summaryrefslogtreecommitdiff
path: root/drivers/crypto
AgeCommit message (Collapse)Author
2018-04-07.gitignore: move *-asn1.[ch] patterns to the top-level .gitignoreMasahiro Yamada
These are common patterns where source files are parsed by the asn1_compiler. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-04-04Merge branch 'linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto updates from Herbert Xu: "API: - add AEAD support to crypto engine - allow batch registration in simd Algorithms: - add CFB mode - add speck block cipher - add sm4 block cipher - new test case for crct10dif - improve scheduling latency on ARM - scatter/gather support to gcm in aesni - convert x86 crypto algorithms to skcihper Drivers: - hmac(sha224/sha256) support in inside-secure - aes gcm/ccm support in stm32 - stm32mp1 support in stm32 - ccree driver from staging tree - gcm support over QI in caam - add ks-sa hwrng driver" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (212 commits) crypto: ccree - remove unused enums crypto: ahash - Fix early termination in hash walk crypto: brcm - explicitly cast cipher to hash type crypto: talitos - don't leak pointers to authenc keys crypto: qat - don't leak pointers to authenc keys crypto: picoxcell - don't leak pointers to authenc keys crypto: ixp4xx - don't leak pointers to authenc keys crypto: chelsio - don't leak pointers to authenc keys crypto: caam/qi - don't leak pointers to authenc keys crypto: caam - don't leak pointers to authenc keys crypto: lrw - Free rctx->ext with kzfree crypto: talitos - fix IPsec cipher in length crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array() crypto: doc - clarify hash callbacks state machine crypto: api - Keep failed instances alive crypto: api - Make crypto_alg_lookup static crypto: api - Remove unused crypto_type lookup function crypto: chelsio - Remove declaration of static function from header crypto: inside-secure - hmac(sha224) support crypto: inside-secure - hmac(sha256) support ..
2018-03-31crypto: chtls - Makefile KconfigAtul Gupta
Entry for Inline TLS as another driver dependent on cxgb4 and chcr Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-03-31crypto: chtls - Program the TLS session KeyAtul Gupta
Initialize the space reserved for storing the TLS keys, get and free the location where key is stored for the TLS connection. Program the Tx and Rx key as received from user in struct tls12_crypto_info_aes_gcm_128 and understood by hardware. added socket option TLS_RX Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-03-31crypto: chtls - Inline TLS record RxAtul Gupta
handler for record receive. plain text copied to user buffer Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Signed-off-by: Michael Werner <werner@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-03-31crypto: chtls - Inline TLS record TxAtul Gupta
TLS handler for record transmit. Create Inline TLS work request and post to FW. Create Inline TLS record CPLs for hardware Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Signed-off-by: Michael Werner <werner@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-03-31crypto : chtls - CPL handler definitionAtul Gupta
Exchange messages with hardware to program the TLS session CPL handlers for messages received from chip. Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Signed-off-by: Michael Werner <werner@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-03-31crypto: chtls - Register chtls with net tlsAtul Gupta
Register chtls as Inline TLS driver, chtls is ULD to cxgb4. Setsockopt to program (tx/rx) keys on chip. Support AES GCM of key size 128. Support both Inline Rx and Tx. Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Reviewed-by: Casey Leedom <leedom@chelsio.com> Reviewed-by: Michael Werner <werner@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-03-31crypto: chtls - structure and macro for Inline TLSAtul Gupta
Define Inline TLS state, connection management info. Supporting macros definition. Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Reviewed-by: Michael Werner <werner@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-03-31crypto: chcr - Inline TLS Key MacrosAtul Gupta
Define macro for programming the TLS Key context Signed-off-by: Atul Gupta <atul.gupta@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-03-31crypto: ccree - remove unused enumsGilad Ben-Yossef
Remove enums definitions unused in the driver code. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: brcm - explicitly cast cipher to hash typeStefan Agner
In the AES cases enum spu_cipher_type and enum hash_type have the same values, so the assignment is fine. Explicitly cast the enum type conversion. This fixes two warnings when building with clang: drivers/crypto/bcm/cipher.c:821:34: warning: implicit conversion from enumeration type 'enum spu_cipher_type' to different enumeration type 'enum hash_type' [-Wenum-conversion] hash_parms.type = cipher_parms.type; ~ ~~~~~~~~~~~~~^~~~ drivers/crypto/bcm/cipher.c:1412:26: warning: implicit conversion from enumeration type 'enum spu_cipher_type' to different enumeration type 'enum hash_type' [-Wenum-conversion] hash_parms.type = ctx->cipher_type; ~ ~~~~~^~~~~~~~~~~ Signed-off-by: Stefan Agner <stefan@agner.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: talitos - don't leak pointers to authenc keysTudor-Dan Ambarus
In talitos's aead_setkey we save pointers to the authenc keys in a local variable of type struct crypto_authenc_keys and we don't zeroize it after use. Fix this and don't leak pointers to the authenc keys. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Reviewed-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: qat - don't leak pointers to authenc keysTudor-Dan Ambarus
In qat_alg_aead_init_sessions we save pointers to the authenc keys in a local variable of type struct crypto_authenc_keys and we don't zeroize it after use. Fix this and don't leak pointers to the authenc keys. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: picoxcell - don't leak pointers to authenc keysTudor-Dan Ambarus
In spacc_aead_setkey we save pointers to the authenc keys in a local variable of type struct crypto_authenc_keys and we don't zeroize it after use. Fix this and don't leak pointers to the authenc keys. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Reviewed-by: Jamie Iles <jamie@jamieiles.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: ixp4xx - don't leak pointers to authenc keysTudor-Dan Ambarus
In ixp4xx's aead_setkey we save pointers to the authenc keys in a local variable of type struct crypto_authenc_keys and we don't zeroize it after use. Fix this and don't leak pointers to the authenc keys. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: chelsio - don't leak pointers to authenc keysTudor-Dan Ambarus
In chcr_authenc_setkey and chcr_aead_digest_null_setkey we save pointers to the authenc keys in local variables of type struct crypto_authenc_keys and we don't zeroize them after use. Fix this and don't leak pointers to the authenc keys. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: caam/qi - don't leak pointers to authenc keysTudor-Dan Ambarus
In caam/qi's aead_setkey we save pointers to the authenc keys in a local variable of type struct crypto_authenc_keys and we don't zeroize it after use. Fix this and don't leak pointers to the authenc keys. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: caam - don't leak pointers to authenc keysTudor-Dan Ambarus
In caam's aead_setkey we save pointers to the authenc keys in a local variable of type struct crypto_authenc_keys and we don't zeroize it after use. Fix this and don't leak pointers to the authenc keys. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: talitos - fix IPsec cipher in lengthLEROY Christophe
For SEC 2.x+, cipher in length must contain only the ciphertext length. In case of using hardware ICV checking, the ICV length is provided via the "extent" field of the descriptor pointer. Cc: <stable@vger.kernel.org> # 4.8+ Fixes: 549bd8bc5987 ("crypto: talitos - Implement AEAD for SEC1 using HMAC_SNOOP_NO_AFEU") Reported-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> Tested-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: chelsio - Remove declaration of static function from headerHarsh Jain
It fixes compilation warning introduced in commit Fixes: 5110e65536f3 ("crypto: chelsio - Split Hash requests for...") Reported-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Harsh Jain <harsh@chelsio.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: inside-secure - hmac(sha224) supportAntoine Tenart
This patch adds the hmac(sha224) support to the Inside Secure cryptographic engine driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: inside-secure - hmac(sha256) supportAntoine Tenart
This patch adds the hmac(sha256) support to the Inside Secure cryptographic engine driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: inside-secure - the context ipad/opad should use the state szAntoine Tenart
This patches uses the state size of the algorithms instead of their digest size to copy the ipad and opad in the context. This doesn't fix anything as the state and digest size are the same for many algorithms, and for all the hmac currently supported by this driver. However hmac(sha224) use the sha224 hash function which has a different digest and state size. This commit prepares the addition of such algorithms. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: inside-secure - improve the skcipher tokenAntoine Tenart
The token used for encryption and decryption of skcipher algorithms sets its stat field to "last packet". As it's a cipher only algorithm, there is not hash operation and thus the "last hash" bit should be set to tell the internal engine no hash operation should be performed. This does not fix a bug, but improves the token definition to follow exactly what's advised by the datasheet. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: inside-secure - do not access buffers mapped to the deviceAntoine Tenart
This patches update the way the digest is copied from the state buffer to the result buffer, so that the copy only happen after the state buffer was DMA unmapped, as otherwise the buffer would be owned by the device. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: inside-secure - improve the send error pathAntoine Tenart
This patch improves the send error path as it wasn't handling all error cases. A new label is added, and some of the goto are updated to point to the right labels, so that the code is more robust to errors. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: inside-secure - fix a typo in a register nameAntoine Tenart
This patch fixes a typo in the EIP197_HIA_xDR_WR_CTRL_BUG register name, as it should be EIP197_HIA_xDR_WR_CTRL_BUF. This is a cosmetic only change. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: inside-secure - fix typo s/allways/always/ in a defineAntoine Tenart
Small cosmetic patch fixing one typo in the EIP197_HIA_DSE_CFG_ALLWAYS_BUFFERABLE macro, it should be _ALWAYS_. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-31crypto: inside-secure - move the digest to the request contextAntoine Tenart
This patches moves the digest information from the transformation context to the request context. This fixes cases where HMAC init functions were called and override the digest value for a short period of time, as the HMAC init functions call the SHA init one which reset the value. This lead to a small percentage of HMAC being incorrectly computed under heavy load. Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> [Ofer here did all the work, from seeing the issue to understanding the root cause. I only made the patch.] Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-23crypto: cavium - Replace mdelay with msleep in cpt_device_initJia-Ju Bai
cpt_device_init() is never called in atomic context. The call chain ending up at cpt_device_init() is: [1] cpt_device_init() <- cpt_probe() cpt_probe() is only set as ".probe" in pci_driver structure "cpt_pci_driver". Despite never getting called from atomic context, cpt_device_init() calls mdelay(100), i.e. busy wait for 100ms. That is not necessary and can be replaced with msleep to avoid busy waiting. This is found by a static analysis tool named DCNS written by myself. Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-23crypto: bfin_crc - remove blackfin CRC driverArnd Bergmann
The blackfin architecture is getting removed, so this driver won't be used any more. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-23crypto: inside-secure - fix clock resource by adding a register clockGregory CLEMENT
On Armada 7K/8K we need to explicitly enable the register clock. This clock is optional because not all the SoCs using this IP need it but at least for Armada 7K/8K it is actually mandatory. The binding documentation is updated accordingly. Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-23crypto: inside-secure - improve clock initializationGregory CLEMENT
The clock is optional, but if it is present we should managed it. If there is an error while trying getting it, we should exit and report this error. So instead of returning an error only in the -EPROBE case, turn it in an other way and ignore the clock only if it is not present (-ENOENT case). Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-23crypto: inside-secure - fix clock managementGregory CLEMENT
In this driver the clock is got but never put when the driver is removed or if there is an error in the probe. Using the managed version of clk_get() allows to let the kernel take care of it. Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") cc: stable@vger.kernel.org Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-23crypto: inside-secure - fix missing unlock on error in safexcel_ahash_send_req()weiyongjun \(A\)
Add the missing unlock before return from function safexcel_ahash_send_req() in the error handling case. Fixes: cff9a17545a3 ("crypto: inside-secure - move cache result dma mapping to request") Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com> Acked-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-23crypto: talitos - Delete an error message for a failed memory allocation in ↵Markus Elfring
talitos_edesc_alloc() Omit an extra message for a memory allocation failure in this function. This issue was detected by using the Coccinelle software. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Reviewed-by: Christophe Leroy <christophe.leroy@c-s.fr> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-16crypto: ccp - Validate buffer lengths for copy operationsGary R Hook
The CCP driver copies data between scatter/gather lists and DMA buffers. The length of the requested copy operation must be checked against the available destination buffer length. Reported-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name> Signed-off-by: Gary R Hook <gary.hook@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-16crypto: virtio - remove dependency on CRYPTO_AUTHENCPeter Wu
virtio_crypto does not use function crypto_authenc_extractkeys, remove this unnecessary dependency. Compiles fine and passes cryptodev-linux cipher and speed tests from https://wiki.qemu.org/Features/VirtioCrypto Fixes: dbaf0624ffa5 ("crypto: add virtio-crypto driver") Signed-off-by: Peter Wu <peter@lekensteyn.nl> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-16crypto: chelsio -Split Hash requests for large scatter gather listHarsh Jain
Send multiple WRs to H/W when No. of entries received in scatter list cannot be sent in single request. Signed-off-by: Harsh Jain <harsh@chelsio.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-16crypto: chelsio - Fix iv passed in fallback path for rfc3686Harsh Jain
We use ctr(aes) to fallback rfc3686(ctr) request. Send updated IV to fallback path. Signed-off-by: Harsh Jain <harsh@chelsio.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-16crypto: chelsio - Update IV before sending request to HWHarsh Jain
CBC Decryption requires Last Block as IV. In case src/dst buffer are same last block will be replaced by plain text. This patch copies the Last Block before sending request to HW. Signed-off-by: Harsh Jain <harsh@chelsio.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-16crypto: chelsio - Fix src buffer dma lengthHarsh Jain
ulptx header cannot have length > 64k. Adjust length accordingly. Signed-off-by: Harsh Jain <harsh@chelsio.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-16crypto: chelsio - Use kernel round function to align lengthsHarsh Jain
Replace DIV_ROUND_UP to roundup or rounddown Signed-off-by: Harsh Jain <harsh@chelsio.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-16crypto: ccp - Use memdup_user() rather than duplicating its implementationMarkus Elfring
Reuse existing functionality from memdup_user() instead of keeping duplicate source code. This issue was detected by using the Coccinelle software. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Reviewed-by: Brijesh Singh <brijesh.singh@amd.com> Acked-by: Gary R Hook <gary.hook@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-09crypto: ccp - Fill the result buffer only on digest, finup, and final opsGary R Hook
Any change to the result buffer should only happen on final, finup and digest operations. Changes to the buffer for update, import, export, etc, are not allowed. Fixes: 66d7b9f6175e ("crypto: testmgr - test misuse of result in ahash") Signed-off-by: Gary R Hook <gary.hook@amd.com> Cc: <stable@vger.kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-09crypto: s5p-sss - Constify pointed data (arguments and local variables)Krzysztof Kozlowski
Improve the code (safety and readability) by indicating that data passed through pointer is not modified. This adds const keyword in many places, most notably: - the driver data (pointer to struct samsung_aes_variant), - scatterlist addresses written as value to device registers, - key and IV arrays. Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-09crypto: s5p-sss - Remove useless check for non-null requestKrzysztof Kozlowski
ahash_request 'req' argument passed by the caller s5p_hash_handle_queue() cannot be NULL here because it is obtained from non-NULL pointer via container_of(). This fixes smatch warning: drivers/crypto/s5p-sss.c:1213 s5p_hash_prepare_request() warn: variable dereferenced before check 'req' (see line 1208) Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-09crypto: omap-sham - Fix misleading indentationKrzysztof Kozlowski
Commit 8043bb1ae03c ("crypto: omap-sham - convert driver logic to use sgs for data xmit") removed the if() clause leaving the statement as is. The intention was in that case to finish the request always so the goto instruction seems sensible. Remove the indentation to fix Smatch warning: drivers/crypto/omap-sham.c:1761 omap_sham_done_task() warn: inconsistent indenting Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org> Acked-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2018-03-09crypto: omap-sham - Remove useless check for non-null requestKrzysztof Kozlowski
ahash_request 'req' argument passed by the caller omap_sham_handle_queue() cannot be NULL here because it is obtained from non-NULL pointer via container_of(). This fixes smatch warning: drivers/crypto/omap-sham.c:812 omap_sham_prepare_request() warn: variable dereferenced before check 'req' (see line 805) Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org> Acked-by: Tero Kristo <t-kristo@ti.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>