summaryrefslogtreecommitdiffstats
path: root/drivers/crypto
Commit message (Collapse)AuthorAgeFilesLines
* n2_crypto: Attach on Niagara-T3.David S. Miller2011-07-281-15/+18
| | | | | | | | | | | A small modification was necessary since in the machine description for 'n2cp' and 'ncp' nodes, there no longer is an 'intr' property. That's OK because this property was always nothing more than an array of integers '1' ... 'nr_inos + 1' so we can just compute it in-place. Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'for-linus' of ↵Linus Torvalds2011-07-251-13/+13
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: fs: take the ACL checks to common code bury posix_acl_..._masq() variants kill boilerplates around posix_acl_create_masq() generic_acl: no need to clone acl just to push it to set_cached_acl() kill boilerplate around posix_acl_chmod_masq() reiserfs: cache negative ACLs for v1 stat format xfs: cache negative ACLs if there is no attribute fork 9p: do no return 0 from ->check_acl without actually checking vfs: move ACL cache lookup into generic code CIFS: Fix oops while mounting with prefixpath xfs: Fix wrong return value of xfs_file_aio_write fix devtmpfs race caam: don't pass bogus S_IFCHR to debugfs_create_...() get rid of create_proc_entry() abuses - proc_mkdir() is there for purpose asus-wmi: ->is_visible() can't return negative fix jffs2 ACLs on big-endian with 16bit mode_t 9p: close ACL leaks ocfs2_init_acl(): fix a leak VFS : mount lock scalability for internal mounts
| * caam: don't pass bogus S_IFCHR to debugfs_create_...()Al Viro2011-07-241-13/+13
| | | | | | | | | | | | it will be replaced with S_IFREG anyway Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* | crypto: caam - ablkcipher supportYuan Kang2011-07-152-0/+511
| | | | | | | | | | | | | | | | | | caam now supports encrypt and decrypt for aes, des and 3des Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: caam - faster aead implementationYuan Kang2011-07-152-330/+832
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Job descriptors only contain header and seq pointers. Other commands are stored in separate shared descriptors for encrypt, decrypt and givencrypt, stored as arrays in caam_ctx. This requires additional macros to create math commands to calculate assoclen and cryptlen. Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: caam - structure renamingYuan Kang2011-07-151-21/+43
| | | | | | | | | | | | | | | | | | | | | | | | caam_ctx.key_phys to key_dma caam_alg_template supports multiple algorithm types listed in union, which requires cases for different types in function caam_alg_alloc Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: caam - shorter namesYuan Kang2011-07-151-137/+137
| | | | | | | | | | | | | | | | | | | | | | | | | | | | "aead_authenc" and "ipsec_esp" changed to "aead," except for function "ipsec_esp," which is changed to "init_aead_job." Variable name of aead_request structures changed to "req" and name of aead_givcrypt_request structure changed to "areq" Signed-off-by: Yuan Kang <Yuan.Kang@freescale.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: talitos - don't bad_key in ablkcipher setkeyKim Phillips2011-07-151-11/+0
| | | | | | | | | | | | | | | | | | crypto/ablkcipher.c's setkey() has already checked against the min, max key sizes before it calls here, and all max_keysize assignments in the algorithm template array do not exceed TALITOS_MAX_KEY_SIZE. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: talitos - remove unused giv from ablkcipher methodsKim Phillips2011-07-151-4/+3
| | | | | | | | | | Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: talitos - don't set done notification in hot pathKim Phillips2011-07-151-3/+3
| | | | | | | | | | | | | | | | | | IRQ done notification is always set. Remove its explicit assignment from the hot path by including it in the descriptor header template assignment in talitos_cra_init. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: talitos - ensure request ordering within a single tfmKim Phillips2011-07-151-9/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | Assign single target channel per tfm in talitos_cra_init instead of performing channel scheduling dynamically during the encryption request. This changes the talitos_submit interface to accept a new channel number argument. Without this, rapid bursts of misc. sized requests could make it possible for IPsec packets to be encrypted out-of-order, which would result in packet drops due to sequence numbers falling outside the anti-reply window on a peer gateway. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: crypto4xx - Perform read/modify/write on device control registerJosh Boyer2011-06-301-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | The Security function on the AMCC SoCs has multiple engines within a single MMIO range. The crypto driver currently enables the 3DES functionality by doing a blind write to the device control register. This can unintentionally disable other functions like the PKA or TRNG when the driver is loaded. Perform a read/modify/write to enable the 3DES function instead. Signed-off-by: Josh Boyer <jwboyer@linux.vnet.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: caam - fix build warning when DEBUG_FS not configuredKim Phillips2011-06-301-1/+3
| | | | | | | | | | | | | | | | drivers/crypto/caam/ctrl.c: In function 'caam_probe': drivers/crypto/caam/ctrl.c:55:23: warning: unused variable 'perfmon' Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - do not schedule tasklet if there is no active requestsDmitry Kasatkin2011-06-301-0/+5
| | | | | | | | | | Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - clear device flags when finishing requestDmitry Kasatkin2011-06-301-1/+3
| | | | | | | | | | Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - irq handler must not clear error codeDmitry Kasatkin2011-06-301-1/+0
| | | | | | | | | | Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - irq and dma handling changesDmitry Kasatkin2011-06-301-13/+27
| | | | | | | | | | | | | | | | | | | | | | | | It could be a situation, that tasklet is executed twice because of certain delay between dma callback and irq handler execution. In that case, second tasklet execution could actually corrupt the data of the new started dma transactions. This patch improves tasklet logic and prevents above described cases. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - remove dedicated queue handling taskletDmitry Kasatkin2011-06-301-15/+9
| | | | | | | | | | | | | | | | | | | | | | | | Calling omap_sham_handle_queue from "done" tasklet should be done after irq scheduled tasklet completes. Having additional tasklet does not solve that issue because it might be execute before. So queue handling tasklet has been removed and functionality integrated into single tasklet. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - remove unnecessary local variableDmitry Kasatkin2011-06-301-2/+1
| | | | | | | | | | Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - move some flags to device contextDmitry Kasatkin2011-06-301-13/+6
| | | | | | | | | | | | | | | | | | Couple of context flags have been moved to device flags. IRQ and tasklet handlers does not need to access request context anymore. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - replace flags operation with atomic bit operationsDmitry Kasatkin2011-06-301-16/+13
| | | | | | | | | | | | | | | | | | | | Some flags are changed in interrupt handlers and verified in the tasklet. There might be a race condition when tasklet is interrupted or another cpu/core will run IRQ handler and tasklet in parallel. Atomic bitops functions are now used instead of bitmask operations. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - replace flags bit mask with bit numberDmitry Kasatkin2011-06-301-50/+52
| | | | | | | | | | | | | | | | | | Flags mask cannot be used with atomic bit operations. This patch changes masks to bit numbers. Atomic bit operations will be used by following patches. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - remove unused codeDmitry Kasatkin2011-06-301-5/+0
| | | | | | | | | | Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: omap-sham - remove extra referenceDmitry Kasatkin2011-06-301-1/+1
|/ | | | | | | Request pointer is already available in the function. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: caam - fix operator precedence in shared descriptor allocationKim Phillips2011-06-301-3/+3
| | | | | | | | | | setkey allocates 16 bytes (CAAM_CMD_SZ * DESC_AEAD_SHARED_TEXT_LEN) shy of what is needed to store the shared descriptor, resulting in memory corruption. Fix this. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [S390] ap: skip device registration on type probe failureHolger Dengler2011-05-231-0/+2
| | | | | | | | | The registration of an ap device will be skipped, if the device type probing fails. Add names of current crypto adapters to the Kconfig help. Signed-off-by: Holger Dengler <hd@linux.vnet.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6Linus Torvalds2011-05-2020-154/+6157
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (45 commits) crypto: caam - add support for sha512 variants of existing AEAD algorithms crypto: caam - remove unused authkeylen from caam_ctx crypto: caam - fix decryption shared vs. non-shared key setting crypto: caam - platform_bus_type migration crypto: aesni-intel - fix aesni build on i386 crypto: aesni-intel - Merge with fpu.ko crypto: mv_cesa - make count_sgs() null-pointer proof crypto: mv_cesa - copy remaining bytes to SRAM only when needed crypto: mv_cesa - move digest state initialisation to a better place crypto: mv_cesa - fill inner/outer IV fields only in HMAC case crypto: mv_cesa - refactor copy_src_to_buf() crypto: mv_cesa - no need to save digest state after the last chunk crypto: mv_cesa - print a warning when registration of AES algos fail crypto: mv_cesa - drop this call to mv_hash_final from mv_hash_finup crypto: mv_cesa - the descriptor pointer register needs to be set just once crypto: mv_cesa - use ablkcipher_request_cast instead of the manual container_of crypto: caam - fix printk recursion for long error texts crypto: caam - remove unused keylen from session context hwrng: amd - enable AMD hw rnd driver for Maple PPC boards hwrng: amd - manage resource allocation ...
| * crypto: caam - add support for sha512 variants of existing AEAD algorithmsKim Phillips2011-05-192-13/+107
| | | | | | | | | | | | | | | | | | | | | | | | In doing so, sha512 sized keys would not fit with the current descriptor inlining mechanism, so we now calculate whether keys should be referenced instead by pointers in the shared descriptor. also, use symbols for descriptor text lengths, and, ahem, unmap and free key i/o memory in cra_exit. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: caam - remove unused authkeylen from caam_ctxKim Phillips2011-05-191-2/+0
| | | | | | | | | | Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: caam - fix decryption shared vs. non-shared key settingKim Phillips2011-05-191-4/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Key sharing is enabled by default in the shared descriptor. Using CBC decrypt, AES has to alter the key in order to decrypt. During high traffic decryption rates, i.e, when sharing starts to take place, we need to use a different OPERATION option to tell AES that the key was already altered by the PRIOR descriptor - we need the following kind of logic: if ( shared ) operation where AES uses decryption key (DK=1) else operation where AES uses encryption key (DK=0) this patch implements this logic using a conditional and a non-conditional local jump within the decryption job descriptor. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: caam - platform_bus_type migrationKim Phillips2011-05-191-5/+4
| | | | | | | | | | | | | | | | | | this fixes a build error since cryptodev-2.6 got rebased to include commit d714d1979d7b4df7e2c127407f4014ce71f73cd0 "dt: eliminate of_platform_driver shim code". Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: mv_cesa - make count_sgs() null-pointer proofPhil Sutter2011-05-111-6/+2
| | | | | | | | | | | | | | | | | | | | | | This also makes the dummy scatterlist in mv_hash_final() needless, so drop it. XXX: should this routine be made pulicly available? There are probably other users with their own implementations. Signed-off-by: Phil Sutter <phil.sutter@viprinet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: mv_cesa - copy remaining bytes to SRAM only when neededPhil Sutter2011-05-111-6/+6
| | | | | | | | | | Signed-off-by: Phil Sutter <phil.sutter@viprinet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: mv_cesa - move digest state initialisation to a better placePhil Sutter2011-05-111-8/+6
| | | | | | | | | | | | | | | | | | On one hand, the digest state registers need to be set only when actually using the crypto engine. On the other hand, there is a check for ctx->first_hash in mv_process_hash_current() already, so use that. Signed-off-by: Phil Sutter <phil.sutter@viprinet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: mv_cesa - fill inner/outer IV fields only in HMAC casePhil Sutter2011-05-111-3/+3
| | | | | | | | | | Signed-off-by: Phil Sutter <phil.sutter@viprinet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: mv_cesa - refactor copy_src_to_buf()Phil Sutter2011-05-111-15/+10
| | | | | | | | | | | | | | | | | | | | The main goal was to have it not do anything when a zero len parameter was being passed (which could lead to a null pointer dereference, as in this case p->src_sg is null, either). Using the min() macro, the lower part of the loop gets simpler, too. Signed-off-by: Phil Sutter <phil.sutter@viprinet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: mv_cesa - no need to save digest state after the last chunkPhil Sutter2011-05-111-6/+6
| | | | | | | | | | Signed-off-by: Phil Sutter <phil.sutter@viprinet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: mv_cesa - print a warning when registration of AES algos failPhil Sutter2011-05-111-2/+8
| | | | | | | | | | Signed-off-by: Phil Sutter <phil.sutter@viprinet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: mv_cesa - drop this call to mv_hash_final from mv_hash_finupPhil Sutter2011-05-111-3/+0
| | | | | | | | | | | | | | | | The code in mv_hash_final is actually a superset of mv_hash_finup's body. Since the driver works fine without, drop it. Signed-off-by: Phil Sutter <phil.sutter@viprinet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: mv_cesa - the descriptor pointer register needs to be set just oncePhil Sutter2011-05-111-2/+1
| | | | | | | | | | Signed-off-by: Phil Sutter <phil.sutter@viprinet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: mv_cesa - use ablkcipher_request_cast instead of the manual container_ofPhil Sutter2011-05-111-3/+1
| | | | | | | | | | Signed-off-by: Phil Sutter <phil.sutter@viprinet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: caam - fix printk recursion for long error textsKim Phillips2011-05-042-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | during recent descriptor development, an Invalid Sequence Command error triggered a: BUG: recent printk recursion! due to insufficient memory allocated for the error text. The Invalid Sequence Command error text is the longest. The length of the maximum error string is computed as the sum of: "DECO: ": 6 "jump tgt desc idx 255: ": 23 Invalid Sequence Command text: 272 zero termination character: 1 i.e, 302 characters. Define this maximum error string length in error.h and fix caam_jr_strstatus callsites. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: caam - remove unused keylen from session contextKim Phillips2011-05-041-2/+0
| | | | | | | | | | Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: s390 - add System z hardware support for CTR modeGerald Schaefer2011-05-041-2/+6
| | | | | | | | | | | | | | | | | | | | This patch adds System z hardware acceleration support for AES, DES and 3DES in CTR mode. The hardware support is available starting with System z196. Signed-off-by: Gerald Schaefer <gerald.schaefer@de.ibm.com> Signed-off-by: Jan Glauber <jang@linux.vnet.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: s390 - cleanup s390 Kconfig optionsJan Glauber2011-05-041-8/+8
| | | | | | | | | | | | | | | | Cleanup the remaining s390 crypto options by mentioning the earliest machine type that supports an accelerated algorithm. Signed-off-by: Jan Glauber <jang@linux.vnet.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: s390 - add System z hardware support for GHASHGerald Schaefer2011-05-041-0/+10
| | | | | | | | | | | | | | | | | | | | This patch adds System z hardware acceleration support for the GHASH algorithm for GCM (Galois/Counter Mode). The hardware support is available beginning with System z196. Signed-off-by: Jan Glauber <jang@linux.vnet.ibm.com> Signed-off-by: Gerald Schaefer <gerald.schaefer@de.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: s390 - add System z hardware support for XTS modeGerald Schaefer2011-05-041-14/+8
| | | | | | | | | | | | | | | | | | This patch adds System z hardware acceleration support for the AES XTS mode. The hardware support is available beginning with System z196. Signed-off-by: Jan Glauber <jang@linux.vnet.ibm.com> Signed-off-by: Gerald Schaefer <gerald.schaefer@de.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: caam - remove duplicate dev_errKim Phillips2011-05-031-1/+0
| | | | | | | | | | | | | | | | keep the hex error value reporting version (a) to be consistent with decrypt_done(), and (b) to keep our hardware guys happy. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: caam - remove WAIT-FOR-COMPLETIONs from givencrypt descriptorKim Phillips2011-05-031-4/+2
| | | | | | | | | | | | | | remains from descriptor debugging - not required for normal operation. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| * crypto: caam - fix queue interface detectionKim Phillips2011-05-031-1/+1
| | | | | | | | | | | | | | | | The presence of a h/w Queue Interface would fail due to this cut-n-paste snafu. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
OpenPOWER on IntegriCloud