mirror of
https://github.com/torvalds/linux.git
synced 2024-11-30 08:01:59 +00:00
85a7f0ac53
This adds support for Marvell's Cryptographic Engines and Security Accelerator (CESA) which can be found on a few SoC. Tested with dm-crypt. Acked-by: Nicolas Pitre <nico@marvell.com> Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
226 lines
6.7 KiB
Plaintext
226 lines
6.7 KiB
Plaintext
|
|
menuconfig CRYPTO_HW
|
|
bool "Hardware crypto devices"
|
|
default y
|
|
---help---
|
|
Say Y here to get to see options for hardware crypto devices and
|
|
processors. This option alone does not add any kernel code.
|
|
|
|
If you say N, all options in this submenu will be skipped and disabled.
|
|
|
|
if CRYPTO_HW
|
|
|
|
config CRYPTO_DEV_PADLOCK
|
|
tristate "Support for VIA PadLock ACE"
|
|
depends on X86 && !UML
|
|
help
|
|
Some VIA processors come with an integrated crypto engine
|
|
(so called VIA PadLock ACE, Advanced Cryptography Engine)
|
|
that provides instructions for very fast cryptographic
|
|
operations with supported algorithms.
|
|
|
|
The instructions are used only when the CPU supports them.
|
|
Otherwise software encryption is used.
|
|
|
|
config CRYPTO_DEV_PADLOCK_AES
|
|
tristate "PadLock driver for AES algorithm"
|
|
depends on CRYPTO_DEV_PADLOCK
|
|
select CRYPTO_BLKCIPHER
|
|
select CRYPTO_AES
|
|
help
|
|
Use VIA PadLock for AES algorithm.
|
|
|
|
Available in VIA C3 and newer CPUs.
|
|
|
|
If unsure say M. The compiled module will be
|
|
called padlock-aes.
|
|
|
|
config CRYPTO_DEV_PADLOCK_SHA
|
|
tristate "PadLock driver for SHA1 and SHA256 algorithms"
|
|
depends on CRYPTO_DEV_PADLOCK
|
|
select CRYPTO_HASH
|
|
select CRYPTO_SHA1
|
|
select CRYPTO_SHA256
|
|
help
|
|
Use VIA PadLock for SHA1/SHA256 algorithms.
|
|
|
|
Available in VIA C7 and newer processors.
|
|
|
|
If unsure say M. The compiled module will be
|
|
called padlock-sha.
|
|
|
|
config CRYPTO_DEV_GEODE
|
|
tristate "Support for the Geode LX AES engine"
|
|
depends on X86_32 && PCI
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_BLKCIPHER
|
|
help
|
|
Say 'Y' here to use the AMD Geode LX processor on-board AES
|
|
engine for the CryptoAPI AES algorithm.
|
|
|
|
To compile this driver as a module, choose M here: the module
|
|
will be called geode-aes.
|
|
|
|
config ZCRYPT
|
|
tristate "Support for PCI-attached cryptographic adapters"
|
|
depends on S390
|
|
select ZCRYPT_MONOLITHIC if ZCRYPT="y"
|
|
select HW_RANDOM
|
|
help
|
|
Select this option if you want to use a PCI-attached cryptographic
|
|
adapter like:
|
|
+ PCI Cryptographic Accelerator (PCICA)
|
|
+ PCI Cryptographic Coprocessor (PCICC)
|
|
+ PCI-X Cryptographic Coprocessor (PCIXCC)
|
|
+ Crypto Express2 Coprocessor (CEX2C)
|
|
+ Crypto Express2 Accelerator (CEX2A)
|
|
|
|
config ZCRYPT_MONOLITHIC
|
|
bool "Monolithic zcrypt module"
|
|
depends on ZCRYPT="m"
|
|
help
|
|
Select this option if you want to have a single module z90crypt,
|
|
that contains all parts of the crypto device driver (ap bus,
|
|
request router and all the card drivers).
|
|
|
|
config CRYPTO_SHA1_S390
|
|
tristate "SHA1 digest algorithm"
|
|
depends on S390
|
|
select CRYPTO_HASH
|
|
help
|
|
This is the s390 hardware accelerated implementation of the
|
|
SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
|
|
|
|
config CRYPTO_SHA256_S390
|
|
tristate "SHA256 digest algorithm"
|
|
depends on S390
|
|
select CRYPTO_HASH
|
|
help
|
|
This is the s390 hardware accelerated implementation of the
|
|
SHA256 secure hash standard (DFIPS 180-2).
|
|
|
|
This version of SHA implements a 256 bit hash with 128 bits of
|
|
security against collision attacks.
|
|
|
|
config CRYPTO_SHA512_S390
|
|
tristate "SHA384 and SHA512 digest algorithm"
|
|
depends on S390
|
|
select CRYPTO_HASH
|
|
help
|
|
This is the s390 hardware accelerated implementation of the
|
|
SHA512 secure hash standard.
|
|
|
|
This version of SHA implements a 512 bit hash with 256 bits of
|
|
security against collision attacks. The code also includes SHA-384,
|
|
a 384 bit hash with 192 bits of security against collision attacks.
|
|
|
|
|
|
config CRYPTO_DES_S390
|
|
tristate "DES and Triple DES cipher algorithms"
|
|
depends on S390
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_BLKCIPHER
|
|
help
|
|
This us the s390 hardware accelerated implementation of the
|
|
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
|
|
|
|
config CRYPTO_AES_S390
|
|
tristate "AES cipher algorithms"
|
|
depends on S390
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_BLKCIPHER
|
|
help
|
|
This is the s390 hardware accelerated implementation of the
|
|
AES cipher algorithms (FIPS-197). AES uses the Rijndael
|
|
algorithm.
|
|
|
|
Rijndael appears to be consistently a very good performer in
|
|
both hardware and software across a wide range of computing
|
|
environments regardless of its use in feedback or non-feedback
|
|
modes. Its key setup time is excellent, and its key agility is
|
|
good. Rijndael's very low memory requirements make it very well
|
|
suited for restricted-space environments, in which it also
|
|
demonstrates excellent performance. Rijndael's operations are
|
|
among the easiest to defend against power and timing attacks.
|
|
|
|
On s390 the System z9-109 currently only supports the key size
|
|
of 128 bit.
|
|
|
|
config S390_PRNG
|
|
tristate "Pseudo random number generator device driver"
|
|
depends on S390
|
|
default "m"
|
|
help
|
|
Select this option if you want to use the s390 pseudo random number
|
|
generator. The PRNG is part of the cryptographic processor functions
|
|
and uses triple-DES to generate secure random numbers like the
|
|
ANSI X9.17 standard. The PRNG is usable via the char device
|
|
/dev/prandom.
|
|
|
|
config CRYPTO_DEV_MV_CESA
|
|
tristate "Marvell's Cryptographic Engine"
|
|
depends on PLAT_ORION
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_AES
|
|
select CRYPTO_BLKCIPHER2
|
|
help
|
|
This driver allows you to utilize the Cryptographic Engines and
|
|
Security Accelerator (CESA) which can be found on the Marvell Orion
|
|
and Kirkwood SoCs, such as QNAP's TS-209.
|
|
|
|
Currently the driver supports AES in ECB and CBC mode without DMA.
|
|
|
|
config CRYPTO_DEV_HIFN_795X
|
|
tristate "Driver HIFN 795x crypto accelerator chips"
|
|
select CRYPTO_DES
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_BLKCIPHER
|
|
select HW_RANDOM if CRYPTO_DEV_HIFN_795X_RNG
|
|
depends on PCI
|
|
help
|
|
This option allows you to have support for HIFN 795x crypto adapters.
|
|
|
|
config CRYPTO_DEV_HIFN_795X_RNG
|
|
bool "HIFN 795x random number generator"
|
|
depends on CRYPTO_DEV_HIFN_795X
|
|
help
|
|
Select this option if you want to enable the random number generator
|
|
on the HIFN 795x crypto adapters.
|
|
|
|
config CRYPTO_DEV_TALITOS
|
|
tristate "Talitos Freescale Security Engine (SEC)"
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_AUTHENC
|
|
select HW_RANDOM
|
|
depends on FSL_SOC
|
|
help
|
|
Say 'Y' here to use the Freescale Security Engine (SEC)
|
|
to offload cryptographic algorithm computation.
|
|
|
|
The Freescale SEC is present on PowerQUICC 'E' processors, such
|
|
as the MPC8349E and MPC8548E.
|
|
|
|
To compile this driver as a module, choose M here: the module
|
|
will be called talitos.
|
|
|
|
config CRYPTO_DEV_IXP4XX
|
|
tristate "Driver for IXP4xx crypto hardware acceleration"
|
|
depends on ARCH_IXP4XX
|
|
select CRYPTO_DES
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_AUTHENC
|
|
select CRYPTO_BLKCIPHER
|
|
help
|
|
Driver for the IXP4xx NPE crypto engine.
|
|
|
|
config CRYPTO_DEV_PPC4XX
|
|
tristate "Driver AMCC PPC4xx crypto accelerator"
|
|
depends on PPC && 4xx
|
|
select CRYPTO_HASH
|
|
select CRYPTO_ALGAPI
|
|
select CRYPTO_BLKCIPHER
|
|
help
|
|
This option allows you to have support for AMCC crypto acceleration.
|
|
|
|
endif # CRYPTO_HW
|