Commit Graph

659 Commits

Author SHA1 Message Date
Herbert Xu eeca9fad52 Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux
Merge upstream tree in order to reinstate crct10dif.
2013-09-07 12:53:35 +10:00
Marcelo Cerri 069fa0453f crypto: nx - fix SHA-2 for chunks bigger than block size
Each call to the co-processor, with exception of the last call, needs to
send data that is multiple of block size. As consequence, any remaining
data is kept in the internal NX context.

This patch fixes a bug in the driver that causes it to save incorrect
data into the context when data is bigger than the block size.

Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-09-02 20:32:56 +10:00
Marcelo Cerri dec0ed6c1b crypto: nx - fix GCM for zero length messages
The NX CGM implementation doesn't support zero length messages and the
current implementation has two flaws:

 - When the input data length is zero, it ignores the associated data.
 - Even when both lengths are zero, it uses the Crypto API to encrypt a
   zeroed block using ctr(aes) and because of this it allocates a new
   transformation and sets the key for this new tfm. Both operations are
   intended to be used only in user context, while the cryptographic
   operations can be called in both user and softirq contexts.

This patch replaces the nested Crypto API use and adds two special
cases:

 - When input data and associated data lengths are zero: it uses NX ECB
   mode to emulate the encryption of a zeroed block using ctr(aes).
 - When input data is zero and associated data is available: it uses NX
   GMAC mode to calculate the associated data MAC.

Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-09-02 20:32:55 +10:00
Marcelo Cerri 41e3173daf crypto: nx - fix XCBC for zero length messages
The NX XCBC implementation doesn't support zero length messages and
because of that NX is currently returning a hard-coded hash for zero
length messages. However this approach is incorrect since the hash value
also depends on which key is used.

This patch removes the hard-coded hash and replace it with an
implementation based on the RFC 3566 using ECB.

Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-09-02 20:32:55 +10:00
Fionnuala Gunter 2b188b3b86 crypto: nx - fix limits to sg lists for AES-CCM
This patch updates the NX driver to perform several hyper calls when necessary
so that the length limits of scatter/gather lists are respected.

Reviewed-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Fionnuala Gunter <fin@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-09-02 20:32:54 +10:00
Fionnuala Gunter 9d6f1a82d3 crypto: nx - fix limits to sg lists for AES-XCBC
This patch updates the NX driver to perform several hyper calls when necessary
so that the length limits of scatter/gather lists are respected.

Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Reviewed-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Fionnuala Gunter <fin@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-09-02 20:32:54 +10:00
Marcelo Cerri 799804348d crypto: nx - fix limits to sg lists for AES-GCM
This patch updates the nx-aes-gcm implementation to perform several
hyper calls if needed in order to always respect the length limits for
scatter/gather lists.

Two different limits are considered:

 - "ibm,max-sg-len": maximum number of bytes of each scatter/gather
   list.

 - "ibm,max-sync-cop":
    - The total number of bytes that a scatter/gather list can hold.
    - The maximum number of elements that a scatter/gather list can have.

Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-09-02 20:32:54 +10:00
Marcelo Cerri 884d981b04 crypto: nx - fix limits to sg lists for AES-CTR
This patch updates the nx-aes-ctr implementation to perform several
hyper calls if needed in order to always respect the length limits for
scatter/gather lists.

Two different limits are considered:

 - "ibm,max-sg-len": maximum number of bytes of each scatter/gather
   list.

 - "ibm,max-sync-cop":
    - The total number of bytes that a scatter/gather list can hold.
    - The maximum number of elements that a scatter/gather list can have.

Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-09-02 20:32:53 +10:00
Marcelo Cerri 2d290f0240 crypto: nx - fix limits to sg lists for AES-CBC
This patch updates the nx-aes-cbc implementation to perform several
hyper calls if needed in order to always respect the length limits for
scatter/gather lists.

Two different limits are considered:

 - "ibm,max-sg-len": maximum number of bytes of each scatter/gather
   list.

 - "ibm,max-sync-cop":
    - The total number of bytes that a scatter/gather list can hold.
    - The maximum number of elements that a scatter/gather list can have.

Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-09-02 20:32:53 +10:00
Marcelo Cerri ab74175938 crypto: nx - fix limits to sg lists for AES-ECB
This patch updates the nx-aes-ecb implementation to perform several
hyper calls if needed in order to always respect the length limits for
scatter/gather lists.

Two different limits are considered:

 - "ibm,max-sg-len": maximum number of bytes of each scatter/gather
   list.

 - "ibm,max-sync-cop":
    - The total number of bytes that a scatter/gather list can hold.
    - The maximum number of elements that a scatter/gather list can have.

Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-09-02 20:32:52 +10:00
Marcelo Cerri a8fc391a15 crypto: nx - add offset to nx_build_sg_lists()
This patch includes one more parameter to nx_build_sg_lists() to skip
the given number of bytes from beginning of each sg list.

This is needed in order to implement the fixes for the AES modes to make
them able to process larger chunks of data.

Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-09-02 20:32:52 +10:00
Lokesh Vutla f5e4626097 crypto: omap-sham - correct dma burst size
Each cycle of SHA512 operates on 32 data words where as
SHA256 operates on 16 data words. This needs to be updated
while configuring DMA channels. Doing the same.

Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:08 +10:00
Lokesh Vutla b8411ccd61 crypto: omap-sham - Enable Polling mode if DMA fails
For writing input buffer into DATA_IN register current driver
has the following state machine:
-> if input buffer < 9 : use fallback driver
-> else if input buffer < block size : Copy input buffer into data_in regs
-> else use dma transfer.

In cases where requesting for DMA channels fails for some reason,
or channel numbers are not provided in DT or platform data, probe
also fails. Instead of returning from driver use cpu polling mode.
In this mode processor polls on INPUT_READY bit and writes data into
data_in regs when it equals 1. This operation is repeated until the
length of message.

Now the state machine looks like:
-> if input buffer < 9 : use fallback driver
-> else if input buffer < block size : Copy input buffer into data_in regs
-> else if dma enabled: use dma transfer
	   else use cpu polling mode.

Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:07 +10:00
Dan Carpenter 5bc3570374 crypto: tegra-aes - bitwise vs logical and
The bug here is that:

	while (eng_busy & (!icq_empty) & dma_busy)

is never true because it's using bitwise instead of logical ANDs.  The
other bitwise AND conditions work as intended but I changed them as well
for consistency.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:07 +10:00
Dan Carpenter 393e661d61 crypto: sahara - checking the wrong variable
There is a typo here.  "dev->hw_link[]" is an array, not a pointer, so
the check is nonsense.  We should be checking recently allocated
"dev->hw_link[0]" instead.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:06 +10:00
Joel Fernandes 1bbf643705 crypto: omap-aes - Kconfig: Add build support for AM437x
For AM437x SoC, ARCH_OMAP2 and ARCH_OMAP3 is not enabled in the defconfig. We
follow same thing as SHA driver, and add depends on ARCH_OMAP2PLUS so that the
config is selectable for AES driver on AM437x SoC builds.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:06 +10:00
Joel Fernandes bce2a22885 crypto: omap-aes - Convert request_irq to devm_request_irq
Keeps request_irq exit/error code paths simpler.

Suggested-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:05 +10:00
Joel Fernandes 05007c10ff crypto: omap-aes - Convert kzalloc to devm_kzalloc
Use devm_kzalloc instead of kzalloc. With this change, there is no need to
call kfree in error/exit paths.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:05 +10:00
Joel Fernandes 6242332ff2 crypto: omap-aes - Add support for cases of unaligned lengths
For cases where offset/length of on any page of the input SG is not aligned by
AES_BLOCK_SIZE, we copy all the pages from the input SG list into a contiguous
buffer and prepare a single element SG list for this buffer with length as the
total bytes to crypt.

This is requried for cases such as when an SG list of 16 bytes total size
contains 16 pages each containing 1 byte. DMA using the direct buffers of such
instances is not possible.

For this purpose, we first detect if the unaligned case and accordingly
allocate enough number of pages to satisfy the request and prepare SG lists.
We then copy data into the buffer, and copy data out of it on completion.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:05 +10:00
Joel Fernandes 1801ad9483 crypto: omap-aes - Switch to PIO mode during probe
In cases where requesting for DMA channels fails for some reason, or channel
numbers are not provided in DT or platform data, we switch to PIO-only mode
also checking if platform provides IRQ numbers and interrupt register offsets
in DT and platform data. All dma-only paths are avoided in this mode.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:04 +10:00
Joel Fernandes 98837abc86 crypto: omap-aes - PIO mode: platform data for OMAP4/AM437x and trigger
We initialize the scatter gather walk lists needed for PIO mode and avoid all
DMA paths such as mapping/unmapping buffers by checking for the pio_only flag.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:03 +10:00
Joel Fernandes 1bf95cca8f crypto: omap-aes - PIO mode: Add IRQ handler and walk SGs
We add an IRQ handler that implements a state-machine for PIO-mode and data
structures for walking the scatter-gather list. The IRQ handler is called in
succession both when data is available to read or next data can be sent for
processing. This process continues till the entire in/out SG lists have been
walked. Once the SG-list has been completely walked, the IRQ handler schedules
the done_task tasklet.

Also add a useful macro that is used through out the IRQ code for a common
pattern of calculating how much an SG list has been walked.  This improves code
readability and avoids checkpatch errors.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:03 +10:00
Joel Fernandes 67216756ea crypto: omap-aes - Add IRQ info and helper macros
Add IRQ information to pdata and helper macros. These are required
for PIO-mode support.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:01 +10:00
Joel Fernandes 0c063a22d5 crypto: omap-aes - Remove previously used intermediate buffers
Intermdiate buffers were allocated, mapped and used for DMA.  These are no
longer required as we use the SGs from crypto layer directly in previous
commits in the series. Also along with it, remove the logic for copying SGs
etc as they are no longer used, and all the associated variables in omap_aes_device.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:00 +10:00
Joel Fernandes 0a641712ef crypto: omap-aes - Sync SG before DMA operation
Earlier functions that did a similar sync are replaced by the dma_sync_sg_*
which can operate on entire SG list.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:28:00 +10:00
Joel Fernandes 4b645c9465 crypto: omap-aes - Simplify DMA usage by using direct SGs
In early version of this driver, assumptions were made such as DMA layer
requires contiguous buffers etc. Due to this, new buffers were allocated,
mapped and used for DMA. These assumptions are no longer true and DMAEngine
scatter-gather DMA doesn't have such requirements. We simply the DMA operations
by directly using the scatter-gather buffers provided by the crypto layer
instead of creating our own.

Lot of logic that handled DMA'ing only X number of bytes of the total, or as
much as fitted into a 3rd party buffer is removed and is no longer required.

Also, good performance improvement of atleast ~20% seen with encrypting a
buffer size of 8K (1800 ops/sec vs 1400 ops/sec).  Improvement will be higher
for much larger blocks though such benchmarking is left as an exercise for the
reader.  Also DMA usage is much more simplified and coherent with rest of the
code.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:27:59 +10:00
Joel Fernandes e77c756eca crypto: omap-aes - Populate number of SG elements
Crypto layer only passes nbytes but number of SG elements is needed for mapping
or unmapping SGs at one time using dma_map* API and also needed to pass in for
dmaengine prep function.

We call function added to scatterwalk for this purpose in omap_aes_handle_queue
to populate the values which are used later.

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:27:59 +10:00
Joel Fernandes 016af9b5c5 crypto: omap-aes - Add useful debug macros
When DEBUG is enabled, these macros can be used to print variables in integer
and hex format, and clearly display which registers, offsets and values are
being read/written , including printing the names of the offsets and their values.

Using statement expression macros in read path as,
Suggested-by: Joe Perches <joe@perches.com>

Signed-off-by: Joel Fernandes <joelf@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:27:58 +10:00
jmlatten@linux.vnet.ibm.com b4eba0ca34 crypto: nx - fix nx-aes-gcm verification
This patch fixes a bug in the nx-aes-gcm implementation.
Corrected the code so that the authtag is always verified after
decrypting and not just when there is associated data included.
Also, corrected the code to retrieve the input authtag from src
instead of dst.

Reviewed-by: Fionnuala Gunter <fin@linux.vnet.ibm.com>
Reviewed-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:08:38 +10:00
Alex Porosanu d4d8edf885 crypto: caam - add option for enabling DEBUG mode
This patch adds an option to the Kconfig file for
SEC which enables the user to see the debug messages
that are printed inside the SEC driver.

Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:08:37 +10:00
Alex Porosanu 514df2816f crypto: caam - replace xstr macro with __stringify
CAAM driver contains one macro (xstr) used for printing
the line location in a file where a memdump is done. This patch
replaces the xstr macro with the already existing __stringify
macro that performs the same function.

Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-21 21:08:36 +10:00
Marcelo Cerri c849163b80 crypto: nx - fix concurrency issue
The NX driver uses the transformation context to store several fields
containing data related to the state of the operations in progress.
Since a single tfm can be used by different kernel threads at the same
time, we need to protect the data stored into the context.

This patch makes use of spin locks to protect the data where a race
condition can happen.

Reviewed-by: Fionnuala Gunter <fin@linux.vnet.ibm.com>
Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-14 20:42:04 +10:00
Jingoo Han 3a4eac799b crypto: crypto4xx - Staticize local symbols
These local symbols are used only in this file.
Fix the following sparse warnings:

drivers/crypto/amcc/crypto4xx_alg.c:35:6: warning: symbol 'set_dynamic_sa_command_0' was not declared. Should it be static?
drivers/crypto/amcc/crypto4xx_alg.c:55:6: warning: symbol 'set_dynamic_sa_command_1' was not declared. Should it be static?

Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-14 20:42:03 +10:00
Jingoo Han e45f1d1879 crypto: sahara - Staticize local symbol
This local symbol is used only in this file.
Fix the following sparse warnings:

drivers/crypto/sahara.c:420:6: warning: symbol 'sahara_watchdog' was not declared. Should it be static?

Signed-off-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-14 20:42:02 +10:00
Fionnuala Gunter cc76daf793 crypto: nx - saves chaining value from co-processor
This patch fixes a bug that is triggered when cts(cbc(aes)) is used with
nx-crypto driver on input larger than 32 bytes.

The chaining value from co-processor was not being saved. This value is
needed because it is used as the IV by cts(cbc(aes)).

Signed-off-by: Fionnuala Gunter <fin@linux.vnet.ibm.com>
Reviewed-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-09 16:41:29 +10:00
Marcelo Cerri d311149337 crypto: nx - fix limits to sg lists for SHA-2
The co-processor has several limits regarding the length of
scatter/gather lists and the total number of bytes in it. These limits
are available in the device tree, as following:

 - "ibm,max-sg-len": maximum number of bytes of each scatter/gather
   list.

 - "ibm,max-sync-cop": used for synchronous operations, it is an array
   of structures that contains information regarding the limits that
   must be considered for each mode and operation. The most important
   limits in it are:
   	- The total number of bytes that a scatter/gather list can hold.
	- The maximum number of elements that a scatter/gather list can
	  have.

This patch updates the NX driver to perform several hyper calls if
needed in order to always respect the length limits for scatter/gather
lists.

Reviewed-by: Fionnuala Gunter <fin@linux.vnet.ibm.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-09 16:39:44 +10:00
Marcelo Cerri 2b7c15ca17 crypto: nx - fix physical addresses added to sg lists
The co-processor receives data to be hashed through scatter/gather lists
pointing to physical addresses. When a vmalloc'ed data is given, the
driver must calculate the physical address to each page of the data.

However the current version of it just calculates the physical address
once and keeps incrementing it even when a page boundary is crossed.
This patch fixes this behaviour.

Reviewed-by: Fionnuala Gunter <fin@linux.vnet.ibm.com>
Reviewed-by: Joel Schopp <jschopp@linux.vnet.ibm.com>
Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com>
Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-09 16:39:44 +10:00
Ruchika Gupta 6dad41158d crypto: caam - Remove unused functions from Job Ring
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-01 10:55:40 +10:00
Lokesh Vutla 7a7e4b73b5 crypto: omap-sham - Convert to devm_kzalloc()
Use devm_kzalloc() to make cleanup paths simpler.

Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-01 10:54:01 +10:00
Lokesh Vutla 0de9c3876b crypto: omap-sham - Convert to devm_request_irq()
Using devm_request_irq() rather than request_irq().
So removing free_irq() calls from the probe error
path and the remove handler.

Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-01 10:54:00 +10:00
Lokesh Vutla 7d7c704d0d crypto: omap-sham - Add OMAP5/AM43XX SHAM Support
Add support for the OMAP5 version of the SHAM module
that is present on OMAP5 and AM43xx SoCs.

This module is very simialar to OMAP4 version of SHAM module,
and adds SHA384 SHA512 hardware-accelerated hash functions to it.
To handle the higher digest size of SHA512, few SHA512_DIGEST_i
(i=1-16, and first 8 registers are duplicated from SHA_DIGEST_i
registers) registers are added at the end of register set.
So adding the above register offsets and module info in pdata.

Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-01 10:54:00 +10:00
Lokesh Vutla eaef7e3f3f crypto: omap-sham - Add SHA384 and SHA512 Support
Adding support for SHA348 and SHA512 in addition to MD5, SHA1, SHA224
SHA256 that the omap sha module supports.

In order to add the support
- Removed hard coded register offsets and passing offsets from pdata
- Updating Flag offsets so that they can be used for SHA256 and SHA512
- Adding the algo info.

Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-01 10:54:00 +10:00
Joe Perches 69d2884deb crypto: ux500 - Fix logging, make arrays const, neatening
Logging messages without newlines are possibly interleaved
with other messages.  Add terminating newlines to avoid
this.

Other miscellaneous changes:

Make arrays const to reduce data size
Add pr_fmt to prefix pr_<level>, remove now unused DEV_DBG_NAME
Coalesce formats, align arguments
Remove unnecessary OOM messages as dump_stack is already done
Remove unnecessary cast of void *
Change kzalloc(sizeof(struct)...) to kzalloc(sizeof(*var), ...)
Reduce indents in struct definitions

Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-01 10:53:59 +10:00
Ruchika Gupta 997ad2900a crypto: caam - RNG instantiation by directly programming DECO
Remove the dependency of RNG instantiation on Job Ring. Now
RNG instantiation for devices with RNG version > 4 is done
by directly programming DECO 0.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-08-01 10:50:21 +10:00
Linus Torvalds b48a97be8e Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
 "This push fixes a memory corruption issue in caam, as well as
  reverting the new optimised crct10dif implementation as it breaks boot
  on initrd systems.

  Hopefully crct10dif will be reinstated once the supporting code is
  added so that it doesn't break boot"

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  Revert "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework"
  crypto: caam - Fixed the memory out of bound overwrite issue
2013-07-24 11:05:18 -07:00
Vakul Garg aa2faec1a0 crypto: caam - Moved macro DESC_JOB_IO_LEN to desc_constr.h
DESC_JOB_IO_LEN is a generic macro which indicates the space required in
the descriptor for placing SEQIN/OUT commands, job descriptor header,
shared descriptor pointer. Moving it to descriptor construction file
which can be supposedly included by different algo offload files.

Change-Id: Ic8900990d465e9079827b0c7fcacc61766d7efb6
Signed-off-by: Vakul Garg <vakul@freescale.com>
Reviewed-by: Geanta Neag Horia Ioan-B05471 <horia.geanta@freescale.com>
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-07-10 16:53:28 +10:00
Vakul Garg 9c23b7d3d6 crypto: caam - Fixed the memory out of bound overwrite issue
When kernel is compiled with CONFIG_SLUB_DEBUG=y and
CRYPTO_MANAGER_DISABLE_TESTS=n, during kernel bootup, the kernel
reports error given below. The root cause is that in function
hash_digest_key(), for allocating descriptor, insufficient memory was
being allocated. The required number of descriptor words apart from
input and output pointers are 8 (instead of 6).

=============================================================================
BUG dma-kmalloc-32 (Not tainted): Redzone overwritten
-----------------------------------------------------------------------------

Disabling lock debugging due to kernel taint
INFO: 0xdec5dec0-0xdec5dec3. First byte 0x0 instead of 0xcc
INFO: Allocated in ahash_setkey+0x60/0x594 age=7 cpu=1 pid=1257
        __kmalloc+0x154/0x1b4
        ahash_setkey+0x60/0x594
        test_hash+0x260/0x5a0
        alg_test_hash+0x48/0xb0
        alg_test+0x84/0x228
        cryptomgr_test+0x4c/0x54
        kthread+0x98/0x9c
        ret_from_kernel_thread+0x64/0x6c
INFO: Slab 0xc0bd0ba0 objects=19 used=2 fp=0xdec5d0d0 flags=0x0081
INFO: Object 0xdec5dea0 @offset=3744 fp=0x5c200014

Bytes b4 dec5de90: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a
........ZZZZZZZZ
Object dec5dea0: b0 80 00 0a 84 41 00 0d f0 40 00 00 00 67 3f c0
.....A...@...g?.
Object dec5deb0: 00 00 00 50 2c 14 00 50 f8 40 00 00 1e c5 d0 00
...P,..P.@......
Redzone dec5dec0: 00 00 00 14                                      ....
Padding dec5df68: 5a 5a 5a 5a 5a 5a 5a 5a
ZZZZZZZZ
Call Trace:
[dec65b60] [c00071b4] show_stack+0x4c/0x168 (unreliable)
[dec65ba0] [c00d4ec8] check_bytes_and_report+0xe4/0x11c
[dec65bd0] [c00d507c] check_object+0x17c/0x23c
[dec65bf0] [c0550a00] free_debug_processing+0xf4/0x294
[dec65c20] [c0550bdc] __slab_free+0x3c/0x294
[dec65c80] [c03f0744] ahash_setkey+0x4e0/0x594
[dec65cd0] [c01ef138] test_hash+0x260/0x5a0
[dec65e50] [c01ef4c0] alg_test_hash+0x48/0xb0
[dec65e70] [c01eecc4] alg_test+0x84/0x228
[dec65ee0] [c01ec640] cryptomgr_test+0x4c/0x54
[dec65ef0] [c005adc0] kthread+0x98/0x9c
[dec65f40] [c000e1ac] ret_from_kernel_thread+0x64/0x6c
FIX dma-kmalloc-32: Restoring 0xdec5dec0-0xdec5dec3=0xcc

Change-Id: I0c7a1048053e811025d1c3b487940f87345c8f5d
Signed-off-by: Vakul Garg <vakul@freescale.com>
CC: <stable@vger.kernel.org> #3.9
Reviewed-by: Geanta Neag Horia Ioan-B05471 <horia.geanta@freescale.com>
Reviewed-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Tested-by: Fleming Andrew-AFLEMING <AFLEMING@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-07-10 16:47:13 +10:00
Akinobu Mita d05257238f crypto: talitos: use sg_pcopy_to_buffer()
Use sg_pcopy_to_buffer() which is better than the function previously used.
Because it doesn't do kmap/kunmap for skipped pages.

Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: "James E.J. Bottomley" <JBottomley@parallels.com>
Cc: Douglas Gilbert <dgilbert@interlog.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Horia Geanta <horia.geanta@freescale.com>
Cc: Imre Deak <imre.deak@intel.com>
Cc: Tejun Heo <tj@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-07-09 10:33:30 -07:00
Linus Torvalds b2c311075d Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto update from Herbert Xu:
 - Do not idle omap device between crypto operations in one session.
 - Added sha224/sha384 shims for SSSE3.
 - More optimisations for camellia-aesni-avx2.
 - Removed defunct blowfish/twofish AVX2 implementations.
 - Added unaligned buffer self-tests.
 - Added PCLMULQDQ optimisation for CRCT10DIF.
 - Added support for Freescale's DCP co-processor
 - Misc fixes.

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (44 commits)
  crypto: testmgr - test hash implementations with unaligned buffers
  crypto: testmgr - test AEADs with unaligned buffers
  crypto: testmgr - test skciphers with unaligned buffers
  crypto: testmgr - check that entries in alg_test_descs are in correct order
  Revert "crypto: twofish - add AVX2/x86_64 assembler implementation of twofish cipher"
  Revert "crypto: blowfish - add AVX2/x86_64 implementation of blowfish cipher"
  crypto: camellia-aesni-avx2 - tune assembly code for more performance
  hwrng: bcm2835 - fix MODULE_LICENSE tag
  hwrng: nomadik - use clk_prepare_enable()
  crypto: picoxcell - replace strict_strtoul() with kstrtoul()
  crypto: dcp - Staticize local symbols
  crypto: dcp - Use NULL instead of 0
  crypto: dcp - Use devm_* APIs
  crypto: dcp - Remove redundant platform_set_drvdata()
  hwrng: use platform_{get,set}_drvdata()
  crypto: omap-aes - Don't idle/start AES device between Encrypt operations
  crypto: crct10dif - Use PTR_RET
  crypto: ux500 - Cocci spatch "resource_size.spatch"
  crypto: sha256_ssse3 - add sha224 support
  crypto: sha512_ssse3 - add sha384 support
  ...
2013-07-05 12:12:33 -07:00
Linus Torvalds 0bf6a210a4 ARM SoC driver specific changes
These changes are all driver specific and cross over between arm-soc
 contents and some other subsystem, in these cases cpufreq, crypto,
 dma, pinctrl, mailbox and usb, and the subsystem owners agreed to
 have these changes merged through arm-soc. As we proceed to untangle
 the dependencies between platform code and driver code, the amount of
 changes in this category is fortunately shrinking, for 3.11 we have
 16 branches here and 101 non-merge changesets, the majority of which
 are for the stedma40 dma engine driver used in the ux500 platform.
 Cleaning up that code touches multiple subsystems, but gets rid
 of the dependency in the end.
 
 The mailbox code moved out from mach-omap2 to drivers/mailbox
 is an intermediate step and is still omap specific at the moment.
 Patches exist to generalize the subsystem and add other drivers
 with the same API, but those did not make it for 3.11.
 
 Conflicts:
 * In cpu-db8500.c results from the removal of the u8500_of_init_devices
   function in combination with the split of u8500_auxdata_lookup.
 
 * In arch/arm/mach-omap2/devices.c, the includes got reshuffled.
   we need to keep linux/wl12xx.h and linux/platform_data/mailbox-omap.h.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIVAwUAUdLnomCrR//JCVInAQJI/A/9FydsQa9sdnzLFgcdX5BeRRwkXLfDifCM
 zDTfUBo+LriKOs7QHblmDg1MnY1UMB2IfrdHD0FsjK7WbZ/91EMAGDPYcI7Fu4+u
 pGStxwWi2v+oCT1jjeOkCPT7hdCqogsSpybYq8itSb+zdvdOi6U35dWEKz8xGqz4
 vTL9gTZbJP0kowkjIcaryk7FIj7BTIvMCW8n55JZEkDe0BuSJGYn5c3Mntut12ZK
 5xM2PeNe2sd3dIdA6XbM2ye/XmYa8xY8Qu4/ijxfH1gnJLvz9Unp96nRXpEbIeMb
 BH2Sro8dxsMCaweIQhSRKGnUWMYO/Rh7/+5EqzJ163Ezthx9nvHXJY2ndWuD7uM1
 IcGrMxLtqP22TEMtZAVEATDp/5ymxEo5GM+eayUojQDn213wOJjRs5xz5IBsH4KM
 8CM/gpadWmLjWku72yEV4lryLcdS0NVQzpTnEbILEGOU4u7qJtxRAp7x7tWBtFg8
 4m/eWcSVk/U2SYbXmQHsfukuWgKY0cnZbctPcdnaqXwTP7toJEAK3gxoMtWh49Jq
 2M2PVFyFejaaq5b/71wAJ7ePYw56H0N/F3RsGpPE55AY15++gSoQ+3t2Si68hDw8
 NtyJMkQYpTvtqJbHXWpQQ3Zfs7pDBe01WDV7i+m4JTNggxUDaO/t1Fqp+fEksm4J
 r+luEf5Gcgk=
 =mJsI
 -----END PGP SIGNATURE-----

Merge tag 'drivers-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC driver specific changes from Arnd Bergmann:
 "These changes are all driver specific and cross over between arm-soc
  contents and some other subsystem, in these cases cpufreq, crypto,
  dma, pinctrl, mailbox and usb, and the subsystem owners agreed to have
  these changes merged through arm-soc.

  As we proceed to untangle the dependencies between platform code and
  driver code, the amount of changes in this category is fortunately
  shrinking, for 3.11 we have 16 branches here and 101 non-merge
  changesets, the majority of which are for the stedma40 dma engine
  driver used in the ux500 platform.  Cleaning up that code touches
  multiple subsystems, but gets rid of the dependency in the end.

  The mailbox code moved out from mach-omap2 to drivers/mailbox is an
  intermediate step and is still omap specific at the moment.  Patches
  exist to generalize the subsystem and add other drivers with the same
  API, but those did not make it for 3.11."

* tag 'drivers-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (101 commits)
  crypto: ux500: use dmaengine_submit API
  crypto: ux500: use dmaengine_prep_slave_sg API
  crypto: ux500: use dmaengine_device_control API
  crypto: ux500/crypt: add missing __iomem qualifiers
  crypto: ux500/hash: add missing static qualifiers
  crypto: ux500/hash: use readl on iomem addresses
  dmaengine: ste_dma40: Declare memcpy config as static
  ARM: ux500: Remove mop500_snowball_ethernet_clock_enable()
  ARM: ux500: Correct the EN_3v3 regulator's on/off GPIO
  ARM: ux500: Provide a AB8500 GPIO Device Tree node
  gpio: rcar: fix gpio_rcar_of_table
  gpio-rcar: Remove #ifdef CONFIG_OF around OF-specific sections
  gpio-rcar: Reference core gpio documentation in the DT bindings
  clk: exynos5250: Add enum entries for divider clock of i2s1 and i2s2
  ARM: dts: Update Samsung I2S documentation
  ARM: dts: add clock provider information for i2s controllers in Exynos5250
  ARM: dts: add Exynos audio subsystem clock controller node
  clk: samsung: register audio subsystem clocks using common clock framework
  ARM: dts: use #include for all device trees for Samsung
  pinctrl: s3c24xx: use correct header for chained_irq functions
  ...
2013-07-02 14:33:21 -07:00