- 29 Oct, 2021 6 commits
-
-
Prabhjot Khurana authored
The Intel Keem Bay SoC can provide hardware acceleration of Elliptic Curve Cryptography (ECC) by means of its Offload and Crypto Subsystem (OCS). Add the Keem Bay OCS ECC driver which leverages such hardware capabilities to provide hardware-acceleration of ECDH-256 and ECDH-384. Signed-off-by:
Prabhjot Khurana <prabhjot.khurana@intel.com> Co-developed-by:
Daniele Alessandrelli <daniele.alessandrelli@intel.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Prabhjot Khurana authored
Add Keem Bay Offload and Crypto Subsystem (OCS) Elliptic Curve Cryptography (ECC) device tree bindings. Signed-off-by:
Rob Herring <robh@kernel.org> Signed-off-by:
-
Daniele Alessandrelli authored
Export the following additional ECC helper functions: - ecc_alloc_point() - ecc_free_point() - vli_num_bits() - ecc_point_is_zero() This is done to allow future ECC device drivers to re-use existing code, thus simplifying their implementation. Functions are exported using EXPORT_SYMBOL() (instead of EXPORT_SYMBOL_GPL()) to be consistent with the functions already exported by crypto/ecc.c. Exported functions are documented in include/crypto/internal/ecc.h. Signed-off-by:
-
Daniele Alessandrelli authored
Move ecc.h header file to 'include/crypto/internal' so that it can be easily imported from everywhere in the kernel tree. This change is done to allow crypto device drivers to re-use the symbols exported by 'crypto/ecc.c', thus avoiding code duplication. Signed-off-by:
-
Prabhjot Khurana authored
Add KPP support to the crypto engine queue manager, so that it can be used to simplify the logic of KPP device drivers as done for other crypto drivers. Signed-off-by:
-
Herbert Xu authored
The delayed boot-time testing patch created a dependency loop between api.c and algapi.c because it added a crypto_alg_tested call to the former when the crypto manager is disabled. We could instead avoid creating the test larvals if the crypto manager is disabled. This avoids the dependency loop as well as saving some unnecessary work, albeit in a very unlikely case. Reported-by:
Nathan Chancellor <nathan@kernel.org> Reported-by:
Naresh Kamboju <naresh.kamboju@linaro.org> Reported-by:
kernel test robot <lkp@intel.com> Fixes: adad556e ("crypto: api - Fix built-in testing dependency failures") Signed-off-by:
-
- 22 Oct, 2021 2 commits
-
-
Horia Geantă authored
Commit ad6d66bc ("crypto: tcrypt - include 1420 byte blocks in aead and skcipher benchmarks") mentions: > power-of-2 block size. So let's add 1420 bytes explicitly, and round > it up to the next blocksize multiple of the algo in question if it > does not support 1420 byte blocks. but misses updating skcipher multi-buffer tests. Fix this by using the proper (rounded) input size. Fixes: ad6d66bc ("crypto: tcrypt - include 1420 byte blocks in aead and skcipher benchmarks") Signed-off-by:
Horia Geantă <horia.geanta@nxp.com> Signed-off-by:
-
Qing Wang authored
coccicheck complains about the use of snprintf() in sysfs show functions. Fix the following coccicheck warning: drivers/char/hw_random/s390-trng.c:114:8-16: WARNING: use scnprintf or sprintf. drivers/char/hw_random/s390-trng.c:122:8-16: WARNING: use scnprintf or sprintf. Use sysfs_emit instead of scnprintf or sprintf makes more sense. Signed-off-by:
Qing Wang <wangqing@vivo.com> Signed-off-by:
-
- 15 Oct, 2021 2 commits
-
-
Ovidiu Panait authored
Currently, in case of aead fallback, no associated data info is set in the fallback request. To fix this, call aead_request_set_ad() to pass the assoclen. Fixes: 6f03f0e8 ("crypto: octeontx2 - register with linux crypto framework") Signed-off-by:
Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by:
-
Peter Gonda authored
Extra tab in sev_cmd_buffer_len(). Signed-off-by:
Peter Gonda <pgonda@google.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Marc Orr <marcorr@google.com> Cc: Joerg Roedel <jroedel@suse.de> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: David Rientjes <rientjes@google.com> Cc: John Allen <john.allen@amd.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Reviewed-by:
Marc Orr <marcorr@google.com> Signed-off-by:
-
- 08 Oct, 2021 16 commits
-
-
Markus Schneider-Pargmann authored
Currently mtk_rng_runtime_suspend/resume is called for both runtime pm and system sleep operations. This is wrong as these should only be runtime ops as the name already suggests. Currently freezing the system will lead to a call to mtk_rng_runtime_suspend even if the device currently isn't active. This leads to a clock warning because it is disabled/unprepared although it isn't enabled/prepared currently. This patch fixes this by only setting the runtime pm ops and forces to call the runtime pm ops from the system sleep ops as well if active but not otherwise. Fixes: 81d2b345 ("hwrng: mtk - add runtime PM support") Signed-off-by:
Markus Schneider-Pargmann <msp@baylibre.com> Signed-off-by:
-
Sebastian Andrzej Siewior authored
crypto_disable_simd_for_test() disables preemption in order to receive a stable per-CPU variable which it needs to modify in order to alter crypto_simd_usable() results. This can also be achived by migrate_disable() which forbidds CPU migrations but allows the task to be preempted. The latter is important for PREEMPT_RT since operation like skcipher_walk_first() may allocate memory which must not happen with disabled preemption on PREEMPT_RT. Use migrate_disable() in crypto_disable_simd_for_test() to achieve a stable per-CPU pointer. Signed-off-by:
Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by:
-
Marco Chiappero authored
The PFVF protocol "enable" functions are direction specific but not device specific. Move the protocol enable function for the PF into the PF specific protocol file for better file organization and duplicated code reduction. NOTE: the patch keeps gen4 disabled as it doesn't have full PFVF support yet. Signed-off-by:
Marco Chiappero <marco.chiappero@intel.com> Co-developed-by:
Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by:
-
Marco Chiappero authored
In the function adf_vf2pf_request_version(), the VF sends a request to the PF and waits for a response before parsing and handling it. Since this pattern will be used by other requests, define a new function, adf_send_vf2pf_req(), that only deals with sending a VF2PF request and waiting for a response. Signed-off-by:
-
Marco Chiappero authored
The send function, adf_iov_putmsg(), is shared by both PF and VF. This commit provides two direction specific APIs, adf_send_pf2vf_msg() and adf_send_vf2pf_msg() which decouple the implementation, which can change and evolve over time, from the user. With this change, the adf_iov_putmsg() is now isolated inside the file adf_pf2vf_msg.c and has been marked as static. Signed-off-by:
-
Marco Chiappero authored
Replace any reference of "IOV" with PFVF in the collision constants. Signed-off-by:
-
Marco Chiappero authored
Keep adf_pf2vf_msg.h as much as possible focused on the protocol definition. Instead, collision parameters are an implementation detail which should stay close to the code consuming them, therefore move them to adf_pf2vf_msg.c. Signed-off-by:
-
Marco Chiappero authored
The functions adf_iov_putmsg() and __adf_iov_putmsg() are shared by both PF and VF. Any logging or documentation should not refer to any specific direction. Make comments and log messages direction agnostic by replacing PF2VF with PFVF. Also fix the wording for some related comments. Signed-off-by:
-
Giovanni Cabiddu authored
Replace homegrown bit counting logic in adf_gen2_get_num_accels() and adf_gen2_get_num_aes() with the functions hweight16() and hweight32(), respectively. Signed-off-by:
-
Marco Chiappero authored
QAT GEN2 devices share most of the behavior which means a number of device specific functions can be shared too and some differences abstracted away by simple parameters. The functions adf_enable_error_correction(), get_num_accels(), get_num_aes() and get_pf2vf_offset() for c3xxx, c62x and dh895xx have been reworked and moved to the GEN2 file, adf_gen2_hw_data.c. The definitions of tx_rx_gap and tx_rings_mask have been moved to adf_gen2_hw_data.h. Signed-off-by:
-
Marco Chiappero authored
Currently, VF to PF interrupt handling is based on the DH895XCC device behavior, which is not entirely common to all devices. In order to make interrupt detection and handling correct for all of the supported devices, make the interrupt handling device specific by: - introducing get_vf2pf_sources() for getting a 32 bits long value where each bit represents a vf2pf interrupt; - adding the device [enable|disable]_vf2pf_interrupts to hw_data; - defining [enable|disable]_vf2pf_interrupts for all the devices that are currently supported, using only their required and specific ERRSOU|ERRMASK registers (DH895XCC has 32 interrupts spread across ERRSOU3 and ERRSOU5, C62X/C3XXX has 16 in ERRSOU3 only, etc). Code has been shared by different devices wherever possible. This patch is based on earlier work done by Salvatore Benedetto. Signed-off-by:
-
Marco Chiappero authored
The initial version of the PFVF protocol included an initial "carrier sensing" to get ownership of the channel. Collisions can happen anyway, the extra wait and test does not prevent collisions, it instead slows the communication down, so remove it. Signed-off-by:
-
Giovanni Cabiddu authored
Upon receiving a PFVF message, check if the interrupt bit is set in the message. If it is not, that means that the interrupt was probably triggered by a collision. In this case, disregard the message and re-enable the interrupts. Fixes: ed8ccaef ("crypto: qat - Add support for SRIOV") Signed-off-by:
-
Giovanni Cabiddu authored
Detect a PFVF collision between the local and the remote function by checking if the message on the PFVF CSR has been overwritten. This is done after the remote function confirms that the message has been received, by clearing the interrupt bit, or the maximum number of attempts (ADF_IOV_MSG_ACK_MAX_RETRY) to check the CSR has been exceeded. Fixes: ed8ccaef ("crypto: qat - Add support for SRIOV") Signed-off-by:
-
Arnd Bergmann authored
clang points out inconsistencies in the FIELD_PREP() invocation in this driver that result from the 'mask' being a 32-bit value: drivers/crypto/ccree/cc_driver.c:117:18: error: result of comparison of constant 18446744073709551615 with expression of type 'u32' (aka 'unsigned int') is always false [-Werror,-Wtautological-constant-out-of-range-compare] cache_params |= FIELD_PREP(mask, val); ^~~~~~~~~~~~~~~~~~~~~ include/linux/bitfield.h:94:3: note: expanded from macro 'FIELD_PREP' __BF_FIELD_CHECK(_mask, 0ULL, _val, "FIELD_PREP: "); \ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/bitfield.h:52:28: note: expanded from macro '__BF_FIELD_CHECK' BUILD_BUG_ON_MSG((_mask) > (typeof(_reg))~0ull, \ ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This does not happen in other places that just pass a constant here. Work around the warnings by widening the type of the temporary variable. Fixes: 05c2a705 ("crypto: ccree - rework cache parameters handling") Signed-off-by:Arnd Bergmann <arnd@arndb.de> Acked-by:
Gilad ben-Yossef <gilad@benyossef.com> Signed-off-by:
-
Kai Ye authored
As qm should register to uacce in UACCE_DEV_SVA mode, this patch modifies to checks uacce mode before doing uacce registration. Signed-off-by:
Kai Ye <yekai13@huawei.com> Signed-off-by:
-
- 01 Oct, 2021 4 commits
-
-
Herbert Xu authored
We need to export crypto_boot_test_finished in case api.c is built-in while algapi.c is built as a module. Fixes: adad556e ("crypto: api - Fix built-in testing dependency failures") Reported-by:
Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by:
-
Colin Ian King authored
There is a spelling mistake in a literal string. Fix it. Signed-off-by:
Colin Ian King <colin.king@canonical.com> Signed-off-by:
-
Arnd Bergmann authored
The ecc.c file started out as part of the ECDH algorithm but got moved out into a standalone module later. It does not build without CRYPTO_DEFAULT_RNG, so now that other modules are using it as well we can run into this link error: aarch64-linux-ld: ecc.c:(.text+0xfc8): undefined reference to `crypto_default_rng' aarch64-linux-ld: ecc.c:(.text+0xff4): undefined reference to `crypto_put_default_rng' Move the 'select CRYPTO_DEFAULT_RNG' statement into the correct symbol. Fixes: 0d7a7864 ("crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm") Fixes: 4e660291 ("crypto: ecdsa - Add support for ECDSA signature verification") Signed-off-by:
Stefan Berger <stefanb@linux.ibm.com> Signed-off-by:
-
Uwe Kleine-König authored
-ENOENT (ie. "there is no clock") is fine to ignore for an optional clock, other values are not supposed to be ignored and should be escalated to the caller (e.g. -EPROBE_DEFER). Ignore -ENOENT by using devm_clk_get_optional(). While touching this code also add an error message for the fatal errors. Signed-off-by:
Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Reviewed-by:
Neil Armstrong <narmstrong@baylibre.com> Reviewed-by:
Martin Blumenstingl <martin.blumenstingl@googlemail.com> Tested-by:
-
- 24 Sep, 2021 4 commits
-
-
Herbert Xu authored
When complex algorithms that depend on other algorithms are built into the kernel, the order of registration must be done such that the underlying algorithms are ready before the ones on top are registered. As otherwise they would fail during the self-test which is required during registration. In the past we have used subsystem initialisation ordering to guarantee this. The number of such precedence levels are limited and they may cause ripple effects in other subsystems. This patch solves this problem by delaying all self-tests during boot-up for built-in algorithms. They will be tested either when something else in the kernel requests for them, or when we have finished registering all built-in algorithms, whichever comes earlier. Reported-by:
Vladis Dronov <vdronov@redhat.com> Signed-off-by:
-
Krzysztof Kozlowski authored
The MODULE_DEVICE_TABLE already creates proper alias for platform driver. Having another MODULE_ALIAS causes the alias to be duplicated. Signed-off-by:
Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com> Signed-off-by:
-
Giovanni Cabiddu authored
After reset or boot, QAT 4xxx devices are inactive and require to be explicitly activated. This is done by writing the DRV_ACTIVE bit in the PM_INTERRUPT register and polling the PM_INIT_STATE to make sure that the transaction has completed properly. If this is not done, the driver will fail the initialization sequence reporting the following message: [ 22.081193] 4xxx 0000:f7:00.0: enabling device (0140 -> 0142) [ 22.720285] QAT: AE0 is inactive!! [ 22.720287] QAT: failed to get device out of reset [ 22.720288] 4xxx 0000:f7:00.0: qat_hal_clr_reset error [ 22.720290] 4xxx 0000:f7:00.0: Failed to init the AEs [ 22.720290] 4xxx 0000:f7:00.0: Failed to initialise Acceleration Engine [ 22.720789] 4xxx 0000:f7:00.0: Resetting device qat_dev0 [ 22.825099] 4xxx: probe of 0000:f7:00.0 failed with error -14 The patch also temporarily disables the power management source of interrupt, to avoid possible spurious interrupts as the power management feature is not fully supported. The device init function has been added to adf_dev_init(), and not in the probe of 4xxx to make sure that the device is re-enabled in case of reset. Note that the error code reported by hw_data->init_device() in adf_dev_init() has been shadowed for consistency with the other calls in the same function. Fixes: 8c826816 ("crypto: qat - add qat_4xxx driver") Signed-off-by:Wojciech Ziemba <wojciech.ziemba@intel.com> Signed-off-by:
-
Michael Walle authored
On newer CAAM versions, not all accelerators are disabled if the SoC is a non-E variant. While the driver checks most of the modules for availability, there is one - PKHA - which sticks out. On non-E variants it is still reported as available, that is the number of instances is non-zero, but it has limited functionality. In particular it doesn't support encryption and decryption, but just signing and verifying. This is indicated by a bit in the PKHA_MISC field. Take this bit into account if we are checking for availability. This will the following error: [ 8.167817] caam_jr 8020000.jr: 20000b0f: CCB: desc idx 11: : Invalid CHA selected. Tested on an NXP LS1028A (non-E) SoC. Fixes: d239b10d ("crypto: caam - add register map changes cf. Era 10") Signed-off-by:
Michael Walle <michael@walle.cc> Reviewed-by:
-
- 17 Sep, 2021 6 commits
-
-
Shreyansh Chouhan authored
In the code for xts_crypt(), we check for the err value returned by skcipher_walk_virt() and return from the function if it is non zero. However, skcipher_walk_virt() can set walk.nbytes to 0, which would cause us to call kernel_fpu_begin(), and then skip the kernel_fpu_end() call. This patch checks for the walk.nbytes value instead, and returns if walk.nbytes is 0. This prevents us from calling kernel_fpu_begin() in the first place and also covers the case of having a non zero err value returned from skcipher_walk_virt(). Reported-by:
Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by:
Shreyansh Chouhan <chouhan.shreyansh630@gmail.com> Signed-off-by:
-
Tim Gardner authored
Coverity warns uf an unused value: CID 44865 (#2 of 2): Unused value (UNUSED_VALUE) assigned_value: Assigning value -14 to ret here, but that stored value is overwritten before it can be used. 2006 int ret = -EFAULT; ... value_overwrite: Overwriting previous write to ret with value from drbg_seed(drbg, &addtl, false). 2052 ret = drbg_seed(drbg, &addtl, false); Fix this by removing the variable initializer. Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by:
Tim Gardner <tim.gardner@canonical.com> Signed-off-by:
-
Colin Ian King authored
The assignment to error return variable ret and then the jump to an error exit path can be simplified by just returning the error return at the failure point. This allows variable ret and the error return path to be removed. This cleans up a static analysis warninng that variable ret is being assigned (value never being used) and being re-assigned later. Addresses-Coverity: ("Unused value") Signed-off-by: -
Cai Huoqing authored
Use the devm_platform_ioremap_resource() helper instead of calling platform_get_resource() and devm_ioremap_resource() separately Signed-off-by:
Cai Huoqing <caihuoqing@baidu.com> Signed-off-by:
-
Giovanni Cabiddu authored
Remove packed attribute from structures that do not need to be packed. These are just used internally and not shared with firmware. This also fixes a series of warning when compiling the driver with the flag -Waddress-of-packed-member, similar to the following: drivers/crypto/qat/qat_c62xvf/adf_c62xvf_hw_data.c:102:28: warning: taking address of packed member 'csr_ops' of class or structure 'adf_hw_device_data' may result in an unaligned pointer value Signed-off-by: -
Wojciech Ziemba authored
If devm_request_irq() fails inside adf_request_irqs(), unwind properly by freeing the allocated irqs. Signed-off-by:
-
