1. 24 Mar, 2023 5 commits
  2. 17 Mar, 2023 23 commits
  3. 14 Mar, 2023 12 commits
    • Damian Muszynski's avatar
      crypto: qat - add support for 402xx devices · a3e8c919
      Damian Muszynski authored
      QAT_402xx is a derivative of 4xxx. Add support for that device in the
      qat_4xxx driver by including the DIDs (both PF and VF), extending the
      probe and the firmware loader.
      
      402xx uses different firmware images than 4xxx. To allow that the logic
      that selects the firmware images was modified.
      Signed-off-by: default avatarDamian Muszynski <damian.muszynski@intel.com>
      Reviewed-by: default avatarGiovanni Cabiddu <giovanni.cabiddu@intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      a3e8c919
    • Neal Liu's avatar
      crypto: aspeed - fix uninitialized symbol 'idx' warning · b2ca2950
      Neal Liu authored
      'idx' is not initialized if it's not EXP_MODE nor MOD_MODE.
      Use "else" instead to fix it.
      Signed-off-by: default avatarNeal Liu <neal_liu@aspeedtech.com>
      Reported-by: default avatarkernel test robot <lkp@intel.com>
      Reported-by: default avatarDan Carpenter <error27@gmail.com>
      Link: https://lore.kernel.org/r/202302261052.CVFRyq6F-lkp@intel.com/Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      b2ca2950
    • Horia Geanta's avatar
      drivers: crypto: caam/jr - Allow quiesce when quiesced · 06e39357
      Horia Geanta authored
      Issues:
      - Job ring device is busy when do kexec reboot
      - Failed to flush job ring when do system suspend-resume
      
      Fix:
      Flush the job ring to stop the running jobs.
      Signed-off-by: default avatarHoria Geanta <horia.geanta@nxp.com>
      Signed-off-by: default avatarFranck LENORMAND <franck.lenormand@nxp.com>
      Reviewed-by: default avatarPankaj Gupta <pankaj.gupta@nxp.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      06e39357
    • Jonathan McDowell's avatar
      crypto: safexcel - Cleanup ring IRQ workqueues on load failure · ca25c00c
      Jonathan McDowell authored
      A failure loading the safexcel driver results in the following warning
      on boot, because the IRQ affinity has not been correctly cleaned up.
      Ensure we clean up the affinity and workqueues on a failure to load the
      driver.
      
      crypto-safexcel: probe of f2800000.crypto failed with error -2
      ------------[ cut here ]------------
      WARNING: CPU: 1 PID: 232 at kernel/irq/manage.c:1913 free_irq+0x300/0x340
      Modules linked in: hwmon mdio_i2c crypto_safexcel(+) md5 sha256_generic libsha256 authenc libdes omap_rng rng_core nft_masq nft_nat nft_chain_nat nf_nat nft_ct nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables libcrc32c nfnetlink fuse autofs4
      CPU: 1 PID: 232 Comm: systemd-udevd Tainted: G        W          6.1.6-00002-g9d4898824677 #3
      Hardware name: MikroTik RB5009 (DT)
      pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
      pc : free_irq+0x300/0x340
      lr : free_irq+0x2e0/0x340
      sp : ffff800008fa3890
      x29: ffff800008fa3890 x28: 0000000000000000 x27: 0000000000000000
      x26: ffff8000008e6dc0 x25: ffff000009034cac x24: ffff000009034d50
      x23: 0000000000000000 x22: 000000000000004a x21: ffff0000093e0d80
      x20: ffff000009034c00 x19: ffff00000615fc00 x18: 0000000000000000
      x17: 0000000000000000 x16: 0000000000000000 x15: 000075f5c1584c5e
      x14: 0000000000000017 x13: 0000000000000000 x12: 0000000000000040
      x11: ffff000000579b60 x10: ffff000000579b62 x9 : ffff800008bbe370
      x8 : ffff000000579dd0 x7 : 0000000000000000 x6 : ffff000000579e18
      x5 : ffff000000579da8 x4 : ffff800008ca0000 x3 : ffff800008ca0188
      x2 : 0000000013033204 x1 : ffff000009034c00 x0 : ffff8000087eadf0
      Call trace:
       free_irq+0x300/0x340
       devm_irq_release+0x14/0x20
       devres_release_all+0xa0/0x100
       device_unbind_cleanup+0x14/0x60
       really_probe+0x198/0x2d4
       __driver_probe_device+0x74/0xdc
       driver_probe_device+0x3c/0x110
       __driver_attach+0x8c/0x190
       bus_for_each_dev+0x6c/0xc0
       driver_attach+0x20/0x30
       bus_add_driver+0x148/0x1fc
       driver_register+0x74/0x120
       __platform_driver_register+0x24/0x30
       safexcel_init+0x48/0x1000 [crypto_safexcel]
       do_one_initcall+0x4c/0x1b0
       do_init_module+0x44/0x1cc
       load_module+0x1724/0x1be4
       __do_sys_finit_module+0xbc/0x110
       __arm64_sys_finit_module+0x1c/0x24
       invoke_syscall+0x44/0x110
       el0_svc_common.constprop.0+0xc0/0xe0
       do_el0_svc+0x20/0x80
       el0_svc+0x14/0x4c
       el0t_64_sync_handler+0xb0/0xb4
       el0t_64_sync+0x148/0x14c
      ---[ end trace 0000000000000000 ]---
      
      Fixes: 1b44c5a6 ("inside-secure - add SafeXcel EIP197 crypto engine driver")
      Signed-off-by: default avatarJonathan McDowell <noodles@earth.li>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      ca25c00c
    • Jonathan McDowell's avatar
      crypto: safexcel - Raise firmware load failure message to error · 86e8e3ce
      Jonathan McDowell authored
      At the moment if there is no firmware available for the safexcel driver
      it will fail to load with a cryptic:
      
      crypto-safexcel f2800000.crypto: TRC init: 15360d,80a (48r,256h)
      crypto-safexcel f2800000.crypto: HW init failed (-2)
      
      Raise the logging level of the firmware load failure to err rather than
      dbg so that it's obvious what the reason for the HW init failure is.
      Signed-off-by: default avatarJonathan McDowell <noodles@earth.li>
      Reviewed-by: default avatarAntoine Tenart <atenart@kernel.org>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      86e8e3ce
    • Shashank Gupta's avatar
      crypto: qat - make state machine functions static · 88fca80e
      Shashank Gupta authored
      The state machine functions adf_dev_init(), adf_dev_start(),
      adf_dev_stop() adf_dev_shutdown() and adf_dev_shutdown_cache_cfg()
      are only used internally within adf_init.c.
      Do not export these functions and make them static as state transitions
      are now performed using the safe function adf_dev_up() and
      adf_dev_down().
      
      This commit does not implement any functional change.
      Signed-off-by: default avatarShashank Gupta <shashank.gupta@intel.com>
      Reviewed-by: default avatarGiovanni Cabiddu <giovanni.cabiddu@intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      88fca80e
    • Shashank Gupta's avatar
      crypto: qat - refactor device restart logic · b97c5377
      Shashank Gupta authored
      Refactor the restart logic by moving it into the function
      adf_dev_restart() which uses the safe function adf_dev_up() and
      adf_dev_down().
      
      This commit does not implement any functional change.
      Signed-off-by: default avatarShashank Gupta <shashank.gupta@intel.com>
      Reviewed-by: default avatarGiovanni Cabiddu <giovanni.cabiddu@intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      b97c5377
    • Shashank Gupta's avatar
      crypto: qat - replace state machine calls · 2b60f79c
      Shashank Gupta authored
      The device state machine functions are unsafe and interdependent on each
      other. To perform a state transition, these shall be called in a
      specific order:
        * device up:   adf_dev_init() -> adf_dev_start()
        * device down: adf_dev_stop() -> adf_dev_shutdown()
      
      Replace all the state machine functions used in the QAT driver with the
      safe wrappers adf_dev_up() and adf_dev_down().
      Signed-off-by: default avatarShashank Gupta <shashank.gupta@intel.com>
      Reviewed-by: default avatarGiovanni Cabiddu <giovanni.cabiddu@intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      2b60f79c
    • Shashank Gupta's avatar
      crypto: qat - fix concurrency issue when device state changes · 1bdc8555
      Shashank Gupta authored
      The sysfs `state` attribute is not protected against race conditions.
      If multiple processes perform a device state transition on the same
      device in parallel, unexpected behaviors might occur.
      
      For transitioning the device state, adf_sysfs.c calls the functions
      adf_dev_init(), adf_dev_start(), adf_dev_stop() and adf_dev_shutdown()
      which are unprotected and interdependent on each other. To perform a
      state transition, these functions needs to be called in a specific
      order:
        * device up:   adf_dev_init() -> adf_dev_start()
        * device down: adf_dev_stop() -> adf_dev_shutdown()
      
      This change introduces the functions adf_dev_up() and adf_dev_down()
      which wrap the state machine functions and protect them with a
      per-device lock. These are then used in adf_sysfs.c instead of the
      individual state transition functions.
      
      Fixes: 5ee52118 ("crypto: qat - expose device state through sysfs for 4xxx")
      Signed-off-by: default avatarShashank Gupta <shashank.gupta@intel.com>
      Reviewed-by: default avatarGiovanni Cabiddu <giovanni.cabiddu@intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      1bdc8555
    • Shashank Gupta's avatar
      crypto: qat - delay sysfs initialization · 59a0ab49
      Shashank Gupta authored
      The function adf_sysfs_init() is used by qat_4xxx to create sysfs
      attributes. This is called by the probe function before starting a
      device. With this sequence, there might be a chance that the sysfs
      entries for configuration might be changed by a user while the driver
      is performing a device bring-up causing unexpected behaviors.
      
      Delay the creation of sysfs entries after adf_dev_start().
      Signed-off-by: default avatarShashank Gupta <shashank.gupta@intel.com>
      Reviewed-by: default avatarGiovanni Cabiddu <giovanni.cabiddu@intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      59a0ab49
    • Eric Biggers's avatar
      crypto: testmgr - fix RNG performance in fuzz tests · f900fde2
      Eric Biggers authored
      The performance of the crypto fuzz tests has greatly regressed since
      v5.18.  When booting a kernel on an arm64 dev board with all software
      crypto algorithms and CONFIG_CRYPTO_MANAGER_EXTRA_TESTS enabled, the
      fuzz tests now take about 200 seconds to run, or about 325 seconds with
      lockdep enabled, compared to about 5 seconds before.
      
      The root cause is that the random number generation has become much
      slower due to commit d4150779 ("random32: use real rng for
      non-deterministic randomness").  On my same arm64 dev board, at the time
      the fuzz tests are run, get_random_u8() is about 345x slower than
      prandom_u32_state(), or about 469x if lockdep is enabled.
      
      Lockdep makes a big difference, but much of the rest comes from the
      get_random_*() functions taking a *very* slow path when the CRNG is not
      yet initialized.  Since the crypto self-tests run early during boot,
      even having a hardware RNG driver enabled (CONFIG_CRYPTO_DEV_QCOM_RNG in
      my case) doesn't prevent this.  x86 systems don't have this issue, but
      they still see a significant regression if lockdep is enabled.
      
      Converting the "Fully random bytes" case in generate_random_bytes() to
      use get_random_bytes() helps significantly, improving the test time to
      about 27 seconds.  But that's still over 5x slower than before.
      
      This is all a bit silly, though, since the fuzz tests don't actually
      need cryptographically secure random numbers.  So let's just make them
      use a non-cryptographically-secure RNG as they did before.  The original
      prandom_u32() is gone now, so let's use prandom_u32_state() instead,
      with an explicitly managed state, like various other self-tests in the
      kernel source tree (rbtree_test.c, test_scanf.c, etc.) already do.  This
      also has the benefit that no locking is required anymore, so performance
      should be even better than the original version that used prandom_u32().
      
      Fixes: d4150779 ("random32: use real rng for non-deterministic randomness")
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      f900fde2
    • Eric Biggers's avatar
      crypto: arm64/aes-neonbs - fix crash with CFI enabled · 47446d7c
      Eric Biggers authored
      aesbs_ecb_encrypt(), aesbs_ecb_decrypt(), aesbs_xts_encrypt(), and
      aesbs_xts_decrypt() are called via indirect function calls.  Therefore
      they need to use SYM_TYPED_FUNC_START instead of SYM_FUNC_START to cause
      their type hashes to be emitted when the kernel is built with
      CONFIG_CFI_CLANG=y.  Otherwise, the code crashes with a CFI failure if
      the compiler doesn't happen to optimize out the indirect calls.
      
      Fixes: c50d3285 ("arm64: Add types to indirect called assembly functions")
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Reviewed-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      47446d7c