppc4xx-rng into crypto4xx
This patch integrates the ppc4xx-rng driver into the existing
crypto4xx. This is because the true random number generator
is controlled and part of the security core.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-20 17:50:02 +08:00
Horia Geant?
340ff60ae9 crypto: talitos - fix AEAD tcrypt tests
After conversion to new AEAD interface, tcrypt tests fail as follows:

[...]
[    1.145414] alg: aead: Test 1 failed on encryption for authenc-hmac-sha1-cbc-aes-talitos
[    1.153564] 00000000: 53 69 6e 67 6c 65 20 62 6c 6f 63 6b 20 6d 73 67
[    1.160041] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[    1.166509] 00000020: 00 00 00 00
[...]

Fix them by providing the correct cipher in & cipher out pointers,
i.e. must skip over associated data in src and dst S/G.

While here, fix a problem with the HW S/G table index usage:
tbl_off must be updated after the pointer to the table entries is set.

Cc: <stable@vger.kernel.org> # 4.3+
Fixes: aeb4c132f3 ("crypto: talitos - Convert to new AEAD interface")
Reported-by: Jonas Eymann <J.Eymann@gmx.net>
Signed-off-by: Horia Geant? <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-20 17:42:49 +08:00
Jonas Eymann
89d124cb61 crypto: talitos - fix crash in talitos_cra_init()
Conversion of talitos driver to the new AEAD interface
hasn't been properly tested.

AEAD algorithms crash in talitos_cra_init as follows:

[...]
[    1.141095] talitos ffe30000.crypto: hwrng
[    1.145381] Unable to handle kernel paging request for data at address 0x00000058
[    1.152913] Faulting instruction address: 0xc02accc0
[    1.157910] Oops: Kernel access of bad area, sig: 11 [#1]
[    1.163315] SMP NR_CPUS=2 P1020 RDB
[    1.166810] Modules linked in:
[    1.169875] CPU: 0 PID: 1007 Comm: cryptomgr_test Not tainted 4.4.6 #1
[    1.176415] task: db5ec200 ti: db4d6000 task.ti: db4d6000
[    1.181821] NIP: c02accc0 LR: c02acd18 CTR: c02acd04
[    1.186793] REGS: db4d7d30 TRAP: 0300   Not tainted  (4.4.6)
[    1.192457] MSR: 00029000 <CE,EE,ME>  CR: 95009359  XER: e0000000
[    1.198585] DEAR: 00000058 ESR: 00000000
GPR00: c017bdc0 db4d7de0 db5ec200 df424b48 00000000 00000000 df424bfc db75a600
GPR08: df424b48 00000000 db75a628 db4d6000 00000149 00000000 c0044cac db5acda0
GPR16: 00000000 00000000 00000000 00000000 00000000 00000000 00000400 df424940
GPR24: df424900 00003083 00000400 c0180000 db75a640 c03e9f84 df424b40 df424b48
[    1.230978] NIP [c02accc0] talitos_cra_init+0x28/0x6c
[    1.236039] LR [c02acd18] talitos_cra_init_aead+0x14/0x28
[    1.241443] Call Trace:
[    1.243894] [db4d7de0] [c03e9f84] 0xc03e9f84 (unreliable)
[    1.249322] [db4d7df0] [c017bdc0] crypto_create_tfm+0x5c/0xf0
[    1.255083] [db4d7e10] [c017beec] crypto_alloc_tfm+0x98/0xf8
[    1.260769] [db4d7e40] [c0186a20] alg_test_aead+0x28/0xc8
[    1.266181] [db4d7e60] [c0186718] alg_test+0x260/0x2e0
[    1.271333] [db4d7ee0] [c0183860] cryptomgr_test+0x30/0x54
[    1.276843] [db4d7ef0] [c0044d80] kthread+0xd4/0xd8
[    1.281741] [db4d7f40] [c000e4a4] ret_from_kernel_thread+0x5c/0x64
[    1.287930] Instruction dump:
[    1.290902] 38600000 4e800020 81230028 7c681b78 81490010 38e9ffc0 3929ffe8 554a073e
[    1.298691] 2b8a000a 7d474f9e 812a0008 91230030 <80e90058> 39270060 7c0004ac 7cc04828

Cc: <stable@vger.kernel.org> # 4.3+
Fixes: aeb4c132f3 ("crypto: talitos - Convert to new AEAD interface")
Signed-off-by: Jonas Eymann <J.Eymann@gmx.net>

Fix typo - replaced parameter of __crypto_ahash_alg(): s/tfm/alg
Remove checkpatch warnings.
Add commit message.

Signed-off-by: Horia Geant? <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-20 17:42:48 +08:00
Tadeusz Struk
b3ab30a7cb crypto: qat - fix section mismatch warning
Fix Section mismatch warinig in adf_exit_vf_wq()

Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-18 18:49:52 +08:00
Tadeusz Struk
87ba569a39 crypto: qat - interrupts need to be enabled when VFs are disabled
IRQs need to be enabled when VFs go down in case some VF to PF
comms happens.

Tested-by: Suman Bangalore Sathyanarayana <sumanx.bangalore.sathyanarayana@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-18 18:49:52 +08:00
Tadeusz Struk
25c6ffb249 crypto: qat - check if PF is running
Before VF sends a signal to PF it should check if PF
is still running.

Tested-by: Suman Bangalore Sathyanarayana <sumanx.bangalore.sathyanarayana@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-18 18:49:51 +08:00
Tadeusz Struk
02dc8d634b crypto: qat - move vf2pf_init and vf2pf_exit to common
The vf2pf_init and vf2pf_exit are exactly the same for all VFs
so move them to common and reuse.

Tested-by: Suman Bangalore Sathyanarayana <sumanx.bangalore.sathyanarayana@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-18 18:49:47 +08:00
Steffen Trumtrar
d293b640eb crypto: mxc-scc - add basic driver for the MXC SCC
According to the Freescale GPL driver code, there are two different
Security Controller (SCC) versions: SCC and SCC2.

The SCC is found on older i.MX SoCs, e.g. the i.MX25. This is the
version implemented and tested here.

As there is no publicly available documentation for this IP core,
all information about this unit is gathered from the GPL'ed driver
from Freescale.

Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-15 22:36:35 +08:00
Tadeusz Struk
d6064165ba crypto: qat - adf_dev_stop should not be called in atomic context
VFs call adf_dev_stop() from a PF to VF interrupt bottom half.
This causes an oops "scheduling while atomic", because it tries
to acquire a mutex to un-register crypto algorithms.
This patch fixes the issue by calling adf_dev_stop() asynchronously.

Changes in v2:
 - change kthread to a work queue.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-15 22:35:45 +08:00
Mike Galbraith
7587c40754 crypto: ccp - Fix RT breaking #include <linux/rwlock_types.h>
Direct include of rwlock_types.h breaks RT, use spinlock_types.h instead.

Fixes: 553d2374db crypto: ccp - Support for multiple CCPs
Signed-off-by: Mike Galbraith <umgwanakikbuti@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-15 22:35:44 +08:00
Tom Lendacky
f709b45ec4 crypto: ccp - Prevent information leakage on export
Prevent information from leaking to userspace by doing a memset to 0 of
the export state structure before setting the structure values and copying
it. This prevents un-initialized padding areas from being copied into the
export area.

Cc: <stable@vger.kernel.org> # 3.14.x-
Reported-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-15 22:13:56 +08:00
Tadeusz Struk
f1420ceef3 crypto: qat - changed adf_dev_stop to void
It returns always zero anyway.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:54 +08:00
Tadeusz Struk
cb00bca42f crypto: qat - explicitly stop all VFs first
When stopping devices it is not enought to loop backwards.
We need to explicitly stop all VFs first.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:53 +08:00
Corentin LABBE
bdb6cf9f6f crypto: sun4i-ss - Replace spinlock_bh by spin_lock_irq{save|restore}
The current sun4i-ss driver could generate data corruption when ciphering/deciphering.
It occurs randomly on end of handled data.
No root cause have been found and the only way to remove it is to replace
all spin_lock_bh by their irq counterparts.

Fixes: 6298e94821 ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator")
Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:53 +08:00
Tudor Ambarus
738f98233b crypto: qat - fix address leaking of RSA public exponent
Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:52 +08:00
Tudor Ambarus
aa8b6dd4b0 crypto: qat - avoid memory corruption or undefined behaviour
memcopying to a (null pointer + offset) will result
in memory corruption or undefined behaviour.

Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:52 +08:00
Ahsan Atta
0c4935b31d crypto: qat - Remove redundant nrbg rings
Remove redundant nrbg rings.

Signed-off-by: Ahsan Atta <ahsan.atta@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:52 +08:00
Tadeusz Struk
082ebe92ca crypto: qat - make sure const_tab is 1024 bytes aligned
FW requires the const_tab to be 1024 bytes aligned.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:52 +08:00
Krzysztof Kozlowski
3cf9d84eb8 crypto: s5p-sss - Sort the headers to improve readability
Sort the headers alphabetically to improve readability and to spot
duplications easier.

Suggested-by: Vladimir Zapolskiy <vz@mleia.com>
Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Acked-by: Vladimir Zapolskiy <vz@mleia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:46 +08:00
Krzysztof Kozlowski
9e4a1100a4 crypto: s5p-sss - Handle unaligned buffers
During crypto selftests on Odroid XU3 (Exynos5422) some of the
algorithms failed because of passing AES-block unaligned source and
destination buffers:

alg: skcipher: encryption failed on chunk test 1 for ecb-aes-s5p: ret=22

Handle such case by copying the buffers to a new aligned and contiguous
space.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Vladimir Zapolskiy <vz@mleia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:46 +08:00
Krzysztof Kozlowski
119c3ab4ed crypto: s5p-sss - Minor coding cleanups
Remove unneeded inclusion of delay.h and get rid of indentation from
labels.

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Acked-by: Vladimir Zapolskiy <vz@mleia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:45 +08:00
Dan Carpenter
063327f54e crypto: marvell/cesa - remove unneeded condition
creq->cache[] is an array inside the struct, it's not a pointer and it
can't be NULL.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:45 +08:00
Amitoj Kaur Chawla
150f6d457c crypto: n2 - Remove return statement from void function
Return statement at the end of a void function is useless.

The Coccinelle semantic patch used to make this change is as follows:
//<smpl>
@@
identifier f;
expression e;
@@
void f(...) {
<...
- return
  e;
...>
}
//</smpl>

Signed-off-by: Amitoj Kaur Chawla <amitoj1606@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:44 +08:00
Krzysztof Kozlowski
dc1d9dee30 crypto: s5p-sss - Enable COMPILE_TEST
Get some build coverage of S5P/Exynos AES H/W acceleration driver.
Driver uses DMA and devm_ioremap_resource() so add DMA and IOMEM
dependencies for the compile testing.

Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Acked-by: Vladimir Zapolskiy <vz@mleia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:44 +08:00
Peter Meerwald
97ee7ed394 crypto: omap-des - Improve wording for CRYPTO_DEV_OMAP_DES in Kconfig
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-04-05 20:35:42 +08:00
Linus Torvalds
c130423620 Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
 "This fixes the following issues:

  API:
   - Fix kzalloc error path crash in ecryptfs added by skcipher
     conversion.  Note the subject of the commit is screwed up and the
     correct subject is actually in the body.

  Drivers:
   - A number of fixes to the marvell cesa hashing code.
   - Remove bogus nested irqsave that clobbers the saved flags in ccp"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: marvell/cesa - forward devm_ioremap_resource() error code
  crypto: marvell/cesa - initialize hash states
  crypto: marvell/cesa - fix memory leak
  crypto: ccp - fix lock acquisition code
  eCryptfs: Use skcipher and shash
2016-03-23 06:12:39 -07:00
Linus Torvalds
49dc2b7173 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
Pull trivial tree updates from Jiri Kosina.

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial:
  drivers/rtc: broken link fix
  drm/i915 Fix typos in i915_gem_fence.c
  Docs: fix missing word in REPORTING-BUGS
  lib+mm: fix few spelling mistakes
  MAINTAINERS: add git URL for APM driver
  treewide: Fix typo in printk
2016-03-17 21:38:27 -07:00
Linus Torvalds
70477371dc Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto update from Herbert Xu:
 "Here is the crypto update for 4.6:

  API:
   - Convert remaining crypto_hash users to shash or ahash, also convert
     blkcipher/ablkcipher users to skcipher.
   - Remove crypto_hash interface.
   - Remove crypto_pcomp interface.
   - Add crypto engine for async cipher drivers.
   - Add akcipher documentation.
   - Add skcipher documentation.

  Algorithms:
   - Rename crypto/crc32 to avoid name clash with lib/crc32.
   - Fix bug in keywrap where we zero the wrong pointer.

  Drivers:
   - Support T5/M5, T7/M7 SPARC CPUs in n2 hwrng driver.
   - Add PIC32 hwrng driver.
   - Support BCM6368 in bcm63xx hwrng driver.
   - Pack structs for 32-bit compat users in qat.
   - Use crypto engine in omap-aes.
   - Add support for sama5d2x SoCs in atmel-sha.
   - Make atmel-sha available again.
   - Make sahara hashing available again.
   - Make ccp hashing available again.
   - Make sha1-mb available again.
   - Add support for multiple devices in ccp.
   - Improve DMA performance in caam.
   - Add hashing support to rockchip"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (116 commits)
  crypto: qat - remove redundant arbiter configuration
  crypto: ux500 - fix checks of error code returned by devm_ioremap_resource()
  crypto: atmel - fix checks of error code returned by devm_ioremap_resource()
  crypto: qat - Change the definition of icp_qat_uof_regtype
  hwrng: exynos - use __maybe_unused to hide pm functions
  crypto: ccp - Add abstraction for device-specific calls
  crypto: ccp - CCP versioning support
  crypto: ccp - Support for multiple CCPs
  crypto: ccp - Remove check for x86 family and model
  crypto: ccp - memset request context to zero during import
  lib/mpi: use "static inline" instead of "extern inline"
  lib/mpi: avoid assembler warning
  hwrng: bcm63xx - fix non device tree compatibility
  crypto: testmgr - allow rfc3686 aes-ctr variants in fips mode.
  crypto: qat - The AE id should be less than the maximal AE number
  lib/mpi: Endianness fix
  crypto: rockchip - add hash support for crypto engine in rk3288
  crypto: xts - fix compile errors
  crypto: doc - add skcipher API documentation
  crypto: doc - update AEAD AD handling
  ...
2016-03-17 11:22:54 -07:00
Boris BREZILLON
dfe97ad30e crypto: marvell/cesa - forward devm_ioremap_resource() error code
Forward devm_ioremap_resource() error code instead of returning
-ENOMEM.

Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Reported-by: Russell King - ARM Linux <linux@arm.linux.org.uk>
Fixes: f63601fd61 ("crypto: marvell/cesa - add a new driver for Marvell's CESA")
Cc: <stable@vger.kernel.org> # 4.2+
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-17 19:09:05 +08:00
Boris BREZILLON
b0ef51067c crypto: marvell/cesa - initialize hash states
->export() might be called before we have done an update operation,
and in this case the ->state field is left uninitialized.
Put the correct default value when initializing the request.

Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-17 19:09:04 +08:00
Boris BREZILLON
7850c91b17 crypto: marvell/cesa - fix memory leak
Crypto requests are not guaranteed to be finalized (->final() call),
and can be freed at any moment, without getting any notification from
the core. This can lead to memory leaks of the ->cache buffer.

Make this buffer part of the request object, and allocate an extra buffer
from the DMA cache pool when doing DMA operations.

As a side effect, this patch also fixes another bug related to cache
allocation and DMA operations. When the core allocates a new request and
import an existing state, a cache buffer can be allocated (depending
on the state). The problem is, at that very moment, we don't know yet
whether the request will use DMA or not, and since everything is
likely to be initialized to zero, mv_cesa_ahash_alloc_cache() thinks it
should allocate a buffer for standard operation. But when
mv_cesa_ahash_free_cache() is called, req->type has been set to
CESA_DMA_REQ in the meantime, thus leading to an invalind dma_pool_free()
call (the buffer passed in argument has not been allocated from the pool).

Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Reported-by: Gregory CLEMENT <gregory.clement@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-17 19:09:04 +08:00
Gary R Hook
03a6f29000 crypto: ccp - fix lock acquisition code
This patch simplifies an unneeded read-write lock.

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-17 19:09:02 +08:00
Tadeusz Struk
34074205bb crypto: qat - remove redundant arbiter configuration
The default arbiter configuration for ring weights and response ordering
is exactly what we want so we don't need to configure anything more.
This will also fix the problem where number of bundles is different
between different devices.

Reported-by: Ahsan Atta <ahsan.atta@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-11 21:22:18 +08:00
Vladimir Zapolskiy
b62917a262 crypto: ux500 - fix checks of error code returned by devm_ioremap_resource()
The change fixes potential oops while accessing iomem on invalid
address, if devm_ioremap_resource() fails due to some reason.

The devm_ioremap_resource() function returns ERR_PTR() and never
returns NULL, which makes useless a following check for NULL.

Signed-off-by: Vladimir Zapolskiy <vz@mleia.com>
Fixes: 5a4eea2658 ("crypto: ux500 - Use devm_xxx() managed function")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-11 21:19:20 +08:00
Vladimir Zapolskiy
9b52d55f4f crypto: atmel - fix checks of error code returned by devm_ioremap_resource()
The change fixes potential oops while accessing iomem on invalid
address, if devm_ioremap_resource() fails due to some reason.

The devm_ioremap_resource() function returns ERR_PTR() and never
returns NULL, which makes useless a following check for NULL.

Signed-off-by: Vladimir Zapolskiy <vz@mleia.com>
Fixes: b0e8b3417a ("crypto: atmel - use devm_xxx() managed function")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-11 21:19:19 +08:00
Pingchao Yang
84a0ced0b6 crypto: qat - Change the definition of icp_qat_uof_regtype
The definition of icp_qat_uof_regtype should be coherent with
 the definition in firmware compiler.

Signed-off-by: Yang Pingchao <pingchao.yang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-11 21:19:19 +08:00
Gary R Hook
ea0375afa1 crypto: ccp - Add abstraction for device-specific calls
Support for different generations of the coprocessor
requires that an abstraction layer be implemented for
interacting with the hardware. This patch splits out
version-specific functions to a separate file and populates
the version structure (acting as a driver) with function
pointers.

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-11 21:19:17 +08:00
Gary R Hook
c7019c4d73 crypto: ccp - CCP versioning support
Future hardware may introduce new algorithms wherein the
driver will need to manage resources for different versions
of the cryptographic coprocessor. This precursor patch
determines the version of the available device, and marks
and registers algorithms accordingly. A structure is added
which manages the version-specific data.

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-11 21:19:16 +08:00
Gary R Hook
553d2374db crypto: ccp - Support for multiple CCPs
Enable management of >1 CCPs in a system. Each device will
get a unique identifier, as well as uniquely named
resources. Treat each CCP as an orthogonal unit and register
 resources individually.

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-11 21:19:07 +08:00
Gary R Hook
3f19ce2054 crypto: ccp - Remove check for x86 family and model
Each x86 SoC will make use of a unique PCI ID for the CCP
device so it is not necessary to check for the CPU family
and model.

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-03-11 21:19:06 +08:00
Tom Lendacky
ce0ae266fe crypto: ccp - memset request context to zero during import
Since a crypto_ahash_import() can be called against a request context
that has not had a crypto_ahash_init() performed, the request context
needs to be cleared to insure there is no random data present. If not,
the random data can result in a kernel oops during crypto_ahash_update().

Cc: <stable@vger.kernel.org> # 3.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-28 03:26:35 +08:00
Pingchao Yang
f93a8b25d2 crypto: qat - The AE id should be less than the maximal AE number
Signed-off-by: Yang Pingchao <pingchao.yang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-28 03:26:31 +08:00
Zain Wang
bfd927ffa2 crypto: rockchip - add hash support for crypto engine in rk3288
Add md5 sha1 sha256 support for crypto engine in rk3288.

Signed-off-by: Zain Wang <zain.wang@rock-chips.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-28 03:26:29 +08:00
Fabio Estevam
029c053c44 crypto: caam - Staticize caam_jr_shutdown()
caam_jr_shutdown() is only used in this file, so it can be
made static.

This avoids the following sparse warning:

drivers/crypto/caam/jr.c:68:5: warning: symbol 'caam_jr_shutdown' was not declared. Should it be static?

Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-17 04:07:52 +08:00
Tadeusz Struk
26d52ea39b crypto: qat - fix leak on error path
Fix a leak on error path in qat asym

Reported-by: Salvatore Benedetto <salvatore.benedetto@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-17 04:07:52 +08:00
Cyrille Pitchen
ad84112a11 crypto: atmel-sha - fix race in atmel_sha_final()
When (!ctx->bufcnt && !(ctx->flags & SHA_FLAGS_PAD)), the former source
code used to set the SHA_FLAGS_BUSY without checking whether this flag was
already set. If so, the hardware is already processing another hash
request so the processing of the req argument of atmel_sha_final() should
be delayed by queueing this request, the same way as done for the
(ctx->bufcnt != 0) case.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-17 04:07:43 +08:00
Cyrille Pitchen
9c4274d90d crypto: atmel-sha - fix .import()/.export() implementation
Using only the digest, digcnt[], bufcnt and buffer[] fields of the
struct atmel_sha_reqctx was not enough to import/export the request state,
so now we use the whole structure.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-17 04:07:43 +08:00
Masanari Iida
fc4fa6e112 treewide: Fix typo in printk
This patch fix spelling typos found in printk and Kconfig.

Signed-off-by: Masanari Iida <standby24x7@gmail.com>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2016-02-15 11:18:22 +01:00
Fabio Estevam
d42cf2f190 crypto: sahara - fill the statesize field
Currently the sahara driver fails to probe:

sahara: probe of 63ff8000.crypto failed with error -22

This happens since commit 8996eafdcb ("crypto: ahash - ensure statesize
is non-zero"), which requires statesize to be filled.

Pass the statesize members for sha1 and sha256, so we can probe
the driver successfully again.

Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-06 15:33:29 +08:00
Fabio Estevam
bceab44eed crypto: sahara - avoid needlessly saving and restoring sahara_ctx
Based on commit 434b421241 ("crypto: caam - avoid needlessly saving and
restoring caam_hash_ctx") from Russell King.

When exporting and importing the hash state, we will only export and
import into hashes which share the same struct crypto_ahash pointer.
(See hash_accept->af_alg_accept->hash_accept_parent.)

This means that saving the sahara_ctx structure on export, and
restoring it on import is a waste of resources.  So, remove this code.

Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-06 15:33:28 +08:00
Fabio Estevam
6e56201857 crypto: sahara - remove unneeded mutex in the exported state
As pointed out by Herbert Xu we should not include the mutex in the
exported state, so let's just get rid of it.

Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-06 15:33:28 +08:00
Tom Lendacky
b31dde2a5c crypto: ccp - Don't assume export/import areas are aligned
Use a local variable for the exported and imported state so that
alignment is not an issue. On export, set a local variable from the
request context and then memcpy the contents of the local variable to
the export memory area. On import, memcpy the import memory area into
a local variable and then use the local variable to set the request
context.

Cc: <stable@vger.kernel.org> # 3.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-06 15:33:24 +08:00
Tadeusz Struk
53a0bd7144 crypto: aead - move aead_request_cast helper to aead.h
Move the helper function to common header for everybody to use.

changes in v2:
- move the helper to crypto/internal/aead.h
  instead of crypto/aead.h

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-06 15:33:22 +08:00
Andre Przywara
f823ab93c5 crypto: sunxi-ss - prevent compilation on 64-bit
The driver for the sunxi-ss crypto engine is not entirely 64-bit safe,
compilation on arm64 spits some warnings.
The proper fix was deemed to involved [1], so since 64-bit SoCs won't
have this IP block we just disable this driver for 64-bit.

[1]: http://lists.infradead.org/pipermail/linux-arm-kernel/2016-January/399988.html
     (and the reply)

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Corentin LABBE <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-06 15:33:21 +08:00
Boris BREZILLON
8a3978ad55 crypto: marvell/cesa - fix test in mv_cesa_dev_dma_init()
We are checking twice if dma->cache_pool is not NULL but are never testing
dma->padding_pool value.

Cc: stable@vger.kernel.org
Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-06 15:23:56 +08:00
Cyrille Pitchen
c033042aa8 crypto: atmel-sha - remove calls of clk_prepare() from atomic contexts
clk_prepare()/clk_unprepare() must not be called within atomic context.

This patch calls clk_prepare() once for all from atmel_sha_probe() and
clk_unprepare() from atmel_sha_remove().

Then calls of clk_prepare_enable()/clk_disable_unprepare() were replaced
by calls of clk_enable()/clk_disable().

Cc: stable@vger.kernel.org
Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Reported-by: Matthias Mayr <matthias.mayr@student.kit.edu>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-06 15:23:56 +08:00
Cyrille Pitchen
d961436c11 crypto: atmel-sha - fix atmel_sha_remove()
Since atmel_sha_probe() uses devm_xxx functions to allocate resources,
atmel_sha_remove() should no longer explicitly release them.

Cc: stable@vger.kernel.org
Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Fixes: b0e8b3417a ("crypto: atmel - use devm_xxx() managed function")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-06 15:23:56 +08:00
Tom Lendacky
d1662165ae crypto: ccp - Limit the amount of information exported
Since the exported information can be exposed to user-space, instead of
exporting the entire request context only export the minimum information
needed.

Cc: <stable@vger.kernel.org> # 3.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-01 22:27:05 +08:00
Baolin Wang
0529900a01 crypto: omap-aes - Support crypto engine framework
Integrate with the newly added crypto engine to make the crypto hardware
engine underutilized as each block needs to be processed before the crypto
hardware can start working on the next block.

The requests from dm-crypt will be listed into engine queue and processed
by engine automatically, so remove the 'queue' and 'queue_task' things in
omap aes driver.

Signed-off-by: Baolin Wang <baolin.wang@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-01 22:27:04 +08:00
Cyrille Pitchen
cc831d32d7 crypto: atmel-sha - fix algorihtm registration
This patch implements the missing .import() and .export() mandatory
hooks for asynchronous hash algorithms. It also sets the relevant, non
zero, value for the .statesize field when declaring the supported SHA
algorithms. Indeed a zero value of .statesize prevents the algorithm from
being registered.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-30 22:14:27 +08:00
Cyrille Pitchen
49a20454e0 crypto: atmel-aes - remove calls of clk_prepare() from atomic contexts
clk_prepare()/clk_unprepare() must not be called within atomic context.

This patch calls clk_prepare() once for all from atmel_aes_probe() and
clk_unprepare() from atmel_aes_remove().

Then calls of clk_prepare_enable()/clk_disable_unprepare() were replaced
by calls of clk_enable()/clk_disable().

Cc: stable@vger.kernel.org
Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Reported-by: Matthias Mayr <matthias.mayr@student.kit.edu>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-30 22:05:17 +08:00
Arnd Bergmann
bfb2892018 crypto: sunxi - don't print confusing data
gcc correctly warns that the printk output contains a variable that
it thinks is not initialized in some cases:

drivers/crypto/sunxi-ss/sun4i-ss-cipher.c: In function 'sun4i_ss_cipher_poll':
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c:254:76: warning: 'todo' may be used uninitialized in this function [-Wmaybe-uninitialized]
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c:144:15: note: 'todo' was declared here

A closer look at the function reveals that the variable is always
initialized at this point (ileft is guaranteed to be positive at the
start), but its contents are not well-defined:
Depending on some other variables, it might be either a count in
words or bytes, and it could refer to either input or output.

The easiest solution apparently is to remove the confusing output
and let the reader figure out the state from the other variables.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-27 20:36:26 +08:00
Cabiddu, Giovanni
7768fb2ee9 crypto: qat - Reduced reqsize in qat_algs
req_alloc functions already take into account the request data structure
when allocating memory.

Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:42:10 +08:00
Herbert Xu
0f987e25cb crypto: ixp4xx - Fix false lastlen uninitialised warning
This patch fixes a false positive uninitialised variable warning
in aead_perform by moving the source processing in front of the
destination processing, thus ensuring that the initialisation of
lastlen is always visible to gcc.

Reported-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Arnd Bergmann <arnd@arndb.de>
2016-01-25 22:42:09 +08:00
Cyrille Pitchen
7cee350816 crypto: atmel-sha - fix context switches
This patch saves the value of the internal hash register at the end of an
'update' operation then restores this value before starting the next
'update'. This way the driver can now properly handle context switches.

WARNING: only hardware versions from sama5d4x and later provide the
needed interface to update the internal hash value. Especially, sama5d3x
cannot implement this feature so context switches are still broken.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:42:07 +08:00
Cyrille Pitchen
507c5cc236 crypto: atmel-sha - add support of sama5d2x SoCs
This patch adds support of hardware version 5.1.x embedded inside sama5d2x
SoCs.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:42:07 +08:00
Cyrille Pitchen
f56809c3c6 crypto: atmel-sha - fix a race between the 'done' tasklet and the crypto client
The 'done' tasklet handler used to check the 'BUSY' flag to either
finalize the processing of a crypto request which had just completed or
manage the crypto queue to start the next crypto request.

On request R1 completion, the driver calls atmel_sha_finish_req(), which:
1 - clears the 'BUSY' flag since the hardware is no longer used and is
    ready again to process new crypto requests.
2 - notifies the above layer (the client) about the completion of the
    asynchronous crypto request R1 by calling its base.complete()
    callback.
3 - schedules the 'done' task to check the crypto queue and start to
    process the next crypto request (the 'BUSY' flag is supposed to be
    cleared at that moment) if such a pending request exists.

However step 2 might wake the client up so it can now ask our driver to
process a new crypto request R2. This request is enqueued by calling the
atmel_sha_handle_queue() function, which sets the 'BUSY' flags then
starts to process R2.

If the 'done' tasklet, scheduled by step 3, runs just after, it would see
that the 'BUSY' flag is set then understand that R2 has just completed,
which is wrong!

So the state of 'BUSY' flag is not a proper way to detect and handle
crypto request completion.

This patch fixes this race condition by using two different tasklets, one
to handle the crypto request completion events, the other to manage the
crypto queue if needed.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:42:07 +08:00
Cyrille Pitchen
1900c583c8 crypto: atmel-sha - fix crash when computing digest on empty message
This patch fixes a crash which occured during the computation of the
digest of an empty message.

Indeed, when processing an empty message, the atmel_sha_handle_queue()
function was never called, hence the dd->req pointer remained
uninitialized.

Later, when the atmel_sha_final_req() function was called, it used
to crash while using this uninitialized dd->req pointer.

Hence this patch adds missing initializations of dd->req before calls of
the atmel_sha_final_req() function.

This bug prevented us from passing the tcrypt test suite on SHA algo.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:42:06 +08:00
Tom Lendacky
952bce9792 crypto: ccp - Add hash state import and export support
Commit 8996eafdcb ("crypto: ahash - ensure statesize is non-zero")
added a check to prevent ahash algorithms from successfully registering
if the import and export functions were not implemented. This prevents
an oops in the hash_accept function of algif_hash. This commit causes
the ccp-crypto module SHA support and AES CMAC support from successfully
registering and causing the ccp-crypto module load to fail because the
ahash import and export functions are not implemented.

Update the CCP Crypto API support to provide import and export support
for ahash algorithms.

Cc: <stable@vger.kernel.org> # 3.14.x-
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:39:03 +08:00
Horia Geant?
624144a7eb crypto: caam - enable LARGE_BURST for enhancing DMA transactions size
Increasing CAAM DMA engine transaction size either
-reduces the number of required transactions or
-adds the ability to transfer more data with same transaction count

Signed-off-by: Horia Geant? <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:39:03 +08:00
Atta, Ahsan
ba171135bf crypto: qat - Pack cfg ctl structs
-This is required to support 32bit adf_ctl
	 utility on a 64bit driver

Signed-off-by: Ahsan Atta <ahsan.atta@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:39:02 +08:00
Krzysztof Koz?owski
1e3012d0fd crypto: s5p-sss - Use memcpy_toio for iomem annotated memory
Use memcpy_toio to fix following sparse warning:

drivers/crypto/s5p-sss.c:386:40: warning: incorrect type in argument 1 (different address spaces)
drivers/crypto/s5p-sss.c:386:40:    expected void *<noident>
drivers/crypto/s5p-sss.c:386:40:    got void [noderef] <asn:2>*

Signed-off-by: Krzysztof Kozlowski <k.kozlowski.k@gmail.com>
Acked-by: Vladimir Zapolskiy <vz@mleia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:39:02 +08:00
Krzysztof Koz?owski
313becd1ff crypto: s5p-sss - Fix minor coding style violations
Improve a little bit code readability and use dev_info/err for printing
messages.

Signed-off-by: Krzysztof Kozlowski <k.kozlowski.k@gmail.com>
Acked-by: Vladimir Zapolskiy <vz@mleia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:39:02 +08:00
Pingchao Yang
718837c88b crypto: qat - remove redundant function call
adf_dev_restore(accel_dev) was called in adf_dev_shutdown,no
need to call it in adf_device_reset_worker after adf_dev_shutdown
was called.

Signed-off-by: Yang Pingchao <pingchao.yang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:39:01 +08:00
Tadeusz Struk
a2f5106f0d crypto: qat - change name for c6xx dev type
change name for c6x dev type to more generic.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 22:39:00 +08:00
Horia Geant?
e7a7104e43 crypto: caam - make write transactions bufferable on PPC platforms
Previous change (see "Fixes" tag) to the MCFGR register
clears AWCACHE[0] ("bufferable" AXI3 attribute) (which is "1" at POR).

This makes all writes non-bufferable, causing a ~ 5% performance drop
for PPC-based platforms.

Rework previous change such that MCFGR[AWCACHE]=4'b0011
(bufferable + cacheable) for all platforms.
Note: For ARM-based platforms, AWCACHE[0] is ignored
by the interconnect IP.

Cc: <stable@vger.kernel.org> # 4.3+
Fixes: f109674951 ("crypto: caam - fix snooping for write transactions")
Signed-off-by: Horia Geant? <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-25 21:47:44 +08:00
Linus Torvalds
48162a203e Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
 "This fixes the following issues:

  API:
   - A large number of bug fixes for the af_alg interface, credit goes
     to Dmitry Vyukov for discovering and reporting these issues.

  Algorithms:
   - sw842 needs to select crc32.
   - The soft dependency on crc32c is now in the correct spot.

  Drivers:
   - The atmel AES driver needs HAS_DMA.
   - The atmel AES driver was a missing break statement, fortunately
     it's only a debug function.
   - A number of bug fixes for the Intel qat driver"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (24 commits)
  crypto: algif_skcipher - sendmsg SG marking is off by one
  crypto: crc32c - Fix crc32c soft dependency
  crypto: algif_skcipher - Load TX SG list after waiting
  crypto: atmel-aes - Add missing break to atmel_aes_reg_name
  crypto: algif_skcipher - Fix race condition in skcipher_check_key
  crypto: algif_hash - Fix race condition in hash_check_key
  crypto: CRYPTO_DEV_ATMEL_AES should depend on HAS_DMA
  lib: sw842: select crc32
  crypto: af_alg - Forbid bind(2) when nokey child sockets are present
  crypto: algif_skcipher - Remove custom release parent function
  crypto: algif_hash - Remove custom release parent function
  crypto: af_alg - Allow af_af_alg_release_parent to be called on nokey path
  crypto: qat - update init_esram for C3xxx dev type
  crypto: qat - fix timeout issues
  crypto: qat - remove to call get_sram_bar_id for qat_c3xxx
  crypto: algif_skcipher - Add key check exception for cipher_null
  crypto: skcipher - Add crypto_skcipher_has_setkey
  crypto: algif_hash - Require setkey before accept(2)
  crypto: hash - Add crypto_ahash_has_setkey
  crypto: algif_skcipher - Add nokey compatibility path
  ...
2016-01-22 11:58:43 -08:00
Herbert Xu
e31835ad3a crypto: atmel-aes - Add missing break to atmel_aes_reg_name
The debug function atmel_aes_reg_name was missing a break for
AES_GCMHR.

Reported-by: David Binderman <dcb314@hotmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-19 15:52:08 +08:00
Geert Uytterhoeven
cbafd643be crypto: CRYPTO_DEV_ATMEL_AES should depend on HAS_DMA
If NO_DMA=y:

    ERROR: "dma_unmap_sg" [drivers/crypto/atmel-aes.ko] undefined!
    ERROR: "dma_map_sg" [drivers/crypto/atmel-aes.ko] undefined!

Add a dependency on HAS_DMA to fix this.

Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-18 18:16:34 +08:00
Tadeusz Struk
70401f4edc crypto: qat - update init_esram for C3xxx dev type
There is no esram on C3xxx devices so we don't need to wait for
it to initialize.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-18 18:16:32 +08:00
Pingchao Yang
c0e77a11ff crypto: qat - fix timeout issues
Change the variable times data type and timeout conditon since the value
of times should be -1 after loop.

Signed-off-by: Yang Pingchao <pingchao.yang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-18 18:16:32 +08:00
Pingchao Yang
91a93eafea crypto: qat - remove to call get_sram_bar_id for qat_c3xxx
Reported-by : Struk, Tadeusz <tadeusz.struk@intel.com>
Signed-off-by: Yang Pingchao <pingchao.yang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-01-18 18:16:32 +08:00
Linus Torvalds
f689b742f2 powerpc updates for 4.5
- Ground work for the new Power9 MMU from Aneesh Kumar K.V
  - Optimise FP/VMX/VSX context switching from Anton Blanchard
 
  - Various cleanups from Krzysztof Kozlowski, John Ogness, Rashmica Gupta,
    Russell Currey, Gavin Shan, Daniel Axtens, Michael Neuling, Andrew Donnellan
  - Allow wrapper to work on non-english system from Laurent Vivier
  - Add rN aliases to the pt_regs_offset table from Rashmica Gupta
  - Fix module autoload for rackmeter & axonram drivers from Luis de Bethencourt
  - Include KVM guest test in all interrupt vectors from Paul Mackerras
  - Fix DSCR inheritance over fork() from Anton Blanchard
  - Make value-returning atomics & {cmp}xchg* & their atomic_ versions fully ordered from Boqun Feng
  - Print MSR TM bits in oops messages from Michael Neuling
  - Add TM signal return & invalid stack selftests from Michael Neuling
  - Limit EPOW reset event warnings from Vipin K Parashar
  - Remove the Cell QPACE code from Rashmica Gupta
  - Append linux_banner to exception information in xmon from Rashmica Gupta
  - Add selftest to check if VSRs are corrupted from Rashmica Gupta
  - Remove broken GregorianDay() from Daniel Axtens
  - Import Anton's context_switch2 benchmark into selftests from Michael Ellerman
  - Add selftest script to test HMI functionality from Daniel Axtens
  - Remove obsolete OPAL v2 support from Stewart Smith
  - Make enter_rtas() private from Michael Ellerman
  - PPR exception cleanups from Michael Ellerman
  - Add page soft dirty tracking from Laurent Dufour
  - Add support for Nvlink NPUs from Alistair Popple
  - Add support for kexec on 476fpe from Alistair Popple
  - Enable kernel CPU dlpar from sysfs from Nathan Fontenot
  - Copy only required pieces of the mm_context_t to the paca from Michael Neuling
  - Add a kmsg_dumper that flushes OPAL console output on panic from Russell Currey
  - Implement save_stack_trace_regs() to enable kprobe stack tracing from Steven Rostedt
  - Add HWCAP bits for Power9 from Michael Ellerman
  - Fix _PAGE_PTE breaking swapoff from Aneesh Kumar K.V
  - Fix _PAGE_SWP_SOFT_DIRTY breaking swapoff from Hugh Dickins
  - scripts/recordmcount.pl: support data in text section on powerpc from Ulrich Weigand
  - Handle R_PPC64_ENTRY relocations in modules from Ulrich Weigand
 
  - cxl: Fix possible idr warning when contexts are released from Vaibhav Jain
  - cxl: use correct operator when writing pcie config space values from Andrew Donnellan
  - cxl: Fix DSI misses when the context owning task exits from Vaibhav Jain
  - cxl: fix build for GCC 4.6.x from Brian Norris
  - cxl: use -Werror only with CONFIG_PPC_WERROR from Brian Norris
  - cxl: Enable PCI device ID for future IBM CXL adapter from Uma Krishnan
 
  - Freescale updates from Scott: Highlights include moving QE code out of
    arch/powerpc (to be shared with arm), device tree updates, and minor fixes.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJWmIxeAAoJEFHr6jzI4aWAA+cQAIXAw4WfVWJ2V4ZK+1eKfB57
 fdXG71PuXG+WYIWy71ly8keLHdzzD1NQ2OUB64bUVRq202nRgVc15ZYKRJ/FE/sP
 SkxaQ2AG/2kI2EflWshOi0Lu9qaZ+LMHJnszIqE/9lnGSB2kUI/cwsSXgziiMKXR
 XNci9v14SdDd40YV/6BSZXoxApwyq9cUbZ7rnzFLmz4hrFuKmB/L3LABDF8QcpH7
 sGt/YaHGOtqP0UX7h5KQTFLGe1OPvK6NWixSXeZKQ71ED6cho1iKUEOtBA9EZeIN
 QM5JdHFWgX8MMRA0OHAgidkSiqO38BXjmjkVYWoIbYz7Zax3ThmrDHB4IpFwWnk3
 l7WBykEXY7KEqpZzbh0GFGehZWzVZvLnNgDdvpmpk/GkPzeYKomBj7ZZfm3H1yGD
 BTHPwuWCTX+/K75yEVNO8aJO12wBg7DRl4IEwBgqhwU8ga4FvUOCJkm+SCxA1Dnn
 qlpS7qPwTXNIEfKMJcxp5X0KiwDY1EoOotd4glTN0jbeY5GEYcxe+7RQ302GrYxP
 zcc8EGLn8h6BtQvV3ypNHF5l6QeTW/0ZlO9c236tIuUQ5gQU39SQci7jQKsYjSzv
 BB1XdLHkbtIvYDkmbnr1elbeJCDbrWL9rAXRUTRyfuCzaFWTfZmfVNe8c8qwDMLk
 TUxMR/38aI7bLcIQjwj9
 =R5bX
 -----END PGP SIGNATURE-----

Merge tag 'powerpc-4.5-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull powerpc updates from Michael Ellerman:
 "Core:
   - Ground work for the new Power9 MMU from Aneesh Kumar K.V
   - Optimise FP/VMX/VSX context switching from Anton Blanchard

  Misc:
   - Various cleanups from Krzysztof Kozlowski, John Ogness, Rashmica
     Gupta, Russell Currey, Gavin Shan, Daniel Axtens, Michael Neuling,
     Andrew Donnellan
   - Allow wrapper to work on non-english system from Laurent Vivier
   - Add rN aliases to the pt_regs_offset table from Rashmica Gupta
   - Fix module autoload for rackmeter & axonram drivers from Luis de
     Bethencourt
   - Include KVM guest test in all interrupt vectors from Paul Mackerras
   - Fix DSCR inheritance over fork() from Anton Blanchard
   - Make value-returning atomics & {cmp}xchg* & their atomic_ versions
     fully ordered from Boqun Feng
   - Print MSR TM bits in oops messages from Michael Neuling
   - Add TM signal return & invalid stack selftests from Michael Neuling
   - Limit EPOW reset event warnings from Vipin K Parashar
   - Remove the Cell QPACE code from Rashmica Gupta
   - Append linux_banner to exception information in xmon from Rashmica
     Gupta
   - Add selftest to check if VSRs are corrupted from Rashmica Gupta
   - Remove broken GregorianDay() from Daniel Axtens
   - Import Anton's context_switch2 benchmark into selftests from
     Michael Ellerman
   - Add selftest script to test HMI functionality from Daniel Axtens
   - Remove obsolete OPAL v2 support from Stewart Smith
   - Make enter_rtas() private from Michael Ellerman
   - PPR exception cleanups from Michael Ellerman
   - Add page soft dirty tracking from Laurent Dufour
   - Add support for Nvlink NPUs from Alistair Popple
   - Add support for kexec on 476fpe from Alistair Popple
   - Enable kernel CPU dlpar from sysfs from Nathan Fontenot
   - Copy only required pieces of the mm_context_t to the paca from
     Michael Neuling
   - Add a kmsg_dumper that flushes OPAL console output on panic from
     Russell Currey
   - Implement save_stack_trace_regs() to enable kprobe stack tracing
     from Steven Rostedt
   - Add HWCAP bits for Power9 from Michael Ellerman
   - Fix _PAGE_PTE breaking swapoff from Aneesh Kumar K.V
   - Fix _PAGE_SWP_SOFT_DIRTY breaking swapoff from Hugh Dickins
   - scripts/recordmcount.pl: support data in text section on powerpc
     from Ulrich Weigand
   - Handle R_PPC64_ENTRY relocations in modules from Ulrich Weigand

  cxl:
   - cxl: Fix possible idr warning when contexts are released from
     Vaibhav Jain
   - cxl: use correct operator when writing pcie config space values
     from Andrew Donnellan
   - cxl: Fix DSI misses when the context owning task exits from Vaibhav
     Jain
   - cxl: fix build for GCC 4.6.x from Brian Norris
   - cxl: use -Werror only with CONFIG_PPC_WERROR from Brian Norris
   - cxl: Enable PCI device ID for future IBM CXL adapter from Uma
     Krishnan

  Freescale:
   - Freescale updates from Scott: Highlights include moving QE code out
     of arch/powerpc (to be shared with arm), device tree updates, and
     minor fixes"

* tag 'powerpc-4.5-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: (149 commits)
  powerpc/module: Handle R_PPC64_ENTRY relocations
  scripts/recordmcount.pl: support data in text section on powerpc
  powerpc/powernv: Fix OPAL_CONSOLE_FLUSH prototype and usages
  powerpc/mm: fix _PAGE_SWP_SOFT_DIRTY breaking swapoff
  powerpc/mm: Fix _PAGE_PTE breaking swapoff
  cxl: Enable PCI device ID for future IBM CXL adapter
  cxl: use -Werror only with CONFIG_PPC_WERROR
  cxl: fix build for GCC 4.6.x
  powerpc: Add HWCAP bits for Power9
  powerpc/powernv: Reserve PE#0 on NPU
  powerpc/powernv: Change NPU PE# assignment
  powerpc/powernv: Fix update of NVLink DMA mask
  powerpc/powernv: Remove misleading comment in pci.c
  powerpc: Implement save_stack_trace_regs() to enable kprobe stack tracing
  powerpc: Fix build break due to paca mm_context_t changes
  cxl: Fix DSI misses when the context owning task exits
  MAINTAINERS: Update Scott Wood's e-mail address
  powerpc/powernv: Fix minor off-by-one error in opal_mce_check_early_recovery()
  powerpc: Fix style of self-test config prompts
  powerpc/powernv: Only delay opal_rtc_read() retry when necessary
  ...
2016-01-15 13:18:47 -08:00
Linus Torvalds
c597b6bcd5 Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto update from Herbert Xu:
 "Algorithms:
   - Add RSA padding algorithm

  Drivers:
   - Add GCM mode support to atmel
   - Add atmel support for SAMA5D2 devices
   - Add cipher modes to talitos
   - Add rockchip driver for rk3288
   - Add qat support for C3XXX and C62X"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (103 commits)
  crypto: hifn_795x, picoxcell - use ablkcipher_request_cast
  crypto: qat - fix SKU definiftion for c3xxx dev
  crypto: qat - Fix random config build issue
  crypto: ccp - use to_pci_dev and to_platform_device
  crypto: qat - Rename dh895xcc mmp firmware
  crypto: 842 - remove WARN inside printk
  crypto: atmel-aes - add debug facilities to monitor register accesses.
  crypto: atmel-aes - add support to GCM mode
  crypto: atmel-aes - change the DMA threshold
  crypto: atmel-aes - fix the counter overflow in CTR mode
  crypto: atmel-aes - fix atmel-ctr-aes driver for RFC 3686
  crypto: atmel-aes - create sections to regroup functions by usage
  crypto: atmel-aes - fix typo and indentation
  crypto: atmel-aes - use SIZE_IN_WORDS() helper macro
  crypto: atmel-aes - improve performances of data transfer
  crypto: atmel-aes - fix atmel_aes_remove()
  crypto: atmel-aes - remove useless AES_FLAGS_DMA flag
  crypto: atmel-aes - reduce latency of DMA completion
  crypto: atmel-aes - remove unused 'err' member of struct atmel_aes_dev
  crypto: atmel-aes - rework crypto request completion
  ...
2016-01-12 18:51:14 -08:00
Geliang Tang
48d6276481 crypto: hifn_795x, picoxcell - use ablkcipher_request_cast
Use ablkcipher_request_cast() instead of open-coding it.

Signed-off-by: Geliang Tang <geliangtang@163.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-29 21:32:44 +08:00
Tadeusz Struk
2a5de720dc crypto: qat - fix SKU definiftion for c3xxx dev
c3xxx doesn't have the esram BAR and only has 6 ue.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-25 21:41:09 +08:00
Tadeusz Struk
1fa844e2ff crypto: qat - Fix random config build issue
Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-25 21:41:07 +08:00
Geliang Tang
c6c59bf2c0 crypto: ccp - use to_pci_dev and to_platform_device
Use to_pci_dev() and to_platform_device() instead of open-coding.

Signed-off-by: Geliang Tang <geliangtang@163.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-25 21:41:05 +08:00
Ahsan Atta
a239c36e52 crypto: qat - Rename dh895xcc mmp firmware
Resending again. The fw name suppoed to be 895xcc instead of 895xxcc.
Sorry for the noise.
Rename dh895xcc mmp fw to make it consistent with other mmp images.

Signed-off-by: Ahsan Atta <ahsan.atta@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-25 21:41:04 +08:00
Cyrille Pitchen
4537992be7 crypto: atmel-aes - add debug facilities to monitor register accesses.
This feature should not be enabled in release but can be usefull for
developers who need to monitor register accesses at some specific places.
Set the AES_FLAGS_DUMP_REG flag inside dd->flags to start monitoring the
I/O accesses, clear it to stop monitoring.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:59 +08:00
Cyrille Pitchen
d4419548db crypto: atmel-aes - add support to GCM mode
This patch adds support to the GCM mode.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:58 +08:00
Cyrille Pitchen
129f8bb6bb crypto: atmel-aes - change the DMA threshold
Increase the DMA threshold to 256: PIO accesses offer better performances
than the DMA when processing small amounts of data.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:58 +08:00
Cyrille Pitchen
fcac83656a crypto: atmel-aes - fix the counter overflow in CTR mode
Depending on its hardware version, the AES IP provides either a 16 or a
32 bit counter. However the CTR mode expects the size of the counter to be
the same as the size of the cipher block, ie 128 bits for AES.
This patch detects and handles counter overflows.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:57 +08:00
Cyrille Pitchen
da7b850edb crypto: atmel-aes - fix atmel-ctr-aes driver for RFC 3686
crypto_rfc3686_alloc() in crypto/ctr.c expects to be used with a stream
cipher (alg->cra_blocksize == 1).

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:57 +08:00
Cyrille Pitchen
e37a7e5550 crypto: atmel-aes - create sections to regroup functions by usage
This patch only creates sections to regroup functions by usage.
This will help to integrate the GCM support patch later by making the
difference between shared/common and specific code. Hence current
sections are:

- Shared functions: common code which will be reused by the GCM support.
- CPU transfer: handles transfers monitored by the CPU (PIO accesses).
- DMA transfer: handles transfers monitored by the DMA controller.
- AES async block ciphers: dedicated to the already supported block ciphers
- Probe functions: used to register all crypto algorithms.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:57 +08:00
Cyrille Pitchen
afbac17e67 crypto: atmel-aes - fix typo and indentation
Dummy patch to fix typo and indentation.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:56 +08:00
Cyrille Pitchen
2bfd04cde2 crypto: atmel-aes - use SIZE_IN_WORDS() helper macro
This is a dummy cosmetic patch.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:56 +08:00
Cyrille Pitchen
bbe628ed89 crypto: atmel-aes - improve performances of data transfer
This patch totally reworks data transfer.

1 - DMA

The new code now fully supports scatter-gather lists hence reducing the
number of interrupts in some cases. Also buffer alignments are better
managed to avoid useless copies.

2 - CPU

The new code allows to use PIO accesses even when transferring more than
one AES block, so futher patches could tune the DMA threshold
(ATMEL_AES_DMA_THRESHOLD).
Moreover, CPU transfers now have a chance to be processed synchronously,
hence reducing the latency by avoiding context switches when possible
(less interrupts to process, less scheduling of the 'done' task).
Indeed the 'DATA READY' bit is polled only one time in the Interrupt
Status Register before enabling then waiting for the associated interrupt.
In some condition, this single poll is enough as the data have already
been processed by the AES hardware and so are ready.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:55 +08:00
Cyrille Pitchen
2a37782891 crypto: atmel-aes - fix atmel_aes_remove()
Add missing call to atmel_aes_buff_cleanup().

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:55 +08:00
Cyrille Pitchen
820599a0ea crypto: atmel-aes - remove useless AES_FLAGS_DMA flag
Since the 'done' task code was split into atmel_aes_cpu_complete() and
atmel_aes_dma_complete(), the AES_FLAGS_DMA flag has become useless.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:54 +08:00
Cyrille Pitchen
13c7f876c2 crypto: atmel-aes - reduce latency of DMA completion
atmel_aes_dma_callback() now directly calls the 'resume' callback instead
of scheduling the done task, which in turn only calls the very same
'resume' callback.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:53 +08:00
Cyrille Pitchen
bd5f43decd crypto: atmel-aes - remove unused 'err' member of struct atmel_aes_dev
This 'err' member was initialized to 0 but its value never changed.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:53 +08:00
Cyrille Pitchen
10f12c1b86 crypto: atmel-aes - rework crypto request completion
This patch introduces a new callback 'resume' in the struct atmel_aes_dev.
This callback is run to resume/complete the processing of the crypto
request when woken up by I/O events such as AES interrupts or DMA
completion.

This callback will help implementing the GCM mode support in further
patches.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:52 +08:00
Cyrille Pitchen
77dacf5fc5 crypto: atmel-aes - simplify the configuration of the AES IP
This patch reworks the AES_FLAGS_* to simplify the configuration of the
AES IP.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:52 +08:00
Cyrille Pitchen
794595d204 crypto: atmel-aes - remove useless write in the Control Register
As claimed by the datasheet, writing 0 into the Control Register has no
effet. So we remove this useless register access.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:51 +08:00
Cyrille Pitchen
ccbf72980b crypto: atmel-aes - make crypto request queue management more generic
This patch changes atmel_aes_handle_queue() to make it more generic.
The function argument is now a pointer to struct crypto_async_request,
which is the common base of struct ablkcipher_request and
struct aead_request.

Also this patch introduces struct atmel_aes_base_ctx which will be the
common base of all the transformation contexts.

Hence the very same queue will be used to manage both block cipher and
AEAD requests (such as gcm and authenc implemented in further patches).

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:51 +08:00
Cyrille Pitchen
cdfab4a7e3 crypto: atmel-aes - change atmel_aes_write_ctrl() signature
This patch changes the signature of atmel_aes_write_ctrl() to make it more
generic. This will be used by future patches when implementing new block
cipher modes such as GCM.

Especially atmel_aes_hw_init() is now called outside
atmel_aes_write_ctrl(): this allows to call atmel_aes_write_ctrl() many
times, still initializing the hardware only once.

Indeed, the support of GCM will require to update the Mode Register and
the IV when processing a single request.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:51 +08:00
Cyrille Pitchen
aab0a39b28 crypto: atmel-aes - propagate error from atmel_aes_hw_version_init()
Before this patch atmel_aes_hw_version_init() had no returned value.
However it calls atmel_aes_hw_init(), which may fail. So check the
returned code of atmel_aes_hw_init() and propagate error if needed.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:50 +08:00
Cyrille Pitchen
7f1cbbc514 crypto: atmel-aes - remove unused header includes
Hash headers have nothing to do with AES block ciphers.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:50 +08:00
Cyrille Pitchen
924a8bc796 crypto: atmel-aes - fix unregistration order of crypto algorithms
This dummy patch fixes atmel_aes_unregister_algs() so crypto algorithms
are unregistered in the reverse order they were registered by
atmel_aes_register_algs().

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:49 +08:00
Cyrille Pitchen
88efd9a999 crypto: atmel-aes - change algorithm priorities
Increase the algorithm priorities so the hardware acceleration is now
preferred to the software computation: the "aes-generice" driver uses 100
as priority.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:48 +08:00
Cyrille Pitchen
c0b28d8c32 crypto: atmel-aes - constify value argument of atmel_aes_write_n()
atmel_aes_write_n() should not modify its value argument.

Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:48 +08:00
Leilei Zhao
973e209d74 crypto: atmel-aes - add new version
Add new version of atmel-aes available with SAMA5D2 devices.

Signed-off-by: Leilei Zhao <leilei.zhao@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-23 18:19:46 +08:00
Geliang Tang
dc2c632272 crypto: qat - use list_for_each_entry*
Use list_for_each_entry*() instead of list_for_each*() to simplify
the code.

Signed-off-by: Geliang Tang <geliangtang@163.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-22 20:43:41 +08:00
LABBE Corentin
e4ae86e22e crypto: ux500 - Use precalculated hash from headers
Precalculated hash for empty message are now present in hash headers.
This patch just use them.

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-22 20:43:40 +08:00
LABBE Corentin
bdd75064d2 crypto: ccp - Use precalculated hash from headers
Precalculated hash for empty message are now present in hash headers.
This patch just use them.

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Tested-by: Tom Lendacky <thomas.lendacky@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-22 20:43:38 +08:00
LABBE Corentin
8054b8005b crypto: n2 - Use precalculated hash from headers
Precalculated hash for empty message are now present in hash headers.
This patch just use them.

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-22 20:43:37 +08:00
Pingchao Yang
51d77dddff crypto: qat - fix some timeout tests
Change the timeout condition since the times value would be -1 after
running MAX_RETRY_TIMES.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Yang Pingchao <pingchao.yang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-22 20:43:32 +08:00
Pingchao Yang
46621e6f84 crypto: qat - fix CTX_ENABLES bits shift direction issue
AE CTX bits should be 8-15 in CTX_ENABLES, so the mask
value 0xff should be left shifted 0x8.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Yang Pingchao <pingchao.yang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-22 20:43:31 +08:00
Borislav Petkov
362f924b64 x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros
Those are stupid and code should use static_cpu_has_safe() or
boot_cpu_has() instead. Kill the least used and unused ones.

The remaining ones need more careful inspection before a conversion can
happen. On the TODO.

Signed-off-by: Borislav Petkov <bp@suse.de>
Link: http://lkml.kernel.org/r/1449481182-27541-4-git-send-email-bp@alien8.de
Cc: David Sterba <dsterba@suse.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Matt Mackall <mpm@selenic.com>
Cc: Chris Mason <clm@fb.com>
Cc: Josef Bacik <jbacik@fb.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2015-12-19 11:49:55 +01:00
Rahul Pathak
16f080aaad crypto: omap - Removed unused variable "err"
Removed unused variable "err" and directly return "0"

Reported by coccicheck -
./drivers/crypto/omap-aes.c:542:5-8: Unneeded variable: "err". Return "0" on line 551
./drivers/crypto/omap-des.c:530:5-8: Unneeded variable: "err". Return "0" on line 539

Signed-off-by: Rahul Pathak <rpathak@visteon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-17 16:42:13 +08:00
Rahul Pathak
871b88a841 crypto: atmel-sha - Removed unused variable "err"
Removed unused variable "err" and directly return "0"

Reported by coccicheck -
./drivers/crypto/atmel-sha.c:758:5-8: Unneeded variable: "err". Return "0" on line 766

Signed-off-by: Rahul Pathak <rpathak@visteon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-17 16:42:13 +08:00
Haren Myneni
6333ed8f26 crypto: nx-842 - Mask XERS0 bit in return value
NX842 coprocessor sets 3rd bit in CR register with XER[S0] which is
nothing to do with NX request. Since this bit can be set with other
valuable return status, mast this bit.

One of other bits (INITIATED, BUSY or REJECTED) will be returned for
any given NX request.

Signed-off-by: Haren Myneni <haren@us.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-17 16:42:12 +08:00
Tadeusz Struk
81b312f11d crypto: qat - uint8_t is not large enough for accel_id
accel_id has to be large enough to hold ADF_MAX_DEVICES + 1
(which is > 1025) so uint8_t is too small.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-14 21:03:38 +08:00
Sam Protsenko
50eca2561b crypto: omap-des - Fix "schedule while atomic" bug
When using DES module the next bug appears:

    BUG: scheduling while atomic: kworker/0:1/63/0x00000102

With backtrace as follows:

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< cut here >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

[<c0012294>] (dump_backtrace) from [<c00124ac>] (show_stack+0x18/0x1c)
[<c0012494>] (show_stack) from [<c0752554>] (dump_stack+0x84/0xc4)
[<c07524d0>] (dump_stack) from [<c0750218>] (__schedule_bug+0x54/0x64)
[<c07501c4>] (__schedule_bug) from [<c07548a4>] (__schedule+0x4ac/0x53c)
[<c07543f8>] (__schedule) from [<c075496c>] (schedule+0x38/0x88)
[<c0754934>] (schedule) from [<c03c3984>] (rpm_resume+0x158/0x59c)
[<c03c382c>] (rpm_resume) from [<c03c3e1c>] (__pm_runtime_resume+0x54/0x6c)
[<c03c3dc8>] (__pm_runtime_resume) from [<c0568ff8>] (omap_des_handle_queue+0x154/0x7bc)
[<c0568ea4>] (omap_des_handle_queue) from [<c05696b8>] (omap_des_crypt+0x58/0xbc)
[<c0569660>] (omap_des_crypt) from [<c0569730>] (omap_des_cbc_decrypt+0x14/0x18)
[<c056971c>] (omap_des_cbc_decrypt) from [<c0297534>] (authenc_verify_ahash_done+0xe0/0xe8)
[<c0297454>] (authenc_verify_ahash_done) from [<c056a330>] (omap_sham_finish_req+0x58/0xa8)
[<c056a2d8>] (omap_sham_finish_req) from [<c056b714>] (omap_sham_done_task+0x1c0/0x1e0)
[<c056b554>] (omap_sham_done_task) from [<c003e53c>] (tasklet_action+0x80/0x118)
[<c003e4bc>] (tasklet_action) from [<c003e740>] (__do_softirq+0x11c/0x260)
[<c003e624>] (__do_softirq) from [<c003eb64>] (irq_exit+0xc0/0xfc)
[<c003eaa4>] (irq_exit) from [<c000f1c4>] (handle_IRQ+0x4c/0x98)
[<c000f178>] (handle_IRQ) from [<c0008568>] (gic_handle_irq+0x34/0x64)
[<c0008534>] (gic_handle_irq) from [<c0758540>] (__irq_svc+0x40/0x70)

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< cut here >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Insight was seen in drivers/crypto/omap-sham.c driver.
All credits for this patch go to Grygorii Strashko.

Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-14 21:03:37 +08:00
Zeng Xin
40c18a59d2 crypto: qat - enable VF irq after guest exits ungracefully
The VF bundle interrupt is not triggered any more in
the case when guest is shut down with sample app running.
Need to clear the flag interrupt bit when restarting to fix
this irrecoverable state.

Signed-off-by: Zeng Xin <xin.zeng@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-14 21:03:36 +08:00
Tadeusz Struk
75910d375e crypto: qat - select PCI_IOV when VF are enabled
Fix i386-randconfig-x004-12092241.
PCI_IOV needs to be selected when VFs are enabled

Reported-by: <fengguang.wu@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-11 22:55:17 +08:00
Harvijay Saini
06cabd755a crypto: qat - ring returning retry even though ring has BW
When many threads submit multiple requests they get blocked until all
responses are processed, which prevents them from submitting more requests
even though there is space on the rings.
To fix this we need to decrement the inflight counter early to in the callback.

Signed-off-by: Harvijay Saini <harvijayx.saini@intel.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-11 22:55:16 +08:00
Arnd Bergmann
d4b98f20f4 crypto: sahara - fix debug output for 64-bit dma_addr_t
The sahara_dump_descriptors and sahara_dump_links functions attempt
to print a dma_addr_t value with a 0x%08x format string, which
produces a warning when dma_addr_t is 64-bit wide:

drivers/crypto/sahara.c:419:120: warning: format '%x' expects argument of type 'unsigned int', but argument 5 has type 'dma_addr_t {aka long long unsigned int}' [-Wformat=]

This changes the code to use the %pad format string that is meant
for dma_addr_t, which avoids the warning and gives us the correct
output in all configurations.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-10 22:39:50 +08:00
Arnd Bergmann
75d3f811f3 crypto: sahara - fix 64-bit dma_addr_t compilation
The sahara hardware uses DMA descriptors with 32-bit addresses, but
dma_addr_t is variable size depending on whether we want to support
any devices that use 64-bit DMA addresses in hardware.
This means that the definition of the DMA descriptor structure is wrong,
and we helpfully get a compiler warning about them too:

drivers/crypto/sahara.c:423:372: warning: format '%x' expects argument of type 'unsigned int', but argument 4 has type 'dma_addr_t {aka long long unsigned int}' [-Wformat=]

This changes the definition of the sahara_hw_desc and sahara_hw_link
structures to only contain fixed-length members, which is required
to make the driver work on ARM LPAE mode, and avoids most of the
gcc warnings we get.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-10 22:39:48 +08:00
Tadeusz Struk
3771df3cff crypto: qat - add support for c62xvf accel type
Add support for c62x accelerator Virtual Function

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-09 20:03:56 +08:00
Tadeusz Struk
8b206f2d66 crypto: qat - add support for c3xxxvf accel type
Add support for c3xxx accelerator Virtual Function

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-09 20:03:55 +08:00
Tadeusz Struk
a6dabee6c8 crypto: qat - add support for c62x accel type
Add support for qat c62x accel type

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-09 20:03:53 +08:00
Tadeusz Struk
890c55f4dc crypto: qat - add support for c3xxx accel type
Add support for c3xxx accel type.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-09 20:03:52 +08:00
Tadeusz Struk
1a72d3a6d1 crypto: qat - move isr files to qat common so that they can be reused
Move qat_isr.c and qat_isrvf.c files to qat_common dir
so that they can be reused by all devices.
Remove adf_drv.h files because thay are not longer needed.
Move adf_dev_configure() function to qat_common so it can be reused.
Also some minor updates to common code for multidevice.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-09 20:03:51 +08:00
Pingchao Yang
b0272276d9 crypto: qat - add support for new devices to FW loader
FW loader updates for new qat devices

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-09 20:03:49 +08:00
Tadeusz Struk
9809ebcd0e crypto: qat - add new device definitions
Add dev ids and names for the new device types.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-09 20:03:47 +08:00
Linus Torvalds
9cfe521274 Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
 "This fixes a couple of crypto drivers that were using memcmp to verify
  authentication tags.  They now use crypto_memneq instead"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: talitos - Fix timing leak in ESP ICV verification
  crypto: nx - Fix timing leak in GCM and CCM decryption
2015-12-05 10:46:44 -08:00
Thierry Reding
a103a75ad9 crypto: n2 - Use platform_register/unregister_drivers()
These new helpers simplify implementing multi-driver modules and
properly handle failure to register one driver by unregistering all
previously registered drivers.

Signed-off-by: Thierry Reding <treding@nvidia.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-04 22:29:57 +08:00
LEROY Christophe
5e75ae1b3c crypto: talitos - add new crypto modes
This patch adds the following algorithms to the talitos driver:
* ecb(aes)
* ctr(aes)
* ecb(des)
* cbc(des)
* ecb(des3_ede)

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-04 22:29:56 +08:00
Leonidas Da Silva Barbosa
0d3d054b43 crypto: vmx - IV size failing on skcipher API
IV size was zero on CBC and CTR modes,
causing a bug triggered by skcipher.

Fixing this  adding a correct size.

Signed-off-by: Leonidas Da Silva Barbosa <leosilva@linux.vnet.ibm.com>
Signed-off-by: Paulo Smorigo <pfsmorigo@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-04 22:29:56 +08:00
Fabio Estevam
f456cd2dc8 crypto: caam - pass the correct buffer length
When buffer 0 is used we should use buflen_0 instead of buflen_1.

Fix it.

Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-04 22:29:56 +08:00
Heiko Stuebner
ac7c8e6b6d crypto: rockchip - fix possible deadlock
Lockdep warns about a possible deadlock resulting from the use of regular
spin_locks:

=================================
[ INFO: inconsistent lock state ]
4.4.0-rc2+ #2724 Not tainted
---------------------------------
inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.
ksoftirqd/0/3 [HC0[0]:SC1[1]:HE1:SE0] takes:
(&(&crypto_info->lock)->rlock){+.?...}, at: [<bf14a65c>] rk_crypto_tasklet_cb+0x24/0xb4 [rk_crypto]
{SOFTIRQ-ON-W} state was registered at:
  [<c007f4ac>] lock_acquire+0x178/0x218
  [<c0759bac>] _raw_spin_lock+0x54/0x64
  [<bf14af88>] rk_handle_req+0x7c/0xbc [rk_crypto]
  [<bf14b040>] rk_des_ecb_encrypt+0x2c/0x30 [rk_crypto]
  [<bf14b05c>] rk_aes_ecb_encrypt+0x18/0x1c [rk_crypto]
  [<c028c820>] skcipher_encrypt_ablkcipher+0x64/0x68
  [<c0290770>] __test_skcipher+0x2a8/0x8dc
  [<c0292e94>] test_skcipher+0x38/0xc4
  [<c0292fb0>] alg_test_skcipher+0x90/0xb0
  [<c0292158>] alg_test+0x1e8/0x280
  [<c028f6f4>] cryptomgr_test+0x34/0x54
  [<c004bbe8>] kthread+0xf4/0x10c
  [<c0010010>] ret_from_fork+0x14/0x24
irq event stamp: 10672
hardirqs last  enabled at (10672): [<c002fac8>] tasklet_action+0x48/0x104
hardirqs last disabled at (10671): [<c002faa0>] tasklet_action+0x20/0x104
softirqs last  enabled at (10658): [<c002ef84>] __do_softirq+0x358/0x49c
softirqs last disabled at (10669): [<c002f108>] run_ksoftirqd+0x40/0x80

other info that might help us debug this:
Possible unsafe locking scenario:

    CPU0
    ----
  lock(&(&crypto_info->lock)->rlock);
  <Interrupt>
    lock(&(&crypto_info->lock)->rlock);

 *** DEADLOCK ***

Fix this by moving to irq-disabling spinlocks.

Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-12-04 22:21:48 +08:00
Anton Blanchard
dc4fbba11e powerpc: Create disable_kernel_{fp,altivec,vsx,spe}()
The enable_kernel_*() functions leave the relevant MSR bits enabled
until we exit the kernel sometime later. Create disable versions
that wrap the kernel use of FP, Altivec VSX or SPE.

While we don't want to disable it normally for performance reasons
(MSR writes are slow), it will be used for a debug boot option that
does this and catches bad uses in other areas of the kernel.

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2015-12-01 13:52:25 +11:00
Anton Blanchard
1552cd703c crypto: vmx: Only call enable_kernel_vsx()
With the recent change to enable_kernel_vsx(), we no longer need
to call enable_kernel_fp() and enable_kernel_altivec().

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2015-12-01 13:52:25 +11:00
Zain Wang
433cd2c617 crypto: rockchip - add crypto driver for rk3288
Crypto driver support:
     ecb(aes) cbc(aes) ecb(des) cbc(des) ecb(des3_ede) cbc(des3_ede)
You can alloc tags above in your case.

And other algorithms and platforms will be added later on.

Signed-off-by: Zain Wang <zain.wang@rock-chips.com>
Tested-by: Heiko Stuebner <heiko@sntech.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-27 21:19:32 +08:00
saurabh
d62112f27e crypto: nx - use of_property_read_u32()
use of_propert_read_u32() for reading int value,
it can help reducing number of variables used

Signed-off-by: Saurabh Sengar <saurabh.truth@gmail.com>
Acked-by: Dan Streetman <ddstreet@ieee.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-24 18:19:21 +08:00
Geliang Tang
1d4bbc5a6f crypto: padlock-aes - use offset_in_page macro
Use offset_in_page macro instead of (addr & ~PAGE_MASK).

Signed-off-by: Geliang Tang <geliangtang@163.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-24 18:19:19 +08:00
Jim Davis
f143fc6735 crypto: qat - fix typo in clean-files
A typo in the Makefile leaves qat_rsaprivkey-asn1.h hanging around.

Signed-off-by: Jim Davis <jim.epost@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-24 18:19:18 +08:00
LABBE Corentin
f53e38afdc crypto: picoxcell - set [src|dst]_nents and nents as signed int
The unsigned int variables [src|dst]_nents and nents can be assigned
signed value (-EINVAL) from sg_nents_for_len().
Furthermore they are used only by dma_map_sg and dma_unmap_sg which wait
for an signed int, so they must be set as int.

Fixes: f051f95eb4 ("crypto: picoxcell - check return value of sg_nents_for_len")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-23 20:55:55 +08:00
LABBE Corentin
f8e28a0dec crypto: sahara - set nb_[in|out]_sg as signed int
The two unsigned int variables nb_in_sg and nb_out_sg can be assigned
signed value (-EINVAL) from sg_nents_for_len().
Furthermore they are used only by dma_map_sg and dma_unmap_sg which wait
for an signed int, so they must be set as int.

Fixes: 6c2b74d477 ("crypto: sahara - check return value of sg_nents_for_len")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-23 20:55:55 +08:00
Arnd Bergmann
56b85c9d7a crypto: atmel: fix bogus select
The Atmel at91 crypto driver unconditionally selects AT_HDMAC,
which results in a Kconfig warning if that driver is not enabled:

warning: (CRYPTO_DEV_ATMEL_AES) selects AT_HDMAC which has unmet direct dependencies (DMADEVICES && ARCH_AT91)

The crypto driver itself does not actually have a dependency
on a particular dma engine, other than this being the one that
is used in at91.

Removing the 'select' gets rid of the warning, but can cause
the driver to be unusable if the HDMAC is not enabled at the
same time. To work around that, this patch clarifies the runtime
dependency to be 'AT_HDMAC || AT_XDMAC', but adds an alternative
for COMPILE_TEST, which lets the driver get build on all systems.

The ARCH_AT91 dependency is implied by AT_XDMAC || AT_HDMAC now
and no longer needs to be listed separately.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-23 20:55:53 +08:00
Arnd Bergmann
20ecae79e7 crypto: atmel - fix 64-bit warnings
The atmel AES driver assumes that 'int' and 'size_t' are the same
type in multiple locations, which the compiler warns about when
building it for 64-bit systems:

In file included from ../drivers/crypto/atmel-aes.c:17:0:
drivers/crypto/atmel-aes.c: In function 'atmel_aes_sg_copy':
include/linux/kernel.h:724:17: warning: comparison of distinct pointer types lacks a cast
drivers/crypto/atmel-aes.c:448:11: note: in expansion of macro 'min'

drivers/crypto/atmel-aes.c: In function 'atmel_aes_crypt_dma_stop':
include/linux/kern_levels.h:4:18: warning: format '%u' expects argument of type 'unsigned int', but argument 2 has type 'size_t {aka long unsigned int}' [-Wformat=]

This changes the format strings to use the %z modifier when printing
a size_t, and makes sure that we use the correct size_t type where
needed. In case of sg_dma_len(), the type of the result depends
on CONFIG_NEED_SG_DMA_LENGTH, so we have to use min_t to get it to
work in all configurations.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Cyrille Pitchen <cyrille.pitchen@atmel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-23 20:55:52 +08:00
Linus Torvalds
864f83a1f6 Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fix from Herbert Xu:
 "This fixes a bug in the qat driver where a user-space pointer is
  dereferenced"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: qat - don't use userspace pointer
2015-11-17 09:40:05 -08:00
LABBE Corentin
4f9ea86604 crypto: sun4i-ss - add missing statesize
sun4i-ss implementaton of md5/sha1 is via ahash algorithms.
Commit 8996eafdcb ("crypto: ahash - ensure statesize is non-zero")
made impossible to load them without giving statesize. This patch
specifiy statesize for sha1 and md5.

Fixes: 6298e94821 ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator")
Cc: <stable@vger.kernel.org> # v4.3+
Tested-by: Chen-Yu Tsai <wens@csie.org>
Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 22:00:42 +08:00
Markus Elfring
f9d1293b3c crypto: ixp4xx - Delete unnecessary checks before the function call "dma_pool_destroy"
The dma_pool_destroy() function tests whether its argument is NULL
and then returns immediately. Thus the test around the calls is not needed.

This issue was detected by using the Coccinelle software.

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 22:00:41 +08:00
Julia Lawall
202a32f046 crypto: qat - constify pci_error_handlers structures
This pci_error_handlers structure is never modified, like all the other
pci_error_handlers structures, so declare it as const.

Done with the help of Coccinelle.

Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 22:00:41 +08:00
LABBE Corentin
7aff7d0abc crypto: amcc - check return value of sg_nents_for_len
The sg_nents_for_len() function could fail, this patch add a check for
its return value.

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 22:00:38 +08:00
LABBE Corentin
f9970c2865 crypto: caam - check return value of sg_nents_for_len
The sg_nents_for_len() function could fail, this patch add a check for
its return value.
We do the same for sg_count since it use sg_nents_for_len().

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 22:00:38 +08:00
LABBE Corentin
f051f95eb4 crypto: picoxcell - check return value of sg_nents_for_len
The sg_nents_for_len() function could fail, this patch add a check for
its return value.
In the same time, we remove sg_count() as it is used as an alias of
sg_nents_for_len.

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Acked-by: Jamie Iles <jamie@jamieiles.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 22:00:37 +08:00
LABBE Corentin
4fa9948ca5 crypto: qce - check return value of sg_nents_for_len
The sg_nents_for_len() function could fail, this patch add a check for
its return value.

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 22:00:36 +08:00
LABBE Corentin
6c2b74d477 crypto: sahara - check return value of sg_nents_for_len
The sg_nents_for_len() function could fail, this patch add a check for
its return value.

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 22:00:36 +08:00
LABBE Corentin
8e409fe106 crypto: talitos - check return value of sg_nents_for_len
The sg_nents_for_len() function could fail, this patch add a check for
its return value.

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 22:00:36 +08:00
LABBE Corentin
c22dafb3b1 crypto: marvell - check return value of sg_nents_for_len
The sg_nents_for_len() function could fail, this patch add a check for
its return value.

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 22:00:35 +08:00
Salvatore Benedetto
c52b673389 crypto: qat - remove superfluous check from adf_probe
- ent->device is already checked at the beginning of the function
   against the same value. This check is a duplicate.

Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 21:58:37 +08:00
Tadeusz Struk
d956fed7b6 crypto: qat - fix get instance function
Fix the logic in case we have found a device on a given node.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 21:58:36 +08:00
LABBE Corentin
16f56e8b75 crypto: hifn_795x - fix coding style
The hifn_795x driver is old and have lots of style issue.
This patch try to solve easy ones.

Signed-off-by: LABBE Corentin <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-11-17 21:58:35 +08:00