Commit Graph

677494 Commits

Author SHA1 Message Date
Geliang Tang b9162917fa crypto: mediatek - drop .owner field in mtk_crypto_driver
Drop .owner field in mtk_crypto_driver, since platform_driver_register()
will set it automatically.

Signed-off-by: Geliang Tang <geliangtang@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-19 14:11:50 +08:00
George Cherian 10d82222d9 crypto: cavium - Add more algorithms
Add more algorithm support for the driver.
Add support for ecb(aes), cfb(aes) and ecb(des3_ede).

Signed-off-by: George Cherian <george.cherian@cavium.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-19 14:11:49 +08:00
George Cherian e2eb769ed0 crypto: cavium - Remove the individual encrypt/decrypt function for each algorithm
Remove the individual encrypt/decrypt function for easch algorithm.
This is in prepration of adding more crypto algorithms supported by
hardware. While at that simplify create_ctx_hdr/create_input_list
function interfaces.

Signed-off-by: George Cherian <george.cherian@cavium.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-19 14:11:49 +08:00
George Cherian cc53e92ab3 crypto: cavium - Downgrade the annoying misc interrupt print from dev_err to dev_dbg
Mailbox interrupt is common and it is not an error interrupt.
So downgrade the print from dev_err to  dev_dbg.

Signed-off-by: George Cherian <george.cherian@cavium.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-19 14:11:48 +08:00
pjambhlekar 9d1fb19668 crypto: ccp - return NULL instead of 0
This change is to handle sparse warning. Return type of function is a pointer to the structure and
it returns 0. Instead it should return NULL.

Signed-off-by: Pushkar Jambhlekar <pushkar.iit@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-19 14:11:47 +08:00
Gary R Hook 3cdbe346ed crypto: ccp - Add debugfs entries for CCP information
Expose some data about the configuration and operation of the CCP
through debugfs entries: device name, capabilities, configuration,
statistics.

Allow the user to reset the counters to zero by writing (any value)
to the 'stats' file. This can be done per queue or per device.

Changes from V1:
 - Correct polarity of test when destroying devices at module unload

Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-19 14:11:47 +08:00
Martin Hicks 03d2c5114c crypto: talitos - Extend max key length for SHA384/512-HMAC and AEAD
An updated patch that also handles the additional key length requirements
for the AEAD algorithms.

The max keysize is not 96.  For SHA384/512 it's 128, and for the AEAD
algorithms it's longer still.  Extend the max keysize for the
AEAD size for AES256 + HMAC(SHA512).

Cc: <stable@vger.kernel.org> # 3.6+
Fixes: 357fb60502 ("crypto: talitos - add sha224, sha384 and sha512 to existing AEAD algorithms")
Signed-off-by: Martin Hicks <mort@bork.org>
Acked-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-19 14:11:44 +08:00
Ryder Lee 48df28b859 dt-bindings: crypto: remove mediatek ethif clock
This patch removes the parent clock 'ethif' in bindings, since we don't
need to control the parent of a clock in current clock framework.

Moreover, the clocks are get by name in the driver, thus this change
does not break backwards compatibility.

Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
Reviewed-by: Matthias Brugger <matthias.bgg@gmail.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:37 +08:00
Ryder Lee 8fa23a29eb crypto: mediatek - remove redundant clock setting
This patch removes redundant clock setting for 'clk_ethif', which is
the parent of 'clk_cryp'. Hence, we just need to handle its child.

Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:37 +08:00
Tudor-Dan Ambarus 47d3fd390e crypto: testmgr - add genkey kpp test
The test considers a party that already has a private-public
key pair and a party that provides a NULL key. The kernel will
generate the private-public key pair for the latter, computes
the shared secret on both ends and verifies if it's the same.

The explicit private-public key pair was copied from
the previous test vector.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:36 +08:00
Tudor-Dan Ambarus 6755fd269d crypto: ecdh - add privkey generation support
Add support for generating ecc private keys.

Generation of ecc private keys is helpful in a user-space to kernel
ecdh offload because the keys are not revealed to user-space. Private
key generation is also helpful to implement forward secrecy.

If the user provides a NULL ecc private key, the kernel will generate it
and further use it for ecdh.

Move ecdh's object files below drbg's. drbg must be present in the kernel
at the time of calling.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Reviewed-by: Stephan Müller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:35 +08:00
Srikanth Jampala f2663872f0 crypto: cavium - Register the CNN55XX supported crypto algorithms.
Register the Symmetric crypto algorithms supported by
CNN55XX driver with crypto subsystem.

The following Symmetric crypto algorithms are supported,
  - aes with cbc, ecb, cfb, xts, ctr and cts modes
  - des3_ede with cbc and ecb modes

Signed-off-by: Srikanth Jampala <Jampala.Srikanth@cavium.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:34 +08:00
Srikanth Jampala 086eac9eb4 crypto: cavium - Add debugfs support in CNN55XX driver.
Add debugfs support in CNN55XX Physical Function driver.
Provides hardware counters and firmware information.

Signed-off-by: Srikanth Jampala <Jampala.Srikanth@cavium.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:34 +08:00
Srikanth Jampala 14fa93cdcd crypto: cavium - Add support for CNN55XX adapters.
Add Physical Function driver support for CNN55XX crypto adapters.
CNN55XX adapters belongs to Cavium NITROX family series,
which accelerate both Symmetric and Asymmetric crypto workloads.

These adapters have crypto engines that need firmware
to become operational.

Signed-off-by: Srikanth Jampala <Jampala.Srikanth@cavium.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:33 +08:00
Dan Carpenter 3bca64c1b9 X.509: Fix error code in x509_cert_parse()
We forgot to set the error code on this path so it could result in
returning NULL which leads to a NULL dereference.

Fixes: db6c43bd21 ("crypto: KEYS: convert public key and digsig asym to the akcipher api")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:32 +08:00
Stephan Mueller a18ccc365f crypto: drbg - Fixes panic in wait_for_completion call
Initialise ctr_completion variable before use.

Signed-off-by: Harsh Jain <harshjain.prof@gmail.com>
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:31 +08:00
Tudor-Dan Ambarus 543de102e3 crypto: pkcs1pad - comply with crypto_akcipher_maxsize()
crypto_akcipher_maxsize() asks for the output buffer size without
caring for errors. It allways assume that will be called after
a valid setkey. Comply with it and return what he wants.

crypto_akcipher_maxsize() now returns an unsigned int.
Remove the unnecessary check.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:31 +08:00
Tudor-Dan Ambarus 515c4d27d6 crypto: qat - comply with crypto_akcipher_maxsize()
crypto_akcipher_maxsize() asks for the output buffer size without
caring for errors. It allways assume that will be called after
a valid setkey. Comply with it and return what he wants.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:31 +08:00
Tudor-Dan Ambarus e198429c41 crypto: caampkc - comply with crypto_akcipher_maxsize()
crypto_akcipher_maxsize() asks for the output buffer size without
caring for errors. It allways assume that will be called after
a valid setkey. Comply with it and return what he wants.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:30 +08:00
Tudor-Dan Ambarus 1c23b466e9 crypto: rsa - comply with crypto_akcipher_maxsize()
crypto_akcipher_maxsize() asks for the output buffer size without
caring for errors. It allways assume that will be called after
a valid setkey. Comply with it and return what he wants.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:30 +08:00
Tudor-Dan Ambarus 561f8e2df9 crypto: akcipher - assume key is already set in maxsize
As of now, crypto_akcipher_maxsize() can not be reached without
successfully setting the key for the transformation. akcipher
algorithm implementations check if the key was set and then return
the output buffer size required for the given key.

Change the return type to unsigned int and always assume that this
function is called after a successful setkey of the transformation.
akcipher algorithm implementations will remove the check if key is not NULL
and directly return the max size.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:29 +08:00
Tudor-Dan Ambarus 85ac98cbac crypto: qat - comply with crypto_kpp_maxsize()
crypto_kpp_maxsize() asks for the output buffer size without
caring for errors. It allways assume that will be called after
a valid setkey. Comply with it and return what he wants.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:29 +08:00
Tudor-Dan Ambarus d0efb48b86 crypto: ecdh - comply with crypto_kpp_maxsize()
crypto_kpp_maxsize() asks for the output buffer size without
caring for errors. It allways assume that will be called after
a valid setkey. Comply with it and return what he wants.

nbytes has no sense now, remove it and directly return the maxsize.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:28 +08:00
Tudor-Dan Ambarus 7f69105077 crypto: dh - comply with crypto_kpp_maxsize()
crypto_kpp_maxsize() asks for the output buffer size without
caring for errors. It allways assume that will be called after
a valid setkey. Comply with it and return what he wants.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:27 +08:00
Tudor-Dan Ambarus c444b8da87 crypto: kpp - assume key is already set in maxsize
As of now, crypto_kpp_maxsize() can not be reached without successfully
setting the key for the transformation. kpp algorithm implementations
check if the key was set and then return the output buffer size
required for the given key.

Change the return type to unsigned int and always assume that this
function is called after a successful setkey of the transformation.
kpp algorithm implementations will remove the check if key is not NULL
and directly return the max size.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:27 +08:00
Tudor-Dan Ambarus ee34e2644a crypto: dh - fix memleak in setkey
setkey can be called multiple times during the existence
of the transformation object. In case of multiple setkey calls,
the old key was not freed and we leaked memory.
Free the old MPI key if any.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:26 +08:00
Tudor-Dan Ambarus 7380c56d2f crypto: ecc - rename ecdh_make_pub_key()
Rename ecdh_make_pub_key() to ecc_make_pub_key().
ecdh_make_pub_key() is not dh specific and the reference
to dh is wrong.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:26 +08:00
Tudor-Dan Ambarus ad26959710 crypto: ecc - remove unnecessary casts
ecc software implementation works with chunks of u64 data. There were some
unnecessary casts to u8 and then back to u64 for the ecc keys. This patch
removes the unnecessary casts.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:26 +08:00
Tudor-Dan Ambarus 099054d735 crypto: ecc - remove unused function arguments
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:25 +08:00
Tudor-Dan Ambarus c0ca1215dc crypto: kpp, (ec)dh - fix typos
While here, add missing argument description (ndigits).

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:25 +08:00
Antoine Ténart ee0db78d62 MAINTAINERS: add a maintainer for the Inside Secure crypto driver
A new cryptographic engine driver was added in
drivers/crypto/inside-secure. Add myself as a maintainer for this
driver.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:22 +08:00
Antoine Ténart 1b44c5a60c crypto: inside-secure - add SafeXcel EIP197 crypto engine driver
Add support for Inside Secure SafeXcel EIP197 cryptographic engine,
which can be found on Marvell Armada 7k and 8k boards. This driver
currently implements: ecb(aes), cbc(aes), sha1, sha224, sha256 and
hmac(sah1) algorithms.

Two firmwares are needed for this engine to work. Their are mostly used
for more advanced operations than the ones supported (as of now), but we
still need them to pass the data to the internal cryptographic engine.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:21 +08:00
Tero Kristo c28e8f2164 crypto: omap-sham - force word alignment on the xmit-buf also
This was previously missed from the code, causing SDMA to hang in
some cases where the buffer ended up being not aligned.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:20 +08:00
Tero Kristo 898d86a565 crypto: omap-sham - fix closing of hash with separate finalize call
Currently there is an interesting corner case failure with omap-sham
driver, if the finalize call is done separately with no data, but
all previous data has already been processed. In this case, it is not
possible to close the hash with the hardware without providing any data,
so we get incorrect results. Fix this by adjusting the size of data
sent to the hardware crypto engine in case the non-final data size falls
on the block size boundary, by reducing the amount of data sent by one
full block. This makes it sure that we always have some data available
for the finalize call and we can close the hash properly.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Reported-by: Aparna Balasubramanian <aparnab@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:20 +08:00
Tero Kristo 5d78d57ede crypto: omap-sham - buffer handling fixes for hashing later
Currently, the hash later code only handles the cases when we have
either new data coming in with the request or old data in the buffer,
but not the combination when we have both. Fix this by changing the
ordering of the code a bit and handling both cases properly
simultaneously if needed. Also, fix an issue with omap_sham_update
that surfaces with this fix, so that the code checks the bufcnt
instead of total data amount against buffer length to avoid any
buffer overflows.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:19 +08:00
Tero Kristo ad18cc9d0f crypto: omap-aes - Add support for GCM mode
OMAP AES hw supports AES-GCM mode. This patch adds support for GCM and
RFC4106 GCM mode in omap-aes driver. The GCM implementation is mostly
written into its own source file, which gets built into the same driver
binary as the existing AES support.

Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
[t-kristo@ti.com: forward port to latest upstream kernel, conversion to use
 omap-crypto lib and some additional fixes]
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:19 +08:00
Tero Kristo d695bfd6f0 crypto: omap-aes - export some AES driver functionality locally
These are going to be required by the addition of the GCM support.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:18 +08:00
Tero Kristo 5b3d4d2e61 crypto: omap-aes - move definitions over to a separate header file
Move over most of the omap-aes driver internal definitions to a separate
header file. This is done so that the same definitions can be used in
the upcoming AES-GCM support code.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:17 +08:00
Tero Kristo afc2dc1336 crypto: omap-aes - use base omap crypto support library
Use the SG alignment APIs from the OMAP crypto support library instead
of using own implementations.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:16 +08:00
Tero Kristo 9765e76861 crypto: omap-des - use base omap crypto support library
Use the SG alignment APIs from the OMAP crypto support library instead
of using own implementations. This reduces the amount of copy-paste
code.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:16 +08:00
Tero Kristo 74ed87e7e7 crypto: omap - add base support library for common routines
This contains the generic APIs for aligning SG buffers.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:15 +08:00
Tero Kristo 418f2a8cf2 crypto: omap-des - use runtime_pm autosuspend for clock handling
Convert the driver to use autosuspend for runtime_pm. This boosts the
performance, and optimizes the power consumption for the driver. By
default, the timeout value for autosuspend is set to one second.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:14 +08:00
Tero Kristo a636fdce55 crypto: omap-des - add check for weak keys
OMAP DES crypto accelerator itself is unable to detect weak keys, so
add a specific call to the generic des driver to check the key strength
if requested.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:14 +08:00
Tero Kristo 619ce70058 crypto: omap-aes - fix context handling for multiple cores
AES can have multiple HW accelerator cores in the system, in which case
each core has its own crypto engine in use. Currently, the used hardware
device is stored under the omap_aes_ctx struct, which is global for
the algorithm itself, causing conflicts when used with multiple cores.
Fix this by moving the used HW device under reqctx, which is stored
per-request basis.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:13 +08:00
Tero Kristo f09b348c1a crypto: omap-aes - drop unused flags attribute from omap_aes_ctx
This is not used for anything, so drop it.

Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:12 +08:00
Matthias Kaehlcke 1e6adff449 crypto: rng - Remove unused function __crypto_rng_cast()
This fixes the following warning when building with clang:

crypto/rng.c:35:34: error: unused function '__crypto_rng_cast'
    [-Werror,-Wunused-function]

Signed-off-by: Matthias Kaehlcke <mka@chromium.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-10 12:04:11 +08:00
Rick Altherr 284e76387c hw_random: timeriomem_rng: Allow setting RNG quality from platform data
When a hw_random device's quality is non-zero, it will automatically be
used to fill the kernel's entropy pool.  Since timeriomem_rng is used by
many different devices, the quality needs to be provided by platform
data or device tree.

Signed-off-by: Rick Altherr <raltherr@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-01 12:55:58 +08:00
Rick Altherr b14c534517 dt-bindings: timeriomem_rng: Add entropy quality property
Signed-off-by: Rick Altherr <raltherr@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-01 12:55:49 +08:00
Ard Biesheuvel 2a9faf8b7e crypto: arm/crc32 - enable module autoloading based on CPU feature bits
Make the module autoloadable by tying it to the CPU feature bits that
describe whether the optional instructions it relies on are implemented
by the current CPU.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-01 12:55:42 +08:00
Ard Biesheuvel a83ff88bed crypto: arm/sha2-ce - enable module autoloading based on CPU feature bits
Make the module autoloadable by tying it to the CPU feature bit that
describes whether the optional instructions it relies on are implemented
by the current CPU.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-06-01 12:55:41 +08:00