* (unknown),
From: Iaroslav Gridin @ 2016-08-30 15:53 UTC (permalink / raw)
To: herbert
Cc: davem, linux-crypto, linux-kernel, andy.gross, david.brown,
linux-arm-msm, linux-soc
This set of patches fixes QCE digest code, preventing lockups and incorrect results.
^ permalink raw reply
* [PATCH 1/4] crypto: qce: Remove unneeded length check for scatterlist
From: Iaroslav Gridin @ 2016-08-30 15:53 UTC (permalink / raw)
To: herbert
Cc: davem, linux-crypto, linux-kernel, andy.gross, david.brown,
linux-arm-msm, linux-soc, Voker57
In-Reply-To: <20160830155353.19500-1-voker57@gmail.com>
From: Voker57 <voker57@gmail.com>
Current code avoids supplying scatterlist containing more data than used
to DMA. This leads to dropping data from scatterlists which would
leave some for next run.
Signed-off-by: Iaroslav Gridin <voker57@gmail.com>
---
drivers/crypto/qce/sha.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/drivers/crypto/qce/sha.c b/drivers/crypto/qce/sha.c
index 47e114a..a124bb9 100644
--- a/drivers/crypto/qce/sha.c
+++ b/drivers/crypto/qce/sha.c
@@ -282,8 +282,6 @@ static int qce_ahash_update(struct ahash_request *req)
sg = sg_last = req->src;
while (len < nbytes && sg) {
- if (len + sg_dma_len(sg) > nbytes)
- break;
len += sg_dma_len(sg);
sg_last = sg;
sg = sg_next(sg);
--
2.9.3
^ permalink raw reply related
* [PATCH 2/4] crypto: qce: Avoid repeat hash finalization
From: Iaroslav Gridin @ 2016-08-30 15:53 UTC (permalink / raw)
To: herbert
Cc: davem, linux-crypto, linux-kernel, andy.gross, david.brown,
linux-arm-msm, linux-soc, Voker57
In-Reply-To: <20160830155353.19500-1-voker57@gmail.com>
From: Voker57 <voker57@gmail.com>
Calling QCE finalization when hash have already been finalized causes
a lockup. Avoid it by introducing finalized flag.
Signed-off-by: Iaroslav Gridin <voker57@gmail.com>
---
drivers/crypto/qce/sha.c | 6 ++++++
drivers/crypto/qce/sha.h | 1 +
2 files changed, 7 insertions(+)
diff --git a/drivers/crypto/qce/sha.c b/drivers/crypto/qce/sha.c
index a124bb9..a068d39 100644
--- a/drivers/crypto/qce/sha.c
+++ b/drivers/crypto/qce/sha.c
@@ -139,6 +139,7 @@ static int qce_ahash_init(struct ahash_request *req)
rctx->first_blk = true;
rctx->last_blk = false;
rctx->flags = tmpl->alg_flags;
+ rctx->finalized = false;
memcpy(rctx->digest, std_iv, sizeof(rctx->digest));
return 0;
@@ -314,7 +315,12 @@ static int qce_ahash_final(struct ahash_request *req)
if (!rctx->buflen)
return 0;
+ /* If hash is already been finalized, don't do anything */
+ if (rctx->finalized)
+ return 0;
+
rctx->last_blk = true;
+ rctx->finalized = true;
rctx->src_orig = req->src;
rctx->nbytes_orig = req->nbytes;
diff --git a/drivers/crypto/qce/sha.h b/drivers/crypto/qce/sha.h
index 236bb5e9..b24568f 100644
--- a/drivers/crypto/qce/sha.h
+++ b/drivers/crypto/qce/sha.h
@@ -59,6 +59,7 @@ struct qce_sha_reqctx {
u64 count;
bool first_blk;
bool last_blk;
+ bool finalized;
struct scatterlist sg[2];
u8 *authkey;
unsigned int authklen;
--
2.9.3
^ permalink raw reply related
* [PATCH 3/4] crypto: qce: Ensure QCE receives no zero-sized updates
From: Iaroslav Gridin @ 2016-08-30 15:53 UTC (permalink / raw)
To: herbert
Cc: davem, linux-crypto, linux-kernel, andy.gross, david.brown,
linux-arm-msm, linux-soc, Voker57
In-Reply-To: <20160830155353.19500-1-voker57@gmail.com>
From: Voker57 <voker57@gmail.com>
Zero-sized updates lock QCE, so ensure there's always some data left
for the final update, up to blocksize.
Signed-off-by: Iaroslav Gridin <voker57@gmail.com>
---
drivers/crypto/qce/sha.c | 30 ++++++++++++++++++++----------
1 file changed, 20 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/qce/sha.c b/drivers/crypto/qce/sha.c
index a068d39..f199f28 100644
--- a/drivers/crypto/qce/sha.c
+++ b/drivers/crypto/qce/sha.c
@@ -240,9 +240,11 @@ static int qce_ahash_update(struct ahash_request *req)
struct qce_device *qce = tmpl->qce;
struct scatterlist *sg_last, *sg;
unsigned int total, len;
+ unsigned int tmpbuflen = 0;
unsigned int hash_later;
unsigned int nbytes;
unsigned int blocksize;
+ unsigned int src_offset;
blocksize = crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
rctx->count += req->nbytes;
@@ -265,21 +267,30 @@ static int qce_ahash_update(struct ahash_request *req)
* if we have data from previous update copy them on buffer. The old
* data will be combined with current request bytes.
*/
- if (rctx->buflen)
+ if (rctx->buflen) {
memcpy(rctx->tmpbuf, rctx->buf, rctx->buflen);
+ tmpbuflen = rctx->buflen;
+ }
/* calculate how many bytes will be hashed later */
hash_later = total % blocksize;
- if (hash_later) {
- unsigned int src_offset = req->nbytes - hash_later;
- scatterwalk_map_and_copy(rctx->buf, req->src, src_offset,
- hash_later, 0);
- }
+ /* ensure we always have something on buffer */
+ if (hash_later == 0)
+ hash_later = blocksize;
+ src_offset = req->nbytes - hash_later;
+ scatterwalk_map_and_copy(rctx->buf, req->src, src_offset,
+ hash_later, 0);
+ rctx->buflen = hash_later;
/* here nbytes is multiple of blocksize */
nbytes = total - hash_later;
- len = rctx->buflen;
+ len = tmpbuflen;
+
+ /* Zero-length update is a no-op */
+ if (nbytes == 0)
+ return 0;
+
sg = sg_last = req->src;
while (len < nbytes && sg) {
@@ -293,15 +304,14 @@ static int qce_ahash_update(struct ahash_request *req)
sg_mark_end(sg_last);
- if (rctx->buflen) {
+ if (tmpbuflen) {
sg_init_table(rctx->sg, 2);
- sg_set_buf(rctx->sg, rctx->tmpbuf, rctx->buflen);
+ sg_set_buf(rctx->sg, rctx->tmpbuf, tmpbuflen);
sg_chain(rctx->sg, 2, req->src);
req->src = rctx->sg;
}
req->nbytes = nbytes;
- rctx->buflen = hash_later;
return qce->async_req_enqueue(tmpl->qce, &req->base);
}
--
2.9.3
^ permalink raw reply related
* [PATCH 4/4] crypto: qce: If total text size is zero, return pre-computed digest
From: Iaroslav Gridin @ 2016-08-30 15:53 UTC (permalink / raw)
To: herbert
Cc: davem, linux-crypto, linux-kernel, andy.gross, david.brown,
linux-arm-msm, linux-soc, Voker57
In-Reply-To: <20160830155353.19500-1-voker57@gmail.com>
From: Voker57 <voker57@gmail.com>
If total data amount to hash is zero, we cannot submit it to QCE,
since it locks up on zero-sized updates. So, return pre-computed
SHA256/SHA1 hash.
Signed-off-by: Iaroslav Gridin <voker57@gmail.com>
---
drivers/crypto/qce/sha.c | 27 ++++++++++++++++++++++++---
1 file changed, 24 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/qce/sha.c b/drivers/crypto/qce/sha.c
index f199f28..c627b5d 100644
--- a/drivers/crypto/qce/sha.c
+++ b/drivers/crypto/qce/sha.c
@@ -80,6 +80,7 @@ static int qce_ahash_async_req_handle(struct crypto_async_request *async_req)
struct qce_sha_ctx *ctx = crypto_tfm_ctx(async_req->tfm);
struct qce_alg_template *tmpl = to_ahash_tmpl(async_req->tfm);
struct qce_device *qce = tmpl->qce;
+ unsigned int digestsize = crypto_ahash_digestsize(crypto_ahash_reqtfm(req));
unsigned long flags = rctx->flags;
int ret;
@@ -91,6 +92,29 @@ static int qce_ahash_async_req_handle(struct crypto_async_request *async_req)
rctx->authklen = AES_KEYSIZE_128;
}
+ if (!req->nbytes) {
+ /* Only way that can happen is if total size of digest is zero
+ * So since QCE gets stuck on zero-sized texts, we return
+ * pre-calculated hash
+ */
+ if (digestsize == SHA1_DIGEST_SIZE) {
+ memcpy(rctx->digest,
+ "\xda\x39\xa3\xee\x5e\x6b\x4b\x0d\x32\x55\xbf\xef\x95\x60\x18\x90\xaf\xd8\x07\x09",
+ SHA1_DIGEST_SIZE);
+ } else if (digestsize == SHA256_DIGEST_SIZE) {
+ memcpy(rctx->digest,
+ "\xe3\xb0\xc4\x42\x98\xfc\x1c\x14\x9a\xfb\xf4\xc8\x99\x6f\xb9\x24\x27\xae\x41\xe4\x64\x9b\x93\x4c\xa4\x95\x99\x1b\x78\x52\xb8\x55",
+ SHA256_DIGEST_SIZE);
+ } else {
+ qce->async_req_done(tmpl->qce, -EINVAL);
+ return -EINVAL;
+ }
+ if (req->result)
+ memcpy(req->result, rctx->digest, digestsize);
+ qce->async_req_done(tmpl->qce, 0);
+ return 0;
+ }
+
rctx->src_nents = sg_nents_for_len(req->src, req->nbytes);
if (rctx->src_nents < 0) {
dev_err(qce->dev, "Invalid numbers of src SG.\n");
@@ -322,9 +346,6 @@ static int qce_ahash_final(struct ahash_request *req)
struct qce_alg_template *tmpl = to_ahash_tmpl(req->base.tfm);
struct qce_device *qce = tmpl->qce;
- if (!rctx->buflen)
- return 0;
-
/* If hash is already been finalized, don't do anything */
if (rctx->finalized)
return 0;
--
2.9.3
^ permalink raw reply related
* Re: [PATCH 4/4] crypto: qce: If total text size is zero, return pre-computed digest
From: Corentin LABBE @ 2016-08-30 16:02 UTC (permalink / raw)
To: Iaroslav Gridin, herbert
Cc: davem, linux-crypto, linux-kernel, andy.gross, david.brown,
linux-arm-msm, linux-soc
In-Reply-To: <20160830155353.19500-5-voker57@gmail.com>
On 30/08/2016 17:53, Iaroslav Gridin wrote:
> From: Voker57 <voker57@gmail.com>
>
> If total data amount to hash is zero, we cannot submit it to QCE,
> since it locks up on zero-sized updates. So, return pre-computed
> SHA256/SHA1 hash.
> Signed-off-by: Iaroslav Gridin <voker57@gmail.com>
> ---
> drivers/crypto/qce/sha.c | 27 ++++++++++++++++++++++++---
> 1 file changed, 24 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/crypto/qce/sha.c b/drivers/crypto/qce/sha.c
> index f199f28..c627b5d 100644
> --- a/drivers/crypto/qce/sha.c
> +++ b/drivers/crypto/qce/sha.c
> @@ -80,6 +80,7 @@ static int qce_ahash_async_req_handle(struct crypto_async_request *async_req)
> struct qce_sha_ctx *ctx = crypto_tfm_ctx(async_req->tfm);
> struct qce_alg_template *tmpl = to_ahash_tmpl(async_req->tfm);
> struct qce_device *qce = tmpl->qce;
> + unsigned int digestsize = crypto_ahash_digestsize(crypto_ahash_reqtfm(req));
> unsigned long flags = rctx->flags;
> int ret;
>
> @@ -91,6 +92,29 @@ static int qce_ahash_async_req_handle(struct crypto_async_request *async_req)
> rctx->authklen = AES_KEYSIZE_128;
> }
>
> + if (!req->nbytes) {
> + /* Only way that can happen is if total size of digest is zero
> + * So since QCE gets stuck on zero-sized texts, we return
> + * pre-calculated hash
> + */
> + if (digestsize == SHA1_DIGEST_SIZE) {
> + memcpy(rctx->digest,
> + "\xda\x39\xa3\xee\x5e\x6b\x4b\x0d\x32\x55\xbf\xef\x95\x60\x18\x90\xaf\xd8\x07\x09",
> + SHA1_DIGEST_SIZE);
> + } else if (digestsize == SHA256_DIGEST_SIZE) {
> + memcpy(rctx->digest,
> + "\xe3\xb0\xc4\x42\x98\xfc\x1c\x14\x9a\xfb\xf4\xc8\x99\x6f\xb9\x24\x27\xae\x41\xe4\x64\x9b\x93\x4c\xa4\x95\x99\x1b\x78\x52\xb8\x55",
> + SHA256_DIGEST_SIZE);
Hello
You could use sha1_zero_message_hash/sha256_zero_message_hash declared in crypto/sha.h
Regards
^ permalink raw reply
* [PATCH] crypto: qat - fix incorrect accelerator mask for C3X devices
From: Giovanni Cabiddu @ 2016-08-30 17:56 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, Maksim Lukoshkov, Giovanni Cabiddu
From: Maksim Lukoshkov <maksim.lukoshkov@intel.com>
Fix incorrect value of ADF_C3XXX_ACCELERATORS_MASK.
Signed-off-by: Maksim Lukoshkov <maksim.lukoshkov@intel.com>
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
---
drivers/crypto/qat/qat_c3xxx/adf_c3xxx_hw_data.h | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/drivers/crypto/qat/qat_c3xxx/adf_c3xxx_hw_data.h b/drivers/crypto/qat/qat_c3xxx/adf_c3xxx_hw_data.h
index 2f2681d..afc9a0a 100644
--- a/drivers/crypto/qat/qat_c3xxx/adf_c3xxx_hw_data.h
+++ b/drivers/crypto/qat/qat_c3xxx/adf_c3xxx_hw_data.h
@@ -55,7 +55,7 @@
#define ADF_C3XXX_MAX_ACCELERATORS 3
#define ADF_C3XXX_MAX_ACCELENGINES 6
#define ADF_C3XXX_ACCELERATORS_REG_OFFSET 16
-#define ADF_C3XXX_ACCELERATORS_MASK 0x3
+#define ADF_C3XXX_ACCELERATORS_MASK 0x7
#define ADF_C3XXX_ACCELENGINES_MASK 0x3F
#define ADF_C3XXX_ETR_MAX_BANKS 16
#define ADF_C3XXX_SMIAPF0_MASK_OFFSET (0x3A000 + 0x28)
--
1.7.4.1
^ permalink raw reply related
* Re: [PATCH] char: hw_random: bcm2835: handle of_iomap failures in bcm2835 driver
From: Eric Anholt @ 2016-08-30 18:26 UTC (permalink / raw)
To: Arvind Yadav, f.fainelli, rjui, sbranden,
bcm-kernel-feedback-list, lee, yendapally.reddy
Cc: linux-crypto, linux-rpi-kernel, linux-arm-kernel, linux-kernel,
mpm, herbert, Arvind Yadav
In-Reply-To: <1472490616-9597-1-git-send-email-arvind.yadav.cs@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 213 bytes --]
Arvind Yadav <arvind.yadav.cs@gmail.com> writes:
> Check return value of of_iomap and handle errors correctly.
>
> Signed-off-by: Arvind Yadav <arvind.yadav.cs@gmail.com>
Acked-by: Eric Anholt <eric@anholt.net>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 800 bytes --]
^ permalink raw reply
* [PATCH v4 2/2] crypto: engine: permit to enqueue ashash_request
From: Corentin Labbe @ 2016-08-31 12:02 UTC (permalink / raw)
To: herbert, davem, linux-crypto, baolin.wang; +Cc: linux-kernel, Corentin Labbe
In-Reply-To: <1472644978-9003-1-git-send-email-clabbe.montjoie@gmail.com>
The current crypto engine allow only ablkcipher_request to be enqueued.
Thus denying any use of it for hardware that also handle hash algo.
This patch modify the API for allowing to enqueue ciphers and hash.
Since omap-aes/omap-des are the only users, this patch also convert them
to the new cryptoengine API.
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
---
crypto/crypto_engine.c | 186 ++++++++++++++++++++++++++++++++++++----------
drivers/crypto/omap-aes.c | 8 +-
drivers/crypto/omap-des.c | 8 +-
include/crypto/engine.h | 49 ++++++++----
4 files changed, 189 insertions(+), 62 deletions(-)
diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index 795b6f9..bfb92ac 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -15,13 +15,11 @@
#include <linux/err.h>
#include <linux/delay.h>
#include <crypto/engine.h>
+#include <crypto/internal/hash.h>
#include "internal.h"
#define CRYPTO_ENGINE_MAX_QLEN 10
-void crypto_finalize_request(struct crypto_engine *engine,
- struct ablkcipher_request *req, int err);
-
/**
* crypto_pump_requests - dequeue one request from engine queue to process
* @engine: the hardware engine
@@ -35,10 +33,11 @@ static void crypto_pump_requests(struct crypto_engine *engine,
bool in_kthread)
{
struct crypto_async_request *async_req, *backlog;
- struct ablkcipher_request *req;
+ struct ahash_request *hreq;
+ struct ablkcipher_request *breq;
unsigned long flags;
bool was_busy = false;
- int ret;
+ int ret, rtype;
spin_lock_irqsave(&engine->queue_lock, flags);
@@ -83,9 +82,7 @@ static void crypto_pump_requests(struct crypto_engine *engine,
if (!async_req)
goto out;
- req = ablkcipher_request_cast(async_req);
-
- engine->cur_req = req;
+ engine->cur_req = async_req;
if (backlog)
backlog->complete(backlog, -EINPROGRESS);
@@ -96,6 +93,7 @@ static void crypto_pump_requests(struct crypto_engine *engine,
spin_unlock_irqrestore(&engine->queue_lock, flags);
+ rtype = crypto_tfm_alg_type(engine->cur_req->tfm);
/* Until here we get the request need to be encrypted successfully */
if (!was_busy && engine->prepare_crypt_hardware) {
ret = engine->prepare_crypt_hardware(engine);
@@ -105,24 +103,55 @@ static void crypto_pump_requests(struct crypto_engine *engine,
}
}
- if (engine->prepare_request) {
- ret = engine->prepare_request(engine, engine->cur_req);
+ switch (rtype) {
+ case CRYPTO_ALG_TYPE_AHASH:
+ hreq = ahash_request_cast(engine->cur_req);
+ if (engine->prepare_hash_request) {
+ ret = engine->prepare_hash_request(engine, hreq);
+ if (ret) {
+ pr_err("failed to prepare request: %d\n", ret);
+ goto req_err;
+ }
+ engine->cur_req_prepared = true;
+ }
+ ret = engine->hash_one_request(engine, hreq);
if (ret) {
- pr_err("failed to prepare request: %d\n", ret);
+ pr_err("failed to hash one request from queue\n");
goto req_err;
}
- engine->cur_req_prepared = true;
- }
-
- ret = engine->crypt_one_request(engine, engine->cur_req);
- if (ret) {
- pr_err("failed to crypt one request from queue\n");
- goto req_err;
+ return;
+ case CRYPTO_ALG_TYPE_ABLKCIPHER:
+ breq = ablkcipher_request_cast(engine->cur_req);
+ if (engine->prepare_cipher_request) {
+ ret = engine->prepare_cipher_request(engine, breq);
+ if (ret) {
+ pr_err("failed to prepare request: %d\n", ret);
+ goto req_err;
+ }
+ engine->cur_req_prepared = true;
+ }
+ ret = engine->cipher_one_request(engine, breq);
+ if (ret) {
+ pr_err("failed to cipher one request from queue\n");
+ goto req_err;
+ }
+ return;
+ default:
+ pr_err("failed to prepare request of unknown type\n");
+ return;
}
- return;
req_err:
- crypto_finalize_request(engine, engine->cur_req, ret);
+ switch (rtype) {
+ case CRYPTO_ALG_TYPE_AHASH:
+ hreq = ahash_request_cast(engine->cur_req);
+ crypto_finalize_hash_request(engine, hreq, ret);
+ break;
+ case CRYPTO_ALG_TYPE_ABLKCIPHER:
+ breq = ablkcipher_request_cast(engine->cur_req);
+ crypto_finalize_cipher_request(engine, breq, ret);
+ break;
+ }
return;
out:
@@ -138,12 +167,14 @@ static void crypto_pump_work(struct kthread_work *work)
}
/**
- * crypto_transfer_request - transfer the new request into the engine queue
+ * crypto_transfer_cipher_request - transfer the new request into the
+ * enginequeue
* @engine: the hardware engine
* @req: the request need to be listed into the engine queue
*/
-int crypto_transfer_request(struct crypto_engine *engine,
- struct ablkcipher_request *req, bool need_pump)
+int crypto_transfer_cipher_request(struct crypto_engine *engine,
+ struct ablkcipher_request *req,
+ bool need_pump)
{
unsigned long flags;
int ret;
@@ -163,46 +194,125 @@ int crypto_transfer_request(struct crypto_engine *engine,
spin_unlock_irqrestore(&engine->queue_lock, flags);
return ret;
}
-EXPORT_SYMBOL_GPL(crypto_transfer_request);
+EXPORT_SYMBOL_GPL(crypto_transfer_cipher_request);
+
+/**
+ * crypto_transfer_cipher_request_to_engine - transfer one request to list
+ * into the engine queue
+ * @engine: the hardware engine
+ * @req: the request need to be listed into the engine queue
+ */
+int crypto_transfer_cipher_request_to_engine(struct crypto_engine *engine,
+ struct ablkcipher_request *req)
+{
+ return crypto_transfer_cipher_request(engine, req, true);
+}
+EXPORT_SYMBOL_GPL(crypto_transfer_cipher_request_to_engine);
+
+/**
+ * crypto_transfer_hash_request - transfer the new request into the
+ * enginequeue
+ * @engine: the hardware engine
+ * @req: the request need to be listed into the engine queue
+ */
+int crypto_transfer_hash_request(struct crypto_engine *engine,
+ struct ahash_request *req, bool need_pump)
+{
+ unsigned long flags;
+ int ret;
+
+ spin_lock_irqsave(&engine->queue_lock, flags);
+
+ if (!engine->running) {
+ spin_unlock_irqrestore(&engine->queue_lock, flags);
+ return -ESHUTDOWN;
+ }
+
+ ret = ahash_enqueue_request(&engine->queue, req);
+
+ if (!engine->busy && need_pump)
+ queue_kthread_work(&engine->kworker, &engine->pump_requests);
+
+ spin_unlock_irqrestore(&engine->queue_lock, flags);
+ return ret;
+}
+EXPORT_SYMBOL_GPL(crypto_transfer_hash_request);
/**
- * crypto_transfer_request_to_engine - transfer one request to list into the
- * engine queue
+ * crypto_transfer_hash_request_to_engine - transfer one request to list
+ * into the engine queue
* @engine: the hardware engine
* @req: the request need to be listed into the engine queue
*/
-int crypto_transfer_request_to_engine(struct crypto_engine *engine,
- struct ablkcipher_request *req)
+int crypto_transfer_hash_request_to_engine(struct crypto_engine *engine,
+ struct ahash_request *req)
{
- return crypto_transfer_request(engine, req, true);
+ return crypto_transfer_hash_request(engine, req, true);
}
-EXPORT_SYMBOL_GPL(crypto_transfer_request_to_engine);
+EXPORT_SYMBOL_GPL(crypto_transfer_hash_request_to_engine);
/**
- * crypto_finalize_request - finalize one request if the request is done
+ * crypto_finalize_cipher_request - finalize one request if the request is done
* @engine: the hardware engine
* @req: the request need to be finalized
* @err: error number
*/
-void crypto_finalize_request(struct crypto_engine *engine,
- struct ablkcipher_request *req, int err)
+void crypto_finalize_cipher_request(struct crypto_engine *engine,
+ struct ablkcipher_request *req, int err)
{
unsigned long flags;
bool finalize_cur_req = false;
int ret;
spin_lock_irqsave(&engine->queue_lock, flags);
- if (engine->cur_req == req)
+ if (engine->cur_req == &req->base)
finalize_cur_req = true;
spin_unlock_irqrestore(&engine->queue_lock, flags);
if (finalize_cur_req) {
- if (engine->cur_req_prepared && engine->unprepare_request) {
- ret = engine->unprepare_request(engine, req);
+ if (engine->cur_req_prepared &&
+ engine->unprepare_cipher_request) {
+ ret = engine->unprepare_cipher_request(engine, req);
if (ret)
pr_err("failed to unprepare request\n");
}
+ spin_lock_irqsave(&engine->queue_lock, flags);
+ engine->cur_req = NULL;
+ engine->cur_req_prepared = false;
+ spin_unlock_irqrestore(&engine->queue_lock, flags);
+ }
+
+ req->base.complete(&req->base, err);
+ queue_kthread_work(&engine->kworker, &engine->pump_requests);
+}
+EXPORT_SYMBOL_GPL(crypto_finalize_cipher_request);
+
+/**
+ * crypto_finalize_hash_request - finalize one request if the request is done
+ * @engine: the hardware engine
+ * @req: the request need to be finalized
+ * @err: error number
+ */
+void crypto_finalize_hash_request(struct crypto_engine *engine,
+ struct ahash_request *req, int err)
+{
+ unsigned long flags;
+ bool finalize_cur_req = false;
+ int ret;
+
+ spin_lock_irqsave(&engine->queue_lock, flags);
+ if (engine->cur_req == &req->base)
+ finalize_cur_req = true;
+ spin_unlock_irqrestore(&engine->queue_lock, flags);
+
+ if (finalize_cur_req) {
+ if (engine->cur_req_prepared &&
+ engine->unprepare_hash_request) {
+ ret = engine->unprepare_hash_request(engine, req);
+ if (ret)
+ pr_err("failed to unprepare request\n");
+ }
spin_lock_irqsave(&engine->queue_lock, flags);
engine->cur_req = NULL;
engine->cur_req_prepared = false;
@@ -213,7 +323,7 @@ void crypto_finalize_request(struct crypto_engine *engine,
queue_kthread_work(&engine->kworker, &engine->pump_requests);
}
-EXPORT_SYMBOL_GPL(crypto_finalize_request);
+EXPORT_SYMBOL_GPL(crypto_finalize_hash_request);
/**
* crypto_engine_start - start the hardware engine
@@ -250,7 +360,7 @@ EXPORT_SYMBOL_GPL(crypto_engine_start);
int crypto_engine_stop(struct crypto_engine *engine)
{
unsigned long flags;
- unsigned limit = 500;
+ unsigned int limit = 500;
int ret = 0;
spin_lock_irqsave(&engine->queue_lock, flags);
diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c
index 993e08e..3483ab6 100644
--- a/drivers/crypto/omap-aes.c
+++ b/drivers/crypto/omap-aes.c
@@ -520,7 +520,7 @@ static void omap_aes_finish_req(struct omap_aes_dev *dd, int err)
pr_debug("err: %d\n", err);
- crypto_finalize_request(dd->engine, req, err);
+ crypto_finalize_cipher_request(dd->engine, req, err);
}
static int omap_aes_crypt_dma_stop(struct omap_aes_dev *dd)
@@ -593,7 +593,7 @@ static int omap_aes_handle_queue(struct omap_aes_dev *dd,
struct ablkcipher_request *req)
{
if (req)
- return crypto_transfer_request_to_engine(dd->engine, req);
+ return crypto_transfer_cipher_request_to_engine(dd->engine, req);
return 0;
}
@@ -1209,8 +1209,8 @@ static int omap_aes_probe(struct platform_device *pdev)
if (!dd->engine)
goto err_algs;
- dd->engine->prepare_request = omap_aes_prepare_req;
- dd->engine->crypt_one_request = omap_aes_crypt_req;
+ dd->engine->prepare_cipher_request = omap_aes_prepare_req;
+ dd->engine->cipher_one_request = omap_aes_crypt_req;
err = crypto_engine_start(dd->engine);
if (err)
goto err_engine;
diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c
index dc36e1c..c0a28b1 100644
--- a/drivers/crypto/omap-des.c
+++ b/drivers/crypto/omap-des.c
@@ -507,7 +507,7 @@ static void omap_des_finish_req(struct omap_des_dev *dd, int err)
pr_debug("err: %d\n", err);
pm_runtime_put(dd->dev);
- crypto_finalize_request(dd->engine, req, err);
+ crypto_finalize_cipher_request(dd->engine, req, err);
}
static int omap_des_crypt_dma_stop(struct omap_des_dev *dd)
@@ -575,7 +575,7 @@ static int omap_des_handle_queue(struct omap_des_dev *dd,
struct ablkcipher_request *req)
{
if (req)
- return crypto_transfer_request_to_engine(dd->engine, req);
+ return crypto_transfer_cipher_request_to_engine(dd->engine, req);
return 0;
}
@@ -1099,8 +1099,8 @@ static int omap_des_probe(struct platform_device *pdev)
if (!dd->engine)
goto err_algs;
- dd->engine->prepare_request = omap_des_prepare_req;
- dd->engine->crypt_one_request = omap_des_crypt_req;
+ dd->engine->prepare_cipher_request = omap_des_prepare_req;
+ dd->engine->cipher_one_request = omap_des_crypt_req;
err = crypto_engine_start(dd->engine);
if (err)
goto err_engine;
diff --git a/include/crypto/engine.h b/include/crypto/engine.h
index 40899bd..04eb5c7 100644
--- a/include/crypto/engine.h
+++ b/include/crypto/engine.h
@@ -17,6 +17,7 @@
#include <linux/kernel.h>
#include <linux/kthread.h>
#include <crypto/algapi.h>
+#include <crypto/hash.h>
#define ENGINE_NAME_LEN 30
/*
@@ -36,9 +37,12 @@
* @unprepare_crypt_hardware: there are currently no more requests on the
* queue so the subsystem notifies the driver that it may relax the
* hardware by issuing this call
- * @prepare_request: do some prepare if need before handle the current request
- * @unprepare_request: undo any work done by prepare_message()
- * @crypt_one_request: do encryption for current request
+ * @prepare_cipher_request: do some prepare if need before handle the current request
+ * @unprepare_cipher_request: undo any work done by prepare_cipher_request()
+ * @cipher_one_request: do encryption for current request
+ * @prepare_hash_request: do some prepare if need before handle the current request
+ * @unprepare_hash_request: undo any work done by prepare_hash_request()
+ * @hash_one_request: do hash for current request
* @kworker: thread struct for request pump
* @kworker_task: pointer to task for request pump kworker thread
* @pump_requests: work struct for scheduling work to the request pump
@@ -61,27 +65,40 @@ struct crypto_engine {
int (*prepare_crypt_hardware)(struct crypto_engine *engine);
int (*unprepare_crypt_hardware)(struct crypto_engine *engine);
- int (*prepare_request)(struct crypto_engine *engine,
- struct ablkcipher_request *req);
- int (*unprepare_request)(struct crypto_engine *engine,
- struct ablkcipher_request *req);
- int (*crypt_one_request)(struct crypto_engine *engine,
- struct ablkcipher_request *req);
+ int (*prepare_cipher_request)(struct crypto_engine *engine,
+ struct ablkcipher_request *req);
+ int (*unprepare_cipher_request)(struct crypto_engine *engine,
+ struct ablkcipher_request *req);
+ int (*prepare_hash_request)(struct crypto_engine *engine,
+ struct ahash_request *req);
+ int (*unprepare_hash_request)(struct crypto_engine *engine,
+ struct ahash_request *req);
+ int (*cipher_one_request)(struct crypto_engine *engine,
+ struct ablkcipher_request *req);
+ int (*hash_one_request)(struct crypto_engine *engine,
+ struct ahash_request *req);
struct kthread_worker kworker;
struct task_struct *kworker_task;
struct kthread_work pump_requests;
void *priv_data;
- struct ablkcipher_request *cur_req;
+ struct crypto_async_request *cur_req;
};
-int crypto_transfer_request(struct crypto_engine *engine,
- struct ablkcipher_request *req, bool need_pump);
-int crypto_transfer_request_to_engine(struct crypto_engine *engine,
- struct ablkcipher_request *req);
-void crypto_finalize_request(struct crypto_engine *engine,
- struct ablkcipher_request *req, int err);
+int crypto_transfer_cipher_request(struct crypto_engine *engine,
+ struct ablkcipher_request *req,
+ bool need_pump);
+int crypto_transfer_cipher_request_to_engine(struct crypto_engine *engine,
+ struct ablkcipher_request *req);
+int crypto_transfer_hash_request(struct crypto_engine *engine,
+ struct ahash_request *req, bool need_pump);
+int crypto_transfer_hash_request_to_engine(struct crypto_engine *engine,
+ struct ahash_request *req);
+void crypto_finalize_cipher_request(struct crypto_engine *engine,
+ struct ablkcipher_request *req, int err);
+void crypto_finalize_hash_request(struct crypto_engine *engine,
+ struct ahash_request *req, int err);
int crypto_engine_start(struct crypto_engine *engine);
int crypto_engine_stop(struct crypto_engine *engine);
struct crypto_engine *crypto_engine_alloc_init(struct device *dev, bool rt);
--
2.7.3
^ permalink raw reply related
* [PATCH v4 0/2] crypto: engine: permit to enqueue ashash_request
From: Corentin Labbe @ 2016-08-31 12:02 UTC (permalink / raw)
To: herbert, davem, linux-crypto, baolin.wang; +Cc: linux-kernel, Corentin Labbe
Hello
I wanted to use the crypto engine for my Allwinner crypto driver but something
prevented me to use it: it cannot enqueue hash requests.
This patch convert crypto engine to permit enqueuing of ahash_requests.
It also convert the only driver using crypto engine.
The modifications against omap was only compile tested but the crypto engine with
hash support was tested on two different offtree driver (sun4i-ss and sun8i-ce)
Regards
Changes since v1:
- rebased on cryptodev for handling omap-des
Changes since v2:
- Fusionned both patch
- Renamed crypt_one_request to do_one_request
- Test the type of request before processing it
Changes sunce v3
- Add functions for each type (ablkcipher/ahash)
LABBE Corentin (2):
crypto: move crypto engine to its own header
crypto: engine: permit to enqueue ashash_request
crypto/crypto_engine.c | 187 ++++++++++++++++++++++++++++++++++++----------
drivers/crypto/omap-aes.c | 9 ++-
drivers/crypto/omap-des.c | 9 ++-
include/crypto/algapi.h | 70 -----------------
include/crypto/engine.h | 107 ++++++++++++++++++++++++++
5 files changed, 266 insertions(+), 116 deletions(-)
create mode 100644 include/crypto/engine.h
--
2.7.3
^ permalink raw reply
* [PATCH v4 1/2] crypto: move crypto engine to its own header
From: Corentin Labbe @ 2016-08-31 12:02 UTC (permalink / raw)
To: herbert, davem, linux-crypto, baolin.wang; +Cc: linux-kernel, Corentin Labbe
In-Reply-To: <1472644978-9003-1-git-send-email-clabbe.montjoie@gmail.com>
This patch move the whole crypto engine API to its own header
crypto/engine.h.
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
---
crypto/crypto_engine.c | 1 +
drivers/crypto/omap-aes.c | 1 +
drivers/crypto/omap-des.c | 1 +
include/crypto/algapi.h | 70 ------------------------------------
include/crypto/engine.h | 90 +++++++++++++++++++++++++++++++++++++++++++++++
5 files changed, 93 insertions(+), 70 deletions(-)
create mode 100644 include/crypto/engine.h
diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c
index a55c82d..795b6f9 100644
--- a/crypto/crypto_engine.c
+++ b/crypto/crypto_engine.c
@@ -14,6 +14,7 @@
#include <linux/err.h>
#include <linux/delay.h>
+#include <crypto/engine.h>
#include "internal.h"
#define CRYPTO_ENGINE_MAX_QLEN 10
diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c
index 4ab53a6..993e08e 100644
--- a/drivers/crypto/omap-aes.c
+++ b/drivers/crypto/omap-aes.c
@@ -36,6 +36,7 @@
#include <crypto/scatterwalk.h>
#include <crypto/aes.h>
#include <crypto/algapi.h>
+#include <crypto/engine.h>
#define DST_MAXBURST 4
#define DMA_MIN (DST_MAXBURST * sizeof(u32))
diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c
index 5691434..dc36e1c 100644
--- a/drivers/crypto/omap-des.c
+++ b/drivers/crypto/omap-des.c
@@ -39,6 +39,7 @@
#include <crypto/scatterwalk.h>
#include <crypto/des.h>
#include <crypto/algapi.h>
+#include <crypto/engine.h>
#define DST_MAXBURST 2
diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h
index 8637cdf..404e955 100644
--- a/include/crypto/algapi.h
+++ b/include/crypto/algapi.h
@@ -15,7 +15,6 @@
#include <linux/crypto.h>
#include <linux/list.h>
#include <linux/kernel.h>
-#include <linux/kthread.h>
#include <linux/skbuff.h>
struct crypto_aead;
@@ -129,75 +128,6 @@ struct ablkcipher_walk {
unsigned int blocksize;
};
-#define ENGINE_NAME_LEN 30
-/*
- * struct crypto_engine - crypto hardware engine
- * @name: the engine name
- * @idling: the engine is entering idle state
- * @busy: request pump is busy
- * @running: the engine is on working
- * @cur_req_prepared: current request is prepared
- * @list: link with the global crypto engine list
- * @queue_lock: spinlock to syncronise access to request queue
- * @queue: the crypto queue of the engine
- * @rt: whether this queue is set to run as a realtime task
- * @prepare_crypt_hardware: a request will soon arrive from the queue
- * so the subsystem requests the driver to prepare the hardware
- * by issuing this call
- * @unprepare_crypt_hardware: there are currently no more requests on the
- * queue so the subsystem notifies the driver that it may relax the
- * hardware by issuing this call
- * @prepare_request: do some prepare if need before handle the current request
- * @unprepare_request: undo any work done by prepare_message()
- * @crypt_one_request: do encryption for current request
- * @kworker: thread struct for request pump
- * @kworker_task: pointer to task for request pump kworker thread
- * @pump_requests: work struct for scheduling work to the request pump
- * @priv_data: the engine private data
- * @cur_req: the current request which is on processing
- */
-struct crypto_engine {
- char name[ENGINE_NAME_LEN];
- bool idling;
- bool busy;
- bool running;
- bool cur_req_prepared;
-
- struct list_head list;
- spinlock_t queue_lock;
- struct crypto_queue queue;
-
- bool rt;
-
- int (*prepare_crypt_hardware)(struct crypto_engine *engine);
- int (*unprepare_crypt_hardware)(struct crypto_engine *engine);
-
- int (*prepare_request)(struct crypto_engine *engine,
- struct ablkcipher_request *req);
- int (*unprepare_request)(struct crypto_engine *engine,
- struct ablkcipher_request *req);
- int (*crypt_one_request)(struct crypto_engine *engine,
- struct ablkcipher_request *req);
-
- struct kthread_worker kworker;
- struct task_struct *kworker_task;
- struct kthread_work pump_requests;
-
- void *priv_data;
- struct ablkcipher_request *cur_req;
-};
-
-int crypto_transfer_request(struct crypto_engine *engine,
- struct ablkcipher_request *req, bool need_pump);
-int crypto_transfer_request_to_engine(struct crypto_engine *engine,
- struct ablkcipher_request *req);
-void crypto_finalize_request(struct crypto_engine *engine,
- struct ablkcipher_request *req, int err);
-int crypto_engine_start(struct crypto_engine *engine);
-int crypto_engine_stop(struct crypto_engine *engine);
-struct crypto_engine *crypto_engine_alloc_init(struct device *dev, bool rt);
-int crypto_engine_exit(struct crypto_engine *engine);
-
extern const struct crypto_type crypto_ablkcipher_type;
extern const struct crypto_type crypto_blkcipher_type;
diff --git a/include/crypto/engine.h b/include/crypto/engine.h
new file mode 100644
index 0000000..40899bd
--- /dev/null
+++ b/include/crypto/engine.h
@@ -0,0 +1,90 @@
+/*
+ * Crypto engine API
+ *
+ * Copyright (c) 2016 Baolin Wang <baolin.wang@linaro.org>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ */
+#ifndef _CRYPTO_ENGINE_H
+#define _CRYPTO_ENGINE_H
+
+#include <linux/crypto.h>
+#include <linux/list.h>
+#include <linux/kernel.h>
+#include <linux/kthread.h>
+#include <crypto/algapi.h>
+
+#define ENGINE_NAME_LEN 30
+/*
+ * struct crypto_engine - crypto hardware engine
+ * @name: the engine name
+ * @idling: the engine is entering idle state
+ * @busy: request pump is busy
+ * @running: the engine is on working
+ * @cur_req_prepared: current request is prepared
+ * @list: link with the global crypto engine list
+ * @queue_lock: spinlock to syncronise access to request queue
+ * @queue: the crypto queue of the engine
+ * @rt: whether this queue is set to run as a realtime task
+ * @prepare_crypt_hardware: a request will soon arrive from the queue
+ * so the subsystem requests the driver to prepare the hardware
+ * by issuing this call
+ * @unprepare_crypt_hardware: there are currently no more requests on the
+ * queue so the subsystem notifies the driver that it may relax the
+ * hardware by issuing this call
+ * @prepare_request: do some prepare if need before handle the current request
+ * @unprepare_request: undo any work done by prepare_message()
+ * @crypt_one_request: do encryption for current request
+ * @kworker: thread struct for request pump
+ * @kworker_task: pointer to task for request pump kworker thread
+ * @pump_requests: work struct for scheduling work to the request pump
+ * @priv_data: the engine private data
+ * @cur_req: the current request which is on processing
+ */
+struct crypto_engine {
+ char name[ENGINE_NAME_LEN];
+ bool idling;
+ bool busy;
+ bool running;
+ bool cur_req_prepared;
+
+ struct list_head list;
+ spinlock_t queue_lock;
+ struct crypto_queue queue;
+
+ bool rt;
+
+ int (*prepare_crypt_hardware)(struct crypto_engine *engine);
+ int (*unprepare_crypt_hardware)(struct crypto_engine *engine);
+
+ int (*prepare_request)(struct crypto_engine *engine,
+ struct ablkcipher_request *req);
+ int (*unprepare_request)(struct crypto_engine *engine,
+ struct ablkcipher_request *req);
+ int (*crypt_one_request)(struct crypto_engine *engine,
+ struct ablkcipher_request *req);
+
+ struct kthread_worker kworker;
+ struct task_struct *kworker_task;
+ struct kthread_work pump_requests;
+
+ void *priv_data;
+ struct ablkcipher_request *cur_req;
+};
+
+int crypto_transfer_request(struct crypto_engine *engine,
+ struct ablkcipher_request *req, bool need_pump);
+int crypto_transfer_request_to_engine(struct crypto_engine *engine,
+ struct ablkcipher_request *req);
+void crypto_finalize_request(struct crypto_engine *engine,
+ struct ablkcipher_request *req, int err);
+int crypto_engine_start(struct crypto_engine *engine);
+int crypto_engine_stop(struct crypto_engine *engine);
+struct crypto_engine *crypto_engine_alloc_init(struct device *dev, bool rt);
+int crypto_engine_exit(struct crypto_engine *engine);
+
+#endif /* _CRYPTO_ENGINE_H */
--
2.7.3
^ permalink raw reply related
* Re: hwrng: pasemi_rng.c: Migrate to managed API
From: Darren Stevens @ 2016-08-31 14:02 UTC (permalink / raw)
To: PrasannaKumar Muralidharan
Cc: Herbert Xu, linux-kernel, LABBE Corentin, linux-crypto, mpm, olof,
linuxppc-dev
In-Reply-To: <CANc+2y64+ECEh0GwQU4qQrEtsFjjbmaRJYt1t=J1Q3nT6TG6sA@mail.gmail.com>
Hello PrasannaKumar
On 30/08/2016, PrasannaKumar Muralidharan wrote:
> Hi Darren,
>> On mine (Amigaone X1000) that is correct, we boot linux with a vmlinux
>> file, and the bootloader (CFE) passes a fixed dtb. I think it is
>> possible to dump the tree from inside CFE, if it would help I can
>> invetigate?
>
> I don't know if it is possible to get dts from dtb even if you manage
> to extract devicetree blob from your system.
I didn't explain well, There is a CFE command 'show devtree' here's the
relevant bits (I Hope)
[CFE ]CFE> show devtree
[/]
| #interrupt-cells val 0x00000002
| #address-cells val 0x00000002
| #size-cells val 0x00000002
...[snip]...
[sdc@fc000000]
| name str 'sdc'
| device_type str 'sdc'
| #address-cells val 0x00000001
| #size-cells val 0x00000001
| compatible str '1682m-sdc' 'pasemi,pwrficient-sdc'
'pasemi,sdc'
| reg cell 00000000 FC000000 00000000 00800000
...[snip]...
[rng@fc105000]
| name str 'rng'
| device_type str 'rng'
| compatible str '1682m-rng' 'pasemi,pwrficient-rng'
'pasemi,rng'
| reg cell FC105000 00001000
Regards
^ permalink raw reply
* Crypto Fixes for 4.8
From: Herbert Xu @ 2016-08-31 14:19 UTC (permalink / raw)
To: Linus Torvalds, David S. Miller, Linux Kernel Mailing List,
Linux Crypto Mailing List
In-Reply-To: <20160823095130.GA26653@gondor.apana.org.au>
Hi Linus:
This push fixes the following issues:
- Kconfig problem that prevented mxc-rnga from being enabled.
- Bogus key sizes in qat aes-xts.
- Buggy aes-xts code in vmx.
Please pull from
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus
Fabian Frederick (1):
hwrng: mxc-rnga - Fix Kconfig dependency
Giovanni Cabiddu (1):
crypto: qat - fix aes-xts key sizes
Li Zhong (1):
crypto: vmx - fix null dereference in p8_aes_xts_crypt
drivers/char/hw_random/Kconfig | 2 +-
drivers/crypto/qat/qat_common/qat_algs.c | 4 ++--
drivers/crypto/vmx/aes_xts.c | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* [PATCH] crypto: caam - fix rfc3686(ctr(aes)) IV load
From: Catalin Vasile @ 2016-08-31 12:57 UTC (permalink / raw)
To: linux-crypto; +Cc: herbert, davem, horia.geanta, Catalin Vasile
-nonce is being loaded using append_load_imm_u32() instead of
append_load_as_imm() (nonce is a byte array / stream, not a 4-byte
variable)
-counter is not being added in big endian format, as mandatated by
RFC3686 and expected by the crypto engine
Signed-off-by: Catalin Vasile <cata.vasile@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
---
drivers/crypto/caam/caamalg.c | 82 +++++++++++++++++++--------------------
drivers/crypto/caam/desc_constr.h | 17 ++++++++
2 files changed, 57 insertions(+), 42 deletions(-)
diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 6dc5971..f1116e7 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -227,8 +227,9 @@ static void append_key_aead(u32 *desc, struct caam_ctx *ctx,
if (is_rfc3686) {
nonce = (u32 *)((void *)ctx->key + ctx->split_key_pad_len +
enckeylen);
- append_load_imm_u32(desc, *nonce, LDST_CLASS_IND_CCB |
- LDST_SRCDST_BYTE_OUTFIFO | LDST_IMM);
+ append_load_as_imm(desc, nonce, CTR_RFC3686_NONCE_SIZE,
+ LDST_CLASS_IND_CCB |
+ LDST_SRCDST_BYTE_OUTFIFO | LDST_IMM);
append_move(desc,
MOVE_SRC_OUTFIFO |
MOVE_DEST_CLASS1CTX |
@@ -500,11 +501,10 @@ static int aead_set_sh_desc(struct crypto_aead *aead)
/* Load Counter into CONTEXT1 reg */
if (is_rfc3686)
- append_load_imm_u32(desc, be32_to_cpu(1), LDST_IMM |
- LDST_CLASS_1_CCB |
- LDST_SRCDST_BYTE_CONTEXT |
- ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
- LDST_OFFSET_SHIFT));
+ append_load_imm_be32(desc, 1, LDST_IMM | LDST_CLASS_1_CCB |
+ LDST_SRCDST_BYTE_CONTEXT |
+ ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
+ LDST_OFFSET_SHIFT));
/* Class 1 operation */
append_operation(desc, ctx->class1_alg_type |
@@ -567,11 +567,10 @@ skip_enc:
/* Load Counter into CONTEXT1 reg */
if (is_rfc3686)
- append_load_imm_u32(desc, be32_to_cpu(1), LDST_IMM |
- LDST_CLASS_1_CCB |
- LDST_SRCDST_BYTE_CONTEXT |
- ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
- LDST_OFFSET_SHIFT));
+ append_load_imm_be32(desc, 1, LDST_IMM | LDST_CLASS_1_CCB |
+ LDST_SRCDST_BYTE_CONTEXT |
+ ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
+ LDST_OFFSET_SHIFT));
/* Choose operation */
if (ctr_mode)
@@ -672,11 +671,10 @@ copy_iv:
/* Load Counter into CONTEXT1 reg */
if (is_rfc3686)
- append_load_imm_u32(desc, be32_to_cpu(1), LDST_IMM |
- LDST_CLASS_1_CCB |
- LDST_SRCDST_BYTE_CONTEXT |
- ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
- LDST_OFFSET_SHIFT));
+ append_load_imm_be32(desc, 1, LDST_IMM | LDST_CLASS_1_CCB |
+ LDST_SRCDST_BYTE_CONTEXT |
+ ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
+ LDST_OFFSET_SHIFT));
/* Class 1 operation */
append_operation(desc, ctx->class1_alg_type |
@@ -1467,7 +1465,7 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
int ret = 0;
u32 *key_jump_cmd;
u32 *desc;
- u32 *nonce;
+ u8 *nonce;
u32 geniv;
u32 ctx1_iv_off = 0;
const bool ctr_mode = ((ctx->class1_alg_type & OP_ALG_AAI_MASK) ==
@@ -1520,9 +1518,10 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
/* Load nonce into CONTEXT1 reg */
if (is_rfc3686) {
- nonce = (u32 *)(key + keylen);
- append_load_imm_u32(desc, *nonce, LDST_CLASS_IND_CCB |
- LDST_SRCDST_BYTE_OUTFIFO | LDST_IMM);
+ nonce = (u8 *)key + keylen;
+ append_load_as_imm(desc, nonce, CTR_RFC3686_NONCE_SIZE,
+ LDST_CLASS_IND_CCB |
+ LDST_SRCDST_BYTE_OUTFIFO | LDST_IMM);
append_move(desc, MOVE_WAITCOMP |
MOVE_SRC_OUTFIFO |
MOVE_DEST_CLASS1CTX |
@@ -1538,11 +1537,10 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
/* Load counter into CONTEXT1 reg */
if (is_rfc3686)
- append_load_imm_u32(desc, be32_to_cpu(1), LDST_IMM |
- LDST_CLASS_1_CCB |
- LDST_SRCDST_BYTE_CONTEXT |
- ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
- LDST_OFFSET_SHIFT));
+ append_load_imm_be32(desc, 1, LDST_IMM | LDST_CLASS_1_CCB |
+ LDST_SRCDST_BYTE_CONTEXT |
+ ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
+ LDST_OFFSET_SHIFT));
/* Load operation */
append_operation(desc, ctx->class1_alg_type |
@@ -1579,9 +1577,10 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
/* Load nonce into CONTEXT1 reg */
if (is_rfc3686) {
- nonce = (u32 *)(key + keylen);
- append_load_imm_u32(desc, *nonce, LDST_CLASS_IND_CCB |
- LDST_SRCDST_BYTE_OUTFIFO | LDST_IMM);
+ nonce = (u8 *)key + keylen;
+ append_load_as_imm(desc, nonce, CTR_RFC3686_NONCE_SIZE,
+ LDST_CLASS_IND_CCB |
+ LDST_SRCDST_BYTE_OUTFIFO | LDST_IMM);
append_move(desc, MOVE_WAITCOMP |
MOVE_SRC_OUTFIFO |
MOVE_DEST_CLASS1CTX |
@@ -1597,11 +1596,10 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
/* Load counter into CONTEXT1 reg */
if (is_rfc3686)
- append_load_imm_u32(desc, be32_to_cpu(1), LDST_IMM |
- LDST_CLASS_1_CCB |
- LDST_SRCDST_BYTE_CONTEXT |
- ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
- LDST_OFFSET_SHIFT));
+ append_load_imm_be32(desc, 1, LDST_IMM | LDST_CLASS_1_CCB |
+ LDST_SRCDST_BYTE_CONTEXT |
+ ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
+ LDST_OFFSET_SHIFT));
/* Choose operation */
if (ctr_mode)
@@ -1642,9 +1640,10 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
/* Load Nonce into CONTEXT1 reg */
if (is_rfc3686) {
- nonce = (u32 *)(key + keylen);
- append_load_imm_u32(desc, *nonce, LDST_CLASS_IND_CCB |
- LDST_SRCDST_BYTE_OUTFIFO | LDST_IMM);
+ nonce = (u8 *)key + keylen;
+ append_load_as_imm(desc, nonce, CTR_RFC3686_NONCE_SIZE,
+ LDST_CLASS_IND_CCB |
+ LDST_SRCDST_BYTE_OUTFIFO | LDST_IMM);
append_move(desc, MOVE_WAITCOMP |
MOVE_SRC_OUTFIFO |
MOVE_DEST_CLASS1CTX |
@@ -1674,11 +1673,10 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
/* Load Counter into CONTEXT1 reg */
if (is_rfc3686)
- append_load_imm_u32(desc, (u32)1, LDST_IMM |
- LDST_CLASS_1_CCB |
- LDST_SRCDST_BYTE_CONTEXT |
- ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
- LDST_OFFSET_SHIFT));
+ append_load_imm_be32(desc, 1, LDST_IMM | LDST_CLASS_1_CCB |
+ LDST_SRCDST_BYTE_CONTEXT |
+ ((ctx1_iv_off + CTR_RFC3686_IV_SIZE) <<
+ LDST_OFFSET_SHIFT));
if (ctx1_iv_off)
append_jump(desc, JUMP_JSL | JUMP_TEST_ALL | JUMP_COND_NCP |
diff --git a/drivers/crypto/caam/desc_constr.h b/drivers/crypto/caam/desc_constr.h
index d3869b9..a8cd8a7 100644
--- a/drivers/crypto/caam/desc_constr.h
+++ b/drivers/crypto/caam/desc_constr.h
@@ -325,6 +325,23 @@ static inline void append_##cmd##_imm_##type(u32 *desc, type immediate, \
APPEND_CMD_RAW_IMM(load, LOAD, u32);
/*
+ * ee - endianness
+ * size - size of immediate type in bytes
+ */
+#define APPEND_CMD_RAW_IMM2(cmd, op, ee, size) \
+static inline void append_##cmd##_imm_##ee##size(u32 *desc, \
+ u##size immediate, \
+ u32 options) \
+{ \
+ __##ee##size data = cpu_to_##ee##size(immediate); \
+ PRINT_POS; \
+ append_cmd(desc, CMD_##op | IMMEDIATE | options | sizeof(data)); \
+ append_data(desc, &data, sizeof(data)); \
+}
+
+APPEND_CMD_RAW_IMM2(load, LOAD, be, 32);
+
+/*
* Append math command. Only the last part of destination and source need to
* be specified
*/
--
1.8.3.1
^ permalink raw reply related
* Re: [PATCH v2] crypto: hide unused label
From: Herbert Xu @ 2016-08-31 14:37 UTC (permalink / raw)
To: Arnd Bergmann
Cc: David S. Miller, Martin Schwidefsky, linux-crypto, linux-kernel
In-Reply-To: <20160829124050.3405624-1-arnd@arndb.de>
On Mon, Aug 29, 2016 at 02:40:43PM +0200, Arnd Bergmann wrote:
> A recent change left an existing label unused in some configurations,
> as seen from a gcc warning:
>
> crypto/xor.c: In function 'calibrate_xor_blocks':
> crypto/xor.c:156:1: error: label 'out' defined but not used [-Werror=unused-label]
>
> This adds an #ifdef around it to match the one around the respective "goto".
>
> Signed-off-by: Arnd Bergmann <arnd@arndb.de>
> Fixes: 39457acda913 ("crypto: xor - skip speed test if the xor function is selected automatically")
Thanks for the patch. But I've already queued up a fix at
https://patchwork.kernel.org/patch/9301603/
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH 1/2] crypto: arm/ghash-ce - add missing async import/export
From: Herbert Xu @ 2016-08-31 14:41 UTC (permalink / raw)
To: Ard Biesheuvel; +Cc: linux-crypto
In-Reply-To: <1472469594-27315-1-git-send-email-ard.biesheuvel@linaro.org>
On Mon, Aug 29, 2016 at 12:19:53PM +0100, Ard Biesheuvel wrote:
> Since commit 8996eafdcbad ("crypto: ahash - ensure statesize is non-zero"),
> all ahash drivers are required to implement import()/export(), and must have
> a non-zero statesize. Fix this for the ARM Crypto Extensions GHASH
> implementation.
>
> Fixes: 8996eafdcbad ("crypto: ahash - ensure statesize is non-zero")
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> arch/arm/crypto/ghash-ce-glue.c | 26 ++++++++++++++++++++++++++
> 1 file changed, 26 insertions(+)
>
> diff --git a/arch/arm/crypto/ghash-ce-glue.c b/arch/arm/crypto/ghash-ce-glue.c
> index 1568cb5cd870..212aaa715fdb 100644
> --- a/arch/arm/crypto/ghash-ce-glue.c
> +++ b/arch/arm/crypto/ghash-ce-glue.c
> @@ -220,6 +220,29 @@ static int ghash_async_digest(struct ahash_request *req)
> }
> }
>
> +static int ghash_async_import(struct ahash_request *req, const void *in)
> +{
> + struct ahash_request *cryptd_req = ahash_request_ctx(req);
> + struct shash_desc *desc = cryptd_shash_desc(cryptd_req);
> + struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
> +
> + ghash_async_init(req);
Is this really needed?
> + *dctx = *(const struct ghash_desc_ctx *)in;
I'd prefer to call the underlying shash import/export functions
like we do in cryptd.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH v2] crypto: hide unused label
From: Arnd Bergmann @ 2016-08-31 14:43 UTC (permalink / raw)
To: Herbert Xu
Cc: David S. Miller, Martin Schwidefsky, linux-crypto, linux-kernel
In-Reply-To: <20160831143752.GA26616@gondor.apana.org.au>
On Wednesday, August 31, 2016 10:37:52 PM CEST Herbert Xu wrote:
> On Mon, Aug 29, 2016 at 02:40:43PM +0200, Arnd Bergmann wrote:
> > A recent change left an existing label unused in some configurations,
> > as seen from a gcc warning:
> >
> > crypto/xor.c: In function 'calibrate_xor_blocks':
> > crypto/xor.c:156:1: error: label 'out' defined but not used [-Werror=unused-label]
> >
> > This adds an #ifdef around it to match the one around the respective "goto".
> >
> > Signed-off-by: Arnd Bergmann <arnd@arndb.de>
> > Fixes: 39457acda913 ("crypto: xor - skip speed test if the xor function is selected automatically")
>
> Thanks for the patch. But I've already queued up a fix at
>
> https://patchwork.kernel.org/patch/9301603/
>
Ok, that one looks like a nicer solution anyway.
Arnd
^ permalink raw reply
* Re: [PATCH v2 0/2] HWRNG/PCI: Add driver for Cavium Thunder RNG
From: Herbert Xu @ 2016-08-31 15:17 UTC (permalink / raw)
To: Omer Khaliq
Cc: linux-kernel, linux-pci, linux-crypto, linux-arm-kernel, bhelgaas,
mpm, Ananth.Jasty, David.Daney, clabbe.montjoie
In-Reply-To: <1471994835-2423-1-git-send-email-okhaliq@caviumnetworks.com>
On Tue, Aug 23, 2016 at 04:27:13PM -0700, Omer Khaliq wrote:
> There is a hardware error rendering the FDL field incorrect for the some
> Thunder RNG devices. The first patch adds a PCI quirk to fix the problem.
>
> The second patch adds the driver.
>
> Changes from v1:
> Use PCI quirks as advised.
> Removed unecessary headers
> Format changes as advised
All applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH] crypto: FIPS - allow tests to be disabled in FIPS mode
From: Herbert Xu @ 2016-08-31 15:18 UTC (permalink / raw)
To: Stephan Mueller; +Cc: linux-crypto, Tapas Sarangi
In-Reply-To: <1685622.m1phZymvbe@positron.chronox.de>
On Thu, Aug 25, 2016 at 03:15:01PM +0200, Stephan Mueller wrote:
> In FIPS mode, additional restrictions may apply. If these restrictions
> are violated, the kernel will panic(). This patch allows test vectors
> for symmetric ciphers to be marked as to be skipped in FIPS mode.
>
> Together with the patch, the XTS test vectors where the AES key is
> identical to the tweak key is disabled in FIPS mode. This test vector
> violates the FIPS requirement that both keys must be different.
>
> Reported-by: Tapas Sarangi <TSarangi@trustwave.com>
> Signed-off-by: Stephan Mueller <smueller@chronox.de>
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH v3 0/8] hwrng: amd: rework of the amd hwrng driver
From: Herbert Xu @ 2016-08-31 15:18 UTC (permalink / raw)
To: LABBE Corentin; +Cc: mpm, linux-crypto, linux-kernel
In-Reply-To: <1472209896-17197-1-git-send-email-clabbe.montjoie@gmail.com>
On Fri, Aug 26, 2016 at 01:11:28PM +0200, LABBE Corentin wrote:
> Changes since v2:
> - split the latest patch in 4
> Changes since v1:
> - Keep the hwrng name as "amd"
All applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH] fix:caam:ctrl:add missing header dependencies
From: Herbert Xu @ 2016-08-31 15:18 UTC (permalink / raw)
To: Baoyou Xie
Cc: davem, arnd, tudor-dan.ambarus, linux-crypto, linux-kernel,
xie.baoyou
In-Reply-To: <1472205384-29888-1-git-send-email-baoyou.xie@linaro.org>
On Fri, Aug 26, 2016 at 05:56:24PM +0800, Baoyou Xie wrote:
> We get 1 warning when biuld kernel with W=1:
> drivers/crypto/caam/ctrl.c:398:5: warning: no previous prototype for 'caam_get_era' [-Wmissing-prototypes]
>
> In fact, this function is declared in drivers/crypto/caam/ctrl.h,
> so this patch add missing header dependencies.
>
> Signed-off-by: Baoyou Xie <baoyou.xie@linaro.org>
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH] hw_random: Remove check for max less than 4 bytes
From: Herbert Xu @ 2016-08-31 15:18 UTC (permalink / raw)
To: PrasannaKumar Muralidharan; +Cc: mpm, linux-crypto, linux-kernel
In-Reply-To: <1472236324-7067-1-git-send-email-prasannatsmkumar@gmail.com>
On Sat, Aug 27, 2016 at 12:02:04AM +0530, PrasannaKumar Muralidharan wrote:
> HW RNG core never asks for data less than 4 bytes. The check whether max
> is less than 4 bytes is unnecessary. Remove the check.
>
> Signed-off-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH] Use devm_hwrng_register instead of hwrng_register
From: Herbert Xu @ 2016-08-31 15:19 UTC (permalink / raw)
To: PrasannaKumar Muralidharan; +Cc: mpm, linux-crypto
In-Reply-To: <1472374152-19319-1-git-send-email-prasannatsmkumar@gmail.com>
On Sun, Aug 28, 2016 at 02:19:12PM +0530, PrasannaKumar Muralidharan wrote:
> By using devm_hwrng_register instead of hwrng_register the .remove
> callback in platform_driver can be removed. This reduces a few lines in
> code.
>
> Signed-off-by: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH v3] crypto: caam - fix IV loading for authenc (giv)decryption
From: Herbert Xu @ 2016-08-31 15:19 UTC (permalink / raw)
To: Horia Geantă; +Cc: linux-crypto, David S. Miller
In-Reply-To: <1472471534-9544-1-git-send-email-horia.geanta@nxp.com>
On Mon, Aug 29, 2016 at 02:52:14PM +0300, Horia Geantă wrote:
> For algorithms that implement IV generators before the crypto ops,
> the IV needed for decryption is initially located in req->src
> scatterlist, not in req->iv.
>
> Avoid copying the IV into req->iv by modifying the (givdecrypt)
> descriptors to load it directly from req->src.
> aead_givdecrypt() is no longer needed and goes away.
>
> Cc: <stable@vger.kernel.org> # 4.3+
> Fixes: 479bcc7c5b9e ("crypto: caam - Convert authenc to new AEAD interface")
> Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH] crypto: qat - fix constants table DMA
From: Herbert Xu @ 2016-08-31 15:19 UTC (permalink / raw)
To: Giovanni Cabiddu; +Cc: linux-crypto, Maksim Lukoshkov
In-Reply-To: <1472473711-611-1-git-send-email-giovanni.cabiddu@intel.com>
On Mon, Aug 29, 2016 at 01:28:31PM +0100, Giovanni Cabiddu wrote:
> From: Maksim Lukoshkov <maksim.lukoshkov@intel.com>
>
> Copy const_tab array into DMA-able memory (accesible by qat hw).
>
> Signed-off-by: Maksim Lukoshkov <maksim.lukoshkov@intel.com>
> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox