summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-04-23crypto: tcrypt - Include crypto/aead.hHerbert Xu
All users of AEAD should include crypto/aead.h instead of include/linux/crypto.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: David S. Miller <davem@davemloft.net>
2015-04-23crypto: algif_aead - Include crypto/aead.hHerbert Xu
All users of AEAD should include crypto/aead.h instead of include/linux/crypto.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: David S. Miller <davem@davemloft.net>
2015-04-23crypto: arm64/aes-ce-ccm - Include crypto/internal/aead.hHerbert Xu
All implementers of AEAD should include crypto/internal/aead.h instead of include/linux/crypto.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: David S. Miller <davem@davemloft.net>
2015-04-23crypto: api - Remove linux/fips.h from internal.hHerbert Xu
Now that all fips_enabled users are including linux/fips.h directly instead of getting it through internal.h, we can remove the fips.h inclusions from internal.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-23crypto: testmgr - Include linux/fips.h for fips_enabledHerbert Xu
All users of fips_enabled should include linux/fips.h directly instead of getting it through internal.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-23crypto: tcrypt - Include linux/fips.h for fips_enabledHerbert Xu
All users of fips_enabled should include linux/fips.h directly instead of getting it through internal.h which is reserved for internal crypto API implementors. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-23crypto: fips - Move fips_enabled sysctl into fips.cHerbert Xu
There is currently a large ifdef FIPS code section in proc.c. Ostensibly it's there because the fips_enabled sysctl sits under /proc/sys/crypto. However, no other crypto sysctls exist. In fact, the whole ethos of the crypto API is against such user interfaces so this patch moves all the FIPS sysctl code over to fips.c. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-23crypto: fips - Remove bogus inclusion of internal.hHerbert Xu
The header file internal.h is only meant for internal crypto API implementors such as rng.c. So fips has no business in including it. This patch removes that inclusions and instead adds inclusions of the actual features used by fips. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-23crypto: api - Include linux/fips.hHerbert Xu
All users of fips_enabled should include linux/fips.h directly instead of getting it through internal.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-23crypto: caam - Remove bogus references to crypto API internalsHerbert Xu
The caam driver includes algorithm types that it doesn't even use, such as struct rng_alg which has recently been moved to an internal header file and consequently broke the build of caam. This patch removes these bogus references. Reported-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-23crypto: drbg - Remove FIPS ifdef from drbg_healthcheck_sanityHerbert Xu
This patch removes the unnecessary CRYPTO_FIPS ifdef from drbg_healthcheck_sanity so that the code always gets checked by the compiler. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Stephan Mueller <smueller@chronox.de>
2015-04-23crypto: api - Move module sig ifdef into accessor functionHerbert Xu
Currently we're hiding mod->sig_ok under an ifdef in open code. This patch adds a module_sig_ok accessor function and removes that ifdef. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Rusty Russell <rusty@rustcorp.com.au>
2015-04-23crypto: tcrypt - Handle async return from crypto_ahash_initHerbert Xu
The function crypto_ahash_init can also be asynchronous just like update and final. So all callers must be able to handle an async return. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-22crypto: rng - Zero seed in crypto_rng_resetHerbert Xu
If we allocate a seed on behalf ot the user in crypto_rng_reset, we must ensure that it is zeroed afterwards or the RNG may be compromised. Reported-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-22crypto: algif_rng - Remove obsolete const-removal castHerbert Xu
Now that crypto_rng_reset takes a const argument, we no longer need to cast away the const qualifier. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-22crypto: rng - Remove old low-level rng interfaceHerbert Xu
Now that all rng implementations have switched over to the new interface, we can remove the old low-level interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-22crypto: krng - Convert to new rng interfaceHerbert Xu
This patch ocnverts the KRNG implementation to the new low-level rng interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-22crypto: ansi_cprng - Convert to new rng interfaceHerbert Xu
This patch ocnverts the ANSI CPRNG implementation to the new low-level rng interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Neil Horman <nhorman@tuxdriver.com>
2015-04-22crypto: ansi_cprng - Remove bogus inclusion of internal.hHerbert Xu
The file internal.h is only meant to be used by internel API implementation and not algorithm implementations. In fact it isn't even needed here so this patch removes it. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Neil Horman <nhorman@tuxdriver.com>
2015-04-22crypto: drbg - Convert to new rng interfaceHerbert Xu
This patch converts the DRBG implementation to the new low-level rng interface. This allows us to get rid of struct drbg_gen by using the new RNG API instead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Stephan Mueller <smueller@chronox.de>
2015-04-22crypto: rng - Add multiple algorithm registration interfaceHerbert Xu
This patch adds the helpers that allow the registration and removal of multiple RNG algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-22crypto: rng - Add crypto_rng_set_entropyHerbert Xu
This patch adds the function crypto_rng_set_entropy. It is only meant to be used by testmgr when testing RNG implementations by providing fixed entropy data in order to verify test vectors. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-22crypto: rng - Convert low-level crypto_rng to new styleHerbert Xu
This patch converts the low-level crypto_rng interface to the "new" style. This allows existing implementations to be converted over one- by-one. Once that is complete we can then remove the old rng interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-22crypto: rng - Mark crypto_rng_reset seed as constHerbert Xu
There is no reason why crypto_rng_reset should modify the seed so this patch marks it as const. Since our algorithms don't export a const seed function yet we have to go through some contortions for now. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: rng - Introduce crypto_rng_generateHerbert Xu
This patch adds the new top-level function crypto_rng_generate which generates random numbers with additional input. It also extends the mid-level rng_gen_random function to take additional data as input. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: rng - Convert crypto_rng to new style crypto_typeHerbert Xu
This patch converts the top-level crypto_rng to the "new" style. It was the last algorithm type added before we switched over to the new way of doing things exemplified by shash. All users will automatically switch over to the new interface. Note that this patch does not touch the low-level interface to rng implementations. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: pcomp - Use crypto_alg_extsize helperHerbert Xu
This patch replaces crypto_pcomp_extsize function with crypto_alg_extsize. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: shash - Use crypto_alg_extsize helperHerbert Xu
This patch replaces crypto_shash_extsize function with crypto_alg_extsize. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: api - Add crypto_alg_extsize helperHerbert Xu
This patch adds a crypto_alg_extsize helper that can be used by algorithm types such as pcompress and shash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: drbg - Do not seed RNG in drbg_kcapi_initHerbert Xu
Initialising the RNG in drbg_kcapi_init is a waste of precious entropy because all users will immediately seed the RNG after the allocation. In fact, all users should seed the RNG before using it. So there is no point in doing the seeding in drbg_kcapi_init. This patch removes the initial seeding and the user must seed the RNG explicitly (as they all currently do). This patch also changes drbg_kcapi_reset to allow reseeding. That is, if you call it after a successful initial seeding, then it will not reset the internal state of the DRBG before mixing the new input and entropy. If you still wish to reset the internal state, you can always free the DRBG and allocate a new one. Finally this patch removes locking from drbg_uninstantiate because it's now only called from the destruction path which must not be executed in parallel with normal operations. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Stephan Mueller <smueller@chronox.de>
2015-04-21crypto: drbg - Initialise mutex in drbg_healthcheck_sanityHerbert Xu
As we moved the mutex init out of drbg_instantiate and into cra_init we need to explicitly initialise the mutex in drbg_healthcheck_sanity. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Stephan Mueller <smueller@chronox.de>
2015-04-21crypto: drbg - leave cipher handles operationalStephan Mueller
As the DRBG does not operate on shadow copies of the DRBG instance any more, the cipher handles only need to be allocated once during initalization time and deallocated during uninstantiate time. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: drbg - replace spinlock with mutexStephan Mueller
The creation of a shadow copy is intended to only hold a short term lock. But the drawback is that parallel users have a very similar DRBG state which only differs by a high-resolution time stamp. The DRBG will now hold a long term lock. Therefore, the lock is changed to a mutex which implies that the DRBG can only be used in process context. The lock now guards the instantiation as well as the entire DRBG generation operation. Therefore, multiple callers are fully serialized when generating a random number. As the locking is changed to use a long-term lock to avoid such similar DRBG states, the entire creation and maintenance of a shadow copy can be removed. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: drbg - fix drbg_generate return val checkStephan Mueller
The drbg_generate returns 0 in success case. That means that drbg_generate_long will always only generate drbg_max_request_bytes at most. Longer requests will be truncated to drbg_max_request_bytes. Reported-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - Update DT bindings with SEC1LEROY Christophe
This patch updates the documentation by including SEC1 into SEC2/3 doc Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - Add fsl,sec1.0 compatibleLEROY Christophe
We add a specific compatible for SEC1, to handle the differences between SEC1 and SEC2+ Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - SEC1 bugs on 0 data hashLEROY Christophe
SEC1 bugs on 0 data hash, so we submit an already padded block representing 0 data Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - implement scatter/gather copy for SEC1LEROY Christophe
SEC1 doesn't support scatter/gather, SEC1 doesn't handle link tables. Therefore, for SEC1 we have to do it by SW. For that, we reserve space at the end of the extended descriptor, in lieu of the space reserved for the link tables on SEC2, and we perform sg_copy() when preparing the descriptors We also adapt the max buffer size which is only 32k on SEC1 while it is 64k on SEC2+ Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - adapt interrupts and reset functions to SEC1LEROY Christophe
This patch adapts the interrupts handling and reset function for SEC1. On SEC1, registers are almost similar to SEC2+, but bits are sometimes located at different places. So we need to define TALITOS1 and TALITOS2 versions of some fields, and manage according to whether it is SEC1 or SEC2. On SEC1, only one interrupt vector is dedicated to the SEC, so only interrupt_4ch is needed. On SEC1, interrupts are enabled by clearing related bits in IMR, while on SEC2, interrupts are enabled by seting the bits in IMR. SEC1 also performs parity verification in the DES Unit. We have to disable this feature because the test vectors provided in the kernel have parity errors. In reset functions, only SEC2 supports continuation after error. For SEC1, we have to reset in all cases. For errors handling, SEC2+ names have been kept, but displayed text have been amended to reflect exact meaning on SEC1. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - base address for Execution UnitsLEROY Christophe
SEC 1.0, 1.2 and 2.x+ have different EU base addresses, so we need to define pointers for each EU in the driver private data structure. The proper address is set by the probe function depending on the SEC type, in order to provide access to the proper address. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - adaptation of talitos_submit() for SEC1LEROY Christophe
SEC1 descriptor is a bit different to SEC2+ descriptor. talitos_submit() will have to copy hdr field into hdr1 field and send the descriptor starting at hdr1 up to next_desc. For SEC2, it remains unchanged and next_desc is just ignored. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - fill in talitos descriptor iaw SEC1 or SEC2+LEROY Christophe
talitos descriptor is slightly different for SEC1 and SEC2+, so lets the helper function that fills the descriptor take into account the type of SEC. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - Add a feature to tag SEC1LEROY Christophe
We add a new feature in the features field, to mark compatible "fsl,sec1.0" We also define a helper function called has_ftr_sec1() to help functions quickly determine if they are running on SEC1 or SEC2+. When only SEC1 or SEC2 is compiled in, has_ftr_sec1() return trivial corresponding value. If both are compiled in, feature field is checked. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - add sub-choice in talitos CONFIG for SEC1LEROY Christophe
This patch adds a CONFIG option to select SEC1, SEC2+ or both. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - enhanced talitos_desc struct for SEC1LEROY Christophe
This patch enhances the talitos_desc struct with fields for SEC1. SEC1 has only one header field, and has a 'next_desc' field in addition. This mixed descriptor will continue to fit SEC2, and for SEC1 we will recopy hdr value into hdr1 value in talitos_submit() Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - helper function for ptr lenLEROY Christophe
This patch adds a helper function for reads and writes of the len param of the talitos descriptor. This will help implement SEC1 later. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - remove param 'extent' in map_single_talitos_ptr()LEROY Christophe
map_single_talitos_ptr() is always called with extent == 0, so lets remove this unused parameter Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - Add a helper function to clear j_extent fieldLEROY Christophe
j_extent field is specific to SEC2 so we add a helper function to clear it so that SEC1 can redefine that function as nop Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - talitos_ptr renamed ptr for more lisibilityLEROY Christophe
Linux CodyingStyle recommends to use short variables for local variables. ptr is just good enough for those 3 lines functions. It helps keep single lines shorter than 80 characters. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2015-04-21crypto: talitos - Refactor the sg in/out chain allocationLEROY Christophe
This patch refactors the handling of the input and output data that is quite similar in several functions Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>