kernel/linux.git/drivers/crypto/caam, branch v4.4.8

crypto: caam - make write transactions bufferable on PPC platforms

2016-02-17T20:31:04+00:00

commit e7a7104e432c0db8469ca3568daf4f1d1afe3e73 upstream. Previous change (see "Fixes" tag) to the MCFGR register clears AWCACHE[0] ("bufferable" AXI3 attribute) (which is "1" at POR). This makes all writes non-bufferable, causing a ~ 5% performance drop for PPC-based platforms. Rework previous change such that MCFGR[AWCACHE]=4'b0011 (bufferable + cacheable) for all platforms. Note: For ARM-based platforms, AWCACHE[0] is ignored by the interconnect IP. Fixes: f10967495144 ("crypto: caam - fix snooping for write transactions") Signed-off-by: Horia Geant? Signed-off-by: Herbert Xu Signed-off-by: Greg Kroah-Hartman

crypto: caam - fix indentation of close braces

2015-10-20T14:11:11+00:00

The kernel's coding style suggests that closing braces for initialisers should not be aligned to the open brace column. The CodingStyle doc shows how this should be done. Remove the additional tab. Signed-off-by: Russell King Signed-off-by: Herbert Xu

crypto: caam - only export the state we really need to export

2015-10-20T14:11:11+00:00

Avoid exporting lots of state by only exporting what we really require, which is the buffer containing the set of pending bytes to be hashed, number of pending bytes, the context buffer, and the function pointer state. This reduces down the exported state size to 216 bytes from 576 bytes. Signed-off-by: Russell King Signed-off-by: Herbert Xu

crypto: caam - fix non-block aligned hash calculation

2015-10-20T14:11:10+00:00

caam does not properly calculate the size of the retained state when non-block aligned hashes are requested - it uses the wrong buffer sizes, which results in errors such as: caam_jr 2102000.jr1: 40000501: DECO: desc idx 5: SGT Length Error. The descriptor is trying to read more data than is contained in the SGT table. We end up here with: in_len 0x46 blocksize 0x40 last_bufsize 0x0 next_bufsize 0x6 to_hash 0x40 ctx_len 0x28 nbytes 0x20 which results in a job descriptor of: jobdesc@889: ed03d918: b0861c08 3daa0080 f1400000 3d03d938 jobdesc@889: ed03d928: 00000068 f8400000 3cde2a40 00000028 where the word at 0xed03d928 is the expected data size (0x68), and a scatterlist containing: sg@892: ed03d938: 00000000 3cde2a40 00000028 00000000 sg@892: ed03d948: 00000000 3d03d100 00000006 00000000 sg@892: ed03d958: 00000000 7e8aa700 40000020 00000000 0x68 comes from 0x28 (the context size) plus the "in_len" rounded down to a block size (0x40). in_len comes from 0x26 bytes of unhashed data from the previous operation, plus the 0x20 bytes from the latest operation. The fixed version would create: sg@892: ed03d938: 00000000 3cde2a40 00000028 00000000 sg@892: ed03d948: 00000000 3d03d100 00000026 00000000 sg@892: ed03d958: 00000000 7e8aa700 40000020 00000000 which replaces the 0x06 length with the correct 0x26 bytes of previously unhashed data. This fixes a previous commit which erroneously "fixed" this due to a DMA-API bug report; that commit indicates that the bug was caused via a test_ahash_pnum() function in the tcrypt module. No such function has ever existed in the mainline kernel. Given that the change in this commit has been tested with DMA API debug enabled and shows no issue, I can only conclude that test_ahash_pnum() was triggering that bad behaviour by CAAM. Fixes: 7d5196aba3c8 ("crypto: caam - Correct DMA unmap size in ahash_update_ctx()") Signed-off-by: Russell King Signed-off-by: Herbert Xu

crypto: caam - avoid needlessly saving and restoring caam_hash_ctx

2015-10-20T14:11:10+00:00

When exporting and importing the hash state, we will only export and import into hashes which share the same struct crypto_ahash pointer. (See hash_accept->af_alg_accept->hash_accept_parent.) This means that saving the caam_hash_ctx structure on export, and restoring it on import is a waste of resources. So, remove this code. Signed-off-by: Russell King Signed-off-by: Herbert Xu

crypto: caam - print errno code when hash registration fails

2015-10-20T14:11:09+00:00

Print the errno code when hash registration fails, so we know why the failure occurred. This aids debugging. Signed-off-by: Russell King Signed-off-by: Herbert Xu

crypto: caam - add support for acipher xts(aes)

2015-10-08T13:42:20+00:00

Add support for AES working in XEX-based Tweaked-codebook mode with ciphertext Stealing (XTS) sector index - HW limitation: CAAM device supports sector index of only 8 bytes to be used for sector index inside IV, instead of whole 16 bytes received on request. This represents 2 ^ 64 = 16,777,216 Tera of possible values for sector index. Signed-off-by: Cristian Hristea Signed-off-by: Horia Geanta Signed-off-by: Alex Porosanu Signed-off-by: Catalin Vasile Signed-off-by: Herbert Xu

crypto: caam - dma_map_sg can handle chained SG

2015-10-01T13:56:56+00:00

The caam driver use two dma_map_sg path according to SG are chained or not. Since dma_map_sg can handle both case, clean the code with all references to sg chained. Thus removing dma_map_sg_chained, dma_unmap_sg_chained and __sg_count functions. Signed-off-by: LABBE Corentin Signed-off-by: Herbert Xu

crypto: caam - Remove unused JUMP_TYPE_MASK definition

2015-09-21T14:00:40+00:00

Commit a1efb01feca597b ("jump_label, locking/static_keys: Rename JUMP_LABEL_TYPE_* and related helpers to the static_key* pattern") introduced the definition of JUMP_TYPE_MASK in include/linux/jump_label.h causing the following name collision: In file included from drivers/crypto/caam/desc_constr.h:7:0, from drivers/crypto/caam/ctrl.c:15: drivers/crypto/caam/desc.h:1495:0: warning: "JUMP_TYPE_MASK" redefined #define JUMP_TYPE_MASK (0x03 << JUMP_TYPE_SHIFT) ^ In file included from include/linux/module.h:19:0, from drivers/crypto/caam/compat.h:9, from drivers/crypto/caam/ctrl.c:11: include/linux/jump_label.h:131:0: note: this is the location of the previous definition #define JUMP_TYPE_MASK 1UL As JUMP_TYPE_MASK definition in desc.h is never used, we can safely remove it to avoid the name collision. Reported-by: Olof's autobuilder Signed-off-by: Fabio Estevam Reviewed-by: Horia Geant? Signed-off-by: Herbert Xu

Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

2015-09-01T00:38:39+00:00

Pull crypto updates from Herbert Xu: "Here is the crypto update for 4.3: API: - the AEAD interface transition is now complete. - add top-level skcipher interface. Drivers: - x86-64 acceleration for chacha20/poly1305. - add sunxi-ss Allwinner Security System crypto accelerator. - add RSA algorithm to qat driver. - add SRIOV support to qat driver. - add LS1021A support to caam. - add i.MX6 support to caam" * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (163 commits) crypto: algif_aead - fix for multiple operations on AF_ALG sockets crypto: qat - enable legacy VFs MPI: Fix mpi_read_buffer crypto: qat - silence a static checker warning crypto: vmx - Fixing opcode issue crypto: caam - Use the preferred style for memory allocations crypto: caam - Propagate the real error code in caam_probe crypto: caam - Fix the error handling in caam_probe crypto: caam - fix writing to JQCR_MS when using service interface crypto: hash - Add AHASH_REQUEST_ON_STACK crypto: testmgr - Use new skcipher interface crypto: skcipher - Add top-level skcipher interface crypto: cmac - allow usage in FIPS mode crypto: sahara - Use dmam_alloc_coherent crypto: caam - Add support for LS1021A crypto: qat - Don't move data inside output buffer crypto: vmx - Fixing GHASH Key issue on little endian crypto: vmx - Fixing AES-CTR counter bug crypto: null - Add missing Kconfig tristate for NULL2 crypto: nx - Add forward declaration for struct crypto_aead ...