2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-25 13:43:55 +08:00
Commit Graph

3389 Commits

Author SHA1 Message Date
Ashish Kalra
1d55fdc857 crypto: ccp - Retry SEV INIT command in case of integrity check failure.
SEV INIT command loads the SEV related persistent data from NVS
and initializes the platform context. The firmware validates the
persistent state. If validation fails, the firmware will reset
the persisent state and return an integrity check failure status.

At this point, a subsequent INIT command should succeed, so retry
the command. The INIT command retry is only done during driver
initialization.

Additional enums along with SEV_RET_SECURE_DATA_INVALID are added
to sev_ret_code to maintain continuity and relevance of enum values.

Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
Acked-by: David Rientjes <rientjes@google.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-26 02:09:58 +11:00
Corentin Labbe
48fe583fe5 crypto: amlogic - Add crypto accelerator for amlogic GXL
This patch adds support for the amlogic GXL cryptographic offloader present
on GXL SoCs.

This driver supports AES cipher in CBC/ECB mode.

Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Reviewed-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-26 02:09:58 +11:00
Ben Dooks (Codethink)
49c4cd8035 crypto: atmel - fix data types for __be{32,64}
The driver uses a couple of buffers that seem to
be __be32 or __be64 fields, but declares them as
u32. This means there are a number of warnings
from sparse due to casting to/from __beXXX.

Fix these by changing the types of the buffer
and the associated variables.

drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1059:28: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1059:28:    expected unsigned int
drivers/crypto/atmel-aes.c:1059:28:    got restricted __be32 [usertype]
drivers/crypto/atmel-aes.c:1550:28: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1550:28:    expected unsigned int
drivers/crypto/atmel-aes.c:1550:28:    got restricted __be32 [usertype]
drivers/crypto/atmel-aes.c:1561:39: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1561:39:    expected unsigned long long [usertype]
drivers/crypto/atmel-aes.c:1561:39:    got restricted __be64 [usertype]
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:15: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1599:15:    expected unsigned int [usertype]
drivers/crypto/atmel-aes.c:1599:15:    got restricted __be32 [usertype]
drivers/crypto/atmel-aes.c:1692:17: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1692:17:    expected unsigned long long [usertype]
drivers/crypto/atmel-aes.c:1692:17:    got restricted __be64 [usertype]
drivers/crypto/atmel-aes.c:1693:17: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1693:17:    expected unsigned long long [usertype]
drivers/crypto/atmel-aes.c:1693:17:    got restricted __be64 [usertype]
drivers/crypto/atmel-aes.c:1888:63: warning: incorrect type in initializer (different base types)
drivers/crypto/atmel-aes.c:1888:63:    expected unsigned int
drivers/crypto/atmel-aes.c:1888:63:    got restricted __le32 [usertype]

Signed-off-by: Ben Dooks <ben.dooks@codethink.co.uk>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-26 02:09:57 +11:00
Pascal van Leeuwen
e9fc36719b crypto: inside-secure - Made locally used safexcel_pci_remove() static
safexcel_pci_remove() is only used locally in the module and not exported,
so added a static function specifier.
This fixes a sparse issue reported by Ben Dooks.

Fixes: 625f269a5a ("crypto: inside-secure - add support for...")
Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:47:01 +11:00
Pascal van Leeuwen
756497cb7b crypto: inside-secure - Fix build error with CONFIG_CRYPTO_SM3=m
Always take the zero length hash value for SM3 from the local constant
to avoid a reported build error when SM3 is configured to be a module.

Fixes: 0f2bc13181 ("crypto: inside-secure - Added support for...")
Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:47:01 +11:00
Rikard Falkeborn
5b243b6c4a crypto: hisilicon: Fix misuse of GENMASK macro
Arguments are supposed to be ordered high then low.

Fixes: c8b4b47707 ("crypto: hisilicon - add HiSilicon HPRE accelerator")
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:47:00 +11:00
Eric Biggers
4ba802980c crypto: nx - convert AES-CTR to skcipher API
Convert the PowerPC Nest (NX) implementation of AES-CTR from the
deprecated "blkcipher" API to the "skcipher" API.  This is needed in
order for the blkcipher API to be removed.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:47:00 +11:00
Eric Biggers
c1e9c386c9 crypto: nx - convert AES-CBC to skcipher API
Convert the PowerPC Nest (NX) implementation of AES-CBC from the
deprecated "blkcipher" API to the "skcipher" API.  This is needed in
order for the blkcipher API to be removed.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:46:59 +11:00
Eric Biggers
bfd9efddf9 crypto: nx - convert AES-ECB to skcipher API
Convert the PowerPC Nest (NX) implementation of AES-ECB from the
deprecated "blkcipher" API to the "skcipher" API.  This is needed in
order for the blkcipher API to be removed.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:46:59 +11:00
Eric Biggers
7740bd51ef crypto: nx - don't abuse blkcipher_desc to pass iv around
The NX crypto driver is using 'struct blkcipher_desc' to pass the IV
around, even for AEADs (for which it creates the struct on the stack).
This is not appropriate since this structure is part of the "blkcipher"
API, which is deprecated and will be removed.

Just pass around the IV directly instead.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:46:58 +11:00
Eric Biggers
713b2e7203 crypto: padlock-aes - convert to skcipher API
Convert the VIA PadLock implementations of AES-ECB and AES-CBC from the
deprecated "blkcipher" API to the "skcipher" API.  This is needed in
order for the blkcipher API to be removed.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:46:58 +11:00
Yunfeng Ye
fcf801cc55 crypto: chtls - remove the redundant check in chtls_recvmsg()
A warning message reported by a static analysis tool:
  "
  Either the condition 'if(skb)' is redundant or there is possible null
  pointer dereference: skb.
  "

Remove the unused redundant check.

Signed-off-by: Yunfeng Ye <yeyunfeng@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:46:57 +11:00
Zhou Wang
b981744ef0 crypto: hisilicon - select NEED_SG_DMA_LENGTH in qm Kconfig
To avoid compile error in some platforms, select NEED_SG_DMA_LENGTH in
qm Kconfig.

Fixes: dfed0098ab ("crypto: hisilicon - add hardware SGL support")
Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Reported-by: kbuild test robot <lkp@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:46:56 +11:00
zhengbin
14304da06c crypto: ux500 - Remove set but not used variable 'cookie'
Fixes gcc '-Wunused-but-set-variable' warning:

drivers/crypto/ux500/hash/hash_core.c: In function hash_set_dma_transfer:
drivers/crypto/ux500/hash/hash_core.c:143:15: warning: variable cookie set but not used [-Wunused-but-set-variable]

It is not used since commit 8a63b1994c ("crypto:
ux500 - Add driver for HASH hardware")

Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: zhengbin <zhengbin13@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:46:56 +11:00
Eric Biggers
4549f7e5aa crypto: geode-aes - convert to skcipher API and make thread-safe
The geode AES driver is heavily broken because it stores per-request
state in the transform context.  So it will crash or produce the wrong
result if used by any of the many places in the kernel that issue
concurrent requests for the same transform object.

This driver is also implemented using the deprecated blkcipher API,
which makes it difficult to fix, and puts it among the drivers
preventing that API from being removed.

Convert this driver to use the skcipher API, and change it to not store
per-request state in the transform context.

Fixes: 9fe757b0cf ("[PATCH] crypto: Add support for the Geode LX AES hardware")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23 19:46:56 +11:00
YueHaibing
27018ab14b crypto: inside-secure - Use PTR_ERR_OR_ZERO in safexcel_xcbcmac_cra_init()
Use PTR_ERR_OR_ZERO rather than if(IS_ERR(...)) + PTR_ERR

Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Acked-by: Antoine Tenart <antoine.tenart@ack.tf>
Acked-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-18 18:49:41 +11:00
Colin Ian King
1a61af281e crypto: inside-secure - fix spelling mistake "algorithmn" -> "algorithm"
There is a spelling mistake in a dev_err message. Fix it. Add in missing
newline.

Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-18 18:49:40 +11:00
Ard Biesheuvel
504582e8e4 crypto: geode-aes - switch to skcipher for cbc(aes) fallback
Commit 79c65d179a ("crypto: cbc - Convert to skcipher") updated
the generic CBC template wrapper from a blkcipher to a skcipher algo,
to get away from the deprecated blkcipher interface. However, as a side
effect, drivers that instantiate CBC transforms using the blkcipher as
a fallback no longer work, since skciphers can wrap blkciphers but not
the other way around. This broke the geode-aes driver.

So let's fix it by moving to the sync skcipher interface when allocating
the fallback. At the same time, align with the generic API for ECB and
CBC by rejecting inputs that are not a multiple of the AES block size.

Fixes: 79c65d179a ("crypto: cbc - Convert to skcipher")
Cc: <stable@vger.kernel.org> # v4.20+ ONLY
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Florian Bezdeka <florian@bezdeka.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:42:45 +11:00
Tudor Ambarus
86ef1dfcb5 crypto: atmel-aes - Fix IV handling when req->nbytes < ivsize
commit 394a9e0447 ("crypto: cfb - add missing 'chunksize' property")
adds a test vector where the input length is smaller than the IV length
(the second test vector). This revealed a NULL pointer dereference in
the atmel-aes driver, that is caused by passing an incorrect offset in
scatterwalk_map_and_copy() when atmel_aes_complete() is called.

Do not save the IV in req->info of ablkcipher_request (or equivalently
req->iv of skcipher_request) when req->nbytes < ivsize, because the IV
will not be further used.

While touching the code, modify the type of ivsize from int to
unsigned int, to comply with the return type of
crypto_ablkcipher_ivsize().

Fixes: 91308019ec ("crypto: atmel-aes - properly set IV after {en,de}crypt")
Cc: <stable@vger.kernel.org>
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:42:45 +11:00
Arnd Bergmann
977da0738f crypto: inside-secure - Remove #ifdef checks
When both PCI and OF are disabled, no drivers are registered, and
we get some unused-function warnings:

drivers/crypto/inside-secure/safexcel.c:1221:13: error: unused function 'safexcel_unregister_algorithms' [-Werror,-Wunused-function]
static void safexcel_unregister_algorithms(struct safexcel_crypto_priv *priv)
drivers/crypto/inside-secure/safexcel.c:1307:12: error: unused function 'safexcel_probe_generic' [-Werror,-Wunused-function]
static int safexcel_probe_generic(void *pdev,
drivers/crypto/inside-secure/safexcel.c:1531:13: error: unused function 'safexcel_hw_reset_rings' [-Werror,-Wunused-function]
static void safexcel_hw_reset_rings(struct safexcel_crypto_priv *priv)

It's better to make the compiler see what is going on and remove
such ifdef checks completely. In case of PCI, this is trivial since
pci_register_driver() is defined to an empty function that makes the
compiler subsequently drop all unused code silently.

The global pcireg_rc/ofreg_rc variables are not actually needed here
since the driver registration does not fail in ways that would make
it helpful.

For CONFIG_OF, an IS_ENABLED() check is still required, since platform
drivers can exist both with and without it.

A little change to linux/pci.h is needed to ensure that
pcim_enable_device() is visible to the driver. Moving the declaration
outside of ifdef would be sufficient here, but for consistency with the
rest of the file, adding an inline helper is probably best.

Fixes: 212ef6f29e ("crypto: inside-secure - Fix unused variable warning when CONFIG_PCI=n")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Bjorn Helgaas <bhelgaas@google.com>	# pci.h
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:39:44 +11:00
Arnd Bergmann
74e6bd472b crypto: inside-secure - Fix a maybe-uninitialized warning
A previous fixup avoided an unused variable warning but replaced
it with a slightly scarier warning:

drivers/crypto/inside-secure/safexcel.c:1100:6: error: variable 'irq' is used uninitialized whenever 'if' condition is false [-Werror,-Wsometimes-uninitialized]

This is harmless as it is impossible to get into this case, but
the compiler has no way of knowing that. Add an explicit error
handling case to make it obvious to both compilers and humans
reading the source.

Fixes: 212ef6f29e ("crypto: inside-secure - Fix unused variable warning when CONFIG_PCI=n")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:36:32 +11:00
Zaibo Xu
8489741516 crypto: hisilicon - Add debugfs for HPRE
HiSilicon HPRE engine driver uses debugfs to provide debug information,
the usage can be found in /Documentation/ABI/testing/debugfs-hisi-hpre.

Signed-off-by: Zaibo Xu <xuzaibo@huawei.com>
Signed-off-by: Hui Tang <tanghui20@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:36:32 +11:00
Zaibo Xu
5ec302a364 crypto: hisilicon - add SRIOV support for HPRE
HiSilicon HPRE engine supports PCI SRIOV. This patch enable
this feature. User can enable VFs and pass through them to VM,
same HPRE driver can work in VM to provide RSA and DH algorithms
by crypto akcipher and kpp interfaces.

Signed-off-by: Zaibo Xu <xuzaibo@huawei.com>
Signed-off-by: Hui tang <tanghui20@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:36:32 +11:00
Zaibo Xu
c8b4b47707 crypto: hisilicon - add HiSilicon HPRE accelerator
The HiSilicon HPRE accelerator implements RSA and DH algorithms. It
uses Hisilicon QM as interface to CPU.

This patch provides PCIe driver to the accelerator and registers its
algorithms to crypto akcipher and kpp interfaces.

Signed-off-by: Zaibo Xu <xuzaibo@huawei.com>
Signed-off-by: Hui Tang <tanghui20@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:36:31 +11:00
Zhou Wang
a92a00f809 crypto: hisilicon - misc fix about sgl
This patch fixes some misc problems in sgl codes, e.g. missing static,
sparse error and input parameter check.

Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:36:31 +11:00
Zhou Wang
d8ac7b8523 crypto: hisilicon - fix large sgl memory allocation problem when disable smmu
When disabling SMMU, it may fail to allocate large continuous memory. This
patch fixes this by allocating memory as blocks.

Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:36:31 +11:00
Shukun Tan
f081fda293 crypto: hisilicon - add sgl_sge_nr module param for zip
Add a module parameter for zip driver to set the number of SGE in one SGL.

Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:36:31 +11:00
Zhou Wang
48c1cd40fa crypto: hisilicon - merge sgl support to hisi_qm module
As HW SGL can be seen as a data format of QM's sqe, we merge sgl code into
qm module and rename it as hisi_qm, which reduces the number of module and
make the name less generic.

This patch also modify the interface of SGL:
 - Create/free hisi_acc_sgl_pool inside.
 - Let user to pass the SGE number in one SGL when creating sgl pool, which
   is better than a unified module parameter for sgl module before.
 - Modify zip driver according to sgl interface change.

Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10 23:36:31 +11:00
Iuliana Prodan
eff9771d51 crypto: caam - use mapped_{src,dst}_nents for descriptor
The mapped_{src,dst}_nents _returned_ from the dma_map_sg
call (which could be less than src/dst_nents) have to be
used to generate the job descriptors.

Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:21 +10:00
Corentin Labbe
554c42b4ef crypto: sun4i-ss - enable pm_runtime
This patch enables power management on the Security System.
sun4i-ss now depends on PM because it simplify code and prevent some ifdef.
But this is not a problem since arch maintainer want ARCH_SUNXI to
depend on PM in the future.

Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Acked-by: Maxime Ripard <mripard@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:21 +10:00
Corentin Labbe
70dd444ad0 crypto: sun4i-ss - simplify enable/disable of the device
This patch regroups resource enabling/disabling in dedicated function.
This simplify error handling and will permit to support power
management.

Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Acked-by: Maxime Ripard <mripard@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:20 +10:00
Phani Kiran Hemadri
6a97a99db8 crypto: cavium/nitrox - fix firmware assignment to AE cores
This patch fixes assigning UCD block number of Asymmetric crypto
firmware to AE cores of CNN55XX device.

Fixes: a7268c4d42 ("crypto: cavium/nitrox - Add support for loading asymmetric crypto firmware")
Signed-off-by: Phani Kiran Hemadri <phemadri@marvell.com>
Reviewed-by: Srikanth Jampala <jsrikanth@marvell.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:20 +10:00
Eneas U de Queiroz
f65eae617e crypto: qce - add CRYPTO_ALG_KERN_DRIVER_ONLY flag
Set the CRYPTO_ALG_KERN_DRIVER_ONLY flag to all algorithms exposed by
the qce driver, since they are all hardware accelerated, accessible
through a kernel driver only, and not available directly to userspace.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:20 +10:00
Christophe JAILLET
3dc8b01ebc crypto: chtls - simplify a bit 'create_flowc_wr_skb()'
Use '__skb_put_data()' instead of rewritting it.
This improves readability.

Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:20 +10:00
Navid Emamdoost
128c664292 crypto: ccp - Release all allocated memory if sha type is invalid
Release all allocated memory if sha type is invalid:
In ccp_run_sha_cmd, if the type of sha is invalid, the allocated
hmac_buf should be released.

v2: fix the goto.

Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
Acked-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:20 +10:00
Arnd Bergmann
a7174f9785 crypto: hisilicon - allow compile-testing on x86
To avoid missing arm64 specific warnings that get introduced
in this driver, allow compile-testing on all 64-bit architectures.

The only actual arm64 specific code in this driver is an open-
coded 128 bit MMIO write. On non-arm64 the same can be done
using memcpy_toio. What I also noticed is that the mmio store
(either one) is not endian-safe, this will only work on little-
endian configurations, so I also add a Kconfig dependency on
that, regardless of the architecture.
Finally, a depenndecy on CONFIG_64BIT is needed because of the
writeq().

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:19 +10:00
Pascal van Leeuwen
5fd39c4d96 crypto: inside-secure - Add support for the EIP196
This patch adds support for the EIP196, which is an EIP197 derivative
that has no classification hardware and a simplified record cache.

The patch has been tested with the eip196b-ie and eip197c-iewxkbc
configurations on the Xilinx VCU118 development board as well as on the
Macchiatobin board (Marvell A8K - EIP197b-ieswx), including the crypto
extra tests.

Note that this patchset applies on top of the earlier submitted
"Add support for eip197f_iewc" series.

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:19 +10:00
Nagadheeraj Rottela
9e5de3e06e crypto: cavium/nitrox - Add mailbox message to get mcode info in VF
Add support to get microcode information in VF from PF via mailbox
message.

Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com>
Reviewed-by: Srikanth Jampala <jsrikanth@marvell.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:18 +10:00
Pascal van Leeuwen
946a4a2a49 crypto: inside-secure - Add support for HW with less ring AIC's than rings
The current driver assumes one dedicated ring interrupt controller per
ring. However, some existing EIP(1)97 HW has less ring AIC's than rings.
This patch allows the driver to work with such HW by detecting how many
ring AIC's are present and restricting the number of rings it *uses* by
the number of ring AIC's present. This allows it to at least function.
(optimization for the future: add ring dispatch functionality in the
interrupt service routine such that multiple rings can be supported from
one ring AIC, allowing all rings to be used)

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:17 +10:00
Pascal van Leeuwen
84ca4e54ab crypto: inside-secure - Add support for 256 bit wide internal bus
This patch adds support for large EIP197's with a 256 bit wide internal
bus, which affects the format of the result descriptor due to internal
alignment requirements.

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:16 +10:00
Pascal van Leeuwen
a9a89624f0 crypto: inside-secure - Added support for the rfc4309(ccm(aes)) AEAD
This patch adds support for rfc4309(ccm(aes)) for use with IPsec ESP

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:16 +10:00
Pascal van Leeuwen
92c60cefa4 crypto: inside-secure - Added support for the rfc4543(gcm(aes)) "AEAD"
This patch adds support for rfc4543(gcm(aes)) - i.e. AES-GMAC - for use
with IPsec ESP

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:15 +10:00
Pascal van Leeuwen
a19052d422 crypto: inside-secure - Added support for the rfc4106(gcm(aes)) AEAD
This patch adds support for rfc4106(gcm(aes)) for use with IPsec ESP

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:15 +10:00
Pascal van Leeuwen
d96cf190e5 crypto: inside-secure - Fixed corner case TRC admin RAM probing issue
This patch fixed a corner case admin RAM probing issue witnessed on the
Xilinx VCU118 FPGA development board with an EIP197 configuration with
4096 words of admin RAM, of which only 2050 were recognised.

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:14 +10:00
Pascal van Leeuwen
b8c5d882c8 crypto: inside-secure - Fix stability issue with Macchiatobin
This patch corrects an error in the Transform Record Cache initialization
code that was causing intermittent stability problems on the Macchiatobin
board.

Unfortunately, due to HW platform specifics, the problem could not happen
on the main development platform, being the VCU118 Xilinx development
board. And since it was a problem with hash table access, it was very
dependent on the actual physical context record DMA buffers being used,
i.e. with some (bad) luck it could seemingly work quit stable for a while.

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:14 +10:00
Nagadheeraj Rottela
ced0a170fd crypto: cavium/nitrox - Fix cbc ciphers self test failures
Self test failures are due to wrong output IV. This patch fixes this
issue by copying back output IV into skcipher request.

Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com>
Reviewed-by: Srikanth Jampala <jsrikanth@marvell.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:13 +10:00
Nagadheeraj Rottela
3fed9baad5 crypto: cavium/nitrox - check assoclen and authsize for gcm(aes) cipher
Check if device supports assoclen to solve hung task timeout error when
extra tests are enabled. Return -EINVAL if assoclen is not supported.
Check authsize to return -EINVAL if authentication tag size is invalid.
Change blocksize to 1 to match with generic implementation.

Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com>
Reported-by: Mallesham Jatharakonda <mallesham.jatharakonda@oneconvergence.com>
Suggested-by: Mallesham Jatharakonda <mallesham.jatharakonda@oneconvergence.com>
Reviewed-by: Srikanth Jampala <jsrikanth@marvell.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:13 +10:00
Pascal van Leeuwen
457a6fdf4c crypto: inside-secure - Added support for authenc HMAC-SHA2/DES-CBC
This patch adds support for the authenc(hmac(sha224),cbc(des)),
authenc(hmac(sha256),cbc(des)), authenc(hmac(sha384),cbc(des))
and authenc(hmac(sha512),cbc(des)) aead's

changes since v1:
- nothing

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:09 +10:00
Pascal van Leeuwen
f0a8bdf0b1 crypto: inside-secure - Added support for authenc HMAC-SHA2/3DES-CBC
This patch adds support for the authenc(hmac(sha224),cbc(des3_ede)),
authenc(hmac(sha256),cbc(des3_ede)), authenc(hmac(sha384),cbc(des3_ede))
and authenc(hmac(sha512),cbc(des3_ede)) aead's

changes since v1:
- nothing

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:08 +10:00
Pascal van Leeuwen
bb7679b840 crypto: inside-secure - Added support for authenc HMAC-SHA1/DES-CBC
This patch adds support for the authenc(hmac(sha1),cbc(des)) aead

changes since v1:
- rebased on top of DES changes made to cryptodev/master

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-05 01:06:08 +10:00