summaryrefslogtreecommitdiff
path: root/drivers/crypto/geode-aes.c
AgeCommit message (Collapse)Author
2020-01-09crypto: remove propagation of CRYPTO_TFM_RES_* flagsEric Biggers
The CRYPTO_TFM_RES_* flags were apparently meant as a way to make the ->setkey() functions provide more information about errors. But these flags weren't actually being used or tested, and in many cases they weren't being set correctly anyway. So they've now been removed. Also, if someone ever actually needs to start better distinguishing ->setkey() errors (which is somewhat unlikely, as this has been unneeded for a long time), we'd be much better off just defining different return values, like -EINVAL if the key is invalid for the algorithm vs. -EKEYREJECTED if the key was rejected by a policy like "no weak keys". That would be much simpler, less error-prone, and easier to test. So just remove CRYPTO_TFM_RES_MASK and all the unneeded logic that propagates these flags around. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-01-09crypto: remove CRYPTO_TFM_RES_BAD_KEY_LENEric Biggers
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to make the ->setkey() functions provide more information about errors. However, no one actually checks for this flag, which makes it pointless. Also, many algorithms fail to set this flag when given a bad length key. Reviewing just the generic implementations, this is the case for aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309, rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably many more in arch/*/crypto/ and drivers/crypto/. Some algorithms can even set this flag when the key is the correct length. For example, authenc and authencesn set it when the key payload is malformed in any way (not just a bad length), the atmel-sha and ccree drivers can set it if a memory allocation fails, and the chelsio driver sets it for bad auth tag lengths, not just bad key lengths. So even if someone actually wanted to start checking this flag (which seems unlikely, since it's been unused for a long time), there would be a lot of work needed to get it working correctly. But it would probably be much better to go back to the drawing board and just define different return values, like -EINVAL if the key is invalid for the algorithm vs. -EKEYREJECTED if the key was rejected by a policy like "no weak keys". That would be much simpler, less error-prone, and easier to test. So just remove this flag. Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-23crypto: geode-aes - convert to skcipher API and make thread-safeEric Biggers
The geode AES driver is heavily broken because it stores per-request state in the transform context. So it will crash or produce the wrong result if used by any of the many places in the kernel that issue concurrent requests for the same transform object. This driver is also implemented using the deprecated blkcipher API, which makes it difficult to fix, and puts it among the drivers preventing that API from being removed. Convert this driver to use the skcipher API, and change it to not store per-request state in the transform context. Fixes: 9fe757b0cfce ("[PATCH] crypto: Add support for the Geode LX AES hardware") Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-10-10crypto: geode-aes - switch to skcipher for cbc(aes) fallbackArd Biesheuvel
Commit 79c65d179a40e145 ("crypto: cbc - Convert to skcipher") updated the generic CBC template wrapper from a blkcipher to a skcipher algo, to get away from the deprecated blkcipher interface. However, as a side effect, drivers that instantiate CBC transforms using the blkcipher as a fallback no longer work, since skciphers can wrap blkciphers but not the other way around. This broke the geode-aes driver. So let's fix it by moving to the sync skcipher interface when allocating the fallback. At the same time, align with the generic API for ECB and CBC by rejecting inputs that are not a multiple of the AES block size. Fixes: 79c65d179a40e145 ("crypto: cbc - Convert to skcipher") Cc: <stable@vger.kernel.org> # v4.20+ ONLY Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Florian Bezdeka <florian@bezdeka.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-30treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152Thomas Gleixner
Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license as published by the free software foundation either version 2 of the license or at your option any later version extracted by the scancode license scanner the SPDX license identifier GPL-2.0-or-later has been chosen to replace the boilerplate/reference in 3029 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Allison Randal <allison@lohutok.net> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190527070032.746973796@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-11-20crypto: drop mask=CRYPTO_ALG_ASYNC from 'cipher' tfm allocationsEric Biggers
'cipher' algorithms (single block ciphers) are always synchronous, so passing CRYPTO_ALG_ASYNC in the mask to crypto_alloc_cipher() has no effect. Many users therefore already don't pass it, but some still do. This inconsistency can cause confusion, especially since the way the 'mask' argument works is somewhat counterintuitive. Thus, just remove the unneeded CRYPTO_ALG_ASYNC flags. This patch shouldn't change any actual behavior. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2017-07-18crypto: geode-aes - fixed coding style warnings and errorChris Gorman
fixed WARNING: Block comments should align the * on each line fixed WARNINGs: Missing a blank line after declarations fixed ERROR: space prohibited before that ',' (ctx:WxE) Signed-off-by: Chris Gorman <chrisjohgorman@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2014-05-22crypto: geode - Don't use tfm->__crt_alg->cra_name directlyMarek Vasut
Use a standard accessor instead of directly digging into a structure. Signed-off-by: Marek Vasut <marex@denx.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2014-05-22crypto: geode - Weed out printk() from probe()Marek Vasut
Signed-off-by: Marek Vasut <marex@denx.de> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Cc: Eric Bénard <eric@eukrea.com> Cc: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Cc: Kent Yoder <key@linux.vnet.ibm.com> Cc: Michal Ludvig <michal@logix.cz> Cc: Varun Wadekar <vwadekar@nvidia.com> Cc: Vladimir Zapolskiy <vladimir_zapolskiy@mentor.com> Cc: linux-geode@lists.infradead.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2014-05-22crypto: geode - Kill AES_IV_LENGTHMarek Vasut
The AES IV length is always 128bits, just use the define from aes.h Signed-off-by: Marek Vasut <marex@denx.de> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Cc: Eric Bénard <eric@eukrea.com> Cc: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Cc: Kent Yoder <key@linux.vnet.ibm.com> Cc: Michal Ludvig <michal@logix.cz> Cc: Varun Wadekar <vwadekar@nvidia.com> Cc: Vladimir Zapolskiy <vladimir_zapolskiy@mentor.com> Cc: linux-geode@lists.infradead.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2014-05-22crypto: geode - Kill AES_MIN_BLOCK_SIZEMarek Vasut
This is actually defined in include/crypto/aes.h , no need to have a a different symbol for the same thing twice. Signed-off-by: Marek Vasut <marex@denx.de> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Cc: Eric Bénard <eric@eukrea.com> Cc: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Cc: Kent Yoder <key@linux.vnet.ibm.com> Cc: Michal Ludvig <michal@logix.cz> Cc: Varun Wadekar <vwadekar@nvidia.com> Cc: Vladimir Zapolskiy <vladimir_zapolskiy@mentor.com> Cc: linux-geode@lists.infradead.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2013-01-03Drivers: crypto: remove __dev* attributes.Greg Kroah-Hartman
CONFIG_HOTPLUG is going away as an option. As a result, the __dev* markings need to be removed. This change removes the use of __devinit, __devexit_p, __devinitdata, and __devexit from these drivers. Based on patches originally written by Bill Pemberton, but redone by me in order to handle some of the coding style issues better, by hand. Cc: Bill Pemberton <wfp5p@virginia.edu> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: Kent Yoder <key@linux.vnet.ibm.com> Cc: Jamie Iles <jamie@jamieiles.com> Cc: Kim Phillips <kim.phillips@freescale.com> Cc: Shengzhou Liu <Shengzhou.Liu@freescale.com> Cc: Alex Porosanu <alexandru.porosanu@freescale.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-09-07crypto: geode-aes - Use module_pci_driverSachin Kamat
module_pci_driver makes the code simpler by eliminating module_init and module_exit calls. Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2012-08-01crypto: drivers - remove cra_list initializationJussi Kivilinna
Initialization of cra_list is currently mixed, most ciphers initialize this field and most shashes do not. Initialization however is not needed at all since cra_list is initialized/overwritten in __crypto_register_alg() with list_add(). Therefore perform cleanup to remove all unneeded initializations of this field in 'crypto/drivers/'. Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: linux-geode@lists.infradead.org Cc: Michal Ludvig <michal@logix.cz> Cc: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Cc: Varun Wadekar <vwadekar@nvidia.com> Cc: Eric Bénard <eric@eukrea.com> Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Acked-by: Kent Yoder <key@linux.vnet.ibm.com> Acked-by: Vladimir Zapolskiy <vladimir_zapolskiy@mentor.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2012-01-13crypto: Add CRYPTO_ALG_KERN_DRIVER_ONLY flagNikos Mavrogiannopoulos
The added CRYPTO_ALG_KERN_DRIVER_ONLY indicates whether a cipher is only available via a kernel driver. If the cipher implementation might be available by using an instruction set or by porting the kernel code, then it must not be set. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2010-07-19crypto: geode_aes - Convert pci_table entries to PCI_VDEVICE (if PCI_ANY_ID ↵Peter Huewe
is used) This patch converts pci_table entries, where .subvendor=PCI_ANY_ID and .subdevice=PCI_ANY_ID, .class=0 and .class_mask=0, to use the PCI_VDEVICE macro, and thus improves readability. Signed-off-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2010-04-19crypto: geode-aes - Fix some code style issuesChihau Chau
This fixes some code style issues like: - Use #include <linux/io.h> instead of <asm/io.h> and #include <linux/delay.h> instead of <asm/delay.h> - Use "foo *bar" instead of "foo * bar" - Add a space after the for or while sentence and before the open parenthesis '(' - Don't use assignments in a if condition Signed-off-by: Chihau Chau <chihau@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2010-02-04crypto: geode-aes - Fix cip/blk confusionRoel Kluin
a crypto_cipher cip member was set where a crypto_cipher blk members should have been. Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2010-01-08crypto: geode-aes - access .cip instead of .blk in cipher modeRoel Kluin
The fallback code in cipher mode touch the union fallback.blk instead of fallback.cip. This is wrong because we use the cipher and not the blockcipher. This did not show any side effects yet because both types / structs contain the same element right now. Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] geode: Add __dev{init,exit} annotationsAdrian Bunk
This patch adds __dev{init,exit} annotations. Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] geode: Use correct encrypt/decrypt function in fallbackSebastian Siewior
crypto_blkcipher_decrypt is wrong because it does not care about the IV. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] geode: do not copy the IV too oftenSebastian Siewior
There is no reason to keep the IV in the private structre. Instead keep just a pointer to make the patch smaller :) This also remove a few memcpy()s Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] geode: Add fallback for unsupported modesSebastian Siewior
The Geode AES crypto engine supports only 128 bit long key. This patch adds fallback for other key sizes which are required by the AES standard. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Acked-by: Jordan Crouse <jordan.crouse@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] geode: move defines into a headerfileSebastian Siewior
This patch moves macros in geode-aes.c into geode-aes.h. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] geode: relax in busy loop and care about return valueSebastian Siewior
The code waits in a busy loop until the hardware finishes the encryption or decryption process. This wants a cpu_relax() :) The busy loop finishes either if the encryption is done or if the counter is zero. If the latter is true than the hardware failed. Since this should not happen, leave sith a BUG(). Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] geode: use consistent IV copySebastian Siewior
It is enough if the IV is copied before and after the while loop. With DM-Crypt is seems not be required to save the IV after encrytion because a new one is used in the request (dunno about other users). It is not save to load the IV within while loop and not save afterwards because we mill end up with the wrong IV if the request goes consists of more than one page. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] aes: Move common defines into a header fileSebastian Siewior
This three defines are used in all AES related hardware. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] geode: remove aliasSebastian Siewior
alias isn't required because the module provides PCI ids. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2007-11-11[CRYPTO] geode: Fix not inplace encryptionSebastian Siewior
Currently the Geode AES module fails to encrypt or decrypt if the coherent bits are not set what is currently the case if the encryption does not occur inplace. However, the encryption works on my Geode machine _only_ if the coherent bits are always set. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Acked-by: Jordan Crouse <jordan.crouse@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2007-10-10[CRYPTO] aes: Rename aes to aes-genericSebastian Siewior
Loading the crypto algorithm by the alias instead of by module directly has the advantage that all possible implementations of this algorithm are loaded automatically and the crypto API can choose the best one depending on its priority. Additionally it ensures that the generic implementation as well as the HW driver (if available) is loaded in case the HW driver needs the generic version as fallback in corner cases. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2007-05-24[CRYPTO] geode: Fix in-place operations and set keyJordan Crouse
Allow in-place crypto operations. Also remove the coherent user flag (we use it automagically now), and by default use the user written key rather then the HW hidden key - this makes crypto just work without any special considerations, and thats OK, since its our only usage model. Signed-off-by: Jordan Crouse <jordan.crouse@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2007-03-06[PATCH] geode-aes: use unsigned long for spin_lock_irqsaveAlexey Dobriyan
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-02-14[PATCH] remove many unneeded #includes of sched.hTim Schmielau
After Al Viro (finally) succeeded in removing the sched.h #include in module.h recently, it makes sense again to remove other superfluous sched.h includes. There are quite a lot of files which include it but don't actually need anything defined in there. Presumably these includes were once needed for macros that used to live in sched.h, but moved to other header files in the course of cleaning it up. To ease the pain, this time I did not fiddle with any header files and only removed #includes from .c-files, which tend to cause less trouble. Compile tested against 2.6.20-rc2 and 2.6.20-rc2-mm2 (with offsets) on alpha, arm, i386, ia64, mips, powerpc, and x86_64 with allnoconfig, defconfig, allmodconfig, and allyesconfig as well as a few randconfigs on x86_64 and all configs in arch/arm/configs on arm. I also checked that no new warnings were introduced by the patch (actually, some warnings are removed that were emitted by unnecessarily included header files). Signed-off-by: Tim Schmielau <tim@physik3.uni-rostock.de> Acked-by: Russell King <rmk+kernel@arm.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-02-07[CRYPTO] geode: Convert pci_module_init() to pci_register_driver()Richard Knutsson
Replace uses of the obsolete pci_module_init function. Signed-off-by: Richard Knutsson <ricknu-0@student.ltu.se> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-12-06[CRYPTO] geode: Make needlessly global geode_aes_crypt() staticAdrian Bunk
On Tue, Nov 14, 2006 at 01:41:25AM -0800, Andrew Morton wrote: >... > Changes since 2.6.19-rc5-mm2: >... > git-cryptodev.patch >... > git trees >... This patch makes the needlessly global geode_aes_crypt() static. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2006-12-06[PATCH] crypto: Add support for the Geode LX AES hardwareJordan Crouse
Add a driver to support the AES hardware on the Geode LX processor. Signed-off-by: Jordan Crouse <jordan.crouse@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>