summaryrefslogtreecommitdiff
path: root/drivers/crypto/caam/caampkc.c
AgeCommit message (Collapse)AuthorFilesLines
2021-09-24crypto: caam - disable pkc for non-E SoCsMichael Walle1-4/+15
On newer CAAM versions, not all accelerators are disabled if the SoC is a non-E variant. While the driver checks most of the modules for availability, there is one - PKHA - which sticks out. On non-E variants it is still reported as available, that is the number of instances is non-zero, but it has limited functionality. In particular it doesn't support encryption and decryption, but just signing and verifying. This is indicated by a bit in the PKHA_MISC field. Take this bit into account if we are checking for availability. This will the following error: [ 8.167817] caam_jr 8020000.jr: 20000b0f: CCB: desc idx 11: : Invalid CHA selected. Tested on an NXP LS1028A (non-E) SoC. Fixes: d239b10d4ceb ("crypto: caam - add register map changes cf. Era 10") Signed-off-by: Michael Walle <michael@walle.cc> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2021-03-26crypto: caam - Provide the name of the function and provide missing descriptionsLee Jones1-1/+2
Fixes the following W=1 kernel build warning(s): drivers/crypto/caam/caampkc.c:199: warning: expecting prototype for from a given scatterlist(). Prototype was for caam_rsa_count_leading_zeros() instead drivers/crypto/caam/caamalg_qi2.c:87: warning: Function parameter or member 'xts_key_fallback' not described in 'caam_ctx' drivers/crypto/caam/caamalg_qi2.c:87: warning: Function parameter or member 'fallback' not described in 'caam_ctx' Cc: "Horia Geantă" <horia.geanta@nxp.com> Cc: Aymen Sghaier <aymen.sghaier@nxp.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Signed-off-by: Lee Jones <lee.jones@linaro.org> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-08-07mm, treewide: rename kzfree() to kfree_sensitive()Waiman Long1-14/+14
As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or something. The "zero" part of the interface isn't even _relevant_. The main reason that kzfree() exists is to clear sensitive information that should not be leaked to other future users of the same memory objects. Rename kzfree() to kfree_sensitive() to follow the example of the recently added kvfree_sensitive() and make the intention of the API more explicit. In addition, memzero_explicit() is used to clear the memory to make sure that it won't get optimized away by the compiler. The renaming is done by using the command sequence: git grep -w --name-only kzfree |\ xargs sed -i 's/kzfree/kfree_sensitive/' followed by some editing of the kfree_sensitive() kerneldoc and adding a kzfree backward compatibility macro in slab.h. [akpm@linux-foundation.org: fs/crypto/inline_crypt.c needs linux/slab.h] [akpm@linux-foundation.org: fix fs/crypto/inline_crypt.c some more] Suggested-by: Joe Perches <joe@perches.com> Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: David Howells <dhowells@redhat.com> Acked-by: Michal Hocko <mhocko@suse.com> Acked-by: Johannes Weiner <hannes@cmpxchg.org> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Joe Perches <joe@perches.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: David Rientjes <rientjes@google.com> Cc: Dan Carpenter <dan.carpenter@oracle.com> Cc: "Jason A . Donenfeld" <Jason@zx2c4.com> Link: http://lkml.kernel.org/r/20200616154311.12314-3-longman@redhat.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2020-04-16crypto: caam - fix use-after-free KASAN issue for RSA algorithmsIuliana Prodan1-2/+6
Here's the KASAN report: BUG: KASAN: use-after-free in rsa_pub_done+0x70/0xe8 Read of size 1 at addr ffff000023082014 by task swapper/0/0 CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.6.0-rc1-00162-gfcb90d5 #60 Hardware name: LS1046A RDB Board (DT) Call trace: dump_backtrace+0x0/0x260 show_stack+0x14/0x20 dump_stack+0xe8/0x144 print_address_description.isra.11+0x64/0x348 __kasan_report+0x11c/0x230 kasan_report+0xc/0x18 __asan_load1+0x5c/0x68 rsa_pub_done+0x70/0xe8 caam_jr_dequeue+0x390/0x608 tasklet_action_common.isra.13+0x1ec/0x230 tasklet_action+0x24/0x30 efi_header_end+0x1a4/0x370 irq_exit+0x114/0x128 __handle_domain_irq+0x80/0xe0 gic_handle_irq+0x50/0xa0 el1_irq+0xb8/0x180 cpuidle_enter_state+0xa4/0x490 cpuidle_enter+0x48/0x70 call_cpuidle+0x44/0x70 do_idle+0x304/0x338 cpu_startup_entry+0x24/0x40 rest_init+0xf8/0x10c arch_call_rest_init+0xc/0x14 start_kernel+0x774/0x7b4 Allocated by task 263: save_stack+0x24/0xb0 __kasan_kmalloc.isra.10+0xc4/0xe0 kasan_kmalloc+0xc/0x18 __kmalloc+0x178/0x2b8 rsa_edesc_alloc+0x2cc/0xe10 caam_rsa_enc+0x9c/0x5f0 test_akcipher_one+0x78c/0x968 alg_test_akcipher+0x78/0xf8 alg_test.part.44+0x114/0x4a0 alg_test+0x1c/0x60 cryptomgr_test+0x34/0x58 kthread+0x1b8/0x1c0 ret_from_fork+0x10/0x18 Freed by task 0: save_stack+0x24/0xb0 __kasan_slab_free+0x10c/0x188 kasan_slab_free+0x10/0x18 kfree+0x7c/0x298 rsa_pub_done+0x68/0xe8 caam_jr_dequeue+0x390/0x608 tasklet_action_common.isra.13+0x1ec/0x230 tasklet_action+0x24/0x30 efi_header_end+0x1a4/0x370 The buggy address belongs to the object at ffff000023082000 which belongs to the cache dma-kmalloc-256 of size 256 The buggy address is located 20 bytes inside of 256-byte region [ffff000023082000, ffff000023082100) The buggy address belongs to the page: page:fffffe00006c2080 refcount:1 mapcount:0 mapping:ffff00093200c200 index:0x0 compound_mapcount: 0 flags: 0xffff00000010200(slab|head) raw: 0ffff00000010200 dead000000000100 dead000000000122 ffff00093200c200 raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff000023081f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff000023081f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff >ffff000023082000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff000023082080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff000023082100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc Fixes: bf53795025a2 ("crypto: caam - add crypto_engine support for RSA algorithms") Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-02-22crypto: caam - add crypto_engine support for RSA algorithmsIuliana Prodan1-24/+104
Add crypto_engine support for RSA algorithms, to make use of the engine queue. The requests, with backlog flag, will be listed into crypto-engine queue and processed by CAAM when free. In case the queue is empty, the request is directly sent to CAAM. Only the backlog request are sent to crypto-engine since the others can be handled by CAAM, if free, especially since JR has up to 1024 entries (more than the 10 entries from crypto-engine). Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-02-22crypto: caam - change return code in caam_jr_enqueue functionIuliana Prodan1-8/+8
Based on commit 6b80ea389a0b ("crypto: change transient busy return code to -ENOSPC"), change the return code of caam_jr_enqueue function to -EINPROGRESS, in case of success, -ENOSPC in case the CAAM is busy (has no space left in job ring queue), -EIO if it cannot map the caller's descriptor. Update, also, the cases for resource-freeing for each algorithm type. This is done for later use, on backlogging support in CAAM. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-02-22crypto: caam - refactor RSA private key _done callbacksIuliana Prodan1-43/+18
Create a common rsa_priv_f_done function, which based on private key form calls the specific unmap function. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-04crypto: caam - use mapped_{src,dst}_nents for descriptorIuliana Prodan1-33/+39
The mapped_{src,dst}_nents _returned_ from the dma_map_sg call (which could be less than src/dst_nents) have to be used to generate the job descriptors. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-08-30crypto: caam - select DMA address size at runtimeAndrey Smirnov1-4/+4
i.MX8 mScale SoC still use 32-bit addresses in its CAAM implmentation, so we can't rely on sizeof(dma_addr_t) to detemine CAAM pointer size. Convert the code to query CTPR and MCFGR for that during driver probing. Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com> Cc: Chris Spencer <christopher.spencer@sea.co.uk> Cc: Cory Tusar <cory.tusar@zii.aero> Cc: Chris Healy <cphealy@gmail.com> Cc: Lucas Stach <l.stach@pengutronix.de> Cc: Horia Geantă <horia.geanta@nxp.com> Cc: Aymen Sghaier <aymen.sghaier@nxp.com> Cc: Leonard Crestez <leonard.crestez@nxp.com> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-08-09crypto: caam - unregister algorithm only if the registration succeededIuliana Prodan1-19/+30
To know if a registration succeeded added a new struct, caam_akcipher_alg, that keeps, also, the registration status. This status is updated in caam_pkc_init and verified in caam_pkc_exit to unregister an algorithm. Fixes: 1b46c90c8e00 ("crypto: caam - convert top level drivers to libraries") Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-08-09crypto: caam - execute module exit point only if necessaryIuliana Prodan1-0/+11
Commit 1b46c90c8e00 ("crypto: caam - convert top level drivers to libraries") changed entry and exit points behavior for caamalg, caamalg_qi, caamalg_qi2, caamhash, caampkc, caamrng. For example, previously caam_pkc_init() and caam_pkc_exit() were module entry/exit points. This means that if an error would happen in caam_pkc_init(), then caam_pkc_exit() wouldn't have been called. After the mentioned commit, caam_pkc_init() and caam_pkc_exit() are manually called - from jr.c. caam_pkc_exit() is called unconditionally, even if caam_pkc_init() failed. Added a global variable to keep the status of the algorithm registration and free of resources. The exit point of caampkc/caamrng module is executed only if the registration was successful. Therefore we avoid double free of resources in case the algorithm registration failed. Fixes: 1b46c90c8e00 ("crypto: caam - convert top level drivers to libraries") Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-08-09crypto: caam - fix return code in completion callbacksHoria Geantă1-8/+12
Modify drive to provide a valid errno (and not the HW error ID) to the user, via completion callbacks. A "valid errno" is currently not explicitly mentioned in the docs, however the error code is expected to match the one returned by the generic SW implementation. Note: in most error cases caam/qi and caam/qi2 returned -EIO; align all caam drivers to return -EINVAL. While here, ratelimit prints triggered by fuzz testing, such that console is not flooded. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-07-26crypto: drivers - Use kmemdup rather than duplicating its implementationFuqian Huang1-8/+3
kmemdup is introduced to duplicate a region of memory in a neat way. Rather than kmalloc/kzalloc + memcpy, which the programmer needs to write the size twice (sometimes lead to mistakes), kmemdup improves readability, leads to smaller code and also reduce the chances of mistakes. Suggestion to use kmemdup rather than using kmalloc/kzalloc + memcpy. Signed-off-by: Fuqian Huang <huangfq.daxian@gmail.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-06-20crypto: caam - use len instead of nents for bulding HW S/G tableHoria Geantă1-2/+2
Currently, conversion of SW S/G table into HW S/G layout relies on nents returned by sg_nents_for_len(sg, len). However this leaves the possibility of HW S/G referencing more data then needed: since buffer length in HW S/G entries is filled using sg_dma_len(sg), the last entry in HW S/G table might have a length that is bigger than needed for the crypto request. This way of S/G table conversion is fine, unless after converting a table more entries have to be appended to the HW S/G table. In this case, crypto engine would access data from the S/G entry having the incorrect length, instead of advancing in the S/G table. This situation doesn't exist, but the upcoming implementation of IV update for skcipher algorithms needs to add a S/G entry after req->dst S/G (corresponding to output IV). Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-06-06crypto: caam - strip input without changing crypto requestIuliana Prodan1-13/+26
For rsa and pkcs1pad, CAAM expects an input of modulus size. For this we strip the leading zeros in case the size is more than modulus. This commit avoids modifying the crypto request while stripping zeros from input, to comply with the crypto API requirement. This is done by adding a fixup input pointer and length. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geanta <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-06-06crypto: caam - fix pkcs1pad(rsa-caam, sha256) failure because of invalid inputIuliana Prodan1-17/+72
The problem is with the input data size sent to CAAM for encrypt/decrypt. Pkcs1pad is failing due to pkcs1 padding done in SW starting with0x01 instead of 0x00 0x01. CAAM expects an input of modulus size. For this we strip the leading zeros in case the size is more than modulus or pad the input with zeros until the modulus size is reached. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-23crypto: caam - convert top level drivers to librariesHoria Geantă1-45/+5
Currently we allow top level code, i.e. that which sits between the low level (HW-specific) drivers and crypto API, to be built as several drivers: caamalg, caamhash, caam_pkc, caamrng, caamalg_qi. There is no advantage in this, more it interferes with adding support for deferred probing (there are no corresponding devices and thus no bus). Convert these drivers and call init() / exit() manually at the right time. Move algorithms initialization at JR probe / remove time: -the first probed JR registers the crypto algs -the last removed JR unregisters the crypto algs Note: caam_qi_init() is called before JR platform devices creation (of_populate_bus()), such that QI interface is initialized when the caam/qi algorithms are registered in the JR driver (by calling caam_qi_algapi_init(). While here, fix the Kconfig entries under CRYPTO_DEV_FSL_CAAM_JR to be aligned. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-23crypto: caam - fix S/G table passing page boundaryHoria Geantă1-2/+5
According to CAAM RM: -crypto engine reads 4 S/G entries (64 bytes) at a time, even if the S/G table has fewer entries -it's the responsibility of the user / programmer to make sure this HW behaviour has no side effect The drivers do not take care of this currently, leading to IOMMU faults when the S/G table ends close to a page boundary - since only one page is DMA mapped, while CAAM's DMA engine accesses two pages. Fix this by rounding up the number of allocated S/G table entries to a multiple of 4. Note that in case of two *contiguous* S/G tables, only the last table might needs extra entries. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-04-18crypto: rsa - unimplement sign/verify for raw RSA backendsVitaly Chikunov1-2/+0
In preparation for new akcipher verify call remove sign/verify callbacks from RSA backends and make PKCS1 driver call encrypt/decrypt instead. This also complies with the well-known idea that raw RSA should never be used for sign/verify. It only should be used with proper padding scheme such as PKCS1 driver provides. Cc: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Cc: qat-linux@intel.com Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gary Hook <gary.hook@amd.com> Cc: Horia Geantă <horia.geanta@nxp.com> Cc: Aymen Sghaier <aymen.sghaier@nxp.com> Signed-off-by: Vitaly Chikunov <vt@altlinux.org> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Acked-by: Gary R Hook <gary.hook@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-03-07crypto: caam - add missing put_device() callWen Yang1-4/+10
The of_find_device_by_node() takes a reference to the underlying device structure, we should release that reference. Fixes: 35af64038623 ("crypto: caam - Check for CAAM block presence before registering with crypto layer") Fixes: b189817cf789 ("crypto: caam/qi - add ablkcipher and authenc algorithms") Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Wen Yang <yellowriver2010@hotmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-11-16crypto: caam - add register map changes cf. Era 10Horia Geantă1-3/+7
Era 10 changes the register map. The updates that affect the drivers: -new version registers are added -DBG_DBG[deco_state] field is moved to a new register - DBG_EXEC[19:16] @ 8_0E3Ch. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-10-17crypto: caam - add SPDX license identifier to all filesHoria Geantă1-0/+1
Previously, a tree-wide change added SPDX license identifiers to files lacking licensing information: b24413180f56 ("License cleanup: add SPDX GPL-2.0 license identifier to files with no license") To be consistent update the rest of the files: -files with license specified by means of MODULE_LICENSE() -files with complete license text -Kconfig Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-08-25crypto: caam - fix DMA mapping direction for RSA forms 2 & 3Horia Geantă1-10/+10
Crypto engine needs some temporary locations in external memory for running RSA decrypt forms 2 and 3 (CRT). These are named "tmp1" and "tmp2" in the PDB. Update DMA mapping direction of tmp1 and tmp2 from TO_DEVICE to BIDIRECTIONAL, since engine needs r/w access. Cc: <stable@vger.kernel.org> # 4.13+ Fixes: 52e26d77b8b3 ("crypto: caam - add support for RSA key form 2") Fixes: 4a651b122adb ("crypto: caam - add support for RSA key form 3") Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-05-05crypto: caam - fix size of RSA prime factor qHoria Geantă1-4/+4
Fix a typo where size of RSA prime factor q is using the size of prime factor p. Cc: <stable@vger.kernel.org> # 4.13+ Fixes: 52e26d77b8b3 ("crypto: caam - add support for RSA key form 2") Fixes: 4a651b122adb ("crypto: caam - add support for RSA key form 3") Reported-by: David Binderman <dcb314@hotmail.com> Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-04-20crypto: caam: - Use kmemdup() functionFabio Estevam1-8/+1
Use kmemdup() rather than duplicating its implementation. By usign kmemdup() we can also get rid of the 'val' variable. Detected with Coccinelle script. Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-04-20crypto: caam - strip input zeros from RSA input bufferHoria Geantă1-0/+54
Sometimes the provided RSA input buffer provided is not stripped of leading zeros. This could cause its size to be bigger than that of the modulus, making the HW complain: caam_jr 2142000.jr1: 40000789: DECO: desc idx 7: Protocol Size Error - A protocol has seen an error in size. When running RSA, pdb size N < (size of F) when no formatting is used; or pdb size N < (F + 11) when formatting is used. Fix the problem by stripping off the leading zero from input data before feeding it to the CAAM accelerator. Fixes: 8c419778ab57e ("crypto: caam - add support for RSA algorithm") Cc: <stable@vger.kernel.org> # 4.8+ Reported-by: Martin Townsend <mtownsend1973@gmail.com> Link: https://lkml.kernel.org/r/CABatt_ytYORYKtApcB4izhNanEKkGFi9XAQMjHi_n-8YWoCRiw@mail.gmail.com Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Tested-by: Fabio Estevam <fabio.estevam@nxp.com> Reviewed-by: Tudor Ambarus <tudor.ambarus@microchip.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-07-05Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6Herbert Xu1-2/+2
Merge the crypto tree to pull in fixes for the next merge window.
2017-06-22crypto: caam - fix gfp allocation flags (part II)Horia Geantă1-2/+2
This is the 2nd part of fixing the usage of GFP_KERNEL for memory allocations, taking care off all the places that haven't caused a real problem / failure. Again, the issue being fixed is that GFP_KERNEL should be used only when MAY_SLEEP flag is set, i.e. MAY_BACKLOG flag usage is orthogonal. Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10crypto: caampkc - comply with crypto_akcipher_maxsize()Tudor-Dan Ambarus1-3/+2
crypto_akcipher_maxsize() asks for the output buffer size without caring for errors. It allways assume that will be called after a valid setkey. Comply with it and return what he wants. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-05-18crypto: caam - add support for RSA key form 3Radu Alexe1-1/+218
CAAM RSA private key may have either of three representations. 1. The first representation consists of the pair (n, d), where the components have the following meanings: n the RSA modulus d the RSA private exponent 2. The second representation consists of the triplet (p, q, d), where the components have the following meanings: p the first prime factor of the RSA modulus n q the second prime factor of the RSA modulus n d the RSA private exponent 3. The third representation consists of the quintuple (p, q, dP, dQ, qInv), where the components have the following meanings: p the first prime factor of the RSA modulus n q the second prime factor of the RSA modulus n dP the first factors's CRT exponent dQ the second factors's CRT exponent qInv the (first) CRT coefficient The benefit of using the third or the second key form is lower computational cost for the decryption and signature operations. This patch adds support for the third RSA private key representations and extends caampkc to use the fastest key when all related components are present in the private key. Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com> Signed-off-by: Radu Alexe <radu.alexe@nxp.com> Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-05-18crypto: caam - add support for RSA key form 2Radu Alexe1-17/+214
CAAM RSA private key may have either of three representations. 1. The first representation consists of the pair (n, d), where the components have the following meanings: n the RSA modulus d the RSA private exponent 2. The second representation consists of the triplet (p, q, d), where the components have the following meanings: p the first prime factor of the RSA modulus n q the second prime factor of the RSA modulus n d the RSA private exponent 3. The third representation consists of the quintuple (p, q, dP, dQ, qInv), where the components have the following meanings: p the first prime factor of the RSA modulus n q the second prime factor of the RSA modulus n dP the first factors's CRT exponent dQ the second factors's CRT exponent qInv the (first) CRT coefficient The benefit of using the third or the second key form is lower computational cost for the decryption and signature operations. This patch adds support for the second RSA private key representation. Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com> Signed-off-by: Radu Alexe <radu.alexe@nxp.com> Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-05-18crypto: caam - incapsulate dropping leading zeros into functionRadu Alexe1-4/+9
This function will be used into further patches. Signed-off-by: Radu Alexe <radu.alexe@nxp.com> Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-05-18crypto: caam - avoid kzalloc(0) in caam_read_raw_dataTudor Ambarus1-0/+2
The function returns NULL if buf is composed only of zeros. Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com> Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-04-05crypto: caam - fix invalid dereference in caam_rsa_init_tfm()Horia Geantă1-1/+1
In case caam_jr_alloc() fails, ctx->dev carries the error code, thus accessing it with dev_err() is incorrect. Cc: <stable@vger.kernel.org> # 4.8+ Fixes: 8c419778ab57e ("crypto: caam - add support for RSA algorithm") Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-11-13crypto: caam - fix sparse warningsHoria Geantă1-2/+2
Fix the following sparse warning (note that endianness issues are not not addressed in current patch): drivers/crypto/caam/ctrl.c:388:24: warning: incorrect type in argument 1 (different address spaces) drivers/crypto/caam/ctrl.c:388:24: expected void [noderef] <asn:2>*reg drivers/crypto/caam/ctrl.c:388:24: got unsigned int *<noident> drivers/crypto/caam/ctrl.c:390:24: warning: incorrect type in argument 1 (different address spaces) drivers/crypto/caam/ctrl.c:390:24: expected void [noderef] <asn:2>*reg drivers/crypto/caam/ctrl.c:390:24: got unsigned int *<noident> drivers/crypto/caam/ctrl.c:548:24: warning: incorrect type in assignment (different address spaces) drivers/crypto/caam/ctrl.c:548:24: expected struct caam_ctrl [noderef] <asn:2>*ctrl drivers/crypto/caam/ctrl.c:548:24: got struct caam_ctrl *<noident> drivers/crypto/caam/ctrl.c:550:30: warning: cast removes address space of expression drivers/crypto/caam/ctrl.c:549:26: warning: incorrect type in assignment (different address spaces) drivers/crypto/caam/ctrl.c:549:26: expected struct caam_assurance [noderef] <asn:2>*assure drivers/crypto/caam/ctrl.c:549:26: got struct caam_assurance *<noident> drivers/crypto/caam/ctrl.c:554:28: warning: cast removes address space of expression drivers/crypto/caam/ctrl.c:553:24: warning: incorrect type in assignment (different address spaces) drivers/crypto/caam/ctrl.c:553:24: expected struct caam_deco [noderef] <asn:2>*deco drivers/crypto/caam/ctrl.c:553:24: got struct caam_deco *<noident> drivers/crypto/caam/ctrl.c:634:48: warning: cast removes address space of expression drivers/crypto/caam/ctrl.c:633:44: warning: incorrect type in assignment (different address spaces) drivers/crypto/caam/ctrl.c:633:44: expected struct caam_job_ring [noderef] <asn:2>*<noident> drivers/crypto/caam/ctrl.c:633:44: got struct caam_job_ring *<noident> drivers/crypto/caam/ctrl.c:648:34: warning: cast removes address space of expression drivers/crypto/caam/ctrl.c:647:30: warning: incorrect type in assignment (different address spaces) drivers/crypto/caam/ctrl.c:647:30: expected struct caam_queue_if [noderef] <asn:2>*qi drivers/crypto/caam/ctrl.c:647:30: got struct caam_queue_if *<noident> drivers/crypto/caam/ctrl.c:806:37: warning: incorrect type in assignment (different address spaces) drivers/crypto/caam/ctrl.c:806:37: expected void *data drivers/crypto/caam/ctrl.c:806:37: got unsigned int [noderef] <asn:2>* drivers/crypto/caam/ctrl.c:814:38: warning: incorrect type in assignment (different address spaces) drivers/crypto/caam/ctrl.c:814:38: expected void *data drivers/crypto/caam/ctrl.c:814:38: got unsigned int [noderef] <asn:2>* drivers/crypto/caam/ctrl.c:822:38: warning: incorrect type in assignment (different address spaces) drivers/crypto/caam/ctrl.c:822:38: expected void *data drivers/crypto/caam/ctrl.c:822:38: got unsigned int [noderef] <asn:2>* drivers/crypto/caam/jr.c:492:23: warning: incorrect type in assignment (different address spaces) drivers/crypto/caam/jr.c:492:23: expected struct caam_job_ring [noderef] <asn:2>*rregs drivers/crypto/caam/jr.c:492:23: got struct caam_job_ring *<noident> drivers/crypto/caam/caampkc.c:398:35: warning: Using plain integer as NULL pointer drivers/crypto/caam/caampkc.c:444:35: warning: Using plain integer as NULL pointer Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-07-05crypto: caam - add support for RSA algorithmTudor Ambarus1-0/+607
Add RSA support to caam driver. Initial author is Yashpal Dutta <yashpal.dutta@freescale.com>. Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>