Commit Graph

226 Commits

Author SHA1 Message Date
Antoine Ténart dfbcc08faa crypto: inside-secure - fix typo in a comment
Cosmetic patch fixing one typo in one of the driver's comments.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-12-22 20:03:28 +11:00
Antoine Ténart 62c2eddd2d crypto: inside-secure - remove extra empty line
Cosmetic patch removing an extra empty line between header inclusions.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-12-22 20:03:28 +11:00
Antoine Ténart 2973633e9f crypto: inside-secure - do not use areq->result for partial results
This patches update the SafeXcel driver to stop using the crypto
ahash_request result field for partial results (i.e. on updates).
Instead the driver local safexcel_ahash_req state field is used, and
only on final operations the ahash_request result buffer is updated.

Fixes: 1b44c5a60c ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver")
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-12-22 19:48:01 +11:00
Antoine Ténart 7cad2fabd5 crypto: inside-secure - fix request allocations in invalidation path
This patch makes use of the SKCIPHER_REQUEST_ON_STACK and
AHASH_REQUEST_ON_STACK helpers to allocate enough memory to contain both
the crypto request structures and their embedded context (__ctx).

Fixes: 1b44c5a60c ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver")
Suggested-by: Ofer Heifetz <oferh@marvell.com>
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-12-22 19:48:00 +11:00
Antoine Ténart 0a02dcca12 crypto: inside-secure - free requests even if their handling failed
This patch frees the request private data even if its handling failed,
as it would never be freed otherwise.

Fixes: 1b44c5a60c ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver")
Suggested-by: Ofer Heifetz <oferh@marvell.com>
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-12-22 19:48:00 +11:00
Ofer Heifetz 1eb7b40386 crypto: inside-secure - per request invalidation
When an invalidation request is needed we currently override the context
.send and .handle_result helpers. This is wrong as under high load other
requests can already be queued and overriding the context helpers will
make them execute the wrong .send and .handle_result functions.

This commit fixes this by adding a needs_inv flag in the request to
choose the action to perform when sending requests or handling their
results. This flag will be set when needed (i.e. when the context flag
will be set).

Fixes: 1b44c5a60c ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver")
Signed-off-by: Ofer Heifetz <oferh@marvell.com>
[Antoine: commit message, and removed non related changes from the
original commit]
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-12-22 19:47:59 +11:00
Himanshu Jha 18fddf5fd2 crypto: inside-secure - remove null check before kfree
Kfree on NULL pointer is a no-op and therefore checking is redundant.

Signed-off-by: Himanshu Jha <himanshujha199640@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-09-22 17:43:25 +08:00
Arnd Bergmann 3e1166b94e crypto: inside-secure - fix gcc-4.9 warnings
All older compiler versions up to gcc-4.9 produce these
harmless warnings:

drivers/crypto/inside-secure/safexcel_cipher.c:389:9: warning: missing braces around initializer [-Wmissing-braces]
drivers/crypto/inside-secure/safexcel_cipher.c:389:9: warning: (near initialization for ‘result.completion’) [-Wmissing-braces]
drivers/crypto/inside-secure/safexcel_hash.c:422:9: warning: missing braces around initializer [-Wmissing-braces]
drivers/crypto/inside-secure/safexcel_hash.c:422:9: warning: (near initialization for ‘result.completion’) [-Wmissing-braces]

This changes the syntax to something that works on all versions
without warnings.

Fixes: 1b44c5a60c ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-09-20 17:42:41 +08:00
Christophe Jaillet b7d65fe181 crypto: inside-secure - fix an error handling path in safexcel_probe()
'ret' is known to be 0 at this point.
If 'safexcel_request_ring_irq()' fails, it returns an error code.
Return this value instead of 0 which means success.

Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-08-22 14:54:55 +08:00
Antoine Ténart 60c4081ec4 crypto: inside-secure - fix the sha state length in hmac_sha1_setkey
A check is performed on the ipad/opad in the safexcel_hmac_sha1_setkey
function, but the index used by the loop doing it is wrong. It is
currently the size of the state array while it should be the size of a
sha1 state. This patch fixes it.

Fixes: 1b44c5a60c ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-08-03 13:36:11 +08:00
Antoine Ténart 42ef3bedf3 crypto: inside-secure - fix invalidation check in hmac_sha1_setkey
The safexcel_hmac_sha1_setkey function checks if an invalidation command
should be issued, i.e. when the context ipad/opad change. This checks is
done after filling the ipad/opad which and it can't be true. The patch
fixes this by moving the check before the ipad/opad memcpy operations.

Fixes: 1b44c5a60c ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver")
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-08-03 13:36:10 +08:00
Antoine Ténart a2069aacbe crypto: inside-secure - do not parse the dma mask from dt
Remove the dma mask parsing from dt as this should not be encoded into
the engine device tree node. Keep the fallback value for now, which
should work for the boards already supported upstream.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-07-18 17:01:01 +08:00
Antoine Ténart cfb73f8953 crypto: inside-secure - use the base_end pointer in ring rollback
A base_end pointer is set and provided. Use it in the ring rollback
function to avoid using build-in defines.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:48 +08:00
Antoine Ténart e826934e35 crypto: inside-secure - increase the batch size
Increase the batch size to the maximum number of requests a ring can
handle at a time (its size). This is possible now that the request
queues are per hw ring. This improves performances.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:47 +08:00
Antoine Ténart 5eb0cc66f3 crypto: inside-secure - only dequeue when needed
This force the need_dequeue flag to be unset whenever the dequeue
function is called, to avoid calling it when it is not necessary.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:47 +08:00
Antoine Ténart b1deb47ad1 crypto: inside-secure - get the backlog before dequeueing the request
Get the backlog before dequeuing the request otherwise we'll miss the
first request in line.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:46 +08:00
Antoine Ténart c5acabd33c crypto: inside-secure - stop requeueing failed requests
This update the dequeue function of the inside-secure safexcel driver so
that failed requests aren't requeued when they fail (for whatever
reason, which can be because the hw ring is full).

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:45 +08:00
Antoine Ténart 86671abbbb crypto: inside-secure - use one queue per hw ring
Update the inside-secure safexcel driver from using one global queue to
one queue per hw ring. This ease the request management and keep the hw
in sync with what's done in sw.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:45 +08:00
Antoine Ténart 9785843424 crypto: inside-secure - update the context and request later
This move the context and request updates at the end of the cipher and
hash send() functions. This way the context and request fields are set
only when everything else was successful in the send() functions.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:44 +08:00
Ofer Heifetz 152bdf4cdb crypto: inside-secure - align the cipher and hash send functions
The cipher and hash send functions both set the results variable, to be
used later by the caller. Align the way they're setting this variable.

Signed-off-by: Ofer Heifetz <oferh@marvell.com>
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:44 +08:00
Igal Liberman ee1fd870ee crypto: inside-secure - optimize DSE bufferability control
Configure the data write bufferability to always buffer packets in the
DSE. This change slightly improves performance.

Signed-off-by: Igal Liberman <igall@marvell.com>
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:44 +08:00
Igal Liberman c87925bfd2 crypto: inside-secure - enable single WR in DSE configuration
When enable_single_wr is not enabled, the DSE will only write those
parts of a result descriptor that need updating, which means a final
result descriptor will be written in 2 or 3 smaller transfers.
When enable_single_wr is enabled the DSE will combine these 2-3
updates into one large write transfer, generally improving performance.

Signed-off-by: Igal Liberman <igall@marvell.com>
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:43 +08:00
Antoine Ténart 39ba1bb4a4 crypto: inside-secure - fix incorrect DSE data cache setting
Set the correct value to the DSE data cache, using WR_CACHE_3BITS
instead of RD_CACHE_3BITS. This fixes an incorrect setting and helps
improving performances.

Reported-by: Igal Liberman <igall@marvell.com>
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:43 +08:00
Antoine Ténart aefa794efe crypto: inside-secure - fix the ring wr_cache offset
The EIP197_HIA_xDR_CFG_WR_CACHE macro was defined to use an offset of
23, which is wrong as it's actually 25. Fix this.

Reported-by: Igal Liberman <igall@marvell.com>
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:41 +08:00
Antoine Ténart aed3731e90 crypto: inside-secure - use hmac ipad/opad constants
Replace the hmac ipad/opad values by their defined constants.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-20 11:21:41 +08:00
Antoine Ténart 1b44c5a60c crypto: inside-secure - add SafeXcel EIP197 crypto engine driver
Add support for Inside Secure SafeXcel EIP197 cryptographic engine,
which can be found on Marvell Armada 7k and 8k boards. This driver
currently implements: ecb(aes), cbc(aes), sha1, sha224, sha256 and
hmac(sah1) algorithms.

Two firmwares are needed for this engine to work. Their are mostly used
for more advanced operations than the ones supported (as of now), but we
still need them to pass the data to the internal cryptographic engine.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:21 +08:00