[PATCH resending] splice: sendfile() at once fails for big files
When big files (over 64kbytes) are sent with sendfile(), they are sent by blocks
of 64kbytes. In that case, the target must be informed that the current block is
not the last one, otherwise if might take wrong actions.
The issue was observed while sending a file to an AF_ALG socket for hashing. The
hash was reset at each 64k block.
This patch adds SPLICE_F_MORE to the flags when more data is pending.
Signed-off-by: Christophe Leroy
Index: b/fs/splice.c
===
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -1171,7 +1171,7 @@
long ret, bytes;
umode_t i_mode;
size_t len;
- int i, flags;
+ int i, flags, more;
/*
* We require the input being a regular file, as we don't want to
@@ -1214,6 +1214,7 @@
* Don't block on output, we have to drain the direct pipe.
*/
sd->flags &= ~SPLICE_F_NONBLOCK;
+ more = sd->flags & SPLICE_F_MORE;
while (len) {
size_t read_len;
@@ -1226,6 +1227,10 @@
read_len = ret;
sd->total_len = read_len;
+ if (read_len < len)
+ sd->flags |= SPLICE_F_MORE;
+ else if (!more)
+ sd->flags &= ~SPLICE_F_MORE;
/*
* NOTE: nonblocking mode only applies to the input. We
* must not do the output in nonblocking mode as then we
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[RFC, prePATCH] crypto: talitos modified for powerpc 88x security engine
Here is a pre-patch for the support of the SEC ENGINE of MPC88x/MPC82xx
I have tried to make use of defines in order to keep a single driver for the two
TALITOS variants as suggested by Kim, but I'm not too happy about the quantity
of #ifdef
For the time being, it only supports basic crypto operations, not the combined
authentication/encryption ones.
Note that it has been tested on MPC885, but not on MPC82xx
I would be happy to receive comments and suggestions in order to improve this
first try.
Not-yet-signed-off-by: Christophe Leroy
Index: b/drivers/crypto/talitos.c
===
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -53,10 +53,26 @@
#include "talitos.h"
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
+static u8 padded_hash[64] = { 0x80, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+};
+#endif
+
static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t
dma_addr)
{
talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
+ talitos_ptr->res = 0;
+#else
talitos_ptr->eptr = upper_32_bits(dma_addr);
+#endif
}
/*
@@ -72,7 +88,11 @@
talitos_ptr->len = cpu_to_be16(len);
to_talitos_ptr(talitos_ptr, dma_addr);
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
+ talitos_ptr->res = 0;
+#else
talitos_ptr->j_extent = extent;
+#endif
}
/*
@@ -91,9 +111,17 @@
struct talitos_private *priv = dev_get_drvdata(dev);
unsigned int timeout = TALITOS_TIMEOUT;
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
+ setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO, TALITOS_CCCR_LO_RESET);
+#else
setbits32(priv->chan[ch].reg + TALITOS_CCCR, TALITOS_CCCR_RESET);
+#endif
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
+ while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR_LO) &
TALITOS_CCCR_LO_RESET)
+#else
while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) & TALITOS_CCCR_RESET)
+#endif
&& --timeout)
cpu_relax();
@@ -101,10 +129,11 @@
dev_err(dev, "failed to reset channel %d\n", ch);
return -EIO;
}
+dev_err(dev, "success to reset channel %d\n", ch);
/* set 36-bit addressing, done writeback enable and done IRQ enable */
setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO, TALITOS_CCCR_LO_EAE |
- TALITOS_CCCR_LO_CDWE | TALITOS_CCCR_LO_CDIE);
+ TALITOS_CCCR_LO_CDWE | TALITOS_CCCR_LO_CDIE /*|
TALITOS_CCCR_LO_NT*/);
/* and ICCR writeback, if available */
if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
@@ -169,8 +198,15 @@
}
/* enable channel done and error interrupts */
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
+ clrbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
+ clrbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
+ /* disable parity error check in DEU because of erroneous? test vectors
*/
+ setbits32(priv->reg + TALITOS_DEUICR, TALITOS_DEUICR_KPE);
+#else
setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
+#endif
/* disable integrity check error interrupts (use writeback instead) */
if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
@@ -228,6 +264,7 @@
/* GO! */
wmb();
+
out_be32(priv->chan[ch].reg + TALITOS_FF,
upper_32_bits(request->dma_desc));
out_be32(priv->chan[ch].reg + TALITOS_FF_LO,
@@ -300,6 +337,7 @@
/*
* process completed requests for channels that have done status
*/
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
#define DEF_TALITOS_DONE(name, ch_done_mask) \
static void talitos_done_##name(unsigned long data)\
{ \
@@ -307,6 +345,33 @@
struct talitos_private *priv = dev_get_drvdata(dev);\
unsigned long flags;\
\
+ if (ch_done_mask & 0x1000)
\
+ flush_channel(dev, 0, 0, 0);\
+ if (priv->num_channels == 1)\
+ goto out; \
+ if (ch_done_mask & 0x4000) \
+ flush_channel(dev, 1, 0, 0);\
+ if (ch_done_mask
[PATCH resending] splice: sendfile() at once fails for big files
When big files (over 64kbytes) are sent with sendfile(), they are sent by blocks
of 64kbytes. In that case, the target must be informed that the current block is
not the last one, otherwise it might take wrong actions.
The issue was observed while sending a file to an AF_ALG socket for hashing. The
hash was reset at each 64k block.
This patch adds SPLICE_F_MORE to the flags when more data is pending.
Signed-off-by: Christophe Leroy
Index: b/fs/splice.c
===
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -1171,7 +1171,7 @@
long ret, bytes;
umode_t i_mode;
size_t len;
- int i, flags;
+ int i, flags, more;
/*
* We require the input being a regular file, as we don't want to
@@ -1214,6 +1214,7 @@
* Don't block on output, we have to drain the direct pipe.
*/
sd->flags &= ~SPLICE_F_NONBLOCK;
+ more = sd->flags & SPLICE_F_MORE;
while (len) {
size_t read_len;
@@ -1226,6 +1227,10 @@
read_len = ret;
sd->total_len = read_len;
+ if (read_len < len)
+ sd->flags |= SPLICE_F_MORE;
+ else if (!more)
+ sd->flags &= ~SPLICE_F_MORE;
/*
* NOTE: nonblocking mode only applies to the input. We
* must not do the output in nonblocking mode as then we
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH resending] splice: sendfile() at once fails for big files
When big files (over 64kbytes) are sent with sendfile(), they are sent by blocks
of 64kbytes. In that case, the target must be informed that the current block is
not the last one, otherwise it might take wrong actions.
The issue was observed while sending a file to an AF_ALG socket for hashing. The
hash was reset at each 64k block.
This patch adds SPLICE_F_MORE to the flags when more data is pending.
Signed-off-by: Christophe Leroy
Index: b/fs/splice.c
===
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -1171,7 +1171,7 @@
long ret, bytes;
umode_t i_mode;
size_t len;
- int i, flags;
+ int i, flags, more;
/*
* We require the input being a regular file, as we don't want to
@@ -1214,6 +1214,7 @@
* Don't block on output, we have to drain the direct pipe.
*/
sd->flags &= ~SPLICE_F_NONBLOCK;
+ more = sd->flags & SPLICE_F_MORE;
while (len) {
size_t read_len;
@@ -1226,6 +1227,10 @@
read_len = ret;
sd->total_len = read_len;
+ if (read_len < len)
+ sd->flags |= SPLICE_F_MORE;
+ else if (!more)
+ sd->flags &= ~SPLICE_F_MORE;
/*
* NOTE: nonblocking mode only applies to the input. We
* must not do the output in nonblocking mode as then we
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 03/17] crypto: talitos - Use zero entry to init descriptors ptrs to zero
Do use zero_entry value to init the descriptors ptrs to zero instead of
writing 0 in each field
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index e3a2d75..b54c998 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1387,9 +1387,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
int sg_count, ret;
/* first DWORD empty */
- desc->ptr[0].len = 0;
- to_talitos_ptr(&desc->ptr[0], 0);
- desc->ptr[0].j_extent = 0;
+ desc->ptr[0] = zero_entry;
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
@@ -1459,9 +1457,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
DMA_FROM_DEVICE);
/* last DWORD empty */
- desc->ptr[6].len = 0;
- to_talitos_ptr(&desc->ptr[6], 0);
- desc->ptr[6].j_extent = 0;
+ desc->ptr[6] = zero_entry;
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 05/17] crypto: talitos - isolate scatter/gather handling for ahash
SEC1 doesn't support scatter/gather, therefore this part of the code will
have to be implemented differently for SEC1, so we isolate it in a small
helper function
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 29 +++--
1 file changed, 19 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 4db35a6..6766bcc 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1709,6 +1709,23 @@ static int ahash_init_sha224_swinit(struct ahash_request
*areq)
return 0;
}
+static void ahash_process_chain(struct scatterlist *src, int nbytes,
+ bool *chained,
+ struct talitos_ahash_req_ctx *req_ctx,
+ int nbytes_to_hash)
+{
+ if (req_ctx->nbuf) {
+ unsigned int nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
+
+ sg_init_table(req_ctx->bufsl, nsg);
+ sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
+ if (nsg > 1)
+ scatterwalk_sg_chain(req_ctx->bufsl, 2, src);
+ req_ctx->psrc = req_ctx->bufsl;
+ } else
+ req_ctx->psrc = src;
+}
+
static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
@@ -1719,7 +1736,6 @@ static int ahash_process_req(struct ahash_request *areq,
unsigned int nbytes)
crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
unsigned int nbytes_to_hash;
unsigned int to_hash_later;
- unsigned int nsg;
bool chained;
if (!req_ctx->last && (nbytes + req_ctx->nbuf <= blocksize)) {
@@ -1747,15 +1763,8 @@ static int ahash_process_req(struct ahash_request *areq,
unsigned int nbytes)
}
/* Chain in any previously buffered data */
- if (req_ctx->nbuf) {
- nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
- sg_init_table(req_ctx->bufsl, nsg);
- sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
- if (nsg > 1)
- scatterwalk_sg_chain(req_ctx->bufsl, 2, areq->src);
- req_ctx->psrc = req_ctx->bufsl;
- } else
- req_ctx->psrc = areq->src;
+ ahash_process_chain(areq->src, nbytes, &chained, req_ctx,
+ nbytes_to_hash);
if (to_hash_later) {
int nents = sg_count(areq->src, nbytes, &chained);
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 09/17] crypto: talitos - Move reset/init helpers into talitos2.h
Move reset/init helpers init talitos2.h as they are specific to SEC2
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 19 ---
drivers/crypto/talitos2.h | 20
2 files changed, 20 insertions(+), 19 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index de31ab0..d15cf83 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -55,19 +55,6 @@
#include "talitos.h"
-static unsigned int do_reset_channel(struct talitos_private *priv, int ch)
-{
- unsigned int timeout = TALITOS_TIMEOUT;
-
- setbits32(priv->chan[ch].reg + TALITOS_CCCR, TALITOS_CCCR_RESET);
-
- while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) & TALITOS_CCCR_RESET)
- && --timeout)
- cpu_relax();
-
- return timeout;
-}
-
int talitos_reset_channel(struct device *dev, int ch)
{
struct talitos_private *priv = dev_get_drvdata(dev);
@@ -118,12 +105,6 @@ static int reset_device(struct device *dev)
/*
* Reset and initialize the device
*/
-static void do_init_device(struct talitos_private *priv)
-{
- setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
- setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
-}
-
int talitos_init_device(struct device *dev)
{
struct talitos_private *priv = dev_get_drvdata(dev);
diff --git a/drivers/crypto/talitos2.h b/drivers/crypto/talitos2.h
index e7a91cf..f9da9f2 100644
--- a/drivers/crypto/talitos2.h
+++ b/drivers/crypto/talitos2.h
@@ -202,3 +202,23 @@ extern int talitos_alg_alloc_aead(struct crypto_alg *alg);
#define DESC_PTR_LNKTBL_JUMP 0x80
#define DESC_PTR_LNKTBL_RETURN 0x02
#define DESC_PTR_LNKTBL_NEXT 0x01
+
+static inline unsigned int do_reset_channel(struct talitos_private *priv,
+ int ch)
+{
+ unsigned int timeout = TALITOS_TIMEOUT;
+
+ setbits32(priv->chan[ch].reg + TALITOS_CCCR, TALITOS_CCCR_RESET);
+
+ while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) & TALITOS_CCCR_RESET)
+ && --timeout)
+ cpu_relax();
+
+ return timeout;
+}
+
+static inline void do_init_device(struct talitos_private *priv)
+{
+ setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
+ setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
+}
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 11/17] crypto: talitos - Move hash chain handling into talitos2.h
Move hash chain handling into talitos2.h as only SEC2 has sg chaining
capatibility
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 34 --
drivers/crypto/talitos2.h | 34 ++
2 files changed, 34 insertions(+), 34 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 3190762..6c1f6f1 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -458,23 +458,6 @@ static void talitos_unregister_rng(struct device *dev)
#define MD5_BLOCK_SIZE64
-#define HASH_MAX_BLOCK_SIZESHA512_BLOCK_SIZE
-#define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
-
-struct talitos_ahash_req_ctx {
- u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)];
- unsigned int hw_context_size;
- u8 buf[HASH_MAX_BLOCK_SIZE];
- u8 bufnext[HASH_MAX_BLOCK_SIZE];
- unsigned int swinit;
- unsigned int first;
- unsigned int last;
- unsigned int to_hash_later;
- u64 nbuf;
- struct scatterlist bufsl[2];
- struct scatterlist *psrc;
-};
-
/*
* derive number of elements in scatterlist
*/
@@ -913,23 +896,6 @@ static int ahash_init_sha224_swinit(struct ahash_request
*areq)
return 0;
}
-static void ahash_process_chain(struct scatterlist *src, int nbytes,
- bool *chained,
- struct talitos_ahash_req_ctx *req_ctx,
- int nbytes_to_hash)
-{
- if (req_ctx->nbuf) {
- unsigned int nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
-
- sg_init_table(req_ctx->bufsl, nsg);
- sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
- if (nsg > 1)
- scatterwalk_sg_chain(req_ctx->bufsl, 2, src);
- req_ctx->psrc = req_ctx->bufsl;
- } else
- req_ctx->psrc = src;
-}
-
static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
diff --git a/drivers/crypto/talitos2.h b/drivers/crypto/talitos2.h
index 10c7313..7edc563 100644
--- a/drivers/crypto/talitos2.h
+++ b/drivers/crypto/talitos2.h
@@ -223,6 +223,40 @@ static inline void do_init_device(struct talitos_private
*priv)
setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
}
+#define HASH_MAX_BLOCK_SIZESHA512_BLOCK_SIZE
+#define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
+
+struct talitos_ahash_req_ctx {
+ u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)];
+ unsigned int hw_context_size;
+ u8 buf[HASH_MAX_BLOCK_SIZE];
+ u8 bufnext[HASH_MAX_BLOCK_SIZE];
+ unsigned int swinit;
+ unsigned int first;
+ unsigned int last;
+ unsigned int to_hash_later;
+ u64 nbuf;
+ struct scatterlist bufsl[2];
+ struct scatterlist *psrc;
+};
+
+static inline void ahash_process_chain(struct scatterlist *src, int nbytes,
+ bool *chained,
+ struct talitos_ahash_req_ctx *req_ctx,
+ int nbytes_to_hash)
+{
+ if (req_ctx->nbuf) {
+ unsigned int nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
+
+ sg_init_table(req_ctx->bufsl, nsg);
+ sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
+ if (nsg > 1)
+ scatterwalk_sg_chain(req_ctx->bufsl, 2, src);
+ req_ctx->psrc = req_ctx->bufsl;
+ } else
+ req_ctx->psrc = src;
+}
+
#define DEF_TALITOS_DONE(name, ch_done_mask) \
static void talitos_done_##name(unsigned long data)\
{ \
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 16/17] crypto: talitos - SEC1 bugs on 0 data hash
SEC1 bugs on 0 data hash, so we submit an already padded block representing 0
data
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 3 +++
drivers/crypto/talitos1.c | 21 +
drivers/crypto/talitos1.h | 4
drivers/crypto/talitos2.h | 6 ++
4 files changed, 34 insertions(+)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 112a25a..464338c 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -817,6 +817,9 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc,
to_talitos_next_desc_clear(desc);
+ if (desc->ptr[3].len == 0)
+ talitos_handle_buggy_hash(ctx, edesc, &desc->ptr[3]);
+
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
common_nonsnoop_hash_unmap(dev, edesc, areq);
diff --git a/drivers/crypto/talitos1.c b/drivers/crypto/talitos1.c
index c1a8e9e..1edaa68 100644
--- a/drivers/crypto/talitos1.c
+++ b/drivers/crypto/talitos1.c
@@ -174,3 +174,24 @@ void talitos_error(struct device *dev, u32 isr, u32 isr_lo)
talitos_init_device(dev);
}
}
+
+/*
+ * SEC1 doesn't like hashing of 0 sized message, so we do the padding
+ * ourself and submit a padded block
+ */
+void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
+ struct talitos_edesc *edesc,
+ struct talitos_ptr *ptr)
+{
+ static u8 padded_hash[64] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ };
+
+ pr_err_once("Bug in SEC1, padding ourself\n");
+ edesc->desc.hdr &= ~DESC_HDR_MODE0_MDEU_PAD;
+ map_single_talitos_ptr(ctx->dev, ptr, sizeof(padded_hash),
+ (char *)padded_hash, 0, DMA_TO_DEVICE);
+}
diff --git a/drivers/crypto/talitos1.h b/drivers/crypto/talitos1.h
index f78d89d..a9e0619 100644
--- a/drivers/crypto/talitos1.h
+++ b/drivers/crypto/talitos1.h
@@ -277,6 +277,10 @@ static inline void ahash_process_chain(struct scatterlist
*src, int nbytes,
}
}
+extern void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
+ struct talitos_edesc *edesc,
+ struct talitos_ptr *ptr);
+
#define DEF_TALITOS_DONE(name, ch_done_mask) \
static void talitos_done_##name(unsigned long data)\
{ \
diff --git a/drivers/crypto/talitos2.h b/drivers/crypto/talitos2.h
index 2715c72..de0c8f4 100644
--- a/drivers/crypto/talitos2.h
+++ b/drivers/crypto/talitos2.h
@@ -266,6 +266,12 @@ static inline void ahash_process_chain(struct scatterlist
*src, int nbytes,
req_ctx->psrc = src;
}
+static inline void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
+ struct talitos_edesc *edesc,
+ struct talitos_ptr *ptr)
+{
+}
+
#define DEF_TALITOS_DONE(name, ch_done_mask) \
static void talitos_done_##name(unsigned long data)\
{ \
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 10/17] crypto: talitos - Move interrupt related macros in talitos2.h
Move interrupt related macros in talitos2.h as they are specific to SEC2
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 58 -
drivers/crypto/talitos2.h | 60 +++
2 files changed, 60 insertions(+), 58 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index d15cf83..3190762 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -262,32 +262,6 @@ void talitos_flush_channel(struct device *dev, int ch, int
error, int reset_ch)
/*
* process completed requests for channels that have done status
*/
-#define DEF_TALITOS_DONE(name, ch_done_mask) \
-static void talitos_done_##name(unsigned long data)\
-{ \
- struct device *dev = (struct device *)data; \
- struct talitos_private *priv = dev_get_drvdata(dev);\
- unsigned long flags;\
- \
- if (ch_done_mask & 1) \
- talitos_flush_channel(dev, 0, 0, 0);\
- if (priv->num_channels == 1)\
- goto out; \
- if (ch_done_mask & (1 << 2))\
- talitos_flush_channel(dev, 1, 0, 0);\
- if (ch_done_mask & (1 << 4))\
- talitos_flush_channel(dev, 2, 0, 0);\
- if (ch_done_mask & (1 << 6))\
- talitos_flush_channel(dev, 3, 0, 0);\
- \
-out: \
- /* At this point, all completed channels have been processed */ \
- /* Unmask done interrupts for channels completed later on. */ \
- spin_lock_irqsave(&priv->reg_lock, flags); \
- setbits32(priv->reg + TALITOS_IMR, ch_done_mask); \
- setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); \
- spin_unlock_irqrestore(&priv->reg_lock, flags); \
-}
DEF_TALITOS_DONE(4ch, TALITOS_ISR_4CHDONE)
DEF_TALITOS_DONE(ch0_2, TALITOS_ISR_CH_0_2_DONE)
DEF_TALITOS_DONE(ch1_3, TALITOS_ISR_CH_1_3_DONE)
@@ -399,38 +373,6 @@ void talitos_report_eu_error(struct device *dev, int ch)
in_be32(priv->chan[ch].reg + TALITOS_DESCBUF_LO + 8*i));
}
-#define DEF_TALITOS_INTERRUPT(name, ch_done_mask, ch_err_mask, tlet) \
-static irqreturn_t talitos_interrupt_##name(int irq, void *data) \
-{ \
- struct device *dev = data; \
- struct talitos_private *priv = dev_get_drvdata(dev); \
- u32 isr, isr_lo; \
- unsigned long flags; \
- \
- spin_lock_irqsave(&priv->reg_lock, flags); \
- isr = in_be32(priv->reg + TALITOS_ISR);\
- isr_lo = in_be32(priv->reg + TALITOS_ISR_LO); \
- /* Acknowledge interrupt */\
- out_be32(priv->reg + TALITOS_ICR, isr & (ch_done_mask | ch_err_mask)); \
- out_be32(priv->reg + TALITOS_ICR_LO, isr_lo); \
- \
- if (unlikely(isr & ch_err_mask || isr_lo)) { \
- spin_unlock_irqrestore(&priv->reg_lock, flags);\
- talitos_error(dev, isr & ch_err_mask, isr_lo); \
- } \
- else { \
- if (likely(isr & ch_done_mask)) { \
- /* mask further done interrupts. */\
- clrbits32(priv->reg + TALITOS_IMR, ch_done_mask); \
- /* done_task will unmask done interrupts at exit */\
- tasklet_schedule(&priv->done_task[tlet]); \
- }
[PATCH 17/17] crypto: talitos - Update DT bindings with SEC1
This patch updates the documentation by including SEC1 into SEC2/3 doc Signed-off-by: Christophe Leroy --- Documentation/devicetree/bindings/crypto/fsl-sec2.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Documentation/devicetree/bindings/crypto/fsl-sec2.txt b/Documentation/devicetree/bindings/crypto/fsl-sec2.txt index 38988ef..570d6a2 100644 --- a/Documentation/devicetree/bindings/crypto/fsl-sec2.txt +++ b/Documentation/devicetree/bindings/crypto/fsl-sec2.txt @@ -1,9 +1,10 @@ -Freescale SoC SEC Security Engines versions 2.x-3.x +Freescale SoC SEC Security Engines versions 1.x-2.x-3.x Required properties: - compatible : Should contain entries for this and backward compatible - SEC versions, high to low, e.g., "fsl,sec2.1", "fsl,sec2.0" + SEC versions, high to low, e.g., "fsl,sec2.1", "fsl,sec2.0" (SEC2/3) + e.g., "fsl,sec1.2", "fsl,sec1.0" (SEC1) - reg : Offset and length of the register set for the device - interrupts : the SEC's interrupt number - fsl,num-channels : An integer representing the number of channels -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 0/17] crypto: talitos - Add support for SEC1
The purpose of this set of patchs is to add to talitos crypto driver the support for the SEC1 version of the security engine, which is found in mpc885 and mpc8272 processors. The approach has been to split the driver in two main parts: * talitos.c and talitos.h contains parts that are common * talitos2.c and talitos2.h contains specificities of SEC2 Then * talitos1.c and talitos1.h has been created with SEC1 specificities Patchset: [01/17] crypto: talitos - base address for Execution Units and macro for ISR masks [02/17] crypto: talitos - Externalise specific SEC2 reset actions [03/17] crypto: talitos - Use zero entry to init descriptors ptrs to zero [04/17] crypto: talitos - Refactor the sg in/out chain allocation [05/17] crypto: talitos - isolate scatter/gather handling for ahash [06/17] crypto: talitos - Add talitos2.c to isolate SEC2 specific functions [07/17] crypto: talitos - Split talitos.h into 2 parts [08/17] crypto: talitos - Deport SEC2 error handling [09/17] crypto: talitos - Move reset/init helpers into talitos2.h [10/17] crypto: talitos - Move interrupt related macros in talitos2.h [11/17] crypto: talitos - Move hash chain handling into talitos2.h [12/17] crypto: talitos - Define compatible in talitos2.h instead of talitos.c [13/17] crypto: talitos - move sg_count() helper into talitos.h [14/17] crypto: talitos - Add a helper function to clear j_extent field [15/17] crypto: talitos - Implementation of SEC1 [16/17] crypto: talitos - SEC1 bugs on 0 data hash [17/17] crypto: talitos - Update DT bindings with SEC1 Signed-off-by: Christophe Leroy .../devicetree/bindings/crypto/fsl-sec2.txt| 5 +- drivers/crypto/Kconfig | 8 + drivers/crypto/Makefile| 2 + drivers/crypto/talitos.c | 927 + drivers/crypto/talitos.h | 185 ++-- drivers/crypto/talitos1.c | 197 + drivers/crypto/talitos1.h | 343 drivers/crypto/talitos2.c | 696 drivers/crypto/talitos2.h | 335 9 files changed, 1736 insertions(+), 962 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 15/17] crypto: talitos - Implementation of SEC1
This patch adds talitos1.c and talitos1.h with all specificities needed
to handle the SEC1 security engine found in MPC885 and MPC8272.
The SEC1 has several differences with its younger brother SEC2:
* Several bits in registers have different locations
* Many bits are missing
* Some bits are in addition
* SEC1 doesn't support scatter/gather
* SEC1 has a different descriptor structure
We add a helper function for clearing the desc field in the descriptor as that
field needs to be cleared on SEC1 and doesn't exist on SEC2.
Signed-off-by: Christophe Leroy
---
drivers/crypto/Kconfig| 6 +-
drivers/crypto/Makefile | 1 +
drivers/crypto/talitos.c | 4 +
drivers/crypto/talitos.h | 5 +
drivers/crypto/talitos1.c | 176
drivers/crypto/talitos1.h | 339 ++
drivers/crypto/talitos2.h | 4 +
7 files changed, 534 insertions(+), 1 deletion(-)
create mode 100644 drivers/crypto/talitos1.c
create mode 100644 drivers/crypto/talitos1.h
diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index 4fd6d7e..f863cac 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -211,7 +211,8 @@ config CRYPTO_DEV_TALITOS
select CRYPTO_ALGAPI
select CRYPTO_AUTHENC
select HW_RANDOM
- select CRYPTO_DEV_TALITOS2
+ select CRYPTO_DEV_TALITOS1 if PPC_8xx || PPC_82xx
+ select CRYPTO_DEV_TALITOS2 if !CRYPTO_DEV_TALITOS1
depends on FSL_SOC
help
Say 'Y' here to use the Freescale Security Engine (SEC)
@@ -223,6 +224,9 @@ config CRYPTO_DEV_TALITOS
To compile this driver as a module, choose M here: the module
will be called talitos.
+config CRYPTO_DEV_TALITOS1
+ bool
+
config CRYPTO_DEV_TALITOS2
bool
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index f26159f..ef16f7b 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -22,6 +22,7 @@ obj-$(CONFIG_CRYPTO_DEV_PPC4XX) += amcc/
obj-$(CONFIG_CRYPTO_DEV_S5P) += s5p-sss.o
obj-$(CONFIG_CRYPTO_DEV_SAHARA) += sahara.o
obj-$(CONFIG_CRYPTO_DEV_TALITOS) += talitos.o
+obj-$(CONFIG_CRYPTO_DEV_TALITOS1) += talitos1.o
obj-$(CONFIG_CRYPTO_DEV_TALITOS2) += talitos2.o
obj-$(CONFIG_CRYPTO_DEV_UX500) += ux500/
obj-$(CONFIG_CRYPTO_DEV_QAT) += qat/
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 37d7746..112a25a 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -655,6 +655,8 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/* last DWORD empty */
desc->ptr[6] = zero_entry;
+ to_talitos_next_desc_clear(desc);
+
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
common_nonsnoop_unmap(dev, edesc, areq);
@@ -813,6 +815,8 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc,
/* last DWORD empty */
desc->ptr[6] = zero_entry;
+ to_talitos_next_desc_clear(desc);
+
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
common_nonsnoop_hash_unmap(dev, edesc, areq);
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index a11ad53..68191cf 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -372,4 +372,9 @@ static inline int sg_count(struct scatterlist *sg_list, int
nbytes,
#define DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU cpu_to_be32(2 << 3)
#define DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU cpu_to_be32(4 << 3)
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
+#include "talitos1.h"
+#endif
+#ifdef CONFIG_CRYPTO_DEV_TALITOS2
#include "talitos2.h"
+#endif
diff --git a/drivers/crypto/talitos1.c b/drivers/crypto/talitos1.c
new file mode 100644
index 000..c1a8e9e
--- /dev/null
+++ b/drivers/crypto/talitos1.c
@@ -0,0 +1,176 @@
+/*
+ * talitos1 - Freescale Integrated Security Engine (SEC1) device driver
+ *
+ * Copyright (c) 2008-2011 Freescale Semiconductor, Inc.
+ *
+ * Copyright (c) 2014-2015 CS Systemes d'Information.
+ *
+ * Scatterlist Crypto API glue code copied from files with the following:
+ * Copyright (c) 2006-2007 Herbert Xu
+ *
+ * Crypto algorithm registration code copied from hifn driver:
+ * 2007+ Copyright (c) Evgeniy Polyakov
+ * All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#incl
[PATCH 14/17] crypto: talitos - Add a helper function to clear j_extent field
j_extent field is specific to SEC2 so we add a helper function to clear it
so that SEC1 can redefine that function as nop
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 2 +-
drivers/crypto/talitos2.h | 5 +
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index fc30196..37d7746 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -628,7 +628,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
desc->ptr[1].len = cpu_to_be16(ivsize);
- desc->ptr[1].j_extent = 0;
+ to_talitos_ptr_extent_clear(&desc->ptr[1]);
/* cipher key */
map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
diff --git a/drivers/crypto/talitos2.h b/drivers/crypto/talitos2.h
index 7177088..6f98b12 100644
--- a/drivers/crypto/talitos2.h
+++ b/drivers/crypto/talitos2.h
@@ -90,6 +90,11 @@ static inline void to_talitos_ptr(struct talitos_ptr *ptr,
dma_addr_t dma_addr)
ptr->eptr = upper_32_bits(dma_addr);
}
+static inline void to_talitos_ptr_extent_clear(struct talitos_ptr *ptr)
+{
+ ptr->j_extent = 0;
+}
+
/*
* map virtual single (contiguous) pointer to h/w descriptor pointer
*/
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 02/17] crypto: talitos - Externalise specific SEC2 reset actions
During init and reset, some actions are different between SEC1 and SEC2
This patch isolates them in small helper functions that we will be able
to redefine for SEC1
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 20
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index ebbae8d..e3a2d75 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -88,9 +88,8 @@ static void unmap_single_talitos_ptr(struct device *dev,
be16_to_cpu(talitos_ptr->len), dir);
}
-static int reset_channel(struct device *dev, int ch)
+static unsigned int do_reset_channel(struct talitos_private *priv, int ch)
{
- struct talitos_private *priv = dev_get_drvdata(dev);
unsigned int timeout = TALITOS_TIMEOUT;
setbits32(priv->chan[ch].reg + TALITOS_CCCR, TALITOS_CCCR_RESET);
@@ -99,6 +98,14 @@ static int reset_channel(struct device *dev, int ch)
&& --timeout)
cpu_relax();
+ return timeout;
+}
+
+static int reset_channel(struct device *dev, int ch)
+{
+ struct talitos_private *priv = dev_get_drvdata(dev);
+ unsigned int timeout = do_reset_channel(priv, ch);
+
if (timeout == 0) {
dev_err(dev, "failed to reset channel %d\n", ch);
return -EIO;
@@ -144,6 +151,12 @@ static int reset_device(struct device *dev)
/*
* Reset and initialize the device
*/
+static void do_init_device(struct talitos_private *priv)
+{
+ setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
+ setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
+}
+
static int init_device(struct device *dev)
{
struct talitos_private *priv = dev_get_drvdata(dev);
@@ -171,8 +184,7 @@ static int init_device(struct device *dev)
}
/* enable channel done and error interrupts */
- setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
- setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
+ do_init_device(priv);
/* disable integrity check error interrupts (use writeback instead) */
if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 07/17] crypto: talitos - Split talitos.h into 2 parts
In order to be able to manage differences between SEC1 and SEC2, we split
talitos.h into two parts.
talitos2.h will contain all parts that are specific to SEC2 and different on
SEC1
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.h | 163 +---
drivers/crypto/talitos2.h | 204 ++
2 files changed, 205 insertions(+), 162 deletions(-)
create mode 100644 drivers/crypto/talitos2.h
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index e1d4153..46233cb 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -29,34 +29,11 @@
*/
#define TALITOS_TIMEOUT 10
-#define TALITOS_MAX_DATA_LEN 65535
#define DESC_TYPE(desc_hdr) ((be32_to_cpu(desc_hdr) >> 3) & 0x1f)
#define PRIMARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 28) & 0xf)
#define SECONDARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 16) & 0xf)
-/* descriptor pointer entry */
-struct talitos_ptr {
- __be16 len; /* length */
- u8 j_extent;/* jump to sg link table and/or extent */
- u8 eptr;/* extended address */
- __be32 ptr; /* address */
-};
-
-static const struct talitos_ptr zero_entry = {
- .len = 0,
- .j_extent = 0,
- .eptr = 0,
- .ptr = 0
-};
-
-/* descriptor */
-struct talitos_desc {
- __be32 hdr; /* header high bits */
- __be32 hdr_lo; /* header low bits */
- struct talitos_ptr ptr[7]; /* ptr/len pair array */
-};
-
/**
* talitos_request - descriptor submission request
* @desc: descriptor pointer (kernel virtual)
@@ -133,38 +110,6 @@ struct talitos_private {
struct hwrng rng;
};
-/*
- * talitos_edesc - s/w-extended descriptor
- * @assoc_nents: number of segments in associated data scatterlist
- * @src_nents: number of segments in input scatterlist
- * @dst_nents: number of segments in output scatterlist
- * @assoc_chained: whether assoc is chained or not
- * @src_chained: whether src is chained or not
- * @dst_chained: whether dst is chained or not
- * @iv_dma: dma address of iv for checking continuity and link table
- * @dma_len: length of dma mapped link_tbl space
- * @dma_link_tbl: bus physical address of link_tbl
- * @desc: h/w descriptor
- * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1)
- *
- * if decrypting (with authcheck), or either one of src_nents or dst_nents
- * is greater than 1, an integrity check value is concatenated to the end
- * of link_tbl data
- */
-struct talitos_edesc {
- int assoc_nents;
- int src_nents;
- int dst_nents;
- bool assoc_chained;
- bool src_chained;
- bool dst_chained;
- dma_addr_t iv_dma;
- int dma_len;
- dma_addr_t dma_link_tbl;
- struct talitos_desc desc;
- struct talitos_ptr link_tbl[0];
-};
-
#define TALITOS_MAX_KEY_SIZE 96
/* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */
#define TALITOS_MAX_IV_LENGTH 16
@@ -183,77 +128,6 @@ struct talitos_ctx {
unsigned int authsize;
};
-static inline void to_talitos_ptr(struct talitos_ptr *ptr, dma_addr_t dma_addr)
-{
- ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
- ptr->eptr = upper_32_bits(dma_addr);
-}
-
-/*
- * map virtual single (contiguous) pointer to h/w descriptor pointer
- */
-static inline void map_single_talitos_ptr(struct device *dev,
- struct talitos_ptr *talitos_ptr,
- unsigned short len, void *data,
- unsigned char extent,
- enum dma_data_direction dir)
-{
- dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
-
- talitos_ptr->len = cpu_to_be16(len);
- to_talitos_ptr(talitos_ptr, dma_addr);
- talitos_ptr->j_extent = extent;
-}
-
-/*
- * unmap bus single (contiguous) h/w descriptor pointer
- */
-static inline void unmap_single_talitos_ptr(struct device *dev,
-struct talitos_ptr *talitos_ptr,
-enum dma_data_direction dir)
-{
- dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr),
-be16_to_cpu(talitos_ptr->len), dir);
-}
-
-static inline int talitos_map_sg(struct device *dev, struct scatterlist *sg,
- unsigned int nents, enum dma_data_direction dir,
- bool chained)
-{
- if (unlikely(chained))
- while (sg) {
- dma_map_sg(dev, sg, 1, dir);
- sg = sg_next(sg);
- }
- else
- dma_map_sg(dev, sg, nents, dir);
- return nents;
-}
-
-static inline void talitos_unmap_sg_chain(struct device *dev,
- struct scatterlist *sg,
-
[PATCH 04/17] crypto: talitos - Refactor the sg in/out chain allocation
This patch refactors the handling of the input and output data that is quite
similar in several functions
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 163 ---
1 file changed, 85 insertions(+), 78 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index b54c998..4db35a6 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1341,16 +1341,26 @@ static int ablkcipher_setkey(struct crypto_ablkcipher
*cipher,
return 0;
}
+static void unmap_sg_talitos_ptr(struct device *dev, struct scatterlist *src,
+struct scatterlist *dst, unsigned int len,
+struct talitos_edesc *edesc,
+struct talitos_ptr *ptr_in,
+struct talitos_ptr *ptr_out)
+{
+ talitos_sg_unmap(dev, edesc, src, dst);
+}
+
static void common_nonsnoop_unmap(struct device *dev,
struct talitos_edesc *edesc,
struct ablkcipher_request *areq)
{
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
+
+ unmap_sg_talitos_ptr(dev, areq->src, areq->dst, areq->nbytes, edesc,
+&edesc->desc.ptr[3], &edesc->desc.ptr[4]);
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE);
- talitos_sg_unmap(dev, edesc, areq->src, areq->dst);
-
if (edesc->dma_len)
dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
DMA_BIDIRECTIONAL);
@@ -1372,6 +1382,65 @@ static void ablkcipher_done(struct device *dev,
areq->base.complete(&areq->base, err);
}
+int map_sg_in_talitos_ptr(struct device *dev, struct scatterlist *src,
+ unsigned int len, struct talitos_edesc *edesc,
+ enum dma_data_direction dir, struct talitos_ptr *ptr)
+{
+ int sg_count;
+
+ ptr->len = cpu_to_be16(len);
+ ptr->j_extent = 0;
+
+ sg_count = talitos_map_sg(dev, src, edesc->src_nents ? : 1, dir,
+ edesc->src_chained);
+
+ if (sg_count == 1) {
+ to_talitos_ptr(ptr, sg_dma_address(src));
+ } else {
+ sg_count = sg_to_link_tbl(src, sg_count, len,
+ &edesc->link_tbl[0]);
+ if (sg_count > 1) {
+ to_talitos_ptr(ptr, edesc->dma_link_tbl);
+ ptr->j_extent |= DESC_PTR_LNKTBL_JUMP;
+ dma_sync_single_for_device(dev, edesc->dma_link_tbl,
+ edesc->dma_len,
+ DMA_BIDIRECTIONAL);
+ } else {
+ /* Only one segment now, so no link tbl needed */
+ to_talitos_ptr(ptr, sg_dma_address(src));
+ }
+ }
+ return sg_count;
+}
+
+void map_sg_out_talitos_ptr(struct device *dev, struct scatterlist *dst,
+ unsigned int len, struct talitos_edesc *edesc,
+ enum dma_data_direction dir,
+ struct talitos_ptr *ptr, int sg_count)
+{
+ ptr->len = cpu_to_be16(len);
+ ptr->j_extent = 0;
+
+ if (dir != DMA_NONE)
+ sg_count = talitos_map_sg(dev, dst, edesc->dst_nents ? : 1,
+ dir, edesc->dst_chained);
+
+ if (sg_count == 1) {
+ to_talitos_ptr(ptr, sg_dma_address(dst));
+ } else {
+ struct talitos_ptr *link_tbl_ptr =
+ &edesc->link_tbl[edesc->src_nents + 1];
+
+ to_talitos_ptr(ptr, edesc->dma_link_tbl +
+ (edesc->src_nents + 1) *
+ sizeof(struct talitos_ptr));
+ ptr->j_extent |= DESC_PTR_LNKTBL_JUMP;
+ sg_count = sg_to_link_tbl(dst, sg_count, len, link_tbl_ptr);
+ dma_sync_single_for_device(dev, edesc->dma_link_tbl,
+ edesc->dma_len, DMA_BIDIRECTIONAL);
+ }
+}
+
static int common_nonsnoop(struct talitos_edesc *edesc,
struct ablkcipher_request *areq,
void (*callback) (struct device *dev,
@@ -1401,56 +1470,16 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/*
* cipher in
*/
- desc->ptr[3].len = cpu_to_be16(cryptlen);
- desc->ptr[3].j_extent = 0;
-
- sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1,
-
[PATCH 01/17] crypto: talitos - base address for Execution Units and macro for ISR masks
SEC1 and SEC2 have different EU base addresses, so define base addresses as #define SEC1 and SEC2 have different bit masks for ISR registers, so create a macro to define them Signed-off-by: Christophe Leroy --- drivers/crypto/talitos.h | 85 ++-- 1 file changed, 53 insertions(+), 32 deletions(-) diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h index 61a1405..102dc99 100644 --- a/drivers/crypto/talitos.h +++ b/drivers/crypto/talitos.h @@ -149,6 +149,8 @@ extern int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc, * TALITOS_xxx_LO addresses point to the low data bits (32-63) of the register */ +#define ISR_FORMAT(x) (((x) << 4) | (x)) + /* global register offset addresses */ #define TALITOS_MCR0x1030 /* master control register */ #define TALITOS_MCR_RCA0 (1 << 15) /* remap channel 0 */ @@ -163,12 +165,12 @@ extern int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc, #define TALITOS_IMR_LO 0x100C #define TALITOS_IMR_LO_INIT 0x2 /* allow RNGU error IRQs */ #define TALITOS_ISR0x1010 /* interrupt status register */ -#define TALITOS_ISR_4CHERR 0xaa/* 4 channel errors mask */ -#define TALITOS_ISR_4CHDONE 0x55/* 4 channel done mask */ -#define TALITOS_ISR_CH_0_2_ERR 0x22/* channels 0, 2 errors mask */ -#define TALITOS_ISR_CH_0_2_DONE 0x11/* channels 0, 2 done mask */ -#define TALITOS_ISR_CH_1_3_ERR 0x88/* channels 1, 3 errors mask */ -#define TALITOS_ISR_CH_1_3_DONE 0x44/* channels 1, 3 done mask */ +#define TALITOS_ISR_4CHERR ISR_FORMAT(0xa) /* 4 ch errors mask */ +#define TALITOS_ISR_4CHDONE ISR_FORMAT(0x5) /* 4 ch done mask */ +#define TALITOS_ISR_CH_0_2_ERR ISR_FORMAT(0x2) /* ch 0, 2 err mask */ +#define TALITOS_ISR_CH_0_2_DONE ISR_FORMAT(0x1) /* ch 0, 2 done mask */ +#define TALITOS_ISR_CH_1_3_ERR ISR_FORMAT(0x8) /* ch 1, 3 err mask */ +#define TALITOS_ISR_CH_1_3_DONE ISR_FORMAT(0x4) /* ch 1, 3 done mask */ #define TALITOS_ISR_LO 0x1014 #define TALITOS_ICR0x1018 /* interrupt clear register */ #define TALITOS_ICR_LO 0x101C @@ -224,37 +226,56 @@ extern int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc, #define TALITOS_SCATTER0xe0 #define TALITOS_SCATTER_LO 0xe4 +/* execution unit registers base */ +#define TALITOS_DEU0x2000 +#define TALITOS_AESU 0x4000 +#define TALITOS_MDEU 0x6000 +#define TALITOS_AFEU 0x8000 +#define TALITOS_RNGU 0xa000 +#define TALITOS_PKEU 0xc000 +#define TALITOS_KEU0xe000 +#define TALITOS_CRCU 0xf000 + /* execution unit interrupt status registers */ -#define TALITOS_DEUISR 0x2030 /* DES unit */ -#define TALITOS_DEUISR_LO 0x2034 -#define TALITOS_AESUISR0x4030 /* AES unit */ -#define TALITOS_AESUISR_LO 0x4034 -#define TALITOS_MDEUISR0x6030 /* message digest unit */ -#define TALITOS_MDEUISR_LO 0x6034 -#define TALITOS_MDEUICR0x6038 /* interrupt control */ -#define TALITOS_MDEUICR_LO 0x603c +/* DES unit */ +#define TALITOS_DEUISR (TALITOS_DEU + 0x30) +#define TALITOS_DEUISR_LO (TALITOS_DEU + 0x34) +#define TALITOS_DEUICR (TALITOS_DEU + 0x38) /* int. control */ +/* AES unit */ +#define TALITOS_AESUISR(TALITOS_AESU + 0x30) +#define TALITOS_AESUISR_LO (TALITOS_AESU + 0x34) +/* message digest unit */ +#define TALITOS_MDEUISR(TALITOS_MDEU + 0x30) +#define TALITOS_MDEUISR_LO (TALITOS_MDEU + 0x34) +#define TALITOS_MDEUICR(TALITOS_MDEU + 0x38) /* int. control */ +#define TALITOS_MDEUICR_LO (TALITOS_MDEU + 0x3c) #define TALITOS_MDEUICR_LO_ICE 0x4000 /* integrity check IRQ enable */ -#define TALITOS_AFEUISR0x8030 /* arc4 unit */ -#define TALITOS_AFEUISR_LO 0x8034 -#define TALITOS_RNGUISR0xa030 /* random number unit */ -#define TALITOS_RNGUISR_LO 0xa034 -#define TALITOS_RNGUSR 0xa028 /* rng status */ -#define TALITOS_RNGUSR_LO 0xa02c +/* arc4 unit */ +#define TALITOS_AFEUISR(TALITOS_AFEU + 0x30) +#define TALITOS_AFEUISR_LO (TALITOS_AFEU + 0x34) +/* random number unit */ +#define TALITOS_RNGUISR(TALITOS_RNGU + 0x30) +#define TALITOS_RNGUISR_LO (TALITOS_RNGU + 0x34) +#define TALITOS_RNGUSR (TALITOS
[PATCH 06/17] crypto: talitos - Add talitos2.c to isolate SEC2 specific functions
SEC1 doesn't have IPSec descriptor, so all functions using that descriptor
are specific to SEC2. This patch moves them in a new talitos2.c file
dedicated to SEC2
We also move to talitos2.c all the functions that will be different for
SEC1, like the handling of mapping/unmapping of input/output scatterlists
We move to talitos.h some of the helpers that are used by both talitos.c
and talitos2.c
Signed-off-by: Christophe Leroy
---
drivers/crypto/Kconfig| 4 +
drivers/crypto/Makefile | 1 +
drivers/crypto/talitos.c | 666 +-
drivers/crypto/talitos.h | 135 ++
drivers/crypto/talitos2.c | 614 ++
5 files changed, 760 insertions(+), 660 deletions(-)
create mode 100644 drivers/crypto/talitos2.c
diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index 2fb0fdf..4fd6d7e 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -211,6 +211,7 @@ config CRYPTO_DEV_TALITOS
select CRYPTO_ALGAPI
select CRYPTO_AUTHENC
select HW_RANDOM
+ select CRYPTO_DEV_TALITOS2
depends on FSL_SOC
help
Say 'Y' here to use the Freescale Security Engine (SEC)
@@ -222,6 +223,9 @@ config CRYPTO_DEV_TALITOS
To compile this driver as a module, choose M here: the module
will be called talitos.
+config CRYPTO_DEV_TALITOS2
+ bool
+
config CRYPTO_DEV_IXP4XX
tristate "Driver for IXP4xx crypto hardware acceleration"
depends on ARCH_IXP4XX && IXP4XX_QMGR && IXP4XX_NPE
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index 3924f93..f26159f 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -22,6 +22,7 @@ obj-$(CONFIG_CRYPTO_DEV_PPC4XX) += amcc/
obj-$(CONFIG_CRYPTO_DEV_S5P) += s5p-sss.o
obj-$(CONFIG_CRYPTO_DEV_SAHARA) += sahara.o
obj-$(CONFIG_CRYPTO_DEV_TALITOS) += talitos.o
+obj-$(CONFIG_CRYPTO_DEV_TALITOS2) += talitos2.o
obj-$(CONFIG_CRYPTO_DEV_UX500) += ux500/
obj-$(CONFIG_CRYPTO_DEV_QAT) += qat/
obj-$(CONFIG_CRYPTO_DEV_QCE) += qce/
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 6766bcc..32848e5 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -55,39 +55,6 @@
#include "talitos.h"
-static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t
dma_addr)
-{
- talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
- talitos_ptr->eptr = upper_32_bits(dma_addr);
-}
-
-/*
- * map virtual single (contiguous) pointer to h/w descriptor pointer
- */
-static void map_single_talitos_ptr(struct device *dev,
- struct talitos_ptr *talitos_ptr,
- unsigned short len, void *data,
- unsigned char extent,
- enum dma_data_direction dir)
-{
- dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
-
- talitos_ptr->len = cpu_to_be16(len);
- to_talitos_ptr(talitos_ptr, dma_addr);
- talitos_ptr->j_extent = extent;
-}
-
-/*
- * unmap bus single (contiguous) h/w descriptor pointer
- */
-static void unmap_single_talitos_ptr(struct device *dev,
-struct talitos_ptr *talitos_ptr,
-enum dma_data_direction dir)
-{
- dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr),
-be16_to_cpu(talitos_ptr->len), dir);
-}
-
static unsigned int do_reset_channel(struct talitos_private *priv, int ch)
{
unsigned int timeout = TALITOS_TIMEOUT;
@@ -646,23 +613,9 @@ static void talitos_unregister_rng(struct device *dev)
* crypto alg
*/
#define TALITOS_CRA_PRIORITY 3000
-#define TALITOS_MAX_KEY_SIZE 96
-#define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE,
DES3_EDE_BLOCK_SIZE */
#define MD5_BLOCK_SIZE64
-struct talitos_ctx {
- struct device *dev;
- int ch;
- __be32 desc_hdr_template;
- u8 key[TALITOS_MAX_KEY_SIZE];
- u8 iv[TALITOS_MAX_IV_LENGTH];
- unsigned int keylen;
- unsigned int enckeylen;
- unsigned int authkeylen;
- unsigned int authsize;
-};
-
#define HASH_MAX_BLOCK_SIZESHA512_BLOCK_SIZE
#define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
@@ -680,426 +633,6 @@ struct talitos_ahash_req_ctx {
struct scatterlist *psrc;
};
-static int aead_setauthsize(struct crypto_aead *authenc,
- unsigned int authsize)
-{
- struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
-
- ctx->authsize = authsize;
-
- return 0;
-}
-
-static int aead_setkey(struct crypto_aead *authenc,
- const u8 *key, unsigned int keylen)
-{
- struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
- struct crypto_authenc_keys
[PATCH 12/17] crypto: talitos - Define compatible in talitos2.h instead of talitos.c
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 4 +---
drivers/crypto/talitos2.h | 2 ++
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 6c1f6f1..9f75ec9 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1979,9 +1979,7 @@ err_out:
}
static const struct of_device_id talitos_match[] = {
- {
- .compatible = "fsl,sec2.0",
- },
+ TALITOS_OF_COMPATIBLE,
{},
};
MODULE_DEVICE_TABLE(of, talitos_match);
diff --git a/drivers/crypto/talitos2.h b/drivers/crypto/talitos2.h
index 7edc563..7177088 100644
--- a/drivers/crypto/talitos2.h
+++ b/drivers/crypto/talitos2.h
@@ -316,3 +316,5 @@ static irqreturn_t talitos_interrupt_##name(int irq, void
*data) \
return (isr & (ch_done_mask | ch_err_mask) || isr_lo) ? IRQ_HANDLED : \
IRQ_NONE; \
}
+
+#define TALITOS_OF_COMPATIBLE {.compatible = "fsl,sec2.0",}
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 13/17] crypto: talitos - move sg_count() helper into talitos.h
move sg_count() helper into talitos.h as it will be needed by SEC1 specific
functions
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 20
drivers/crypto/talitos.h | 21 +
2 files changed, 21 insertions(+), 20 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 9f75ec9..fc30196 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -459,26 +459,6 @@ static void talitos_unregister_rng(struct device *dev)
#define MD5_BLOCK_SIZE64
/*
- * derive number of elements in scatterlist
- */
-static int sg_count(struct scatterlist *sg_list, int nbytes, bool *chained)
-{
- struct scatterlist *sg = sg_list;
- int sg_nents = 0;
-
- *chained = false;
- while (nbytes > 0) {
- sg_nents++;
- nbytes -= sg->length;
- if (!sg_is_last(sg) && (sg + 1)->length == 0)
- *chained = true;
- sg = sg_next(sg);
- }
-
- return sg_nents;
-}
-
-/*
* allocate and map the extended descriptor
*/
struct talitos_edesc *talitos_edesc_alloc(struct device *dev,
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index f95e4bc..a11ad53 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -155,6 +155,27 @@ extern void talitos_error(struct device *dev, u32 isr, u32
isr_lo);
extern int talitos_cra_init(struct crypto_tfm *tfm);
+/*
+ * derive number of elements in scatterlist
+ */
+static inline int sg_count(struct scatterlist *sg_list, int nbytes,
+ bool *chained)
+{
+ struct scatterlist *sg = sg_list;
+ int sg_nents = 0;
+
+ *chained = false;
+ while (nbytes > 0) {
+ sg_nents++;
+ nbytes -= sg->length;
+ if (!sg_is_last(sg) && (sg + 1)->length == 0)
+ *chained = true;
+ sg = sg_next(sg);
+ }
+
+ return sg_nents;
+}
+
/* .features flag */
#define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x0001
#define TALITOS_FTR_HW_AUTH_CHECK 0x0002
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 08/17] crypto: talitos - Deport SEC2 error handling
SEC2 and SEC1 error handling will be different because so many bits are
different. So we move error handling into talitos2.c
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 103 +-
drivers/crypto/talitos.h | 8
drivers/crypto/talitos2.c | 82
3 files changed, 101 insertions(+), 92 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 32848e5..de31ab0 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -68,7 +68,7 @@ static unsigned int do_reset_channel(struct talitos_private
*priv, int ch)
return timeout;
}
-static int reset_channel(struct device *dev, int ch)
+int talitos_reset_channel(struct device *dev, int ch)
{
struct talitos_private *priv = dev_get_drvdata(dev);
unsigned int timeout = do_reset_channel(priv, ch);
@@ -124,7 +124,7 @@ static void do_init_device(struct talitos_private *priv)
setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
}
-static int init_device(struct device *dev)
+int talitos_init_device(struct device *dev)
{
struct talitos_private *priv = dev_get_drvdata(dev);
int ch, err;
@@ -145,7 +145,7 @@ static int init_device(struct device *dev)
/* reset channels */
for (ch = 0; ch < priv->num_channels; ch++) {
- err = reset_channel(dev, ch);
+ err = talitos_reset_channel(dev, ch);
if (err)
return err;
}
@@ -223,7 +223,7 @@ EXPORT_SYMBOL(talitos_submit);
/*
* process what was done, notify callback of error if not
*/
-static void flush_channel(struct device *dev, int ch, int error, int reset_ch)
+void talitos_flush_channel(struct device *dev, int ch, int error, int reset_ch)
{
struct talitos_private *priv = dev_get_drvdata(dev);
struct talitos_request *request, saved_req;
@@ -289,15 +289,15 @@ static void talitos_done_##name(unsigned long data)
\
unsigned long flags;\
\
if (ch_done_mask & 1) \
- flush_channel(dev, 0, 0, 0);\
+ talitos_flush_channel(dev, 0, 0, 0);\
if (priv->num_channels == 1)\
goto out; \
if (ch_done_mask & (1 << 2))\
- flush_channel(dev, 1, 0, 0);\
+ talitos_flush_channel(dev, 1, 0, 0);\
if (ch_done_mask & (1 << 4))\
- flush_channel(dev, 2, 0, 0);\
+ talitos_flush_channel(dev, 2, 0, 0);\
if (ch_done_mask & (1 << 6))\
- flush_channel(dev, 3, 0, 0);\
+ talitos_flush_channel(dev, 3, 0, 0);\
\
out: \
/* At this point, all completed channels have been processed */ \
@@ -345,10 +345,11 @@ static u32 current_desc_hdr(struct device *dev, int ch)
/*
* user diagnostics; report root cause of error based on execution unit status
*/
-static void report_eu_error(struct device *dev, int ch, u32 desc_hdr)
+void talitos_report_eu_error(struct device *dev, int ch)
{
struct talitos_private *priv = dev_get_drvdata(dev);
int i;
+ u32 desc_hdr = current_desc_hdr(dev, ch);
if (!desc_hdr)
desc_hdr = in_be32(priv->chan[ch].reg + TALITOS_DESCBUF);
@@ -417,88 +418,6 @@ static void report_eu_error(struct device *dev, int ch,
u32 desc_hdr)
in_be32(priv->chan[ch].reg + TALITOS_DESCBUF_LO + 8*i));
}
-/*
- * recover from error interrupts
- */
-static void talitos_error(struct device *dev, u32 isr, u32 isr_lo)
-{
- struct talitos_private *priv = dev_get_drvdata(dev);
- unsigned int timeout = TALITOS_TIMEOUT;
- int ch, error, reset_dev = 0, reset_ch = 0;
- u32 v, v_lo;
-
- for (ch = 0; ch < priv->num_channels; ch++) {
- /* skip channels without errors */
- if (!(isr & (1 << (ch * 2 + 1
- continue;
-
- error = -EINVAL;
-
- v = in_be32(priv->chan[ch].reg + TALITOS_CCPSR);
- v_lo = in_be32(priv->chan[ch].reg + TALITOS_CCPSR_LO);
-
- if (v_lo & TALITOS_CCPSR_LO_DOF) {
- dev_err(dev,
[PATCH v2 02/17] crypto: talitos - Externalise specific SEC2 reset actions
During init and reset, some actions are different between SEC1 and SEC2
This patch isolates them in small helper functions that we will be able
to redefine for SEC1
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 20
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 857414a..103bfcf 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -88,9 +88,8 @@ static void unmap_single_talitos_ptr(struct device *dev,
be16_to_cpu(talitos_ptr->len), dir);
}
-static int reset_channel(struct device *dev, int ch)
+static unsigned int do_reset_channel(struct talitos_private *priv, int ch)
{
- struct talitos_private *priv = dev_get_drvdata(dev);
unsigned int timeout = TALITOS_TIMEOUT;
setbits32(priv->chan[ch].reg + TALITOS_CCCR, TALITOS_CCCR_RESET);
@@ -99,6 +98,14 @@ static int reset_channel(struct device *dev, int ch)
&& --timeout)
cpu_relax();
+ return timeout;
+}
+
+static int reset_channel(struct device *dev, int ch)
+{
+ struct talitos_private *priv = dev_get_drvdata(dev);
+ unsigned int timeout = do_reset_channel(priv, ch);
+
if (timeout == 0) {
dev_err(dev, "failed to reset channel %d\n", ch);
return -EIO;
@@ -144,6 +151,12 @@ static int reset_device(struct device *dev)
/*
* Reset and initialize the device
*/
+static void do_init_device(struct talitos_private *priv)
+{
+ setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
+ setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
+}
+
static int init_device(struct device *dev)
{
struct talitos_private *priv = dev_get_drvdata(dev);
@@ -171,8 +184,7 @@ static int init_device(struct device *dev)
}
/* enable channel done and error interrupts */
- setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
- setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
+ do_init_device(priv);
/* disable integrity check error interrupts (use writeback instead) */
if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 01/17] crypto: talitos - base address for Execution Units and macro for ISR masks
SEC1 and SEC2 have different EU base addresses, so define base addresses as #define SEC1 and SEC2 have different bit masks for ISR registers, so create a macro to define them Signed-off-by: Christophe Leroy --- drivers/crypto/talitos.h | 85 ++-- 1 file changed, 53 insertions(+), 32 deletions(-) diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h index 61a1405..102dc99 100644 --- a/drivers/crypto/talitos.h +++ b/drivers/crypto/talitos.h @@ -149,6 +149,8 @@ extern int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc, * TALITOS_xxx_LO addresses point to the low data bits (32-63) of the register */ +#define ISR_FORMAT(x) (((x) << 4) | (x)) + /* global register offset addresses */ #define TALITOS_MCR0x1030 /* master control register */ #define TALITOS_MCR_RCA0 (1 << 15) /* remap channel 0 */ @@ -163,12 +165,12 @@ extern int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc, #define TALITOS_IMR_LO 0x100C #define TALITOS_IMR_LO_INIT 0x2 /* allow RNGU error IRQs */ #define TALITOS_ISR0x1010 /* interrupt status register */ -#define TALITOS_ISR_4CHERR 0xaa/* 4 channel errors mask */ -#define TALITOS_ISR_4CHDONE 0x55/* 4 channel done mask */ -#define TALITOS_ISR_CH_0_2_ERR 0x22/* channels 0, 2 errors mask */ -#define TALITOS_ISR_CH_0_2_DONE 0x11/* channels 0, 2 done mask */ -#define TALITOS_ISR_CH_1_3_ERR 0x88/* channels 1, 3 errors mask */ -#define TALITOS_ISR_CH_1_3_DONE 0x44/* channels 1, 3 done mask */ +#define TALITOS_ISR_4CHERR ISR_FORMAT(0xa) /* 4 ch errors mask */ +#define TALITOS_ISR_4CHDONE ISR_FORMAT(0x5) /* 4 ch done mask */ +#define TALITOS_ISR_CH_0_2_ERR ISR_FORMAT(0x2) /* ch 0, 2 err mask */ +#define TALITOS_ISR_CH_0_2_DONE ISR_FORMAT(0x1) /* ch 0, 2 done mask */ +#define TALITOS_ISR_CH_1_3_ERR ISR_FORMAT(0x8) /* ch 1, 3 err mask */ +#define TALITOS_ISR_CH_1_3_DONE ISR_FORMAT(0x4) /* ch 1, 3 done mask */ #define TALITOS_ISR_LO 0x1014 #define TALITOS_ICR0x1018 /* interrupt clear register */ #define TALITOS_ICR_LO 0x101C @@ -224,37 +226,56 @@ extern int talitos_submit(struct device *dev, int ch, struct talitos_desc *desc, #define TALITOS_SCATTER0xe0 #define TALITOS_SCATTER_LO 0xe4 +/* execution unit registers base */ +#define TALITOS_DEU0x2000 +#define TALITOS_AESU 0x4000 +#define TALITOS_MDEU 0x6000 +#define TALITOS_AFEU 0x8000 +#define TALITOS_RNGU 0xa000 +#define TALITOS_PKEU 0xc000 +#define TALITOS_KEU0xe000 +#define TALITOS_CRCU 0xf000 + /* execution unit interrupt status registers */ -#define TALITOS_DEUISR 0x2030 /* DES unit */ -#define TALITOS_DEUISR_LO 0x2034 -#define TALITOS_AESUISR0x4030 /* AES unit */ -#define TALITOS_AESUISR_LO 0x4034 -#define TALITOS_MDEUISR0x6030 /* message digest unit */ -#define TALITOS_MDEUISR_LO 0x6034 -#define TALITOS_MDEUICR0x6038 /* interrupt control */ -#define TALITOS_MDEUICR_LO 0x603c +/* DES unit */ +#define TALITOS_DEUISR (TALITOS_DEU + 0x30) +#define TALITOS_DEUISR_LO (TALITOS_DEU + 0x34) +#define TALITOS_DEUICR (TALITOS_DEU + 0x38) /* int. control */ +/* AES unit */ +#define TALITOS_AESUISR(TALITOS_AESU + 0x30) +#define TALITOS_AESUISR_LO (TALITOS_AESU + 0x34) +/* message digest unit */ +#define TALITOS_MDEUISR(TALITOS_MDEU + 0x30) +#define TALITOS_MDEUISR_LO (TALITOS_MDEU + 0x34) +#define TALITOS_MDEUICR(TALITOS_MDEU + 0x38) /* int. control */ +#define TALITOS_MDEUICR_LO (TALITOS_MDEU + 0x3c) #define TALITOS_MDEUICR_LO_ICE 0x4000 /* integrity check IRQ enable */ -#define TALITOS_AFEUISR0x8030 /* arc4 unit */ -#define TALITOS_AFEUISR_LO 0x8034 -#define TALITOS_RNGUISR0xa030 /* random number unit */ -#define TALITOS_RNGUISR_LO 0xa034 -#define TALITOS_RNGUSR 0xa028 /* rng status */ -#define TALITOS_RNGUSR_LO 0xa02c +/* arc4 unit */ +#define TALITOS_AFEUISR(TALITOS_AFEU + 0x30) +#define TALITOS_AFEUISR_LO (TALITOS_AFEU + 0x34) +/* random number unit */ +#define TALITOS_RNGUISR(TALITOS_RNGU + 0x30) +#define TALITOS_RNGUISR_LO (TALITOS_RNGU + 0x34) +#define TALITOS_RNGUSR (TALITOS
[PATCH v2 04/17] crypto: talitos - Refactor the sg in/out chain allocation
This patch refactors the handling of the input and output data that is quite
similar in several functions
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 163 ---
1 file changed, 85 insertions(+), 78 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index de4d93b..3165364 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1339,16 +1339,26 @@ static int ablkcipher_setkey(struct crypto_ablkcipher
*cipher,
return 0;
}
+static void unmap_sg_talitos_ptr(struct device *dev, struct scatterlist *src,
+struct scatterlist *dst, unsigned int len,
+struct talitos_edesc *edesc,
+struct talitos_ptr *ptr_in,
+struct talitos_ptr *ptr_out)
+{
+ talitos_sg_unmap(dev, edesc, src, dst);
+}
+
static void common_nonsnoop_unmap(struct device *dev,
struct talitos_edesc *edesc,
struct ablkcipher_request *areq)
{
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
+
+ unmap_sg_talitos_ptr(dev, areq->src, areq->dst, areq->nbytes, edesc,
+&edesc->desc.ptr[3], &edesc->desc.ptr[4]);
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE);
- talitos_sg_unmap(dev, edesc, areq->src, areq->dst);
-
if (edesc->dma_len)
dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
DMA_BIDIRECTIONAL);
@@ -1370,6 +1380,65 @@ static void ablkcipher_done(struct device *dev,
areq->base.complete(&areq->base, err);
}
+int map_sg_in_talitos_ptr(struct device *dev, struct scatterlist *src,
+ unsigned int len, struct talitos_edesc *edesc,
+ enum dma_data_direction dir, struct talitos_ptr *ptr)
+{
+ int sg_count;
+
+ ptr->len = cpu_to_be16(len);
+ ptr->j_extent = 0;
+
+ sg_count = talitos_map_sg(dev, src, edesc->src_nents ? : 1, dir,
+ edesc->src_chained);
+
+ if (sg_count == 1) {
+ to_talitos_ptr(ptr, sg_dma_address(src));
+ } else {
+ sg_count = sg_to_link_tbl(src, sg_count, len,
+ &edesc->link_tbl[0]);
+ if (sg_count > 1) {
+ to_talitos_ptr(ptr, edesc->dma_link_tbl);
+ ptr->j_extent |= DESC_PTR_LNKTBL_JUMP;
+ dma_sync_single_for_device(dev, edesc->dma_link_tbl,
+ edesc->dma_len,
+ DMA_BIDIRECTIONAL);
+ } else {
+ /* Only one segment now, so no link tbl needed */
+ to_talitos_ptr(ptr, sg_dma_address(src));
+ }
+ }
+ return sg_count;
+}
+
+void map_sg_out_talitos_ptr(struct device *dev, struct scatterlist *dst,
+ unsigned int len, struct talitos_edesc *edesc,
+ enum dma_data_direction dir,
+ struct talitos_ptr *ptr, int sg_count)
+{
+ ptr->len = cpu_to_be16(len);
+ ptr->j_extent = 0;
+
+ if (dir != DMA_NONE)
+ sg_count = talitos_map_sg(dev, dst, edesc->dst_nents ? : 1,
+ dir, edesc->dst_chained);
+
+ if (sg_count == 1) {
+ to_talitos_ptr(ptr, sg_dma_address(dst));
+ } else {
+ struct talitos_ptr *link_tbl_ptr =
+ &edesc->link_tbl[edesc->src_nents + 1];
+
+ to_talitos_ptr(ptr, edesc->dma_link_tbl +
+ (edesc->src_nents + 1) *
+ sizeof(struct talitos_ptr));
+ ptr->j_extent |= DESC_PTR_LNKTBL_JUMP;
+ sg_count = sg_to_link_tbl(dst, sg_count, len, link_tbl_ptr);
+ dma_sync_single_for_device(dev, edesc->dma_link_tbl,
+ edesc->dma_len, DMA_BIDIRECTIONAL);
+ }
+}
+
static int common_nonsnoop(struct talitos_edesc *edesc,
struct ablkcipher_request *areq,
void (*callback) (struct device *dev,
@@ -1399,56 +1468,16 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/*
* cipher in
*/
- desc->ptr[3].len = cpu_to_be16(cryptlen);
- desc->ptr[3].j_extent = 0;
-
- sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1,
-
[PATCH v2 14/17] crypto: talitos - Add a helper function to clear j_extent field
j_extent field is specific to SEC2 so we add a helper function to clear it
so that SEC1 can redefine that function as nop
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 2 +-
drivers/crypto/talitos2.h | 5 +
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 76209e8..c27051c 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -626,7 +626,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
desc->ptr[1].len = cpu_to_be16(ivsize);
- desc->ptr[1].j_extent = 0;
+ to_talitos_ptr_extent_clear(&desc->ptr[1]);
/* cipher key */
map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
diff --git a/drivers/crypto/talitos2.h b/drivers/crypto/talitos2.h
index 7177088..6f98b12 100644
--- a/drivers/crypto/talitos2.h
+++ b/drivers/crypto/talitos2.h
@@ -90,6 +90,11 @@ static inline void to_talitos_ptr(struct talitos_ptr *ptr,
dma_addr_t dma_addr)
ptr->eptr = upper_32_bits(dma_addr);
}
+static inline void to_talitos_ptr_extent_clear(struct talitos_ptr *ptr)
+{
+ ptr->j_extent = 0;
+}
+
/*
* map virtual single (contiguous) pointer to h/w descriptor pointer
*/
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 15/17] crypto: talitos - Implementation of SEC1
This patch adds talitos1.c and talitos1.h with all specificities needed
to handle the SEC1 security engine found in MPC885 and MPC8272.
The SEC1 has several differences with its younger brother SEC2:
* Several bits in registers have different locations
* Many bits are missing
* Some bits are in addition
* SEC1 doesn't support scatter/gather
* SEC1 has a different descriptor structure
We add a helper function for clearing the desc field in the descriptor as that
field needs to be cleared on SEC1 and doesn't exist on SEC2.
Signed-off-by: Christophe Leroy
---
drivers/crypto/Kconfig| 6 +-
drivers/crypto/Makefile | 1 +
drivers/crypto/talitos.c | 4 +
drivers/crypto/talitos.h | 5 +
drivers/crypto/talitos1.c | 176
drivers/crypto/talitos1.h | 339 ++
drivers/crypto/talitos2.h | 4 +
7 files changed, 534 insertions(+), 1 deletion(-)
create mode 100644 drivers/crypto/talitos1.c
create mode 100644 drivers/crypto/talitos1.h
diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index 4fd6d7e..f863cac 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -211,7 +211,8 @@ config CRYPTO_DEV_TALITOS
select CRYPTO_ALGAPI
select CRYPTO_AUTHENC
select HW_RANDOM
- select CRYPTO_DEV_TALITOS2
+ select CRYPTO_DEV_TALITOS1 if PPC_8xx || PPC_82xx
+ select CRYPTO_DEV_TALITOS2 if !CRYPTO_DEV_TALITOS1
depends on FSL_SOC
help
Say 'Y' here to use the Freescale Security Engine (SEC)
@@ -223,6 +224,9 @@ config CRYPTO_DEV_TALITOS
To compile this driver as a module, choose M here: the module
will be called talitos.
+config CRYPTO_DEV_TALITOS1
+ bool
+
config CRYPTO_DEV_TALITOS2
bool
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index f26159f..ef16f7b 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -22,6 +22,7 @@ obj-$(CONFIG_CRYPTO_DEV_PPC4XX) += amcc/
obj-$(CONFIG_CRYPTO_DEV_S5P) += s5p-sss.o
obj-$(CONFIG_CRYPTO_DEV_SAHARA) += sahara.o
obj-$(CONFIG_CRYPTO_DEV_TALITOS) += talitos.o
+obj-$(CONFIG_CRYPTO_DEV_TALITOS1) += talitos1.o
obj-$(CONFIG_CRYPTO_DEV_TALITOS2) += talitos2.o
obj-$(CONFIG_CRYPTO_DEV_UX500) += ux500/
obj-$(CONFIG_CRYPTO_DEV_QAT) += qat/
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index c27051c..82a5181 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -653,6 +653,8 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/* last DWORD empty */
desc->ptr[6] = zero_entry;
+ to_talitos_next_desc_clear(desc);
+
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
common_nonsnoop_unmap(dev, edesc, areq);
@@ -811,6 +813,8 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc,
/* last DWORD empty */
desc->ptr[6] = zero_entry;
+ to_talitos_next_desc_clear(desc);
+
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
common_nonsnoop_hash_unmap(dev, edesc, areq);
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index f0ffbb0..e937c05 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -370,4 +370,9 @@ static inline int sg_count(struct scatterlist *sg_list, int
nbytes,
#define DESC_HDR_TYPE_COMMON_NONSNOOP_NO_AFEU cpu_to_be32(2 << 3)
#define DESC_HDR_TYPE_HMAC_SNOOP_NO_AFEU cpu_to_be32(4 << 3)
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
+#include "talitos1.h"
+#endif
+#ifdef CONFIG_CRYPTO_DEV_TALITOS2
#include "talitos2.h"
+#endif
diff --git a/drivers/crypto/talitos1.c b/drivers/crypto/talitos1.c
new file mode 100644
index 000..c1a8e9e
--- /dev/null
+++ b/drivers/crypto/talitos1.c
@@ -0,0 +1,176 @@
+/*
+ * talitos1 - Freescale Integrated Security Engine (SEC1) device driver
+ *
+ * Copyright (c) 2008-2011 Freescale Semiconductor, Inc.
+ *
+ * Copyright (c) 2014-2015 CS Systemes d'Information.
+ *
+ * Scatterlist Crypto API glue code copied from files with the following:
+ * Copyright (c) 2006-2007 Herbert Xu
+ *
+ * Crypto algorithm registration code copied from hifn driver:
+ * 2007+ Copyright (c) Evgeniy Polyakov
+ * All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#incl
[PATCH v2 12/17] crypto: talitos - Define compatible in talitos2.h instead of talitos.c
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 4 +---
drivers/crypto/talitos2.h | 2 ++
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 8b627d0..0262e75 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1972,9 +1972,7 @@ err_out:
}
static const struct of_device_id talitos_match[] = {
- {
- .compatible = "fsl,sec2.0",
- },
+ TALITOS_OF_COMPATIBLE,
{},
};
MODULE_DEVICE_TABLE(of, talitos_match);
diff --git a/drivers/crypto/talitos2.h b/drivers/crypto/talitos2.h
index 7edc563..7177088 100644
--- a/drivers/crypto/talitos2.h
+++ b/drivers/crypto/talitos2.h
@@ -316,3 +316,5 @@ static irqreturn_t talitos_interrupt_##name(int irq, void
*data) \
return (isr & (ch_done_mask | ch_err_mask) || isr_lo) ? IRQ_HANDLED : \
IRQ_NONE; \
}
+
+#define TALITOS_OF_COMPATIBLE {.compatible = "fsl,sec2.0",}
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 07/17] crypto: talitos - Split talitos.h into 2 parts
In order to be able to manage differences between SEC1 and SEC2, we split
talitos.h into two parts.
talitos2.h will contain all parts that are specific to SEC2 and different on
SEC1
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.h | 163 +---
drivers/crypto/talitos2.h | 204 ++
2 files changed, 205 insertions(+), 162 deletions(-)
create mode 100644 drivers/crypto/talitos2.h
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index 566dc92..09c97ad 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -29,34 +29,11 @@
*/
#define TALITOS_TIMEOUT 10
-#define TALITOS_MAX_DATA_LEN 65535
#define DESC_TYPE(desc_hdr) ((be32_to_cpu(desc_hdr) >> 3) & 0x1f)
#define PRIMARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 28) & 0xf)
#define SECONDARY_EU(desc_hdr) ((be32_to_cpu(desc_hdr) >> 16) & 0xf)
-/* descriptor pointer entry */
-struct talitos_ptr {
- __be16 len; /* length */
- u8 j_extent;/* jump to sg link table and/or extent */
- u8 eptr;/* extended address */
- __be32 ptr; /* address */
-};
-
-static const struct talitos_ptr zero_entry = {
- .len = 0,
- .j_extent = 0,
- .eptr = 0,
- .ptr = 0
-};
-
-/* descriptor */
-struct talitos_desc {
- __be32 hdr; /* header high bits */
- __be32 hdr_lo; /* header low bits */
- struct talitos_ptr ptr[7]; /* ptr/len pair array */
-};
-
/**
* talitos_request - descriptor submission request
* @desc: descriptor pointer (kernel virtual)
@@ -133,38 +110,6 @@ struct talitos_private {
struct hwrng rng;
};
-/*
- * talitos_edesc - s/w-extended descriptor
- * @assoc_nents: number of segments in associated data scatterlist
- * @src_nents: number of segments in input scatterlist
- * @dst_nents: number of segments in output scatterlist
- * @assoc_chained: whether assoc is chained or not
- * @src_chained: whether src is chained or not
- * @dst_chained: whether dst is chained or not
- * @iv_dma: dma address of iv for checking continuity and link table
- * @dma_len: length of dma mapped link_tbl space
- * @dma_link_tbl: bus physical address of link_tbl
- * @desc: h/w descriptor
- * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1)
- *
- * if decrypting (with authcheck), or either one of src_nents or dst_nents
- * is greater than 1, an integrity check value is concatenated to the end
- * of link_tbl data
- */
-struct talitos_edesc {
- int assoc_nents;
- int src_nents;
- int dst_nents;
- bool assoc_chained;
- bool src_chained;
- bool dst_chained;
- dma_addr_t iv_dma;
- int dma_len;
- dma_addr_t dma_link_tbl;
- struct talitos_desc desc;
- struct talitos_ptr link_tbl[0];
-};
-
#define TALITOS_MAX_KEY_SIZE 96
/* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */
#define TALITOS_MAX_IV_LENGTH 16
@@ -181,77 +126,6 @@ struct talitos_ctx {
unsigned int authsize;
};
-static inline void to_talitos_ptr(struct talitos_ptr *ptr, dma_addr_t dma_addr)
-{
- ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
- ptr->eptr = upper_32_bits(dma_addr);
-}
-
-/*
- * map virtual single (contiguous) pointer to h/w descriptor pointer
- */
-static inline void map_single_talitos_ptr(struct device *dev,
- struct talitos_ptr *talitos_ptr,
- unsigned short len, void *data,
- unsigned char extent,
- enum dma_data_direction dir)
-{
- dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
-
- talitos_ptr->len = cpu_to_be16(len);
- to_talitos_ptr(talitos_ptr, dma_addr);
- talitos_ptr->j_extent = extent;
-}
-
-/*
- * unmap bus single (contiguous) h/w descriptor pointer
- */
-static inline void unmap_single_talitos_ptr(struct device *dev,
-struct talitos_ptr *talitos_ptr,
-enum dma_data_direction dir)
-{
- dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr),
-be16_to_cpu(talitos_ptr->len), dir);
-}
-
-static inline int talitos_map_sg(struct device *dev, struct scatterlist *sg,
- unsigned int nents, enum dma_data_direction dir,
- bool chained)
-{
- if (unlikely(chained))
- while (sg) {
- dma_map_sg(dev, sg, 1, dir);
- sg = sg_next(sg);
- }
- else
- dma_map_sg(dev, sg, nents, dir);
- return nents;
-}
-
-static inline void talitos_unmap_sg_chain(struct device *dev,
- struct scatterlist *sg,
-
[PATCH v2 11/17] crypto: talitos - Move hash chain handling into talitos2.h
Move hash chain handling into talitos2.h as only SEC2 has sg chaining
capatibility
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 34 --
drivers/crypto/talitos2.h | 34 ++
2 files changed, 34 insertions(+), 34 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index b1ba98b..8b627d0 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -456,23 +456,6 @@ static void talitos_unregister_rng(struct device *dev)
*/
#define TALITOS_CRA_PRIORITY 3000
-#define HASH_MAX_BLOCK_SIZESHA512_BLOCK_SIZE
-#define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
-
-struct talitos_ahash_req_ctx {
- u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)];
- unsigned int hw_context_size;
- u8 buf[HASH_MAX_BLOCK_SIZE];
- u8 bufnext[HASH_MAX_BLOCK_SIZE];
- unsigned int swinit;
- unsigned int first;
- unsigned int last;
- unsigned int to_hash_later;
- u64 nbuf;
- struct scatterlist bufsl[2];
- struct scatterlist *psrc;
-};
-
/*
* derive number of elements in scatterlist
*/
@@ -911,23 +894,6 @@ static int ahash_init_sha224_swinit(struct ahash_request
*areq)
return 0;
}
-static void ahash_process_chain(struct scatterlist *src, int nbytes,
- bool *chained,
- struct talitos_ahash_req_ctx *req_ctx,
- int nbytes_to_hash)
-{
- if (req_ctx->nbuf) {
- unsigned int nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
-
- sg_init_table(req_ctx->bufsl, nsg);
- sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
- if (nsg > 1)
- scatterwalk_sg_chain(req_ctx->bufsl, 2, src);
- req_ctx->psrc = req_ctx->bufsl;
- } else
- req_ctx->psrc = src;
-}
-
static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
diff --git a/drivers/crypto/talitos2.h b/drivers/crypto/talitos2.h
index 10c7313..7edc563 100644
--- a/drivers/crypto/talitos2.h
+++ b/drivers/crypto/talitos2.h
@@ -223,6 +223,40 @@ static inline void do_init_device(struct talitos_private
*priv)
setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
}
+#define HASH_MAX_BLOCK_SIZESHA512_BLOCK_SIZE
+#define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
+
+struct talitos_ahash_req_ctx {
+ u32 hw_context[TALITOS_MDEU_MAX_CONTEXT_SIZE / sizeof(u32)];
+ unsigned int hw_context_size;
+ u8 buf[HASH_MAX_BLOCK_SIZE];
+ u8 bufnext[HASH_MAX_BLOCK_SIZE];
+ unsigned int swinit;
+ unsigned int first;
+ unsigned int last;
+ unsigned int to_hash_later;
+ u64 nbuf;
+ struct scatterlist bufsl[2];
+ struct scatterlist *psrc;
+};
+
+static inline void ahash_process_chain(struct scatterlist *src, int nbytes,
+ bool *chained,
+ struct talitos_ahash_req_ctx *req_ctx,
+ int nbytes_to_hash)
+{
+ if (req_ctx->nbuf) {
+ unsigned int nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
+
+ sg_init_table(req_ctx->bufsl, nsg);
+ sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
+ if (nsg > 1)
+ scatterwalk_sg_chain(req_ctx->bufsl, 2, src);
+ req_ctx->psrc = req_ctx->bufsl;
+ } else
+ req_ctx->psrc = src;
+}
+
#define DEF_TALITOS_DONE(name, ch_done_mask) \
static void talitos_done_##name(unsigned long data)\
{ \
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 10/17] crypto: talitos - Move interrupt related macros in talitos2.h
Move interrupt related macros in talitos2.h as they are specific to SEC2
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 58 -
drivers/crypto/talitos2.h | 60 +++
2 files changed, 60 insertions(+), 58 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index ffa103b..b1ba98b 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -262,32 +262,6 @@ void talitos_flush_channel(struct device *dev, int ch, int
error, int reset_ch)
/*
* process completed requests for channels that have done status
*/
-#define DEF_TALITOS_DONE(name, ch_done_mask) \
-static void talitos_done_##name(unsigned long data)\
-{ \
- struct device *dev = (struct device *)data; \
- struct talitos_private *priv = dev_get_drvdata(dev);\
- unsigned long flags;\
- \
- if (ch_done_mask & 1) \
- talitos_flush_channel(dev, 0, 0, 0);\
- if (priv->num_channels == 1)\
- goto out; \
- if (ch_done_mask & (1 << 2))\
- talitos_flush_channel(dev, 1, 0, 0);\
- if (ch_done_mask & (1 << 4))\
- talitos_flush_channel(dev, 2, 0, 0);\
- if (ch_done_mask & (1 << 6))\
- talitos_flush_channel(dev, 3, 0, 0);\
- \
-out: \
- /* At this point, all completed channels have been processed */ \
- /* Unmask done interrupts for channels completed later on. */ \
- spin_lock_irqsave(&priv->reg_lock, flags); \
- setbits32(priv->reg + TALITOS_IMR, ch_done_mask); \
- setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); \
- spin_unlock_irqrestore(&priv->reg_lock, flags); \
-}
DEF_TALITOS_DONE(4ch, TALITOS_ISR_4CHDONE)
DEF_TALITOS_DONE(ch0_2, TALITOS_ISR_CH_0_2_DONE)
DEF_TALITOS_DONE(ch1_3, TALITOS_ISR_CH_1_3_DONE)
@@ -399,38 +373,6 @@ void talitos_report_eu_error(struct device *dev, int ch)
in_be32(priv->chan[ch].reg + TALITOS_DESCBUF_LO + 8*i));
}
-#define DEF_TALITOS_INTERRUPT(name, ch_done_mask, ch_err_mask, tlet) \
-static irqreturn_t talitos_interrupt_##name(int irq, void *data) \
-{ \
- struct device *dev = data; \
- struct talitos_private *priv = dev_get_drvdata(dev); \
- u32 isr, isr_lo; \
- unsigned long flags; \
- \
- spin_lock_irqsave(&priv->reg_lock, flags); \
- isr = in_be32(priv->reg + TALITOS_ISR);\
- isr_lo = in_be32(priv->reg + TALITOS_ISR_LO); \
- /* Acknowledge interrupt */\
- out_be32(priv->reg + TALITOS_ICR, isr & (ch_done_mask | ch_err_mask)); \
- out_be32(priv->reg + TALITOS_ICR_LO, isr_lo); \
- \
- if (unlikely(isr & ch_err_mask || isr_lo)) { \
- spin_unlock_irqrestore(&priv->reg_lock, flags);\
- talitos_error(dev, isr & ch_err_mask, isr_lo); \
- } \
- else { \
- if (likely(isr & ch_done_mask)) { \
- /* mask further done interrupts. */\
- clrbits32(priv->reg + TALITOS_IMR, ch_done_mask); \
- /* done_task will unmask done interrupts at exit */\
- tasklet_schedule(&priv->done_task[tlet]); \
- }
[PATCH v2 06/17] crypto: talitos - Add talitos2.c to isolate SEC2 specific functions
SEC1 doesn't have IPSec descriptor, so all functions using that descriptor
are specific to SEC2. This patch moves them in a new talitos2.c file
dedicated to SEC2
We also move to talitos2.c all the functions that will be different for
SEC1, like the handling of mapping/unmapping of input/output scatterlists
We move to talitos.h some of the helpers that are used by both talitos.c
and talitos2.c
Signed-off-by: Christophe Leroy
---
drivers/crypto/Kconfig| 4 +
drivers/crypto/Makefile | 1 +
drivers/crypto/talitos.c | 666 +-
drivers/crypto/talitos.h | 133 +
drivers/crypto/talitos2.c | 614 ++
5 files changed, 758 insertions(+), 660 deletions(-)
create mode 100644 drivers/crypto/talitos2.c
diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index 2fb0fdf..4fd6d7e 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -211,6 +211,7 @@ config CRYPTO_DEV_TALITOS
select CRYPTO_ALGAPI
select CRYPTO_AUTHENC
select HW_RANDOM
+ select CRYPTO_DEV_TALITOS2
depends on FSL_SOC
help
Say 'Y' here to use the Freescale Security Engine (SEC)
@@ -222,6 +223,9 @@ config CRYPTO_DEV_TALITOS
To compile this driver as a module, choose M here: the module
will be called talitos.
+config CRYPTO_DEV_TALITOS2
+ bool
+
config CRYPTO_DEV_IXP4XX
tristate "Driver for IXP4xx crypto hardware acceleration"
depends on ARCH_IXP4XX && IXP4XX_QMGR && IXP4XX_NPE
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index 3924f93..f26159f 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -22,6 +22,7 @@ obj-$(CONFIG_CRYPTO_DEV_PPC4XX) += amcc/
obj-$(CONFIG_CRYPTO_DEV_S5P) += s5p-sss.o
obj-$(CONFIG_CRYPTO_DEV_SAHARA) += sahara.o
obj-$(CONFIG_CRYPTO_DEV_TALITOS) += talitos.o
+obj-$(CONFIG_CRYPTO_DEV_TALITOS2) += talitos2.o
obj-$(CONFIG_CRYPTO_DEV_UX500) += ux500/
obj-$(CONFIG_CRYPTO_DEV_QAT) += qat/
obj-$(CONFIG_CRYPTO_DEV_QCE) += qce/
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 76e636b..114c5e5 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -55,39 +55,6 @@
#include "talitos.h"
-static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t
dma_addr)
-{
- talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
- talitos_ptr->eptr = upper_32_bits(dma_addr);
-}
-
-/*
- * map virtual single (contiguous) pointer to h/w descriptor pointer
- */
-static void map_single_talitos_ptr(struct device *dev,
- struct talitos_ptr *talitos_ptr,
- unsigned short len, void *data,
- unsigned char extent,
- enum dma_data_direction dir)
-{
- dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
-
- talitos_ptr->len = cpu_to_be16(len);
- to_talitos_ptr(talitos_ptr, dma_addr);
- talitos_ptr->j_extent = extent;
-}
-
-/*
- * unmap bus single (contiguous) h/w descriptor pointer
- */
-static void unmap_single_talitos_ptr(struct device *dev,
-struct talitos_ptr *talitos_ptr,
-enum dma_data_direction dir)
-{
- dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr),
-be16_to_cpu(talitos_ptr->len), dir);
-}
-
static unsigned int do_reset_channel(struct talitos_private *priv, int ch)
{
unsigned int timeout = TALITOS_TIMEOUT;
@@ -646,20 +613,6 @@ static void talitos_unregister_rng(struct device *dev)
* crypto alg
*/
#define TALITOS_CRA_PRIORITY 3000
-#define TALITOS_MAX_KEY_SIZE 96
-#define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE,
DES3_EDE_BLOCK_SIZE */
-
-struct talitos_ctx {
- struct device *dev;
- int ch;
- __be32 desc_hdr_template;
- u8 key[TALITOS_MAX_KEY_SIZE];
- u8 iv[TALITOS_MAX_IV_LENGTH];
- unsigned int keylen;
- unsigned int enckeylen;
- unsigned int authkeylen;
- unsigned int authsize;
-};
#define HASH_MAX_BLOCK_SIZESHA512_BLOCK_SIZE
#define TALITOS_MDEU_MAX_CONTEXT_SIZE TALITOS_MDEU_CONTEXT_SIZE_SHA384_SHA512
@@ -678,426 +631,6 @@ struct talitos_ahash_req_ctx {
struct scatterlist *psrc;
};
-static int aead_setauthsize(struct crypto_aead *authenc,
- unsigned int authsize)
-{
- struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
-
- ctx->authsize = authsize;
-
- return 0;
-}
-
-static int aead_setkey(struct crypto_aead *authenc,
- const u8 *key, unsigned int keylen)
-{
- struct talitos_ctx *ctx = crypto_aead_ctx(authenc);
- struct crypto_authenc_keys keys;
-
- if (crypto_authenc_extract
[PATCH v2 13/17] crypto: talitos - move sg_count() helper into talitos.h
move sg_count() helper into talitos.h as it will be needed by SEC1 specific
functions
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 20
drivers/crypto/talitos.h | 21 +
2 files changed, 21 insertions(+), 20 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 0262e75..76209e8 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -457,26 +457,6 @@ static void talitos_unregister_rng(struct device *dev)
#define TALITOS_CRA_PRIORITY 3000
/*
- * derive number of elements in scatterlist
- */
-static int sg_count(struct scatterlist *sg_list, int nbytes, bool *chained)
-{
- struct scatterlist *sg = sg_list;
- int sg_nents = 0;
-
- *chained = false;
- while (nbytes > 0) {
- sg_nents++;
- nbytes -= sg->length;
- if (!sg_is_last(sg) && (sg + 1)->length == 0)
- *chained = true;
- sg = sg_next(sg);
- }
-
- return sg_nents;
-}
-
-/*
* allocate and map the extended descriptor
*/
struct talitos_edesc *talitos_edesc_alloc(struct device *dev,
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index f5e8013..f0ffbb0 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -153,6 +153,27 @@ extern void talitos_error(struct device *dev, u32 isr, u32
isr_lo);
extern int talitos_cra_init(struct crypto_tfm *tfm);
+/*
+ * derive number of elements in scatterlist
+ */
+static inline int sg_count(struct scatterlist *sg_list, int nbytes,
+ bool *chained)
+{
+ struct scatterlist *sg = sg_list;
+ int sg_nents = 0;
+
+ *chained = false;
+ while (nbytes > 0) {
+ sg_nents++;
+ nbytes -= sg->length;
+ if (!sg_is_last(sg) && (sg + 1)->length == 0)
+ *chained = true;
+ sg = sg_next(sg);
+ }
+
+ return sg_nents;
+}
+
/* .features flag */
#define TALITOS_FTR_SRC_LINK_TBL_LEN_INCLUDES_EXTENT 0x0001
#define TALITOS_FTR_HW_AUTH_CHECK 0x0002
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 16/17] crypto: talitos - SEC1 bugs on 0 data hash
SEC1 bugs on 0 data hash, so we submit an already padded block representing 0
data
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 3 +++
drivers/crypto/talitos1.c | 21 +
drivers/crypto/talitos1.h | 4
drivers/crypto/talitos2.h | 6 ++
4 files changed, 34 insertions(+)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 82a5181..0cb8ab4 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -815,6 +815,9 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc,
to_talitos_next_desc_clear(desc);
+ if (desc->ptr[3].len == 0)
+ talitos_handle_buggy_hash(ctx, edesc, &desc->ptr[3]);
+
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
common_nonsnoop_hash_unmap(dev, edesc, areq);
diff --git a/drivers/crypto/talitos1.c b/drivers/crypto/talitos1.c
index c1a8e9e..1edaa68 100644
--- a/drivers/crypto/talitos1.c
+++ b/drivers/crypto/talitos1.c
@@ -174,3 +174,24 @@ void talitos_error(struct device *dev, u32 isr, u32 isr_lo)
talitos_init_device(dev);
}
}
+
+/*
+ * SEC1 doesn't like hashing of 0 sized message, so we do the padding
+ * ourself and submit a padded block
+ */
+void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
+ struct talitos_edesc *edesc,
+ struct talitos_ptr *ptr)
+{
+ static u8 padded_hash[64] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ };
+
+ pr_err_once("Bug in SEC1, padding ourself\n");
+ edesc->desc.hdr &= ~DESC_HDR_MODE0_MDEU_PAD;
+ map_single_talitos_ptr(ctx->dev, ptr, sizeof(padded_hash),
+ (char *)padded_hash, 0, DMA_TO_DEVICE);
+}
diff --git a/drivers/crypto/talitos1.h b/drivers/crypto/talitos1.h
index f78d89d..a9e0619 100644
--- a/drivers/crypto/talitos1.h
+++ b/drivers/crypto/talitos1.h
@@ -277,6 +277,10 @@ static inline void ahash_process_chain(struct scatterlist
*src, int nbytes,
}
}
+extern void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
+ struct talitos_edesc *edesc,
+ struct talitos_ptr *ptr);
+
#define DEF_TALITOS_DONE(name, ch_done_mask) \
static void talitos_done_##name(unsigned long data)\
{ \
diff --git a/drivers/crypto/talitos2.h b/drivers/crypto/talitos2.h
index 2715c72..de0c8f4 100644
--- a/drivers/crypto/talitos2.h
+++ b/drivers/crypto/talitos2.h
@@ -266,6 +266,12 @@ static inline void ahash_process_chain(struct scatterlist
*src, int nbytes,
req_ctx->psrc = src;
}
+static inline void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
+ struct talitos_edesc *edesc,
+ struct talitos_ptr *ptr)
+{
+}
+
#define DEF_TALITOS_DONE(name, ch_done_mask) \
static void talitos_done_##name(unsigned long data)\
{ \
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 05/17] crypto: talitos - isolate scatter/gather handling for ahash
SEC1 doesn't support scatter/gather, therefore this part of the code will
have to be implemented differently for SEC1, so we isolate it in a small
helper function
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 29 +++--
1 file changed, 19 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 3165364..76e636b 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1707,6 +1707,23 @@ static int ahash_init_sha224_swinit(struct ahash_request
*areq)
return 0;
}
+static void ahash_process_chain(struct scatterlist *src, int nbytes,
+ bool *chained,
+ struct talitos_ahash_req_ctx *req_ctx,
+ int nbytes_to_hash)
+{
+ if (req_ctx->nbuf) {
+ unsigned int nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
+
+ sg_init_table(req_ctx->bufsl, nsg);
+ sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
+ if (nsg > 1)
+ scatterwalk_sg_chain(req_ctx->bufsl, 2, src);
+ req_ctx->psrc = req_ctx->bufsl;
+ } else
+ req_ctx->psrc = src;
+}
+
static int ahash_process_req(struct ahash_request *areq, unsigned int nbytes)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
@@ -1717,7 +1734,6 @@ static int ahash_process_req(struct ahash_request *areq,
unsigned int nbytes)
crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
unsigned int nbytes_to_hash;
unsigned int to_hash_later;
- unsigned int nsg;
bool chained;
if (!req_ctx->last && (nbytes + req_ctx->nbuf <= blocksize)) {
@@ -1745,15 +1761,8 @@ static int ahash_process_req(struct ahash_request *areq,
unsigned int nbytes)
}
/* Chain in any previously buffered data */
- if (req_ctx->nbuf) {
- nsg = (req_ctx->nbuf < nbytes_to_hash) ? 2 : 1;
- sg_init_table(req_ctx->bufsl, nsg);
- sg_set_buf(req_ctx->bufsl, req_ctx->buf, req_ctx->nbuf);
- if (nsg > 1)
- scatterwalk_sg_chain(req_ctx->bufsl, 2, areq->src);
- req_ctx->psrc = req_ctx->bufsl;
- } else
- req_ctx->psrc = areq->src;
+ ahash_process_chain(areq->src, nbytes, &chained, req_ctx,
+ nbytes_to_hash);
if (to_hash_later) {
int nents = sg_count(areq->src, nbytes, &chained);
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 17/17] crypto: talitos - Update DT bindings with SEC1
This patch updates the documentation by including SEC1 into SEC2/3 doc Signed-off-by: Christophe Leroy --- Documentation/devicetree/bindings/crypto/fsl-sec2.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Documentation/devicetree/bindings/crypto/fsl-sec2.txt b/Documentation/devicetree/bindings/crypto/fsl-sec2.txt index 38988ef..570d6a2 100644 --- a/Documentation/devicetree/bindings/crypto/fsl-sec2.txt +++ b/Documentation/devicetree/bindings/crypto/fsl-sec2.txt @@ -1,9 +1,10 @@ -Freescale SoC SEC Security Engines versions 2.x-3.x +Freescale SoC SEC Security Engines versions 1.x-2.x-3.x Required properties: - compatible : Should contain entries for this and backward compatible - SEC versions, high to low, e.g., "fsl,sec2.1", "fsl,sec2.0" + SEC versions, high to low, e.g., "fsl,sec2.1", "fsl,sec2.0" (SEC2/3) + e.g., "fsl,sec1.2", "fsl,sec1.0" (SEC1) - reg : Offset and length of the register set for the device - interrupts : the SEC's interrupt number - fsl,num-channels : An integer representing the number of channels -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 08/17] crypto: talitos - Deport SEC2 error handling
SEC2 and SEC1 error handling will be different because so many bits are
different. So we move error handling into talitos2.c
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 103 +-
drivers/crypto/talitos.h | 8
drivers/crypto/talitos2.c | 82
3 files changed, 101 insertions(+), 92 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 114c5e5..81a6e47 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -68,7 +68,7 @@ static unsigned int do_reset_channel(struct talitos_private
*priv, int ch)
return timeout;
}
-static int reset_channel(struct device *dev, int ch)
+int talitos_reset_channel(struct device *dev, int ch)
{
struct talitos_private *priv = dev_get_drvdata(dev);
unsigned int timeout = do_reset_channel(priv, ch);
@@ -124,7 +124,7 @@ static void do_init_device(struct talitos_private *priv)
setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
}
-static int init_device(struct device *dev)
+int talitos_init_device(struct device *dev)
{
struct talitos_private *priv = dev_get_drvdata(dev);
int ch, err;
@@ -145,7 +145,7 @@ static int init_device(struct device *dev)
/* reset channels */
for (ch = 0; ch < priv->num_channels; ch++) {
- err = reset_channel(dev, ch);
+ err = talitos_reset_channel(dev, ch);
if (err)
return err;
}
@@ -223,7 +223,7 @@ EXPORT_SYMBOL(talitos_submit);
/*
* process what was done, notify callback of error if not
*/
-static void flush_channel(struct device *dev, int ch, int error, int reset_ch)
+void talitos_flush_channel(struct device *dev, int ch, int error, int reset_ch)
{
struct talitos_private *priv = dev_get_drvdata(dev);
struct talitos_request *request, saved_req;
@@ -289,15 +289,15 @@ static void talitos_done_##name(unsigned long data)
\
unsigned long flags;\
\
if (ch_done_mask & 1) \
- flush_channel(dev, 0, 0, 0);\
+ talitos_flush_channel(dev, 0, 0, 0);\
if (priv->num_channels == 1)\
goto out; \
if (ch_done_mask & (1 << 2))\
- flush_channel(dev, 1, 0, 0);\
+ talitos_flush_channel(dev, 1, 0, 0);\
if (ch_done_mask & (1 << 4))\
- flush_channel(dev, 2, 0, 0);\
+ talitos_flush_channel(dev, 2, 0, 0);\
if (ch_done_mask & (1 << 6))\
- flush_channel(dev, 3, 0, 0);\
+ talitos_flush_channel(dev, 3, 0, 0);\
\
out: \
/* At this point, all completed channels have been processed */ \
@@ -345,10 +345,11 @@ static u32 current_desc_hdr(struct device *dev, int ch)
/*
* user diagnostics; report root cause of error based on execution unit status
*/
-static void report_eu_error(struct device *dev, int ch, u32 desc_hdr)
+void talitos_report_eu_error(struct device *dev, int ch)
{
struct talitos_private *priv = dev_get_drvdata(dev);
int i;
+ u32 desc_hdr = current_desc_hdr(dev, ch);
if (!desc_hdr)
desc_hdr = in_be32(priv->chan[ch].reg + TALITOS_DESCBUF);
@@ -417,88 +418,6 @@ static void report_eu_error(struct device *dev, int ch,
u32 desc_hdr)
in_be32(priv->chan[ch].reg + TALITOS_DESCBUF_LO + 8*i));
}
-/*
- * recover from error interrupts
- */
-static void talitos_error(struct device *dev, u32 isr, u32 isr_lo)
-{
- struct talitos_private *priv = dev_get_drvdata(dev);
- unsigned int timeout = TALITOS_TIMEOUT;
- int ch, error, reset_dev = 0, reset_ch = 0;
- u32 v, v_lo;
-
- for (ch = 0; ch < priv->num_channels; ch++) {
- /* skip channels without errors */
- if (!(isr & (1 << (ch * 2 + 1
- continue;
-
- error = -EINVAL;
-
- v = in_be32(priv->chan[ch].reg + TALITOS_CCPSR);
- v_lo = in_be32(priv->chan[ch].reg + TALITOS_CCPSR_LO);
-
- if (v_lo & TALITOS_CCPSR_LO_DOF) {
- dev_err(dev,
[PATCH v2 03/17] crypto: talitos - Use zero entry to init descriptors ptrs to zero
Do use zero_entry value to init the descriptors ptrs to zero instead of
writing 0 in each field
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 103bfcf..de4d93b 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1385,9 +1385,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
int sg_count, ret;
/* first DWORD empty */
- desc->ptr[0].len = 0;
- to_talitos_ptr(&desc->ptr[0], 0);
- desc->ptr[0].j_extent = 0;
+ desc->ptr[0] = zero_entry;
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
@@ -1457,9 +1455,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
DMA_FROM_DEVICE);
/* last DWORD empty */
- desc->ptr[6].len = 0;
- to_talitos_ptr(&desc->ptr[6], 0);
- desc->ptr[6].j_extent = 0;
+ desc->ptr[6] = zero_entry;
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 0/17] crypto: talitos - Add support for SEC1
The purpose of this set of patchs is to add to talitos crypto driver the support for the SEC1 version of the security engine, which is found in mpc885 and mpc8272 processors. The approach has been to split the driver in two main parts: * talitos.c and talitos.h contains parts that are common * talitos2.c and talitos2.h contains specificities of SEC2 Then * talitos1.c and talitos1.h has been created with SEC1 specificities v2 applies cleanly on this afternoon's (06 March 2015) cryptodev-2.6 tree (commit c83d45d5) Patchset: [01/17] crypto: talitos - base address for Execution Units and macro for ISR masks [02/17] crypto: talitos - Externalise specific SEC2 reset actions [03/17] crypto: talitos - Use zero entry to init descriptors ptrs to zero [04/17] crypto: talitos - Refactor the sg in/out chain allocation [05/17] crypto: talitos - isolate scatter/gather handling for ahash [06/17] crypto: talitos - Add talitos2.c to isolate SEC2 specific functions [07/17] crypto: talitos - Split talitos.h into 2 parts [08/17] crypto: talitos - Deport SEC2 error handling [09/17] crypto: talitos - Move reset/init helpers into talitos2.h [10/17] crypto: talitos - Move interrupt related macros in talitos2.h [11/17] crypto: talitos - Move hash chain handling into talitos2.h [12/17] crypto: talitos - Define compatible in talitos2.h instead of talitos.c [13/17] crypto: talitos - move sg_count() helper into talitos.h [14/17] crypto: talitos - Add a helper function to clear j_extent field [15/17] crypto: talitos - Implementation of SEC1 [16/17] crypto: talitos - SEC1 bugs on 0 data hash [17/17] crypto: talitos - Update DT bindings with SEC1 Signed-off-by: Christophe Leroy .../devicetree/bindings/crypto/fsl-sec2.txt| 5 +- drivers/crypto/Kconfig | 8 + drivers/crypto/Makefile| 2 + drivers/crypto/talitos.c | 927 + drivers/crypto/talitos.h | 183 ++-- drivers/crypto/talitos1.c | 197 + drivers/crypto/talitos1.h | 343 drivers/crypto/talitos2.c | 696 drivers/crypto/talitos2.h | 335 9 files changed, 1734 insertions(+), 962 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 09/17] crypto: talitos - Move reset/init helpers into talitos2.h
Move reset/init helpers init talitos2.h as they are specific to SEC2
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 19 ---
drivers/crypto/talitos2.h | 20
2 files changed, 20 insertions(+), 19 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 81a6e47..ffa103b 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -55,19 +55,6 @@
#include "talitos.h"
-static unsigned int do_reset_channel(struct talitos_private *priv, int ch)
-{
- unsigned int timeout = TALITOS_TIMEOUT;
-
- setbits32(priv->chan[ch].reg + TALITOS_CCCR, TALITOS_CCCR_RESET);
-
- while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) & TALITOS_CCCR_RESET)
- && --timeout)
- cpu_relax();
-
- return timeout;
-}
-
int talitos_reset_channel(struct device *dev, int ch)
{
struct talitos_private *priv = dev_get_drvdata(dev);
@@ -118,12 +105,6 @@ static int reset_device(struct device *dev)
/*
* Reset and initialize the device
*/
-static void do_init_device(struct talitos_private *priv)
-{
- setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
- setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
-}
-
int talitos_init_device(struct device *dev)
{
struct talitos_private *priv = dev_get_drvdata(dev);
diff --git a/drivers/crypto/talitos2.h b/drivers/crypto/talitos2.h
index e7a91cf..f9da9f2 100644
--- a/drivers/crypto/talitos2.h
+++ b/drivers/crypto/talitos2.h
@@ -202,3 +202,23 @@ extern int talitos_alg_alloc_aead(struct crypto_alg *alg);
#define DESC_PTR_LNKTBL_JUMP 0x80
#define DESC_PTR_LNKTBL_RETURN 0x02
#define DESC_PTR_LNKTBL_NEXT 0x01
+
+static inline unsigned int do_reset_channel(struct talitos_private *priv,
+ int ch)
+{
+ unsigned int timeout = TALITOS_TIMEOUT;
+
+ setbits32(priv->chan[ch].reg + TALITOS_CCCR, TALITOS_CCCR_RESET);
+
+ while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) & TALITOS_CCCR_RESET)
+ && --timeout)
+ cpu_relax();
+
+ return timeout;
+}
+
+static inline void do_init_device(struct talitos_private *priv)
+{
+ setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
+ setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
+}
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 09/17] crypto: talitos - Add a feature to tag SEC1
We add a new feature in the features field, to mark compatible
"fsl,sec1.0"
We also define a helper function called has_ftr_sec1() to help
functions quickly determine if they are running on SEC1 or SEC2+.
When only SEC1 or SEC2 is compiled in, has_ftr_sec1() return
trivial corresponding value. If both are compiled in, feature
field is checked.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 3 +++
drivers/crypto/talitos.h | 17 +
2 files changed, 20 insertions(+)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index bca6ded..db95023 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -2709,6 +2709,9 @@ static int talitos_probe(struct platform_device *ofdev)
TALITOS_FTR_SHA224_HWINIT |
TALITOS_FTR_HMAC_OK;
+ if (of_device_is_compatible(np, "fsl,sec1.0"))
+ priv->features |= TALITOS_FTR_SEC1;
+
priv->chan = kzalloc(sizeof(struct talitos_channel) *
priv->num_channels, GFP_KERNEL);
if (!priv->chan) {
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index f078da1..b0bdb4e 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -156,6 +156,23 @@ extern int talitos_submit(struct device *dev, int ch,
struct talitos_desc *desc,
#define TALITOS_FTR_HW_AUTH_CHECK 0x0002
#define TALITOS_FTR_SHA224_HWINIT 0x0004
#define TALITOS_FTR_HMAC_OK 0x0008
+#define TALITOS_FTR_SEC1 0x0010
+
+/*
+ * If both CONFIG_CRYPTO_DEV_TALITOS1 and CONFIG_CRYPTO_DEV_TALITOS2 are
+ * defined, we check the features which are set according to the device tree.
+ * Otherwise, we answer true or false directly
+ */
+static inline bool has_ftr_sec1(struct talitos_private *priv)
+{
+#if defined(CONFIG_CRYPTO_DEV_TALITOS1) && defined(CONFIG_CRYPTO_DEV_TALITOS2)
+ return priv->features & TALITOS_FTR_SEC1 ? true : false;
+#elif defined(CONFIG_CRYPTO_DEV_TALITOS1)
+ return true;
+#else
+ return false;
+#endif
+}
/*
* TALITOS_xxx_LO addresses point to the low data bits (32-63) of the register
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 08/17] crypto: talitos - add sub-choice in talitos CONFIG for SEC1
This patch adds a CONFIG option to select SEC1, SEC2+ or both. Signed-off-by: Christophe Leroy --- drivers/crypto/Kconfig | 18 ++ 1 file changed, 18 insertions(+) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 800bf41..8a76a01 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -222,6 +222,24 @@ config CRYPTO_DEV_TALITOS To compile this driver as a module, choose M here: the module will be called talitos. +config CRYPTO_DEV_TALITOS1 + bool "SEC1 (SEC 1.0 and SEC Lite 1.2)" + depends on CRYPTO_DEV_TALITOS + depends on PPC_8xx || PPC_82xx + default y + help + Say 'Y' here to use the Freescale Security Engine (SEC) version 1.0 + found on MPC82xx or the Freescale Security Engine (SEC Lite) + version 1.2 found on MPC8xx + +config CRYPTO_DEV_TALITOS2 + bool "SEC2+ (SEC version 2.0 or upper)" + depends on CRYPTO_DEV_TALITOS + default y if !PPC_8xx + help + Say 'Y' here to use the Freescale Security Engine (SEC) + version 2 and following as found on MPC83xx, MPC85xx, etc ... + config CRYPTO_DEV_IXP4XX tristate "Driver for IXP4xx crypto hardware acceleration" depends on ARCH_IXP4XX && IXP4XX_QMGR && IXP4XX_NPE -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 12/17] crypto: talitos - base address for Execution Units
SEC 1.0, 1.2 and 2.x+ have different EU base addresses, so we need to
define pointers for each EU in the driver private data structure.
The proper address is set by the probe function depending on the
SEC type, in order to provide access to the proper address.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 83
drivers/crypto/talitos.h | 72 +
2 files changed, 100 insertions(+), 55 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index e6ea651..6d77699 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -208,7 +208,7 @@ static int init_device(struct device *dev)
/* disable integrity check error interrupts (use writeback instead) */
if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
- setbits32(priv->reg + TALITOS_MDEUICR_LO,
+ setbits32(priv->reg_mdeu + TALITOS_EUICR_LO,
TALITOS_MDEUICR_LO_ICE);
return 0;
@@ -424,44 +424,44 @@ static void report_eu_error(struct device *dev, int ch,
u32 desc_hdr)
switch (desc_hdr & DESC_HDR_SEL0_MASK) {
case DESC_HDR_SEL0_AFEU:
dev_err(dev, "AFEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_AFEUISR),
- in_be32(priv->reg + TALITOS_AFEUISR_LO));
+ in_be32(priv->reg_afeu + TALITOS_EUISR),
+ in_be32(priv->reg_afeu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_DEU:
dev_err(dev, "DEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_DEUISR),
- in_be32(priv->reg + TALITOS_DEUISR_LO));
+ in_be32(priv->reg_deu + TALITOS_EUISR),
+ in_be32(priv->reg_deu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_MDEUA:
case DESC_HDR_SEL0_MDEUB:
dev_err(dev, "MDEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_MDEUISR),
- in_be32(priv->reg + TALITOS_MDEUISR_LO));
+ in_be32(priv->reg_mdeu + TALITOS_EUISR),
+ in_be32(priv->reg_mdeu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_RNG:
dev_err(dev, "RNGUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_RNGUISR),
- in_be32(priv->reg + TALITOS_RNGUISR_LO));
+ in_be32(priv->reg_rngu + TALITOS_ISR),
+ in_be32(priv->reg_rngu + TALITOS_ISR_LO));
break;
case DESC_HDR_SEL0_PKEU:
dev_err(dev, "PKEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_PKEUISR),
- in_be32(priv->reg + TALITOS_PKEUISR_LO));
+ in_be32(priv->reg_pkeu + TALITOS_EUISR),
+ in_be32(priv->reg_pkeu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_AESU:
dev_err(dev, "AESUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_AESUISR),
- in_be32(priv->reg + TALITOS_AESUISR_LO));
+ in_be32(priv->reg_aesu + TALITOS_EUISR),
+ in_be32(priv->reg_aesu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_CRCU:
dev_err(dev, "CRCUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_CRCUISR),
- in_be32(priv->reg + TALITOS_CRCUISR_LO));
+ in_be32(priv->reg_crcu + TALITOS_EUISR),
+ in_be32(priv->reg_crcu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_KEU:
dev_err(dev, "KEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_KEUISR),
- in_be32(priv->reg + TALITOS_KEUISR_LO));
+ in_be32(priv->reg_pkeu + TALITOS_EUISR),
+ in_be32(priv->reg_pkeu + TALITOS_EUISR_LO));
break;
}
@@ -469,13 +469,13 @@ static void report_eu_error(struct device *dev, int ch,
u32 desc_hdr)
case DESC_HDR_SEL1_MDEUA:
case DESC_HDR_SEL1_MDEUB:
dev_err(dev, "MDEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_MDEUISR),
- in_be32(priv->reg + TALITOS_MDEUISR_LO));
+ in_be32(priv->reg_mdeu + TALITOS_EUISR),
+ in_be32(priv->reg_mdeu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL1_CRCU:
dev_err(dev,
[PATCH v3 14/17] crypto: talitos - implement scatter/gather copy for SEC1
SEC1 doesn't support scatter/gather, SEC1 doesn't handle link tables.
Therefore, for SEC1 we have to do it by SW. For that, we reserve
space at the end of the extended descriptor, in lieu of the space
reserved for the link tables on SEC2, and we perform sg_copy() when
preparing the descriptors
We also adapt the max buffer size which is only 32k on SEC1 while it
is 64k on SEC2+
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 138 ++-
drivers/crypto/talitos.h | 3 +-
2 files changed, 103 insertions(+), 38 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 1265405..dddf4b3 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -866,9 +866,10 @@ badkey:
* @dst_chained: whether dst is chained or not
* @iv_dma: dma address of iv for checking continuity and link table
* @dma_len: length of dma mapped link_tbl space
- * @dma_link_tbl: bus physical address of link_tbl
+ * @dma_link_tbl: bus physical address of link_tbl/buf
* @desc: h/w descriptor
- * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1)
+ * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1) (SEC2)
+ * @buf: input and output buffeur (if {src,dst}_nents > 1) (SEC1)
*
* if decrypting (with authcheck), or either one of src_nents or dst_nents
* is greater than 1, an integrity check value is concatenated to the end
@@ -885,7 +886,10 @@ struct talitos_edesc {
int dma_len;
dma_addr_t dma_link_tbl;
struct talitos_desc desc;
- struct talitos_ptr link_tbl[0];
+ union {
+ struct talitos_ptr link_tbl[0];
+ u8 buf[0];
+ };
};
static int talitos_map_sg(struct device *dev, struct scatterlist *sg,
@@ -1282,8 +1286,11 @@ static struct talitos_edesc *talitos_edesc_alloc(struct
device *dev,
dma_addr_t iv_dma = 0;
gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL :
GFP_ATOMIC;
+ struct talitos_private *priv = dev_get_drvdata(dev);
+ bool is_sec1 = has_ftr_sec1(priv);
+ int max_len = is_sec1 ? TALITOS1_MAX_DATA_LEN : TALITOS2_MAX_DATA_LEN;
- if (cryptlen + authsize > TALITOS_MAX_DATA_LEN) {
+ if (cryptlen + authsize > max_len) {
dev_err(dev, "length exceeds h/w max limit\n");
return ERR_PTR(-EINVAL);
}
@@ -1327,8 +1334,12 @@ static struct talitos_edesc *talitos_edesc_alloc(struct
device *dev,
*/
alloc_len = sizeof(struct talitos_edesc);
if (assoc_nents || src_nents || dst_nents) {
- dma_len = (src_nents + dst_nents + 2 + assoc_nents) *
- sizeof(struct talitos_ptr) + authsize;
+ if (is_sec1)
+ dma_len = src_nents ? cryptlen : 0 +
+ dst_nents ? cryptlen : 0;
+ else
+ dma_len = (src_nents + dst_nents + 2 + assoc_nents) *
+ sizeof(struct talitos_ptr) + authsize;
alloc_len += dma_len;
} else {
dma_len = 0;
@@ -1485,7 +1496,27 @@ static void unmap_sg_talitos_ptr(struct device *dev,
struct scatterlist *src,
struct scatterlist *dst, unsigned int len,
struct talitos_edesc *edesc)
{
- talitos_sg_unmap(dev, edesc, src, dst);
+ struct talitos_private *priv = dev_get_drvdata(dev);
+ bool is_sec1 = has_ftr_sec1(priv);
+
+ if (is_sec1) {
+ if (!edesc->src_nents) {
+ dma_unmap_sg(dev, src, 1,
+dst != src ? DMA_TO_DEVICE
+ : DMA_BIDIRECTIONAL);
+ }
+ if (dst && edesc->dst_nents) {
+ dma_sync_single_for_device(dev,
+ edesc->dma_link_tbl + len,
+ len, DMA_FROM_DEVICE);
+ sg_copy_from_buffer(dst, edesc->dst_nents ? : 1,
+ edesc->buf + len, len);
+ } else if (dst && dst != src) {
+ dma_unmap_sg(dev, dst, 1, DMA_FROM_DEVICE);
+ }
+ } else {
+ talitos_sg_unmap(dev, edesc, src, dst);
+ }
}
static void common_nonsnoop_unmap(struct device *dev,
@@ -1528,25 +1559,42 @@ int map_sg_in_talitos_ptr(struct device *dev, struct
scatterlist *src,
bool is_sec1 = has_ftr_sec1(priv);
to_talitos_ptr_len(ptr, len, is_sec1);
- to_talitos_ptr_extent_clear(ptr, is_sec1);
- sg_count = talitos_map_sg(dev, src, edesc->src_nents ? : 1, dir,
- edesc->src_chained);
+ if (is_sec1) {
+
[PATCH v3 00/17] crypto: talitos - Add support for SEC1
The purpose of this set of patchs is to add to talitos crypto driver the support for the SEC1 version of the security engine, which is found in mpc885 and mpc8272 processors. v3 is a complete rework of the patchset. Since a kernel can be built with support for both MPC82xx and MPC83xx at the same time, talitos driver shall support both SEC1 and SEC2+ at the same time. Based on cryptodev-2.6 tree Christophe Leroy (17): crypto: talitos - Use zero entry to init descriptors ptrs to zero crypto: talitos - Refactor the sg in/out chain allocation crypto: talitos - talitos_ptr renamed ptr for more lisibility crypto: talitos - Add a helper function to clear j_extent field crypto: talitos - remove param 'extent' in map_single_talitos_ptr() crypto: talitos - helper function for ptr len crypto: talitos - enhanced talitos_desc struct for SEC1 crypto: talitos - add sub-choice in talitos CONFIG for SEC1 crypto: talitos - Add a feature to tag SEC1 crypto: talitos - fill in talitos descriptor iaw SEC1 or SEC2+ crypto: talitos - adaptation of talitos_submit() for SEC1 crypto: talitos - base address for Execution Units crypto: talitos - adapt interrupts and reset functions to SEC1 crypto: talitos - implement scatter/gather copy for SEC1 crypto: talitos - SEC1 bugs on 0 data hash crypto: talitos - Add fsl,sec1.0 compatible crypto: talitos - Update DT bindings with SEC1 .../devicetree/bindings/crypto/fsl-sec2.txt| 6 +- drivers/crypto/Kconfig | 18 + drivers/crypto/talitos.c | 727 +++-- drivers/crypto/talitos.h | 153 +++-- 4 files changed, 644 insertions(+), 260 deletions(-) -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 17/17] crypto: talitos - Update DT bindings with SEC1
This patch updates the documentation by including SEC1 into SEC2/3 doc Signed-off-by: Christophe Leroy --- Documentation/devicetree/bindings/crypto/fsl-sec2.txt | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Documentation/devicetree/bindings/crypto/fsl-sec2.txt b/Documentation/devicetree/bindings/crypto/fsl-sec2.txt index 38988ef..f0d926b 100644 --- a/Documentation/devicetree/bindings/crypto/fsl-sec2.txt +++ b/Documentation/devicetree/bindings/crypto/fsl-sec2.txt @@ -1,9 +1,11 @@ -Freescale SoC SEC Security Engines versions 2.x-3.x +Freescale SoC SEC Security Engines versions 1.x-2.x-3.x Required properties: - compatible : Should contain entries for this and backward compatible - SEC versions, high to low, e.g., "fsl,sec2.1", "fsl,sec2.0" + SEC versions, high to low, e.g., "fsl,sec2.1", "fsl,sec2.0" (SEC2/3) + e.g., "fsl,sec1.2", "fsl,sec1.0" (SEC1) +warning: SEC1 and SEC2 are mutually exclusive - reg : Offset and length of the register set for the device - interrupts : the SEC's interrupt number - fsl,num-channels : An integer representing the number of channels -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 16/17] crypto: talitos - Add fsl,sec1.0 compatible
We add a specific compatible for SEC1, to handle the differences
between SEC1 and SEC2+
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index f1406d7b..c04074d 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -3086,9 +3086,16 @@ err_out:
}
static const struct of_device_id talitos_match[] = {
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
+ {
+ .compatible = "fsl,sec1.0",
+ },
+#endif
+#ifdef CONFIG_CRYPTO_DEV_TALITOS2
{
.compatible = "fsl,sec2.0",
},
+#endif
{},
};
MODULE_DEVICE_TABLE(of, talitos_match);
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 17/17] crypto: talitos - Update DT bindings with SEC1
This patch updates the documentation by including SEC1 into SEC2/3 doc Signed-off-by: Christophe Leroy --- Documentation/devicetree/bindings/crypto/fsl-sec2.txt | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Documentation/devicetree/bindings/crypto/fsl-sec2.txt b/Documentation/devicetree/bindings/crypto/fsl-sec2.txt index 38988ef..f0d926b 100644 --- a/Documentation/devicetree/bindings/crypto/fsl-sec2.txt +++ b/Documentation/devicetree/bindings/crypto/fsl-sec2.txt @@ -1,9 +1,11 @@ -Freescale SoC SEC Security Engines versions 2.x-3.x +Freescale SoC SEC Security Engines versions 1.x-2.x-3.x Required properties: - compatible : Should contain entries for this and backward compatible - SEC versions, high to low, e.g., "fsl,sec2.1", "fsl,sec2.0" + SEC versions, high to low, e.g., "fsl,sec2.1", "fsl,sec2.0" (SEC2/3) + e.g., "fsl,sec1.2", "fsl,sec1.0" (SEC1) +warning: SEC1 and SEC2 are mutually exclusive - reg : Offset and length of the register set for the device - interrupts : the SEC's interrupt number - fsl,num-channels : An integer representing the number of channels -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 11/17] crypto: talitos - adaptation of talitos_submit() for SEC1
SEC1 descriptor is a bit different to SEC2+ descriptor.
talitos_submit() will have to copy hdr field into hdr1 field and
send the descriptor starting at hdr1 up to next_desc.
For SEC2, it remains unchanged and next_desc is just ignored.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 23 +++
drivers/crypto/talitos.h | 2 ++
2 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 678b528..e6ea651 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -236,6 +236,7 @@ int talitos_submit(struct device *dev, int ch, struct
talitos_desc *desc,
struct talitos_request *request;
unsigned long flags;
int head;
+ bool is_sec1 = has_ftr_sec1(priv);
spin_lock_irqsave(&priv->chan[ch].head_lock, flags);
@@ -249,8 +250,17 @@ int talitos_submit(struct device *dev, int ch, struct
talitos_desc *desc,
request = &priv->chan[ch].fifo[head];
/* map descriptor and save caller data */
- request->dma_desc = dma_map_single(dev, desc, sizeof(*desc),
- DMA_BIDIRECTIONAL);
+ if (is_sec1) {
+ desc->hdr1 = desc->hdr;
+ desc->next_desc = 0;
+ request->dma_desc = dma_map_single(dev, &desc->hdr1,
+ TALITOS_DESC_SIZE,
+ DMA_BIDIRECTIONAL);
+ } else {
+ request->dma_desc = dma_map_single(dev, desc,
+ TALITOS_DESC_SIZE,
+ DMA_BIDIRECTIONAL);
+ }
request->callback = callback;
request->context = context;
@@ -282,16 +292,21 @@ static void flush_channel(struct device *dev, int ch, int
error, int reset_ch)
struct talitos_request *request, saved_req;
unsigned long flags;
int tail, status;
+ bool is_sec1 = has_ftr_sec1(priv);
spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
tail = priv->chan[ch].tail;
while (priv->chan[ch].fifo[tail].desc) {
+ __be32 hdr;
+
request = &priv->chan[ch].fifo[tail];
/* descriptors with their done bits set don't get the error */
rmb();
- if ((request->desc->hdr & DESC_HDR_DONE) == DESC_HDR_DONE)
+ hdr = is_sec1 ? request->desc->hdr1 : request->desc->hdr;
+
+ if ((hdr & DESC_HDR_DONE) == DESC_HDR_DONE)
status = 0;
else
if (!error)
@@ -300,7 +315,7 @@ static void flush_channel(struct device *dev, int ch, int
error, int reset_ch)
status = error;
dma_unmap_single(dev, request->dma_desc,
-sizeof(struct talitos_desc),
+TALITOS_DESC_SIZE,
DMA_BIDIRECTIONAL);
/* copy entries so we can call callback outside lock */
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index b0bdb4e..f827c04 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -69,6 +69,8 @@ struct talitos_desc {
__be32 next_desc; /* next descriptor (SEC1) */
};
+#define TALITOS_DESC_SIZE (sizeof(struct talitos_desc) - sizeof(__be32))
+
/**
* talitos_request - descriptor submission request
* @desc: descriptor pointer (kernel virtual)
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 16/17] crypto: talitos - Add fsl,sec1.0 compatible
We add a specific compatible for SEC1, to handle the differences
between SEC1 and SEC2+
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index f1406d7b..c04074d 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -3086,9 +3086,16 @@ err_out:
}
static const struct of_device_id talitos_match[] = {
+#ifdef CONFIG_CRYPTO_DEV_TALITOS1
+ {
+ .compatible = "fsl,sec1.0",
+ },
+#endif
+#ifdef CONFIG_CRYPTO_DEV_TALITOS2
{
.compatible = "fsl,sec2.0",
},
+#endif
{},
};
MODULE_DEVICE_TABLE(of, talitos_match);
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 10/17] crypto: talitos - fill in talitos descriptor iaw SEC1 or SEC2+
talitos descriptor is slightly different for SEC1 and SEC2+, so
lets the helper function that fills the descriptor take into account
the type of SEC.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 105 ++-
1 file changed, 67 insertions(+), 38 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index db95023..678b528 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -55,25 +55,38 @@
#include "talitos.h"
-static void to_talitos_ptr(struct talitos_ptr *ptr, dma_addr_t dma_addr)
+static void to_talitos_ptr(struct talitos_ptr *ptr, dma_addr_t dma_addr,
+ bool is_sec1)
{
ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
- ptr->eptr = upper_32_bits(dma_addr);
+ if (!is_sec1)
+ ptr->eptr = upper_32_bits(dma_addr);
}
-static void to_talitos_ptr_len(struct talitos_ptr *ptr, unsigned short len)
+static void to_talitos_ptr_len(struct talitos_ptr *ptr, unsigned short len,
+ bool is_sec1)
{
- ptr->len = cpu_to_be16(len);
+ if (is_sec1) {
+ ptr->res = 0;
+ ptr->len1 = cpu_to_be16(len);
+ } else {
+ ptr->len = cpu_to_be16(len);
+ }
}
-static unsigned short from_talitos_ptr_len(struct talitos_ptr *ptr)
+static unsigned short from_talitos_ptr_len(struct talitos_ptr *ptr,
+ bool is_sec1)
{
- return be16_to_cpu(ptr->len);
+ if (is_sec1)
+ return be16_to_cpu(ptr->len1);
+ else
+ return be16_to_cpu(ptr->len);
}
-static void to_talitos_ptr_extent_clear(struct talitos_ptr *ptr)
+static void to_talitos_ptr_extent_clear(struct talitos_ptr *ptr, bool is_sec1)
{
- ptr->j_extent = 0;
+ if (!is_sec1)
+ ptr->j_extent = 0;
}
/*
@@ -85,10 +98,12 @@ static void map_single_talitos_ptr(struct device *dev,
enum dma_data_direction dir)
{
dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
+ struct talitos_private *priv = dev_get_drvdata(dev);
+ bool is_sec1 = has_ftr_sec1(priv);
- to_talitos_ptr_len(ptr, len);
- to_talitos_ptr(ptr, dma_addr);
- to_talitos_ptr_extent_clear(ptr);
+ to_talitos_ptr_len(ptr, len, is_sec1);
+ to_talitos_ptr(ptr, dma_addr, is_sec1);
+ to_talitos_ptr_extent_clear(ptr, is_sec1);
}
/*
@@ -98,8 +113,11 @@ static void unmap_single_talitos_ptr(struct device *dev,
struct talitos_ptr *ptr,
enum dma_data_direction dir)
{
+ struct talitos_private *priv = dev_get_drvdata(dev);
+ bool is_sec1 = has_ftr_sec1(priv);
+
dma_unmap_single(dev, be32_to_cpu(ptr->ptr),
-from_talitos_ptr_len(ptr), dir);
+from_talitos_ptr_len(ptr, is_sec1), dir);
}
static int reset_channel(struct device *dev, int ch)
@@ -922,7 +940,7 @@ static int sg_to_link_tbl(struct scatterlist *sg, int
sg_count,
int n_sg = sg_count;
while (n_sg--) {
- to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg));
+ to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg), 0);
link_tbl_ptr->len = cpu_to_be16(sg_dma_len(sg));
link_tbl_ptr->j_extent = 0;
link_tbl_ptr++;
@@ -976,7 +994,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
struct talitos_ptr *tbl_ptr = &edesc->link_tbl[tbl_off];
to_talitos_ptr(&desc->ptr[1], edesc->dma_link_tbl + tbl_off *
- sizeof(struct talitos_ptr));
+ sizeof(struct talitos_ptr), 0);
desc->ptr[1].j_extent = DESC_PTR_LNKTBL_JUMP;
/* assoc_nents - 1 entries for assoc, 1 for IV */
@@ -987,7 +1005,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
tbl_ptr += sg_count - 1;
tbl_ptr->j_extent = 0;
tbl_ptr++;
- to_talitos_ptr(tbl_ptr, edesc->iv_dma);
+ to_talitos_ptr(tbl_ptr, edesc->iv_dma, 0);
tbl_ptr->len = cpu_to_be16(ivsize);
tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN;
@@ -996,14 +1014,14 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
} else {
if (areq->assoclen)
to_talitos_ptr(&desc->ptr[1],
- sg_dma_address(areq->assoc));
+ sg_dma_address(areq->assoc), 0);
else
- to_talitos_ptr(&desc->ptr[1], edesc->iv_dma)
[PATCH v3 14/17] crypto: talitos - implement scatter/gather copy for SEC1
SEC1 doesn't support scatter/gather, SEC1 doesn't handle link tables.
Therefore, for SEC1 we have to do it by SW. For that, we reserve
space at the end of the extended descriptor, in lieu of the space
reserved for the link tables on SEC2, and we perform sg_copy() when
preparing the descriptors
We also adapt the max buffer size which is only 32k on SEC1 while it
is 64k on SEC2+
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 138 ++-
drivers/crypto/talitos.h | 3 +-
2 files changed, 103 insertions(+), 38 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 1265405..dddf4b3 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -866,9 +866,10 @@ badkey:
* @dst_chained: whether dst is chained or not
* @iv_dma: dma address of iv for checking continuity and link table
* @dma_len: length of dma mapped link_tbl space
- * @dma_link_tbl: bus physical address of link_tbl
+ * @dma_link_tbl: bus physical address of link_tbl/buf
* @desc: h/w descriptor
- * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1)
+ * @link_tbl: input and output h/w link tables (if {src,dst}_nents > 1) (SEC2)
+ * @buf: input and output buffeur (if {src,dst}_nents > 1) (SEC1)
*
* if decrypting (with authcheck), or either one of src_nents or dst_nents
* is greater than 1, an integrity check value is concatenated to the end
@@ -885,7 +886,10 @@ struct talitos_edesc {
int dma_len;
dma_addr_t dma_link_tbl;
struct talitos_desc desc;
- struct talitos_ptr link_tbl[0];
+ union {
+ struct talitos_ptr link_tbl[0];
+ u8 buf[0];
+ };
};
static int talitos_map_sg(struct device *dev, struct scatterlist *sg,
@@ -1282,8 +1286,11 @@ static struct talitos_edesc *talitos_edesc_alloc(struct
device *dev,
dma_addr_t iv_dma = 0;
gfp_t flags = cryptoflags & CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL :
GFP_ATOMIC;
+ struct talitos_private *priv = dev_get_drvdata(dev);
+ bool is_sec1 = has_ftr_sec1(priv);
+ int max_len = is_sec1 ? TALITOS1_MAX_DATA_LEN : TALITOS2_MAX_DATA_LEN;
- if (cryptlen + authsize > TALITOS_MAX_DATA_LEN) {
+ if (cryptlen + authsize > max_len) {
dev_err(dev, "length exceeds h/w max limit\n");
return ERR_PTR(-EINVAL);
}
@@ -1327,8 +1334,12 @@ static struct talitos_edesc *talitos_edesc_alloc(struct
device *dev,
*/
alloc_len = sizeof(struct talitos_edesc);
if (assoc_nents || src_nents || dst_nents) {
- dma_len = (src_nents + dst_nents + 2 + assoc_nents) *
- sizeof(struct talitos_ptr) + authsize;
+ if (is_sec1)
+ dma_len = src_nents ? cryptlen : 0 +
+ dst_nents ? cryptlen : 0;
+ else
+ dma_len = (src_nents + dst_nents + 2 + assoc_nents) *
+ sizeof(struct talitos_ptr) + authsize;
alloc_len += dma_len;
} else {
dma_len = 0;
@@ -1485,7 +1496,27 @@ static void unmap_sg_talitos_ptr(struct device *dev,
struct scatterlist *src,
struct scatterlist *dst, unsigned int len,
struct talitos_edesc *edesc)
{
- talitos_sg_unmap(dev, edesc, src, dst);
+ struct talitos_private *priv = dev_get_drvdata(dev);
+ bool is_sec1 = has_ftr_sec1(priv);
+
+ if (is_sec1) {
+ if (!edesc->src_nents) {
+ dma_unmap_sg(dev, src, 1,
+dst != src ? DMA_TO_DEVICE
+ : DMA_BIDIRECTIONAL);
+ }
+ if (dst && edesc->dst_nents) {
+ dma_sync_single_for_device(dev,
+ edesc->dma_link_tbl + len,
+ len, DMA_FROM_DEVICE);
+ sg_copy_from_buffer(dst, edesc->dst_nents ? : 1,
+ edesc->buf + len, len);
+ } else if (dst && dst != src) {
+ dma_unmap_sg(dev, dst, 1, DMA_FROM_DEVICE);
+ }
+ } else {
+ talitos_sg_unmap(dev, edesc, src, dst);
+ }
}
static void common_nonsnoop_unmap(struct device *dev,
@@ -1528,25 +1559,42 @@ int map_sg_in_talitos_ptr(struct device *dev, struct
scatterlist *src,
bool is_sec1 = has_ftr_sec1(priv);
to_talitos_ptr_len(ptr, len, is_sec1);
- to_talitos_ptr_extent_clear(ptr, is_sec1);
- sg_count = talitos_map_sg(dev, src, edesc->src_nents ? : 1, dir,
- edesc->src_chained);
+ if (is_sec1) {
+
[PATCH v3 09/17] crypto: talitos - Add a feature to tag SEC1
We add a new feature in the features field, to mark compatible
"fsl,sec1.0"
We also define a helper function called has_ftr_sec1() to help
functions quickly determine if they are running on SEC1 or SEC2+.
When only SEC1 or SEC2 is compiled in, has_ftr_sec1() return
trivial corresponding value. If both are compiled in, feature
field is checked.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 3 +++
drivers/crypto/talitos.h | 17 +
2 files changed, 20 insertions(+)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index bca6ded..db95023 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -2709,6 +2709,9 @@ static int talitos_probe(struct platform_device *ofdev)
TALITOS_FTR_SHA224_HWINIT |
TALITOS_FTR_HMAC_OK;
+ if (of_device_is_compatible(np, "fsl,sec1.0"))
+ priv->features |= TALITOS_FTR_SEC1;
+
priv->chan = kzalloc(sizeof(struct talitos_channel) *
priv->num_channels, GFP_KERNEL);
if (!priv->chan) {
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index f078da1..b0bdb4e 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -156,6 +156,23 @@ extern int talitos_submit(struct device *dev, int ch,
struct talitos_desc *desc,
#define TALITOS_FTR_HW_AUTH_CHECK 0x0002
#define TALITOS_FTR_SHA224_HWINIT 0x0004
#define TALITOS_FTR_HMAC_OK 0x0008
+#define TALITOS_FTR_SEC1 0x0010
+
+/*
+ * If both CONFIG_CRYPTO_DEV_TALITOS1 and CONFIG_CRYPTO_DEV_TALITOS2 are
+ * defined, we check the features which are set according to the device tree.
+ * Otherwise, we answer true or false directly
+ */
+static inline bool has_ftr_sec1(struct talitos_private *priv)
+{
+#if defined(CONFIG_CRYPTO_DEV_TALITOS1) && defined(CONFIG_CRYPTO_DEV_TALITOS2)
+ return priv->features & TALITOS_FTR_SEC1 ? true : false;
+#elif defined(CONFIG_CRYPTO_DEV_TALITOS1)
+ return true;
+#else
+ return false;
+#endif
+}
/*
* TALITOS_xxx_LO addresses point to the low data bits (32-63) of the register
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 13/17] crypto: talitos - adapt interrupts and reset functions to SEC1
This patch adapts the interrupts handling and reset function for
SEC1. On SEC1, registers are almost similar to SEC2+, but bits
are sometimes located at different places. So we need to define
TALITOS1 and TALITOS2 versions of some fields, and manage according
to whether it is SEC1 or SEC2.
On SEC1, only one interrupt vector is dedicated to the SEC, so only
interrupt_4ch is needed.
On SEC1, interrupts are enabled by clearing related bits in IMR,
while on SEC2, interrupts are enabled by seting the bits in IMR.
SEC1 also performs parity verification in the DES Unit. We have
to disable this feature because the test vectors provided in
the kernel have parity errors.
In reset functions, only SEC2 supports continuation after error.
For SEC1, we have to reset in all cases.
For errors handling, SEC2+ names have been kept, but displayed
text have been amended to reflect exact meaning on SEC1.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 227 +++
drivers/crypto/talitos.h | 39 +---
2 files changed, 199 insertions(+), 67 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 6d77699..1265405 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -124,12 +124,23 @@ static int reset_channel(struct device *dev, int ch)
{
struct talitos_private *priv = dev_get_drvdata(dev);
unsigned int timeout = TALITOS_TIMEOUT;
+ bool is_sec1 = has_ftr_sec1(priv);
- setbits32(priv->chan[ch].reg + TALITOS_CCCR, TALITOS_CCCR_RESET);
+ if (is_sec1) {
+ setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO,
+ TALITOS1_CCCR_LO_RESET);
- while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) & TALITOS_CCCR_RESET)
- && --timeout)
- cpu_relax();
+ while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR_LO) &
+ TALITOS1_CCCR_LO_RESET) && --timeout)
+ cpu_relax();
+ } else {
+ setbits32(priv->chan[ch].reg + TALITOS_CCCR,
+ TALITOS2_CCCR_RESET);
+
+ while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) &
+ TALITOS2_CCCR_RESET) && --timeout)
+ cpu_relax();
+ }
if (timeout == 0) {
dev_err(dev, "failed to reset channel %d\n", ch);
@@ -152,11 +163,12 @@ static int reset_device(struct device *dev)
{
struct talitos_private *priv = dev_get_drvdata(dev);
unsigned int timeout = TALITOS_TIMEOUT;
- u32 mcr = TALITOS_MCR_SWR;
+ bool is_sec1 = has_ftr_sec1(priv);
+ u32 mcr = is_sec1 ? TALITOS1_MCR_SWR : TALITOS2_MCR_SWR;
setbits32(priv->reg + TALITOS_MCR, mcr);
- while ((in_be32(priv->reg + TALITOS_MCR) & TALITOS_MCR_SWR)
+ while ((in_be32(priv->reg + TALITOS_MCR) & mcr)
&& --timeout)
cpu_relax();
@@ -180,6 +192,7 @@ static int init_device(struct device *dev)
{
struct talitos_private *priv = dev_get_drvdata(dev);
int ch, err;
+ bool is_sec1 = has_ftr_sec1(priv);
/*
* Master reset
@@ -203,8 +216,15 @@ static int init_device(struct device *dev)
}
/* enable channel done and error interrupts */
- setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
- setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
+ if (is_sec1) {
+ clrbits32(priv->reg + TALITOS_IMR, TALITOS1_IMR_INIT);
+ clrbits32(priv->reg + TALITOS_IMR_LO, TALITOS1_IMR_LO_INIT);
+ /* disable parity error check in DEU (erroneous? test vect.) */
+ setbits32(priv->reg_deu + TALITOS_EUICR, TALITOS1_DEUICR_KPE);
+ } else {
+ setbits32(priv->reg + TALITOS_IMR, TALITOS2_IMR_INIT);
+ setbits32(priv->reg + TALITOS_IMR_LO, TALITOS2_IMR_LO_INIT);
+ }
/* disable integrity check error interrupts (use writeback instead) */
if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
@@ -349,8 +369,37 @@ static void flush_channel(struct device *dev, int ch, int
error, int reset_ch)
/*
* process completed requests for channels that have done status
*/
-#define DEF_TALITOS_DONE(name, ch_done_mask) \
-static void talitos_done_##name(unsigned long data)\
+#define DEF_TALITOS1_DONE(name, ch_done_mask) \
+static void talitos1_done_##name(unsigned long data) \
+{ \
+ struct device *dev = (struct device *)data; \
+ struct talitos_private *priv = dev_get_drvdata(dev);\
+ unsigned long flags;
[PATCH v3 08/17] crypto: talitos - add sub-choice in talitos CONFIG for SEC1
This patch adds a CONFIG option to select SEC1, SEC2+ or both. Signed-off-by: Christophe Leroy --- drivers/crypto/Kconfig | 18 ++ 1 file changed, 18 insertions(+) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 800bf41..8a76a01 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -222,6 +222,24 @@ config CRYPTO_DEV_TALITOS To compile this driver as a module, choose M here: the module will be called talitos. +config CRYPTO_DEV_TALITOS1 + bool "SEC1 (SEC 1.0 and SEC Lite 1.2)" + depends on CRYPTO_DEV_TALITOS + depends on PPC_8xx || PPC_82xx + default y + help + Say 'Y' here to use the Freescale Security Engine (SEC) version 1.0 + found on MPC82xx or the Freescale Security Engine (SEC Lite) + version 1.2 found on MPC8xx + +config CRYPTO_DEV_TALITOS2 + bool "SEC2+ (SEC version 2.0 or upper)" + depends on CRYPTO_DEV_TALITOS + default y if !PPC_8xx + help + Say 'Y' here to use the Freescale Security Engine (SEC) + version 2 and following as found on MPC83xx, MPC85xx, etc ... + config CRYPTO_DEV_IXP4XX tristate "Driver for IXP4xx crypto hardware acceleration" depends on ARCH_IXP4XX && IXP4XX_QMGR && IXP4XX_NPE -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 15/17] crypto: talitos - SEC1 bugs on 0 data hash
SEC1 bugs on 0 data hash, so we submit an already padded block representing 0
data
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 24
1 file changed, 24 insertions(+)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index dddf4b3..f1406d7b 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1797,6 +1797,27 @@ static void ahash_done(struct device *dev,
areq->base.complete(&areq->base, err);
}
+/*
+ * SEC1 doesn't like hashing of 0 sized message, so we do the padding
+ * ourself and submit a padded block
+ */
+void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
+ struct talitos_edesc *edesc,
+ struct talitos_ptr *ptr)
+{
+ static u8 padded_hash[64] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ };
+
+ pr_err_once("Bug in SEC1, padding ourself\n");
+ edesc->desc.hdr &= ~DESC_HDR_MODE0_MDEU_PAD;
+ map_single_talitos_ptr(ctx->dev, ptr, sizeof(padded_hash),
+ (char *)padded_hash, DMA_TO_DEVICE);
+}
+
static int common_nonsnoop_hash(struct talitos_edesc *edesc,
struct ahash_request *areq, unsigned int length,
void (*callback) (struct device *dev,
@@ -1857,6 +1878,9 @@ static int common_nonsnoop_hash(struct talitos_edesc
*edesc,
/* last DWORD empty */
desc->ptr[6] = zero_entry;
+ if (is_sec1 && from_talitos_ptr_len(&desc->ptr[3], true) == 0)
+ talitos_handle_buggy_hash(ctx, edesc, &desc->ptr[3]);
+
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
common_nonsnoop_hash_unmap(dev, edesc, areq);
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 15/17] crypto: talitos - SEC1 bugs on 0 data hash
SEC1 bugs on 0 data hash, so we submit an already padded block representing 0
data
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 24
1 file changed, 24 insertions(+)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index dddf4b3..f1406d7b 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1797,6 +1797,27 @@ static void ahash_done(struct device *dev,
areq->base.complete(&areq->base, err);
}
+/*
+ * SEC1 doesn't like hashing of 0 sized message, so we do the padding
+ * ourself and submit a padded block
+ */
+void talitos_handle_buggy_hash(struct talitos_ctx *ctx,
+ struct talitos_edesc *edesc,
+ struct talitos_ptr *ptr)
+{
+ static u8 padded_hash[64] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ };
+
+ pr_err_once("Bug in SEC1, padding ourself\n");
+ edesc->desc.hdr &= ~DESC_HDR_MODE0_MDEU_PAD;
+ map_single_talitos_ptr(ctx->dev, ptr, sizeof(padded_hash),
+ (char *)padded_hash, DMA_TO_DEVICE);
+}
+
static int common_nonsnoop_hash(struct talitos_edesc *edesc,
struct ahash_request *areq, unsigned int length,
void (*callback) (struct device *dev,
@@ -1857,6 +1878,9 @@ static int common_nonsnoop_hash(struct talitos_edesc
*edesc,
/* last DWORD empty */
desc->ptr[6] = zero_entry;
+ if (is_sec1 && from_talitos_ptr_len(&desc->ptr[3], true) == 0)
+ talitos_handle_buggy_hash(ctx, edesc, &desc->ptr[3]);
+
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
common_nonsnoop_hash_unmap(dev, edesc, areq);
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 11/17] crypto: talitos - adaptation of talitos_submit() for SEC1
SEC1 descriptor is a bit different to SEC2+ descriptor.
talitos_submit() will have to copy hdr field into hdr1 field and
send the descriptor starting at hdr1 up to next_desc.
For SEC2, it remains unchanged and next_desc is just ignored.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 23 +++
drivers/crypto/talitos.h | 2 ++
2 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 678b528..e6ea651 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -236,6 +236,7 @@ int talitos_submit(struct device *dev, int ch, struct
talitos_desc *desc,
struct talitos_request *request;
unsigned long flags;
int head;
+ bool is_sec1 = has_ftr_sec1(priv);
spin_lock_irqsave(&priv->chan[ch].head_lock, flags);
@@ -249,8 +250,17 @@ int talitos_submit(struct device *dev, int ch, struct
talitos_desc *desc,
request = &priv->chan[ch].fifo[head];
/* map descriptor and save caller data */
- request->dma_desc = dma_map_single(dev, desc, sizeof(*desc),
- DMA_BIDIRECTIONAL);
+ if (is_sec1) {
+ desc->hdr1 = desc->hdr;
+ desc->next_desc = 0;
+ request->dma_desc = dma_map_single(dev, &desc->hdr1,
+ TALITOS_DESC_SIZE,
+ DMA_BIDIRECTIONAL);
+ } else {
+ request->dma_desc = dma_map_single(dev, desc,
+ TALITOS_DESC_SIZE,
+ DMA_BIDIRECTIONAL);
+ }
request->callback = callback;
request->context = context;
@@ -282,16 +292,21 @@ static void flush_channel(struct device *dev, int ch, int
error, int reset_ch)
struct talitos_request *request, saved_req;
unsigned long flags;
int tail, status;
+ bool is_sec1 = has_ftr_sec1(priv);
spin_lock_irqsave(&priv->chan[ch].tail_lock, flags);
tail = priv->chan[ch].tail;
while (priv->chan[ch].fifo[tail].desc) {
+ __be32 hdr;
+
request = &priv->chan[ch].fifo[tail];
/* descriptors with their done bits set don't get the error */
rmb();
- if ((request->desc->hdr & DESC_HDR_DONE) == DESC_HDR_DONE)
+ hdr = is_sec1 ? request->desc->hdr1 : request->desc->hdr;
+
+ if ((hdr & DESC_HDR_DONE) == DESC_HDR_DONE)
status = 0;
else
if (!error)
@@ -300,7 +315,7 @@ static void flush_channel(struct device *dev, int ch, int
error, int reset_ch)
status = error;
dma_unmap_single(dev, request->dma_desc,
-sizeof(struct talitos_desc),
+TALITOS_DESC_SIZE,
DMA_BIDIRECTIONAL);
/* copy entries so we can call callback outside lock */
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index b0bdb4e..f827c04 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -69,6 +69,8 @@ struct talitos_desc {
__be32 next_desc; /* next descriptor (SEC1) */
};
+#define TALITOS_DESC_SIZE (sizeof(struct talitos_desc) - sizeof(__be32))
+
/**
* talitos_request - descriptor submission request
* @desc: descriptor pointer (kernel virtual)
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 13/17] crypto: talitos - adapt interrupts and reset functions to SEC1
This patch adapts the interrupts handling and reset function for
SEC1. On SEC1, registers are almost similar to SEC2+, but bits
are sometimes located at different places. So we need to define
TALITOS1 and TALITOS2 versions of some fields, and manage according
to whether it is SEC1 or SEC2.
On SEC1, only one interrupt vector is dedicated to the SEC, so only
interrupt_4ch is needed.
On SEC1, interrupts are enabled by clearing related bits in IMR,
while on SEC2, interrupts are enabled by seting the bits in IMR.
SEC1 also performs parity verification in the DES Unit. We have
to disable this feature because the test vectors provided in
the kernel have parity errors.
In reset functions, only SEC2 supports continuation after error.
For SEC1, we have to reset in all cases.
For errors handling, SEC2+ names have been kept, but displayed
text have been amended to reflect exact meaning on SEC1.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 227 +++
drivers/crypto/talitos.h | 39 +---
2 files changed, 199 insertions(+), 67 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 6d77699..1265405 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -124,12 +124,23 @@ static int reset_channel(struct device *dev, int ch)
{
struct talitos_private *priv = dev_get_drvdata(dev);
unsigned int timeout = TALITOS_TIMEOUT;
+ bool is_sec1 = has_ftr_sec1(priv);
- setbits32(priv->chan[ch].reg + TALITOS_CCCR, TALITOS_CCCR_RESET);
+ if (is_sec1) {
+ setbits32(priv->chan[ch].reg + TALITOS_CCCR_LO,
+ TALITOS1_CCCR_LO_RESET);
- while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) & TALITOS_CCCR_RESET)
- && --timeout)
- cpu_relax();
+ while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR_LO) &
+ TALITOS1_CCCR_LO_RESET) && --timeout)
+ cpu_relax();
+ } else {
+ setbits32(priv->chan[ch].reg + TALITOS_CCCR,
+ TALITOS2_CCCR_RESET);
+
+ while ((in_be32(priv->chan[ch].reg + TALITOS_CCCR) &
+ TALITOS2_CCCR_RESET) && --timeout)
+ cpu_relax();
+ }
if (timeout == 0) {
dev_err(dev, "failed to reset channel %d\n", ch);
@@ -152,11 +163,12 @@ static int reset_device(struct device *dev)
{
struct talitos_private *priv = dev_get_drvdata(dev);
unsigned int timeout = TALITOS_TIMEOUT;
- u32 mcr = TALITOS_MCR_SWR;
+ bool is_sec1 = has_ftr_sec1(priv);
+ u32 mcr = is_sec1 ? TALITOS1_MCR_SWR : TALITOS2_MCR_SWR;
setbits32(priv->reg + TALITOS_MCR, mcr);
- while ((in_be32(priv->reg + TALITOS_MCR) & TALITOS_MCR_SWR)
+ while ((in_be32(priv->reg + TALITOS_MCR) & mcr)
&& --timeout)
cpu_relax();
@@ -180,6 +192,7 @@ static int init_device(struct device *dev)
{
struct talitos_private *priv = dev_get_drvdata(dev);
int ch, err;
+ bool is_sec1 = has_ftr_sec1(priv);
/*
* Master reset
@@ -203,8 +216,15 @@ static int init_device(struct device *dev)
}
/* enable channel done and error interrupts */
- setbits32(priv->reg + TALITOS_IMR, TALITOS_IMR_INIT);
- setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT);
+ if (is_sec1) {
+ clrbits32(priv->reg + TALITOS_IMR, TALITOS1_IMR_INIT);
+ clrbits32(priv->reg + TALITOS_IMR_LO, TALITOS1_IMR_LO_INIT);
+ /* disable parity error check in DEU (erroneous? test vect.) */
+ setbits32(priv->reg_deu + TALITOS_EUICR, TALITOS1_DEUICR_KPE);
+ } else {
+ setbits32(priv->reg + TALITOS_IMR, TALITOS2_IMR_INIT);
+ setbits32(priv->reg + TALITOS_IMR_LO, TALITOS2_IMR_LO_INIT);
+ }
/* disable integrity check error interrupts (use writeback instead) */
if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
@@ -349,8 +369,37 @@ static void flush_channel(struct device *dev, int ch, int
error, int reset_ch)
/*
* process completed requests for channels that have done status
*/
-#define DEF_TALITOS_DONE(name, ch_done_mask) \
-static void talitos_done_##name(unsigned long data)\
+#define DEF_TALITOS1_DONE(name, ch_done_mask) \
+static void talitos1_done_##name(unsigned long data) \
+{ \
+ struct device *dev = (struct device *)data; \
+ struct talitos_private *priv = dev_get_drvdata(dev);\
+ unsigned long flags;
[PATCH v3 00/17] crypto: talitos - Add support for SEC1
The purpose of this set of patchs is to add to talitos crypto driver the support for the SEC1 version of the security engine, which is found in mpc885 and mpc8272 processors. v3 is a complete rework of the patchset. Since a kernel can be built with support for both MPC82xx and MPC83xx at the same time, talitos driver shall support both SEC1 and SEC2+ at the same time. Based on cryptodev-2.6 tree Christophe Leroy (17): crypto: talitos - Use zero entry to init descriptors ptrs to zero crypto: talitos - Refactor the sg in/out chain allocation crypto: talitos - talitos_ptr renamed ptr for more lisibility crypto: talitos - Add a helper function to clear j_extent field crypto: talitos - remove param 'extent' in map_single_talitos_ptr() crypto: talitos - helper function for ptr len crypto: talitos - enhanced talitos_desc struct for SEC1 crypto: talitos - add sub-choice in talitos CONFIG for SEC1 crypto: talitos - Add a feature to tag SEC1 crypto: talitos - fill in talitos descriptor iaw SEC1 or SEC2+ crypto: talitos - adaptation of talitos_submit() for SEC1 crypto: talitos - base address for Execution Units crypto: talitos - adapt interrupts and reset functions to SEC1 crypto: talitos - implement scatter/gather copy for SEC1 crypto: talitos - SEC1 bugs on 0 data hash crypto: talitos - Add fsl,sec1.0 compatible crypto: talitos - Update DT bindings with SEC1 .../devicetree/bindings/crypto/fsl-sec2.txt| 6 +- drivers/crypto/Kconfig | 18 + drivers/crypto/talitos.c | 727 +++-- drivers/crypto/talitos.h | 153 +++-- 4 files changed, 644 insertions(+), 260 deletions(-) -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 10/17] crypto: talitos - fill in talitos descriptor iaw SEC1 or SEC2+
talitos descriptor is slightly different for SEC1 and SEC2+, so
lets the helper function that fills the descriptor take into account
the type of SEC.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 105 ++-
1 file changed, 67 insertions(+), 38 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index db95023..678b528 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -55,25 +55,38 @@
#include "talitos.h"
-static void to_talitos_ptr(struct talitos_ptr *ptr, dma_addr_t dma_addr)
+static void to_talitos_ptr(struct talitos_ptr *ptr, dma_addr_t dma_addr,
+ bool is_sec1)
{
ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
- ptr->eptr = upper_32_bits(dma_addr);
+ if (!is_sec1)
+ ptr->eptr = upper_32_bits(dma_addr);
}
-static void to_talitos_ptr_len(struct talitos_ptr *ptr, unsigned short len)
+static void to_talitos_ptr_len(struct talitos_ptr *ptr, unsigned short len,
+ bool is_sec1)
{
- ptr->len = cpu_to_be16(len);
+ if (is_sec1) {
+ ptr->res = 0;
+ ptr->len1 = cpu_to_be16(len);
+ } else {
+ ptr->len = cpu_to_be16(len);
+ }
}
-static unsigned short from_talitos_ptr_len(struct talitos_ptr *ptr)
+static unsigned short from_talitos_ptr_len(struct talitos_ptr *ptr,
+ bool is_sec1)
{
- return be16_to_cpu(ptr->len);
+ if (is_sec1)
+ return be16_to_cpu(ptr->len1);
+ else
+ return be16_to_cpu(ptr->len);
}
-static void to_talitos_ptr_extent_clear(struct talitos_ptr *ptr)
+static void to_talitos_ptr_extent_clear(struct talitos_ptr *ptr, bool is_sec1)
{
- ptr->j_extent = 0;
+ if (!is_sec1)
+ ptr->j_extent = 0;
}
/*
@@ -85,10 +98,12 @@ static void map_single_talitos_ptr(struct device *dev,
enum dma_data_direction dir)
{
dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
+ struct talitos_private *priv = dev_get_drvdata(dev);
+ bool is_sec1 = has_ftr_sec1(priv);
- to_talitos_ptr_len(ptr, len);
- to_talitos_ptr(ptr, dma_addr);
- to_talitos_ptr_extent_clear(ptr);
+ to_talitos_ptr_len(ptr, len, is_sec1);
+ to_talitos_ptr(ptr, dma_addr, is_sec1);
+ to_talitos_ptr_extent_clear(ptr, is_sec1);
}
/*
@@ -98,8 +113,11 @@ static void unmap_single_talitos_ptr(struct device *dev,
struct talitos_ptr *ptr,
enum dma_data_direction dir)
{
+ struct talitos_private *priv = dev_get_drvdata(dev);
+ bool is_sec1 = has_ftr_sec1(priv);
+
dma_unmap_single(dev, be32_to_cpu(ptr->ptr),
-from_talitos_ptr_len(ptr), dir);
+from_talitos_ptr_len(ptr, is_sec1), dir);
}
static int reset_channel(struct device *dev, int ch)
@@ -922,7 +940,7 @@ static int sg_to_link_tbl(struct scatterlist *sg, int
sg_count,
int n_sg = sg_count;
while (n_sg--) {
- to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg));
+ to_talitos_ptr(link_tbl_ptr, sg_dma_address(sg), 0);
link_tbl_ptr->len = cpu_to_be16(sg_dma_len(sg));
link_tbl_ptr->j_extent = 0;
link_tbl_ptr++;
@@ -976,7 +994,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
struct talitos_ptr *tbl_ptr = &edesc->link_tbl[tbl_off];
to_talitos_ptr(&desc->ptr[1], edesc->dma_link_tbl + tbl_off *
- sizeof(struct talitos_ptr));
+ sizeof(struct talitos_ptr), 0);
desc->ptr[1].j_extent = DESC_PTR_LNKTBL_JUMP;
/* assoc_nents - 1 entries for assoc, 1 for IV */
@@ -987,7 +1005,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
tbl_ptr += sg_count - 1;
tbl_ptr->j_extent = 0;
tbl_ptr++;
- to_talitos_ptr(tbl_ptr, edesc->iv_dma);
+ to_talitos_ptr(tbl_ptr, edesc->iv_dma, 0);
tbl_ptr->len = cpu_to_be16(ivsize);
tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN;
@@ -996,14 +1014,14 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
} else {
if (areq->assoclen)
to_talitos_ptr(&desc->ptr[1],
- sg_dma_address(areq->assoc));
+ sg_dma_address(areq->assoc), 0);
else
- to_talitos_ptr(&desc->ptr[1], edesc->iv_dma)
[PATCH v3 05/17] crypto: talitos - remove param 'extent' in map_single_talitos_ptr()
map_single_talitos_ptr() is always called with extent == 0, so lets remove this
unused parameter
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 21 ++---
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index c93f79b..81e5636 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -72,14 +72,13 @@ static void to_talitos_ptr_extent_clear(struct talitos_ptr
*ptr)
static void map_single_talitos_ptr(struct device *dev,
struct talitos_ptr *ptr,
unsigned short len, void *data,
- unsigned char extent,
enum dma_data_direction dir)
{
dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
ptr->len = cpu_to_be16(len);
to_talitos_ptr(ptr, dma_addr);
- ptr->j_extent = extent;
+ to_talitos_ptr_extent_clear(ptr);
}
/*
@@ -958,7 +957,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
/* hmac key */
map_single_talitos_ptr(dev, &desc->ptr[0], ctx->authkeylen, &ctx->key,
- 0, DMA_TO_DEVICE);
+ DMA_TO_DEVICE);
/* hmac data */
desc->ptr[1].len = cpu_to_be16(areq->assoclen + ivsize);
@@ -1002,7 +1001,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
/* cipher key */
map_single_talitos_ptr(dev, &desc->ptr[3], ctx->enckeylen,
- (char *)&ctx->key + ctx->authkeylen, 0,
+ (char *)&ctx->key + ctx->authkeylen,
DMA_TO_DEVICE);
/*
@@ -1080,7 +1079,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
}
/* iv out */
- map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv, 0,
+ map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv,
DMA_FROM_DEVICE);
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
@@ -1453,7 +1452,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/* cipher key */
map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
- (char *)&ctx->key, 0, DMA_TO_DEVICE);
+ (char *)&ctx->key, DMA_TO_DEVICE);
/*
* cipher in
@@ -1470,7 +1469,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
&desc->ptr[4], sg_count);
/* iv out */
- map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv, 0,
+ map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv,
DMA_FROM_DEVICE);
/* last DWORD empty */
@@ -1595,7 +1594,7 @@ static int common_nonsnoop_hash(struct talitos_edesc
*edesc,
if (!req_ctx->first || req_ctx->swinit) {
map_single_talitos_ptr(dev, &desc->ptr[1],
req_ctx->hw_context_size,
- (char *)req_ctx->hw_context, 0,
+ (char *)req_ctx->hw_context,
DMA_TO_DEVICE);
req_ctx->swinit = 0;
} else {
@@ -1607,7 +1606,7 @@ static int common_nonsnoop_hash(struct talitos_edesc
*edesc,
/* HMAC key */
if (ctx->keylen)
map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
- (char *)&ctx->key, 0, DMA_TO_DEVICE);
+ (char *)&ctx->key, DMA_TO_DEVICE);
else
desc->ptr[2] = zero_entry;
@@ -1624,11 +1623,11 @@ static int common_nonsnoop_hash(struct talitos_edesc
*edesc,
if (req_ctx->last)
map_single_talitos_ptr(dev, &desc->ptr[5],
crypto_ahash_digestsize(tfm),
- areq->result, 0, DMA_FROM_DEVICE);
+ areq->result, DMA_FROM_DEVICE);
else
map_single_talitos_ptr(dev, &desc->ptr[5],
req_ctx->hw_context_size,
- req_ctx->hw_context, 0, DMA_FROM_DEVICE);
+ req_ctx->hw_context, DMA_FROM_DEVICE);
/* last DWORD empty */
desc->ptr[6] = zero_entry;
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 06/17] crypto: talitos - helper function for ptr len
This patch adds a helper function for reads and writes of the len
param of the talitos descriptor. This will help implement
SEC1 later.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 24 +---
1 file changed, 17 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 81e5636..bca6ded 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -61,6 +61,16 @@ static void to_talitos_ptr(struct talitos_ptr *ptr,
dma_addr_t dma_addr)
ptr->eptr = upper_32_bits(dma_addr);
}
+static void to_talitos_ptr_len(struct talitos_ptr *ptr, unsigned short len)
+{
+ ptr->len = cpu_to_be16(len);
+}
+
+static unsigned short from_talitos_ptr_len(struct talitos_ptr *ptr)
+{
+ return be16_to_cpu(ptr->len);
+}
+
static void to_talitos_ptr_extent_clear(struct talitos_ptr *ptr)
{
ptr->j_extent = 0;
@@ -76,7 +86,7 @@ static void map_single_talitos_ptr(struct device *dev,
{
dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
- ptr->len = cpu_to_be16(len);
+ to_talitos_ptr_len(ptr, len);
to_talitos_ptr(ptr, dma_addr);
to_talitos_ptr_extent_clear(ptr);
}
@@ -89,7 +99,7 @@ static void unmap_single_talitos_ptr(struct device *dev,
enum dma_data_direction dir)
{
dma_unmap_single(dev, be32_to_cpu(ptr->ptr),
-be16_to_cpu(ptr->len), dir);
+from_talitos_ptr_len(ptr), dir);
}
static int reset_channel(struct device *dev, int ch)
@@ -1375,7 +1385,7 @@ int map_sg_in_talitos_ptr(struct device *dev, struct
scatterlist *src,
{
int sg_count;
- ptr->len = cpu_to_be16(len);
+ to_talitos_ptr_len(ptr, len);
to_talitos_ptr_extent_clear(ptr);
sg_count = talitos_map_sg(dev, src, edesc->src_nents ? : 1, dir,
@@ -1405,7 +1415,7 @@ void map_sg_out_talitos_ptr(struct device *dev, struct
scatterlist *dst,
enum dma_data_direction dir,
struct talitos_ptr *ptr, int sg_count)
{
- ptr->len = cpu_to_be16(len);
+ to_talitos_ptr_len(ptr, len);
to_talitos_ptr_extent_clear(ptr);
if (dir != DMA_NONE)
@@ -1447,7 +1457,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
- desc->ptr[1].len = cpu_to_be16(ivsize);
+ to_talitos_ptr_len(&desc->ptr[1], ivsize);
to_talitos_ptr_extent_clear(&desc->ptr[1]);
/* cipher key */
@@ -1539,11 +1549,11 @@ static void common_nonsnoop_hash_unmap(struct device
*dev,
unmap_sg_talitos_ptr(dev, req_ctx->psrc, NULL, 0, edesc);
/* When using hashctx-in, must unmap it. */
- if (edesc->desc.ptr[1].len)
+ if (from_talitos_ptr_len(&edesc->desc.ptr[1]))
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1],
DMA_TO_DEVICE);
- if (edesc->desc.ptr[2].len)
+ if (from_talitos_ptr_len(&edesc->desc.ptr[2]))
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2],
DMA_TO_DEVICE);
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 01/17] crypto: talitos - Use zero entry to init descriptors ptrs to zero
Do use zero_entry value to init the descriptors ptrs to zero instead of
writing 0 in each field
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 857414a..7bf1b2b 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1373,9 +1373,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
int sg_count, ret;
/* first DWORD empty */
- desc->ptr[0].len = 0;
- to_talitos_ptr(&desc->ptr[0], 0);
- desc->ptr[0].j_extent = 0;
+ desc->ptr[0] = zero_entry;
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
@@ -1445,9 +1443,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
DMA_FROM_DEVICE);
/* last DWORD empty */
- desc->ptr[6].len = 0;
- to_talitos_ptr(&desc->ptr[6], 0);
- desc->ptr[6].j_extent = 0;
+ desc->ptr[6] = zero_entry;
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 02/17] crypto: talitos - Refactor the sg in/out chain allocation
This patch refactors the handling of the input and output data that is quite
similar in several functions
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 159 ---
1 file changed, 81 insertions(+), 78 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 7bf1b2b..5a7e345 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1327,16 +1327,23 @@ static int ablkcipher_setkey(struct crypto_ablkcipher
*cipher,
return 0;
}
+static void unmap_sg_talitos_ptr(struct device *dev, struct scatterlist *src,
+struct scatterlist *dst, unsigned int len,
+struct talitos_edesc *edesc)
+{
+ talitos_sg_unmap(dev, edesc, src, dst);
+}
+
static void common_nonsnoop_unmap(struct device *dev,
struct talitos_edesc *edesc,
struct ablkcipher_request *areq)
{
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
+
+ unmap_sg_talitos_ptr(dev, areq->src, areq->dst, areq->nbytes, edesc);
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE);
- talitos_sg_unmap(dev, edesc, areq->src, areq->dst);
-
if (edesc->dma_len)
dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
DMA_BIDIRECTIONAL);
@@ -1358,6 +1365,65 @@ static void ablkcipher_done(struct device *dev,
areq->base.complete(&areq->base, err);
}
+int map_sg_in_talitos_ptr(struct device *dev, struct scatterlist *src,
+ unsigned int len, struct talitos_edesc *edesc,
+ enum dma_data_direction dir, struct talitos_ptr *ptr)
+{
+ int sg_count;
+
+ ptr->len = cpu_to_be16(len);
+ ptr->j_extent = 0;
+
+ sg_count = talitos_map_sg(dev, src, edesc->src_nents ? : 1, dir,
+ edesc->src_chained);
+
+ if (sg_count == 1) {
+ to_talitos_ptr(ptr, sg_dma_address(src));
+ } else {
+ sg_count = sg_to_link_tbl(src, sg_count, len,
+ &edesc->link_tbl[0]);
+ if (sg_count > 1) {
+ to_talitos_ptr(ptr, edesc->dma_link_tbl);
+ ptr->j_extent |= DESC_PTR_LNKTBL_JUMP;
+ dma_sync_single_for_device(dev, edesc->dma_link_tbl,
+ edesc->dma_len,
+ DMA_BIDIRECTIONAL);
+ } else {
+ /* Only one segment now, so no link tbl needed */
+ to_talitos_ptr(ptr, sg_dma_address(src));
+ }
+ }
+ return sg_count;
+}
+
+void map_sg_out_talitos_ptr(struct device *dev, struct scatterlist *dst,
+ unsigned int len, struct talitos_edesc *edesc,
+ enum dma_data_direction dir,
+ struct talitos_ptr *ptr, int sg_count)
+{
+ ptr->len = cpu_to_be16(len);
+ ptr->j_extent = 0;
+
+ if (dir != DMA_NONE)
+ sg_count = talitos_map_sg(dev, dst, edesc->dst_nents ? : 1,
+ dir, edesc->dst_chained);
+
+ if (sg_count == 1) {
+ to_talitos_ptr(ptr, sg_dma_address(dst));
+ } else {
+ struct talitos_ptr *link_tbl_ptr =
+ &edesc->link_tbl[edesc->src_nents + 1];
+
+ to_talitos_ptr(ptr, edesc->dma_link_tbl +
+ (edesc->src_nents + 1) *
+ sizeof(struct talitos_ptr));
+ ptr->j_extent |= DESC_PTR_LNKTBL_JUMP;
+ sg_count = sg_to_link_tbl(dst, sg_count, len, link_tbl_ptr);
+ dma_sync_single_for_device(dev, edesc->dma_link_tbl,
+ edesc->dma_len, DMA_BIDIRECTIONAL);
+ }
+}
+
static int common_nonsnoop(struct talitos_edesc *edesc,
struct ablkcipher_request *areq,
void (*callback) (struct device *dev,
@@ -1387,56 +1453,16 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/*
* cipher in
*/
- desc->ptr[3].len = cpu_to_be16(cryptlen);
- desc->ptr[3].j_extent = 0;
-
- sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1,
- (areq->src == areq->dst) ? DMA_BIDIRECTIONAL
- : DMA_TO_DEVICE,
- edesc->src_chained);
[PATCH v3 07/17] crypto: talitos - enhanced talitos_desc struct for SEC1
This patch enhances the talitos_desc struct with fields for SEC1.
SEC1 has only one header field, and has a 'next_desc' field in
addition.
This mixed descriptor will continue to fit SEC2, and for SEC1
we will recopy hdr value into hdr1 value in talitos_submit()
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.h | 20
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index 61a1405..f078da1 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -37,9 +37,17 @@
/* descriptor pointer entry */
struct talitos_ptr {
- __be16 len; /* length */
- u8 j_extent;/* jump to sg link table and/or extent */
- u8 eptr;/* extended address */
+ union {
+ struct {/* SEC2 format */
+ __be16 len; /* length */
+ u8 j_extent;/* jump to sg link table and/or extent*/
+ u8 eptr;/* extended address */
+ };
+ struct {/* SEC1 format */
+ __be16 res;
+ __be16 len1;/* length */
+ };
+ };
__be32 ptr; /* address */
};
@@ -53,8 +61,12 @@ static const struct talitos_ptr zero_entry = {
/* descriptor */
struct talitos_desc {
__be32 hdr; /* header high bits */
- __be32 hdr_lo; /* header low bits */
+ union {
+ __be32 hdr_lo; /* header low bits */
+ __be32 hdr1;/* header for SEC1 */
+ };
struct talitos_ptr ptr[7]; /* ptr/len pair array */
+ __be32 next_desc; /* next descriptor (SEC1) */
};
/**
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 03/17] crypto: talitos - talitos_ptr renamed ptr for more lisibility
Linux CodyingStyle recommends to use short variables for local
variables. ptr is just good enough for those 3 lines functions.
It helps keep single lines shorter than 80 characters.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 5a7e345..fca0aed 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -55,37 +55,37 @@
#include "talitos.h"
-static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t
dma_addr)
+static void to_talitos_ptr(struct talitos_ptr *ptr, dma_addr_t dma_addr)
{
- talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
- talitos_ptr->eptr = upper_32_bits(dma_addr);
+ ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
+ ptr->eptr = upper_32_bits(dma_addr);
}
/*
* map virtual single (contiguous) pointer to h/w descriptor pointer
*/
static void map_single_talitos_ptr(struct device *dev,
- struct talitos_ptr *talitos_ptr,
+ struct talitos_ptr *ptr,
unsigned short len, void *data,
unsigned char extent,
enum dma_data_direction dir)
{
dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
- talitos_ptr->len = cpu_to_be16(len);
- to_talitos_ptr(talitos_ptr, dma_addr);
- talitos_ptr->j_extent = extent;
+ ptr->len = cpu_to_be16(len);
+ to_talitos_ptr(ptr, dma_addr);
+ ptr->j_extent = extent;
}
/*
* unmap bus single (contiguous) h/w descriptor pointer
*/
static void unmap_single_talitos_ptr(struct device *dev,
-struct talitos_ptr *talitos_ptr,
+struct talitos_ptr *ptr,
enum dma_data_direction dir)
{
- dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr),
-be16_to_cpu(talitos_ptr->len), dir);
+ dma_unmap_single(dev, be32_to_cpu(ptr->ptr),
+be16_to_cpu(ptr->len), dir);
}
static int reset_channel(struct device *dev, int ch)
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 05/17] crypto: talitos - remove param 'extent' in map_single_talitos_ptr()
map_single_talitos_ptr() is always called with extent == 0, so lets remove this
unused parameter
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 21 ++---
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index c93f79b..81e5636 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -72,14 +72,13 @@ static void to_talitos_ptr_extent_clear(struct talitos_ptr
*ptr)
static void map_single_talitos_ptr(struct device *dev,
struct talitos_ptr *ptr,
unsigned short len, void *data,
- unsigned char extent,
enum dma_data_direction dir)
{
dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
ptr->len = cpu_to_be16(len);
to_talitos_ptr(ptr, dma_addr);
- ptr->j_extent = extent;
+ to_talitos_ptr_extent_clear(ptr);
}
/*
@@ -958,7 +957,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
/* hmac key */
map_single_talitos_ptr(dev, &desc->ptr[0], ctx->authkeylen, &ctx->key,
- 0, DMA_TO_DEVICE);
+ DMA_TO_DEVICE);
/* hmac data */
desc->ptr[1].len = cpu_to_be16(areq->assoclen + ivsize);
@@ -1002,7 +1001,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
/* cipher key */
map_single_talitos_ptr(dev, &desc->ptr[3], ctx->enckeylen,
- (char *)&ctx->key + ctx->authkeylen, 0,
+ (char *)&ctx->key + ctx->authkeylen,
DMA_TO_DEVICE);
/*
@@ -1080,7 +1079,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
}
/* iv out */
- map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv, 0,
+ map_single_talitos_ptr(dev, &desc->ptr[6], ivsize, ctx->iv,
DMA_FROM_DEVICE);
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
@@ -1453,7 +1452,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/* cipher key */
map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
- (char *)&ctx->key, 0, DMA_TO_DEVICE);
+ (char *)&ctx->key, DMA_TO_DEVICE);
/*
* cipher in
@@ -1470,7 +1469,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
&desc->ptr[4], sg_count);
/* iv out */
- map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv, 0,
+ map_single_talitos_ptr(dev, &desc->ptr[5], ivsize, ctx->iv,
DMA_FROM_DEVICE);
/* last DWORD empty */
@@ -1595,7 +1594,7 @@ static int common_nonsnoop_hash(struct talitos_edesc
*edesc,
if (!req_ctx->first || req_ctx->swinit) {
map_single_talitos_ptr(dev, &desc->ptr[1],
req_ctx->hw_context_size,
- (char *)req_ctx->hw_context, 0,
+ (char *)req_ctx->hw_context,
DMA_TO_DEVICE);
req_ctx->swinit = 0;
} else {
@@ -1607,7 +1606,7 @@ static int common_nonsnoop_hash(struct talitos_edesc
*edesc,
/* HMAC key */
if (ctx->keylen)
map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
- (char *)&ctx->key, 0, DMA_TO_DEVICE);
+ (char *)&ctx->key, DMA_TO_DEVICE);
else
desc->ptr[2] = zero_entry;
@@ -1624,11 +1623,11 @@ static int common_nonsnoop_hash(struct talitos_edesc
*edesc,
if (req_ctx->last)
map_single_talitos_ptr(dev, &desc->ptr[5],
crypto_ahash_digestsize(tfm),
- areq->result, 0, DMA_FROM_DEVICE);
+ areq->result, DMA_FROM_DEVICE);
else
map_single_talitos_ptr(dev, &desc->ptr[5],
req_ctx->hw_context_size,
- req_ctx->hw_context, 0, DMA_FROM_DEVICE);
+ req_ctx->hw_context, DMA_FROM_DEVICE);
/* last DWORD empty */
desc->ptr[6] = zero_entry;
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 06/17] crypto: talitos - helper function for ptr len
This patch adds a helper function for reads and writes of the len
param of the talitos descriptor. This will help implement
SEC1 later.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 24 +---
1 file changed, 17 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 81e5636..bca6ded 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -61,6 +61,16 @@ static void to_talitos_ptr(struct talitos_ptr *ptr,
dma_addr_t dma_addr)
ptr->eptr = upper_32_bits(dma_addr);
}
+static void to_talitos_ptr_len(struct talitos_ptr *ptr, unsigned short len)
+{
+ ptr->len = cpu_to_be16(len);
+}
+
+static unsigned short from_talitos_ptr_len(struct talitos_ptr *ptr)
+{
+ return be16_to_cpu(ptr->len);
+}
+
static void to_talitos_ptr_extent_clear(struct talitos_ptr *ptr)
{
ptr->j_extent = 0;
@@ -76,7 +86,7 @@ static void map_single_talitos_ptr(struct device *dev,
{
dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
- ptr->len = cpu_to_be16(len);
+ to_talitos_ptr_len(ptr, len);
to_talitos_ptr(ptr, dma_addr);
to_talitos_ptr_extent_clear(ptr);
}
@@ -89,7 +99,7 @@ static void unmap_single_talitos_ptr(struct device *dev,
enum dma_data_direction dir)
{
dma_unmap_single(dev, be32_to_cpu(ptr->ptr),
-be16_to_cpu(ptr->len), dir);
+from_talitos_ptr_len(ptr), dir);
}
static int reset_channel(struct device *dev, int ch)
@@ -1375,7 +1385,7 @@ int map_sg_in_talitos_ptr(struct device *dev, struct
scatterlist *src,
{
int sg_count;
- ptr->len = cpu_to_be16(len);
+ to_talitos_ptr_len(ptr, len);
to_talitos_ptr_extent_clear(ptr);
sg_count = talitos_map_sg(dev, src, edesc->src_nents ? : 1, dir,
@@ -1405,7 +1415,7 @@ void map_sg_out_talitos_ptr(struct device *dev, struct
scatterlist *dst,
enum dma_data_direction dir,
struct talitos_ptr *ptr, int sg_count)
{
- ptr->len = cpu_to_be16(len);
+ to_talitos_ptr_len(ptr, len);
to_talitos_ptr_extent_clear(ptr);
if (dir != DMA_NONE)
@@ -1447,7 +1457,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
- desc->ptr[1].len = cpu_to_be16(ivsize);
+ to_talitos_ptr_len(&desc->ptr[1], ivsize);
to_talitos_ptr_extent_clear(&desc->ptr[1]);
/* cipher key */
@@ -1539,11 +1549,11 @@ static void common_nonsnoop_hash_unmap(struct device
*dev,
unmap_sg_talitos_ptr(dev, req_ctx->psrc, NULL, 0, edesc);
/* When using hashctx-in, must unmap it. */
- if (edesc->desc.ptr[1].len)
+ if (from_talitos_ptr_len(&edesc->desc.ptr[1]))
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1],
DMA_TO_DEVICE);
- if (edesc->desc.ptr[2].len)
+ if (from_talitos_ptr_len(&edesc->desc.ptr[2]))
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2],
DMA_TO_DEVICE);
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 03/17] crypto: talitos - talitos_ptr renamed ptr for more lisibility
Linux CodyingStyle recommends to use short variables for local
variables. ptr is just good enough for those 3 lines functions.
It helps keep single lines shorter than 80 characters.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 5a7e345..fca0aed 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -55,37 +55,37 @@
#include "talitos.h"
-static void to_talitos_ptr(struct talitos_ptr *talitos_ptr, dma_addr_t
dma_addr)
+static void to_talitos_ptr(struct talitos_ptr *ptr, dma_addr_t dma_addr)
{
- talitos_ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
- talitos_ptr->eptr = upper_32_bits(dma_addr);
+ ptr->ptr = cpu_to_be32(lower_32_bits(dma_addr));
+ ptr->eptr = upper_32_bits(dma_addr);
}
/*
* map virtual single (contiguous) pointer to h/w descriptor pointer
*/
static void map_single_talitos_ptr(struct device *dev,
- struct talitos_ptr *talitos_ptr,
+ struct talitos_ptr *ptr,
unsigned short len, void *data,
unsigned char extent,
enum dma_data_direction dir)
{
dma_addr_t dma_addr = dma_map_single(dev, data, len, dir);
- talitos_ptr->len = cpu_to_be16(len);
- to_talitos_ptr(talitos_ptr, dma_addr);
- talitos_ptr->j_extent = extent;
+ ptr->len = cpu_to_be16(len);
+ to_talitos_ptr(ptr, dma_addr);
+ ptr->j_extent = extent;
}
/*
* unmap bus single (contiguous) h/w descriptor pointer
*/
static void unmap_single_talitos_ptr(struct device *dev,
-struct talitos_ptr *talitos_ptr,
+struct talitos_ptr *ptr,
enum dma_data_direction dir)
{
- dma_unmap_single(dev, be32_to_cpu(talitos_ptr->ptr),
-be16_to_cpu(talitos_ptr->len), dir);
+ dma_unmap_single(dev, be32_to_cpu(ptr->ptr),
+be16_to_cpu(ptr->len), dir);
}
static int reset_channel(struct device *dev, int ch)
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 04/17] crypto: talitos - Add a helper function to clear j_extent field
j_extent field is specific to SEC2 so we add a helper function to clear it
so that SEC1 can redefine that function as nop
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 11 ---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index fca0aed..c93f79b 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -61,6 +61,11 @@ static void to_talitos_ptr(struct talitos_ptr *ptr,
dma_addr_t dma_addr)
ptr->eptr = upper_32_bits(dma_addr);
}
+static void to_talitos_ptr_extent_clear(struct talitos_ptr *ptr)
+{
+ ptr->j_extent = 0;
+}
+
/*
* map virtual single (contiguous) pointer to h/w descriptor pointer
*/
@@ -1372,7 +1377,7 @@ int map_sg_in_talitos_ptr(struct device *dev, struct
scatterlist *src,
int sg_count;
ptr->len = cpu_to_be16(len);
- ptr->j_extent = 0;
+ to_talitos_ptr_extent_clear(ptr);
sg_count = talitos_map_sg(dev, src, edesc->src_nents ? : 1, dir,
edesc->src_chained);
@@ -1402,7 +1407,7 @@ void map_sg_out_talitos_ptr(struct device *dev, struct
scatterlist *dst,
struct talitos_ptr *ptr, int sg_count)
{
ptr->len = cpu_to_be16(len);
- ptr->j_extent = 0;
+ to_talitos_ptr_extent_clear(ptr);
if (dir != DMA_NONE)
sg_count = talitos_map_sg(dev, dst, edesc->dst_nents ? : 1,
@@ -1444,7 +1449,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
desc->ptr[1].len = cpu_to_be16(ivsize);
- desc->ptr[1].j_extent = 0;
+ to_talitos_ptr_extent_clear(&desc->ptr[1]);
/* cipher key */
map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 04/17] crypto: talitos - Add a helper function to clear j_extent field
j_extent field is specific to SEC2 so we add a helper function to clear it
so that SEC1 can redefine that function as nop
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 11 ---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index fca0aed..c93f79b 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -61,6 +61,11 @@ static void to_talitos_ptr(struct talitos_ptr *ptr,
dma_addr_t dma_addr)
ptr->eptr = upper_32_bits(dma_addr);
}
+static void to_talitos_ptr_extent_clear(struct talitos_ptr *ptr)
+{
+ ptr->j_extent = 0;
+}
+
/*
* map virtual single (contiguous) pointer to h/w descriptor pointer
*/
@@ -1372,7 +1377,7 @@ int map_sg_in_talitos_ptr(struct device *dev, struct
scatterlist *src,
int sg_count;
ptr->len = cpu_to_be16(len);
- ptr->j_extent = 0;
+ to_talitos_ptr_extent_clear(ptr);
sg_count = talitos_map_sg(dev, src, edesc->src_nents ? : 1, dir,
edesc->src_chained);
@@ -1402,7 +1407,7 @@ void map_sg_out_talitos_ptr(struct device *dev, struct
scatterlist *dst,
struct talitos_ptr *ptr, int sg_count)
{
ptr->len = cpu_to_be16(len);
- ptr->j_extent = 0;
+ to_talitos_ptr_extent_clear(ptr);
if (dir != DMA_NONE)
sg_count = talitos_map_sg(dev, dst, edesc->dst_nents ? : 1,
@@ -1444,7 +1449,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
desc->ptr[1].len = cpu_to_be16(ivsize);
- desc->ptr[1].j_extent = 0;
+ to_talitos_ptr_extent_clear(&desc->ptr[1]);
/* cipher key */
map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 12/17] crypto: talitos - base address for Execution Units
SEC 1.0, 1.2 and 2.x+ have different EU base addresses, so we need to
define pointers for each EU in the driver private data structure.
The proper address is set by the probe function depending on the
SEC type, in order to provide access to the proper address.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 83
drivers/crypto/talitos.h | 72 +
2 files changed, 100 insertions(+), 55 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index e6ea651..6d77699 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -208,7 +208,7 @@ static int init_device(struct device *dev)
/* disable integrity check error interrupts (use writeback instead) */
if (priv->features & TALITOS_FTR_HW_AUTH_CHECK)
- setbits32(priv->reg + TALITOS_MDEUICR_LO,
+ setbits32(priv->reg_mdeu + TALITOS_EUICR_LO,
TALITOS_MDEUICR_LO_ICE);
return 0;
@@ -424,44 +424,44 @@ static void report_eu_error(struct device *dev, int ch,
u32 desc_hdr)
switch (desc_hdr & DESC_HDR_SEL0_MASK) {
case DESC_HDR_SEL0_AFEU:
dev_err(dev, "AFEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_AFEUISR),
- in_be32(priv->reg + TALITOS_AFEUISR_LO));
+ in_be32(priv->reg_afeu + TALITOS_EUISR),
+ in_be32(priv->reg_afeu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_DEU:
dev_err(dev, "DEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_DEUISR),
- in_be32(priv->reg + TALITOS_DEUISR_LO));
+ in_be32(priv->reg_deu + TALITOS_EUISR),
+ in_be32(priv->reg_deu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_MDEUA:
case DESC_HDR_SEL0_MDEUB:
dev_err(dev, "MDEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_MDEUISR),
- in_be32(priv->reg + TALITOS_MDEUISR_LO));
+ in_be32(priv->reg_mdeu + TALITOS_EUISR),
+ in_be32(priv->reg_mdeu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_RNG:
dev_err(dev, "RNGUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_RNGUISR),
- in_be32(priv->reg + TALITOS_RNGUISR_LO));
+ in_be32(priv->reg_rngu + TALITOS_ISR),
+ in_be32(priv->reg_rngu + TALITOS_ISR_LO));
break;
case DESC_HDR_SEL0_PKEU:
dev_err(dev, "PKEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_PKEUISR),
- in_be32(priv->reg + TALITOS_PKEUISR_LO));
+ in_be32(priv->reg_pkeu + TALITOS_EUISR),
+ in_be32(priv->reg_pkeu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_AESU:
dev_err(dev, "AESUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_AESUISR),
- in_be32(priv->reg + TALITOS_AESUISR_LO));
+ in_be32(priv->reg_aesu + TALITOS_EUISR),
+ in_be32(priv->reg_aesu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_CRCU:
dev_err(dev, "CRCUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_CRCUISR),
- in_be32(priv->reg + TALITOS_CRCUISR_LO));
+ in_be32(priv->reg_crcu + TALITOS_EUISR),
+ in_be32(priv->reg_crcu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL0_KEU:
dev_err(dev, "KEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_KEUISR),
- in_be32(priv->reg + TALITOS_KEUISR_LO));
+ in_be32(priv->reg_pkeu + TALITOS_EUISR),
+ in_be32(priv->reg_pkeu + TALITOS_EUISR_LO));
break;
}
@@ -469,13 +469,13 @@ static void report_eu_error(struct device *dev, int ch,
u32 desc_hdr)
case DESC_HDR_SEL1_MDEUA:
case DESC_HDR_SEL1_MDEUB:
dev_err(dev, "MDEUISR 0x%08x_%08x\n",
- in_be32(priv->reg + TALITOS_MDEUISR),
- in_be32(priv->reg + TALITOS_MDEUISR_LO));
+ in_be32(priv->reg_mdeu + TALITOS_EUISR),
+ in_be32(priv->reg_mdeu + TALITOS_EUISR_LO));
break;
case DESC_HDR_SEL1_CRCU:
dev_err(dev,
[PATCH v3 01/17] crypto: talitos - Use zero entry to init descriptors ptrs to zero
Do use zero_entry value to init the descriptors ptrs to zero instead of
writing 0 in each field
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 857414a..7bf1b2b 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1373,9 +1373,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
int sg_count, ret;
/* first DWORD empty */
- desc->ptr[0].len = 0;
- to_talitos_ptr(&desc->ptr[0], 0);
- desc->ptr[0].j_extent = 0;
+ desc->ptr[0] = zero_entry;
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma);
@@ -1445,9 +1443,7 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
DMA_FROM_DEVICE);
/* last DWORD empty */
- desc->ptr[6].len = 0;
- to_talitos_ptr(&desc->ptr[6], 0);
- desc->ptr[6].j_extent = 0;
+ desc->ptr[6] = zero_entry;
ret = talitos_submit(dev, ctx->ch, desc, callback, areq);
if (ret != -EINPROGRESS) {
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3 02/17] crypto: talitos - Refactor the sg in/out chain allocation
This patch refactors the handling of the input and output data that is quite
similar in several functions
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 159 ---
1 file changed, 81 insertions(+), 78 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 7bf1b2b..5a7e345 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1327,16 +1327,23 @@ static int ablkcipher_setkey(struct crypto_ablkcipher
*cipher,
return 0;
}
+static void unmap_sg_talitos_ptr(struct device *dev, struct scatterlist *src,
+struct scatterlist *dst, unsigned int len,
+struct talitos_edesc *edesc)
+{
+ talitos_sg_unmap(dev, edesc, src, dst);
+}
+
static void common_nonsnoop_unmap(struct device *dev,
struct talitos_edesc *edesc,
struct ablkcipher_request *areq)
{
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[5], DMA_FROM_DEVICE);
+
+ unmap_sg_talitos_ptr(dev, areq->src, areq->dst, areq->nbytes, edesc);
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[2], DMA_TO_DEVICE);
unmap_single_talitos_ptr(dev, &edesc->desc.ptr[1], DMA_TO_DEVICE);
- talitos_sg_unmap(dev, edesc, areq->src, areq->dst);
-
if (edesc->dma_len)
dma_unmap_single(dev, edesc->dma_link_tbl, edesc->dma_len,
DMA_BIDIRECTIONAL);
@@ -1358,6 +1365,65 @@ static void ablkcipher_done(struct device *dev,
areq->base.complete(&areq->base, err);
}
+int map_sg_in_talitos_ptr(struct device *dev, struct scatterlist *src,
+ unsigned int len, struct talitos_edesc *edesc,
+ enum dma_data_direction dir, struct talitos_ptr *ptr)
+{
+ int sg_count;
+
+ ptr->len = cpu_to_be16(len);
+ ptr->j_extent = 0;
+
+ sg_count = talitos_map_sg(dev, src, edesc->src_nents ? : 1, dir,
+ edesc->src_chained);
+
+ if (sg_count == 1) {
+ to_talitos_ptr(ptr, sg_dma_address(src));
+ } else {
+ sg_count = sg_to_link_tbl(src, sg_count, len,
+ &edesc->link_tbl[0]);
+ if (sg_count > 1) {
+ to_talitos_ptr(ptr, edesc->dma_link_tbl);
+ ptr->j_extent |= DESC_PTR_LNKTBL_JUMP;
+ dma_sync_single_for_device(dev, edesc->dma_link_tbl,
+ edesc->dma_len,
+ DMA_BIDIRECTIONAL);
+ } else {
+ /* Only one segment now, so no link tbl needed */
+ to_talitos_ptr(ptr, sg_dma_address(src));
+ }
+ }
+ return sg_count;
+}
+
+void map_sg_out_talitos_ptr(struct device *dev, struct scatterlist *dst,
+ unsigned int len, struct talitos_edesc *edesc,
+ enum dma_data_direction dir,
+ struct talitos_ptr *ptr, int sg_count)
+{
+ ptr->len = cpu_to_be16(len);
+ ptr->j_extent = 0;
+
+ if (dir != DMA_NONE)
+ sg_count = talitos_map_sg(dev, dst, edesc->dst_nents ? : 1,
+ dir, edesc->dst_chained);
+
+ if (sg_count == 1) {
+ to_talitos_ptr(ptr, sg_dma_address(dst));
+ } else {
+ struct talitos_ptr *link_tbl_ptr =
+ &edesc->link_tbl[edesc->src_nents + 1];
+
+ to_talitos_ptr(ptr, edesc->dma_link_tbl +
+ (edesc->src_nents + 1) *
+ sizeof(struct talitos_ptr));
+ ptr->j_extent |= DESC_PTR_LNKTBL_JUMP;
+ sg_count = sg_to_link_tbl(dst, sg_count, len, link_tbl_ptr);
+ dma_sync_single_for_device(dev, edesc->dma_link_tbl,
+ edesc->dma_len, DMA_BIDIRECTIONAL);
+ }
+}
+
static int common_nonsnoop(struct talitos_edesc *edesc,
struct ablkcipher_request *areq,
void (*callback) (struct device *dev,
@@ -1387,56 +1453,16 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
/*
* cipher in
*/
- desc->ptr[3].len = cpu_to_be16(cryptlen);
- desc->ptr[3].j_extent = 0;
-
- sg_count = talitos_map_sg(dev, areq->src, edesc->src_nents ? : 1,
- (areq->src == areq->dst) ? DMA_BIDIRECTIONAL
- : DMA_TO_DEVICE,
- edesc->src_chained);
[PATCH v3 07/17] crypto: talitos - enhanced talitos_desc struct for SEC1
This patch enhances the talitos_desc struct with fields for SEC1.
SEC1 has only one header field, and has a 'next_desc' field in
addition.
This mixed descriptor will continue to fit SEC2, and for SEC1
we will recopy hdr value into hdr1 value in talitos_submit()
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.h | 20
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/talitos.h b/drivers/crypto/talitos.h
index 61a1405..f078da1 100644
--- a/drivers/crypto/talitos.h
+++ b/drivers/crypto/talitos.h
@@ -37,9 +37,17 @@
/* descriptor pointer entry */
struct talitos_ptr {
- __be16 len; /* length */
- u8 j_extent;/* jump to sg link table and/or extent */
- u8 eptr;/* extended address */
+ union {
+ struct {/* SEC2 format */
+ __be16 len; /* length */
+ u8 j_extent;/* jump to sg link table and/or extent*/
+ u8 eptr;/* extended address */
+ };
+ struct {/* SEC1 format */
+ __be16 res;
+ __be16 len1;/* length */
+ };
+ };
__be32 ptr; /* address */
};
@@ -53,8 +61,12 @@ static const struct talitos_ptr zero_entry = {
/* descriptor */
struct talitos_desc {
__be32 hdr; /* header high bits */
- __be32 hdr_lo; /* header low bits */
+ union {
+ __be32 hdr_lo; /* header low bits */
+ __be32 hdr1;/* header for SEC1 */
+ };
struct talitos_ptr ptr[7]; /* ptr/len pair array */
+ __be32 next_desc; /* next descriptor (SEC1) */
};
/**
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2] splice: sendfile() at once fails for big files
Using sendfile with below small program to get MD5 sums of some files,
it appear that big files (over 64kbytes with 4k pages system) get a
wrong MD5 sum while small files get the correct sum.
This program uses sendfile() to send a file to an AF_ALG socket
for hashing.
/* md5sum2.c */
#include
#include
#include
#include
#include
#include
#include
#include
#include
int main(int argc, char **argv)
{
int sk = socket(AF_ALG, SOCK_SEQPACKET, 0);
struct stat st;
struct sockaddr_alg sa = {
.salg_family = AF_ALG,
.salg_type = "hash",
.salg_name = "md5",
};
int n;
bind(sk, (struct sockaddr*)&sa, sizeof(sa));
for (n = 1; n < argc; n++) {
int size;
int offset = 0;
char buf[4096];
int fd;
int sko;
int i;
fd = open(argv[n], O_RDONLY);
sko = accept(sk, NULL, 0);
fstat(fd, &st);
size = st.st_size;
sendfile(sko, fd, &offset, size);
size = read(sko, buf, sizeof(buf));
for (i = 0; i < size; i++)
printf("%2.2x", buf[i]);
printf(" %s\n", argv[n]);
close(fd);
close(sko);
}
exit(0);
}
Test below is done using official linux patch files. First result is
with a software based md5sum. Second result is with the program above.
root@vgoip:~# ls -l patch-3.6.*
-rw-r--r--1 root root 64011 Aug 24 12:01 patch-3.6.2.gz
-rw-r--r--1 root root 94131 Aug 24 12:01 patch-3.6.3.gz
root@vgoip:~# md5sum patch-3.6.*
b3ffb9848196846f31b2ff133d2d6443 patch-3.6.2.gz
c5e8f687878457db77cb7158c38a7e43 patch-3.6.3.gz
root@vgoip:~# ./md5sum2 patch-3.6.*
b3ffb9848196846f31b2ff133d2d6443 patch-3.6.2.gz
5fd77b24e68bb24dcc72d6e57c64790e patch-3.6.3.gz
After investivation, it appears that sendfile() sends the files by blocks
of 64kbytes (16 times PAGE_SIZE). The problem is that at the end of each
block, the SPLICE_F_MORE flag is missing, therefore the hashing operation
is reset as if it was the end of the file.
This patch adds SPLICE_F_MORE to the flags when more data is pending.
With the patch applied, we get the correct sums:
root@vgoip:~# md5sum patch-3.6.*
b3ffb9848196846f31b2ff133d2d6443 patch-3.6.2.gz
c5e8f687878457db77cb7158c38a7e43 patch-3.6.3.gz
root@vgoip:~# ./md5sum2 patch-3.6.*
b3ffb9848196846f31b2ff133d2d6443 patch-3.6.2.gz
c5e8f687878457db77cb7158c38a7e43 patch-3.6.3.gz
Signed-off-by: Christophe Leroy
---
v2: no change, only new commit text
fs/splice.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/fs/splice.c b/fs/splice.c
index 476024b..fe61723 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -1161,7 +1161,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct
splice_desc *sd,
long ret, bytes;
umode_t i_mode;
size_t len;
- int i, flags;
+ int i, flags, more;
/*
* We require the input being a regular file, as we don't want to
@@ -1204,6 +1204,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct
splice_desc *sd,
* Don't block on output, we have to drain the direct pipe.
*/
sd->flags &= ~SPLICE_F_NONBLOCK;
+ more = sd->flags & SPLICE_F_MORE;
while (len) {
size_t read_len;
@@ -1216,6 +1217,10 @@ ssize_t splice_direct_to_actor(struct file *in, struct
splice_desc *sd,
read_len = ret;
sd->total_len = read_len;
+ if (read_len < len)
+ sd->flags |= SPLICE_F_MORE;
+ else if (!more)
+ sd->flags &= ~SPLICE_F_MORE;
/*
* NOTE: nonblocking mode only applies to the input. We
* must not do the output in nonblocking mode as then we
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
md5sum (from libkcapi) fails as splice() returns -ENOKEY
Hello Stephan,
I'm trying to use md5sum from the latest libkcapi 0.14 and I getting a
failure with return code -5.
What am I missing ? See strace below, splice() return -ENOKEY.
Christophe
execve("./md5sum", ["./md5sum", "kcapi.tar"], [/* 11 vars */]) = 0
brk(0) = 0x10024000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/ppc823/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such
file or directory)
stat64("/usr/lib/tls/ppc823", 0x7ffa2328) = -1 ENOENT (No such file or
directory)
open("/usr/lib/tls/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or
directory)
stat64("/usr/lib/tls", 0x7ffa2328) = -1 ENOENT (No such file or directory)
open("/usr/lib/ppc823/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file
or directory)
stat64("/usr/lib/ppc823", 0x7ffa2328) = -1 ENOENT (No such file or directory)
open("/usr/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or
directory)
stat64("/usr/lib", {st_mode=S_IFDIR|0755, st_size=3568, ...}) = 0
open("/lib/tls/ppc823/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file
or directory)
stat64("/lib/tls/ppc823", 0x7ffa2328) = -1 ENOENT (No such file or directory)
open("/lib/tls/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or
directory)
stat64("/lib/tls", 0x7ffa2328) = -1 ENOENT (No such file or directory)
open("/lib/ppc823/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or
directory)
stat64("/lib/ppc823", 0x7ffa2328) = -1 ENOENT (No such file or directory)
open("/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3,
"\177ELF\1\2\1\3\0\0\0\0\0\0\0\0\0\3\0\24\0\0\0\1\0\2\35\\\0\0\0004"..., 512) =
512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1797540, ...}) = 0
mmap(0xfe58000, 1661856, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
= 0xfe58000
mprotect(0xffc8000, 114688, PROT_NONE) = 0
mmap(0xffe4000, 32768, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17c000) = 0xffe4000
mmap(0xffec000, 7072, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xffec000
close(3)= 0
mprotect(0xffe4000, 16384, PROT_READ) = 0
mprotect(0x1001c000, 16384, PROT_READ) = 0
mprotect(0x779f8000, 16384, PROT_READ) = 0
brk(0) = 0x10024000
brk(0x10048000) = 0x10048000
open("/proc/sys/crypto/fips_enabled", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
read(3, "0\n", 1024)= 2
close(3)= 0
socket(PF_ALG, SOCK_SEQPACKET, 0) = 3
bind(3, {sa_family=AF_ALG, sa_data="hash\0\0\0\0\0\0\0\0\0\0"}, 88) = 0
pipe([4, 5])= 0
socket(PF_NETLINK, SOCK_RAW, 21)= 6
bind(6, {sa_family=AF_NETLINK, pid=0, groups=}, 12) = 0
getsockname(6, {sa_family=AF_NETLINK, pid=266, groups=}, [12]) = 0
sendmsg(6, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=},
msg_iov(1)=[{"\0\0\0\340\0\23\0\1\0;\232\247\0\0\0\0md5\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
224}], msg_controllen=0, msg_flags=0}, 0) = 224
recvmsg(6, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=},
msg_iov(1)=[{"\0\0\0014\0\23\0\0\0;\232\247\0\0\1\nmd5\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
4096}], msg_controllen=0, msg_flags=0}, 0) = 308
close(6)= 0
open("kcapi.tar", O_RDONLY|O_CLOEXEC) = 6
fstat64(6, {st_mode=S_IFREG|0644, st_size=378880, ...}) = 0
mmap(NULL, 378880, PROT_READ, MAP_SHARED, 6, 0) = 0x7795c000
accept(3, 0, NULL) = 7
vmsplice(5,
[{"bin/\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 378880}],
1, SPLICE_F_MORE|SPLICE_F_GIFT) = 262144
splice(4, NULL, 7, NULL, 262144, SPLICE_F_MORE) = -1 ENOKEY (Required key not
available)
write(2, "Generation of hash for file kcap"..., 50) = 50
munmap(0x7795c000, 378880) = 0
close(6)= 0
close(3)= 0
close(7)= 0
close(4)= 0
close(5)= 0
exit_group(-5) = ?
+++ exited with 251 +++
---
L'absence de virus dans ce courrier électronique a été vérifiée par le logiciel
antivirus Avast.
https://www.avast.com/antivirus
Re: md5sum (from libkcapi) fails as splice() returns -ENOKEY
Hi Stephan Le 11/09/2017 à 21:17, Stephan Müller a écrit : Am Montag, 11. September 2017, 19:07:31 CEST schrieb christophe leroy: Hi christophe, Hello Stephan, I'm trying to use md5sum from the latest libkcapi 0.14 and I getting a failure with return code -5. What am I missing ? See strace below, splice() return -ENOKEY. The ENOKEY error is due to an accept() at the wrong location. But I do not see that error: I did the test once more without the Talitos Crypto driver compiled in the kernel, and this time it works. I believe it must then be an issue with that driver. What could be the issue, what should I look for in the driver ? tar xvfJ libkcapi-0.14.0.tar.xz cd libkcapi-0.14.0 autoreconf -i I get an error here, have to replace AC_CONFIG_MACRO_DIRS by AC_CONFIG_MACRO_DIR in configure.ac # tar xfJ libkcapi-0.14.0.tar.xz # cd libkcapi-0.14.0 # autoreconf -i libtoolize: putting auxiliary files in `.'. libtoolize: copying file `./ltmain.sh' libtoolize: putting macros in `m4'. libtoolize: copying file `m4/libtool.m4' libtoolize: copying file `m4/ltoptions.m4' libtoolize: copying file `m4/ltsugar.m4' libtoolize: copying file `m4/ltversion.m4' libtoolize: copying file `m4/lt~obsolete.m4' libtoolize: Consider adding `AC_CONFIG_MACRO_DIR([m4])' to configure.ac and libtoolize: rerunning libtoolize, to keep the correct libtool macros in-tree. configure.ac:26: error: possibly undefined macro: AC_CONFIG_MACRO_DIRS If this token and others are legitimate, please use m4_pattern_allow. See the Autoconf documentation. autoreconf: /usr/bin/autoconf failed with exit status: 1 # sed -i s/AC_CONFIG_MACRO_DIRS/AC_CONFIG_MACRO_DIR/g configure.ac # autoreconf -i configure.ac:22: installing `./config.guess' configure.ac:22: installing `./config.sub' configure.ac:21: installing `./install-sh' configure.ac:21: installing `./missing' lib/doc/Makefile.am: installing `./depcomp' # autoreconf --version autoreconf (GNU Autoconf) 2.63 Copyright (C) 2008 Free Software Foundation, Inc. License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/old-licenses/gpl-2.0.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Written by David J. MacKenzie and Akim Demaille. Thanks Christophe ./configure --enable-kcapi-hasher make cd bin/.libs/ # I make no make install for testing ln kcapi-hasher md5sum # create md5sum app export LD_LIBRARY_PATH=../../.libs/ # location of current library $ ./md5sum md5sum ddd1a82680b16fb6c241d81656b844df md5sum So, it works for me. Can you please check whether you use the current library version? Note, library version 0.10.1 fixed the aforementioned accept() call for kernel 4.4 and later. $ ./md5sum -v md5sum: libkcapi 0.14.0 Ciao Stephan
[PATCH] crypto: talitos - Don't provide setkey for non hmac hashing algs.
Today, md5sum fails with error -ENOKEY because a setkey
function is set for non hmac hashing algs, see strace output below:
mmap(NULL, 378880, PROT_READ, MAP_SHARED, 6, 0) = 0x77f5
accept(3, 0, NULL) = 7
vmsplice(5,
[{"bin/\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 378880}],
1, SPLICE_F_MORE|SPLICE_F_GIFT) = 262144
splice(4, NULL, 7, NULL, 262144, SPLICE_F_MORE) = -1 ENOKEY (Required key not
available)
write(2, "Generation of hash for file kcap"..., 50) = 50
munmap(0x77f5, 378880) = 0
This patch ensures that setkey() function is set only
for hmac hashing.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 79791c690858..5cc160078286 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -3057,7 +3057,8 @@ static struct talitos_crypto_alg
*talitos_alg_alloc(struct device *dev,
t_alg->algt.alg.hash.final = ahash_final;
t_alg->algt.alg.hash.finup = ahash_finup;
t_alg->algt.alg.hash.digest = ahash_digest;
- t_alg->algt.alg.hash.setkey = ahash_setkey;
+ if (!strncmp(alg->cra_name, "hmac", 4))
+ t_alg->algt.alg.hash.setkey = ahash_setkey;
t_alg->algt.alg.hash.import = ahash_import;
t_alg->algt.alg.hash.export = ahash_export;
--
2.13.3
Re: md5sum (from libkcapi) fails as splice() returns -ENOKEY
Hi Stephan,
Le 12/09/2017 à 09:20, Stephan Mueller a écrit :
Am Dienstag, 12. September 2017, 09:01:08 CEST schrieb Christophe LEROY:
Hi Christophe,
Hi Stephan
Le 11/09/2017 à 21:17, Stephan Müller a écrit :
Am Montag, 11. September 2017, 19:07:31 CEST schrieb christophe leroy:
Hi christophe,
Hello Stephan,
I'm trying to use md5sum from the latest libkcapi 0.14 and I getting a
failure with return code -5.
What am I missing ? See strace below, splice() return -ENOKEY.
The ENOKEY error is due to an accept() at the wrong location. But I do not
see
that error:
I did the test once more without the Talitos Crypto driver compiled in
the kernel, and this time it works.
I believe it must then be an issue with that driver.
What could be the issue, what should I look for in the driver ?
I think I see the error in talitos.c -- yet I do not have that hardware so I
cannot create a patch and test.
In talitos_alg_alloc the function pointer setkey is set unconditional for
CRYPTO_ALG_TYPE_AHASH. This is correct for HMAC/CMAC, but not correct for
staight hashes. As both, md5 and hmac(md5) (and also for the SHA equivalents)
are marked as CRYPTO_ALG_TYPE_AHASH in driver_algs, they all will get a setkey
function.
This will trigger the following code in algif_hash:
static int hash_accept_parent(void *private, struct sock *sk)
{
struct algif_hash_tfm *tfm = private;
if (!tfm->has_key && crypto_ahash_has_setkey(tfm->hash))
return -ENOKEY;
If the setkey would not be present for the straight hashes, ENOKEY would not
be returned.
Thanks.
I modified it and it now works (allthough it doesn't provide the correct
MD5sum ... have to findout why)
I submitted a patch for it.
Christophe
...
# autoreconf --version
autoreconf (GNU Autoconf) 2.63
Thanks for the bug report. But I think the autoconf tools are not up to date.
It should be 2.69.
Could you please check whether you can update?
I am thinking now to add AC_PREREQ([2.60]) to configure.ac.
Ciao
Stephan
Re: md5sum (from libkcapi) fails as splice() returns -ENOKEY
Hi again Le 12/09/2017 à 09:22, Stephan Mueller a écrit : Am Dienstag, 12. September 2017, 09:20:41 CEST schrieb Stephan Mueller: I am thinking now to add AC_PREREQ([2.60]) to configure.ac. I meant 2.69, of course? :-) Ok ... CentOS ships with 2.63 and no update seems available via 'yum update'. Is 2.69 really necessary ? It seems to work just fine with 2.63 once the modification is done. Christophe Ciao Stephan
[PATCH] crypto: talitos - fix sha224
Kernel crypto tests report the following error at startup
[2.752626] alg: hash: Test 4 failed for sha224-talitos
[2.757907] : 30 e2 86 e2 e7 8a dd 0d d7 eb 9f d5 83 fe f1 b0
0010: 2d 5a 6c a5 f9 55 ea fd 0e 72 05 22
This patch fixes it
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index d47b3eb1f0..e2d323fa24 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1756,9 +1756,9 @@ static int common_nonsnoop_hash(struct talitos_edesc
*edesc,
req_ctx->swinit = 0;
} else {
desc->ptr[1] = zero_entry;
- /* Indicate next op is not the first. */
- req_ctx->first = 0;
}
+ /* Indicate next op is not the first. */
+ req_ctx->first = 0;
/* HMAC key */
if (ctx->keylen)
--
2.13.3
[PATCH] crypto: talitos - fix hashing
md5sum on some files gives wrong result Exemple: With the md5sum from libkcapi: c15115c05bad51113f81bdaee735dd09 test With the original md5sum: bbdf41d80ba7e8b2b7be3a0772be76cb test This patch fixes this issue Signed-off-by: Christophe Leroy --- drivers/crypto/talitos.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index f6f811a1bb..d47b3eb1f0 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c @@ -1769,7 +1769,7 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc, sg_count = edesc->src_nents ?: 1; if (is_sec1 && sg_count > 1) - sg_copy_to_buffer(areq->src, sg_count, edesc->buf, length); + sg_copy_to_buffer(req_ctx->psrc, sg_count, edesc->buf, length); else sg_count = dma_map_sg(dev, req_ctx->psrc, sg_count, DMA_TO_DEVICE); -- 2.13.3
Re: [PATCH 0/6] crypto: talitos - various fixes
Looks like the linux-crypto list and patchwork was out of order when I sent this. I will send again, sorry for the noise on the other lists. Le 19/09/2017 à 14:58, Christophe Leroy a écrit : This serie provide various fixes on the talitos driver. Christophe Leroy (6): crypto: talitos - Don't provide setkey for non hmac hashing algs. crypto: talitos - fix hashing crypto: talitos - fix sha224 crypto: talitos - fix AEAD test failures crypto: talitos - use kzalloc instead of kmalloc crypto: talitos - fix memory corruption on SEC2 drivers/crypto/talitos.c | 81 +--- drivers/crypto/talitos.h | 2 -- 2 files changed, 36 insertions(+), 47 deletions(-)
Test
Sorry for the noise, but I have twice tried to send a PATCH serie to this list with a copy to linuxppc-...@lists.ozlabs.org, it appears properly in the linuxppc list/patchwork but it still doesn't appear on linux-crypto. Is there anything wrong with the list ? Christophe
Re: [PATCH 0/6] crypto: talitos - various fixes
What's going wrong ? I have resent it and it the same again, the serie is not dispatched on the linux-crypto list, but when I answer to a mail of the serie, the answer shows up. What could be the issue ? Christophe Le 20/09/2017 à 10:35, Christophe LEROY a écrit : Looks like the linux-crypto list and patchwork was out of order when I sent this. I will send again, sorry for the noise on the other lists. Le 19/09/2017 à 14:58, Christophe Leroy a écrit : This serie provide various fixes on the talitos driver. Christophe Leroy (6): crypto: talitos - Don't provide setkey for non hmac hashing algs. crypto: talitos - fix hashing crypto: talitos - fix sha224 crypto: talitos - fix AEAD test failures crypto: talitos - use kzalloc instead of kmalloc crypto: talitos - fix memory corruption on SEC2 drivers/crypto/talitos.c | 81 +--- drivers/crypto/talitos.h | 2 -- 2 files changed, 36 insertions(+), 47 deletions(-) --- L'absence de virus dans ce courrier électronique a été vérifiée par le logiciel antivirus Avast. https://www.avast.com/antivirus
[PATCH 2/6] crypto: talitos - fix hashing
md5sum on some files gives wrong result Exemple: With the md5sum from libkcapi: c15115c05bad51113f81bdaee735dd09 test With the original md5sum: bbdf41d80ba7e8b2b7be3a0772be76cb test This patch fixes this issue Signed-off-by: Christophe Leroy --- drivers/crypto/talitos.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index 5cc160078286..49f1561fa694 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c @@ -1769,7 +1769,7 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc, sg_count = edesc->src_nents ?: 1; if (is_sec1 && sg_count > 1) - sg_copy_to_buffer(areq->src, sg_count, edesc->buf, length); + sg_copy_to_buffer(req_ctx->psrc, sg_count, edesc->buf, length); else sg_count = dma_map_sg(dev, req_ctx->psrc, sg_count, DMA_TO_DEVICE); -- 2.13.3
[PATCH 0/6] crypto: talitos - various fixes
This serie provide various fixes on the talitos driver. Christophe Leroy (6): crypto: talitos - Don't provide setkey for non hmac hashing algs. crypto: talitos - fix hashing crypto: talitos - fix sha224 crypto: talitos - fix AEAD test failures crypto: talitos - use kzalloc instead of kmalloc crypto: talitos - fix memory corruption on SEC2 drivers/crypto/talitos.c | 81 +--- drivers/crypto/talitos.h | 2 -- 2 files changed, 36 insertions(+), 47 deletions(-) -- 2.13.3
[PATCH 1/6] crypto: talitos - Don't provide setkey for non hmac hashing algs.
Today, md5sum fails with error -ENOKEY because a setkey
function is set for non hmac hashing algs, see strace output below:
mmap(NULL, 378880, PROT_READ, MAP_SHARED, 6, 0) = 0x77f5
accept(3, 0, NULL) = 7
vmsplice(5,
[{"bin/\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 378880}],
1, SPLICE_F_MORE|SPLICE_F_GIFT) = 262144
splice(4, NULL, 7, NULL, 262144, SPLICE_F_MORE) = -1 ENOKEY (Required key not
available)
write(2, "Generation of hash for file kcap"..., 50) = 50
munmap(0x77f5, 378880) = 0
This patch ensures that setkey() function is set only
for hmac hashing.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 79791c690858..5cc160078286 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -3057,7 +3057,8 @@ static struct talitos_crypto_alg
*talitos_alg_alloc(struct device *dev,
t_alg->algt.alg.hash.final = ahash_final;
t_alg->algt.alg.hash.finup = ahash_finup;
t_alg->algt.alg.hash.digest = ahash_digest;
- t_alg->algt.alg.hash.setkey = ahash_setkey;
+ if (!strncmp(alg->cra_name, "hmac", 4))
+ t_alg->algt.alg.hash.setkey = ahash_setkey;
t_alg->algt.alg.hash.import = ahash_import;
t_alg->algt.alg.hash.export = ahash_export;
--
2.13.3
[PATCH 3/6] crypto: talitos - fix sha224
Kernel crypto tests report the following error at startup
[2.752626] alg: hash: Test 4 failed for sha224-talitos
[2.757907] : 30 e2 86 e2 e7 8a dd 0d d7 eb 9f d5 83 fe f1 b0
0010: 2d 5a 6c a5 f9 55 ea fd 0e 72 05 22
This patch fixes it
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 49f1561fa694..dff88838dce7 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1756,9 +1756,9 @@ static int common_nonsnoop_hash(struct talitos_edesc
*edesc,
req_ctx->swinit = 0;
} else {
desc->ptr[1] = zero_entry;
- /* Indicate next op is not the first. */
- req_ctx->first = 0;
}
+ /* Indicate next op is not the first. */
+ req_ctx->first = 0;
/* HMAC key */
if (ctx->keylen)
--
2.13.3
[PATCH 4/6] crypto: talitos - fix AEAD test failures
72 63
0040: 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20 63 65
0050: 65 72 73 74 54 20 6f 6f 4d 20 6e 61 20 79 65 53
0060: 72 63 74 65 20 73 6f 54 20 6f 61 4d 79 6e 53 20
0070: 63 65 65 72 73 74 54 20 6f 6f 4d 20 6e 61 0a 79
0080: c0 50 f1 ac c0 50 f3 38 c0 50 f3 94 c0 50 f5 30
0090: c0 99 74 3c c0 96 e5 b8 c0 96 e9 20 c0 00 3d dc
This patch fixes that.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 9 -
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index dff88838dce7..cd8a37e60259 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1232,12 +1232,11 @@ static int ipsec_esp(struct talitos_edesc *edesc,
struct aead_request *areq,
sg_link_tbl_len += authsize;
}
- sg_count = talitos_sg_map(dev, areq->src, cryptlen, edesc,
- &desc->ptr[4], sg_count, areq->assoclen,
- tbl_off);
+ ret = talitos_sg_map(dev, areq->src, cryptlen, edesc, &desc->ptr[4],
+sg_count, areq->assoclen, tbl_off);
- if (sg_count > 1) {
- tbl_off += sg_count;
+ if (ret > 1) {
+ tbl_off += ret;
sync_needed = true;
}
--
2.13.3
[PATCH 5/6] crypto: talitos - use kzalloc instead of kmalloc
Use kzalloc() to zeroize the extended descriptor at allocation and
further zeorising
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 23 +--
drivers/crypto/talitos.h | 2 --
2 files changed, 1 insertion(+), 24 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index cd8a37e60259..a5b608b54c74 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -75,7 +75,6 @@ static void to_talitos_ptr_len(struct talitos_ptr *ptr,
unsigned int len,
bool is_sec1)
{
if (is_sec1) {
- ptr->res = 0;
ptr->len1 = cpu_to_be16(len);
} else {
ptr->len = cpu_to_be16(len);
@@ -118,7 +117,6 @@ static void map_single_talitos_ptr(struct device *dev,
to_talitos_ptr_len(ptr, len, is_sec1);
to_talitos_ptr(ptr, dma_addr, is_sec1);
- to_talitos_ptr_ext_set(ptr, 0, is_sec1);
}
/*
@@ -287,7 +285,6 @@ int talitos_submit(struct device *dev, int ch, struct
talitos_desc *desc,
/* map descriptor and save caller data */
if (is_sec1) {
desc->hdr1 = desc->hdr;
- desc->next_desc = 0;
request->dma_desc = dma_map_single(dev, &desc->hdr1,
TALITOS_DESC_SIZE,
DMA_BIDIRECTIONAL);
@@ -1099,7 +1096,6 @@ static int sg_to_link_tbl_offset(struct scatterlist *sg,
int sg_count,
to_talitos_ptr(link_tbl_ptr + count,
sg_dma_address(sg) + offset, 0);
to_talitos_ptr_len(link_tbl_ptr + count, len, 0);
- to_talitos_ptr_ext_set(link_tbl_ptr + count, 0, 0);
count++;
cryptlen -= len;
offset = 0;
@@ -1125,7 +1121,6 @@ int talitos_sg_map(struct device *dev, struct scatterlist
*src,
bool is_sec1 = has_ftr_sec1(priv);
to_talitos_ptr_len(ptr, len, is_sec1);
- to_talitos_ptr_ext_set(ptr, 0, is_sec1);
if (sg_count == 1) {
to_talitos_ptr(ptr, sg_dma_address(src) + offset, is_sec1);
@@ -1197,11 +1192,9 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP) {
to_talitos_ptr(&desc->ptr[2], edesc->iv_dma, is_sec1);
to_talitos_ptr_len(&desc->ptr[2], ivsize, is_sec1);
- to_talitos_ptr_ext_set(&desc->ptr[2], 0, is_sec1);
} else {
to_talitos_ptr(&desc->ptr[3], edesc->iv_dma, is_sec1);
to_talitos_ptr_len(&desc->ptr[3], ivsize, is_sec1);
- to_talitos_ptr_ext_set(&desc->ptr[3], 0, is_sec1);
}
/* cipher key */
@@ -1221,7 +1214,6 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
* typically 12 for ipsec
*/
to_talitos_ptr_len(&desc->ptr[4], cryptlen, is_sec1);
- to_talitos_ptr_ext_set(&desc->ptr[4], 0, is_sec1);
sg_link_tbl_len = cryptlen;
@@ -1275,8 +1267,6 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
to_talitos_ptr(tbl_ptr, edesc->dma_link_tbl + offset,
is_sec1);
}
- } else {
- edesc->icv_ool = false;
}
/* ICV data */
@@ -1386,7 +1376,7 @@ static struct talitos_edesc *talitos_edesc_alloc(struct
device *dev,
alloc_len += icv_stashing ? authsize : 0;
}
- edesc = kmalloc(alloc_len, GFP_DMA | flags);
+ edesc = kzalloc(alloc_len, GFP_DMA | flags);
if (!edesc) {
dev_err(dev, "could not allocate edescriptor\n");
err = ERR_PTR(-ENOMEM);
@@ -1467,7 +1457,6 @@ static int aead_decrypt(struct aead_request *req)
DESC_HDR_MODE1_MDEU_CICV;
/* reset integrity check result bits */
- edesc->desc.hdr_lo = 0;
return ipsec_esp(edesc, req, ipsec_esp_decrypt_hwauth_done);
}
@@ -1554,12 +1543,10 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
bool is_sec1 = has_ftr_sec1(priv);
/* first DWORD empty */
- desc->ptr[0] = zero_entry;
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma, is_sec1);
to_talitos_ptr_len(&desc->ptr[1], ivsize, is_sec1);
- to_talitos_ptr_ext_set(&desc->ptr[1], 0, is_sec1);
/* cipher key */
map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
@@ -1598,7 +1585,6 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
DMA_FROM_DEVICE);
/* last DWORD empty */
- desc->ptr[6] = zero_
[PATCH 6/6] crypto: talitos - fix memory corruption on SEC2
xc8
[2.930853] [c0d4bf60] [c007f064] cpu_startup_entry+0xe4/0x190
[2.936707] [c0d4bfb0] [c096c434] start_kernel+0x3f4/0x408
[2.942198] [c0d4bff0] [3438] 0x3438
[2.946137] FIX dma-kmalloc-256: Restoring 0xde858108-0xde85810b=0xcc
[2.946137]
[2.954158] FIX dma-kmalloc-256: Object at 0xde858008 not freed
This patch reworks the handling of the CICV out in order
to properly handle all cases.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 40 ++--
1 file changed, 26 insertions(+), 14 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index a5b608b54c74..e7e31f8fd3d1 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1239,14 +1239,15 @@ static int ipsec_esp(struct talitos_edesc *edesc,
struct aead_request *areq,
dma_map_sg(dev, areq->dst, sg_count, DMA_FROM_DEVICE);
}
- sg_count = talitos_sg_map(dev, areq->dst, cryptlen, edesc,
- &desc->ptr[5], sg_count, areq->assoclen,
- tbl_off);
+ ret = talitos_sg_map(dev, areq->dst, cryptlen, edesc, &desc->ptr[5],
+sg_count, areq->assoclen, tbl_off);
if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP)
to_talitos_ptr_ext_or(&desc->ptr[5], authsize, is_sec1);
- if (sg_count > 1) {
+ /* ICV data */
+ if (ret > 1) {
+ tbl_off += ret;
edesc->icv_ool = true;
sync_needed = true;
@@ -1256,9 +1257,7 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
sizeof(struct talitos_ptr) + authsize;
/* Add an entry to the link table for ICV data */
- tbl_ptr += sg_count - 1;
- to_talitos_ptr_ext_set(tbl_ptr, 0, is_sec1);
- tbl_ptr++;
+ to_talitos_ptr_ext_set(tbl_ptr - 1, 0, is_sec1);
to_talitos_ptr_ext_set(tbl_ptr, DESC_PTR_LNKTBL_RETURN,
is_sec1);
to_talitos_ptr_len(tbl_ptr, authsize, is_sec1);
@@ -1266,14 +1265,27 @@ static int ipsec_esp(struct talitos_edesc *edesc,
struct aead_request *areq,
/* icv data follows link tables */
to_talitos_ptr(tbl_ptr, edesc->dma_link_tbl + offset,
is_sec1);
- }
- }
+ } else {
+ dma_addr_t addr = edesc->dma_link_tbl;
- /* ICV data */
- if (!(desc->hdr & DESC_HDR_TYPE_IPSEC_ESP)) {
- to_talitos_ptr_len(&desc->ptr[6], authsize, is_sec1);
- to_talitos_ptr(&desc->ptr[6], edesc->dma_link_tbl +
- areq->assoclen + cryptlen, is_sec1);
+ if (is_sec1)
+ addr += areq->assoclen + cryptlen;
+ else
+ addr += sizeof(struct talitos_ptr) * tbl_off;
+
+ to_talitos_ptr(&desc->ptr[6], addr, is_sec1);
+ to_talitos_ptr_len(&desc->ptr[6], authsize, is_sec1);
+ }
+ } else if (!(desc->hdr & DESC_HDR_TYPE_IPSEC_ESP)) {
+ ret = talitos_sg_map(dev, areq->dst, authsize, edesc,
+&desc->ptr[6], sg_count, areq->assoclen +
+ cryptlen,
+tbl_off);
+ if (ret > 1) {
+ tbl_off += ret;
+ edesc->icv_ool = true;
+ sync_needed = true;
+ }
}
/* iv out */
--
2.13.3
[PATCH] crypto: talitos - fix AEAD for sha224 on non sha224 capable chips
sha224 AEAD test fails with:
[2.803125] talitos ff02.crypto: DEUISR 0x_
[2.808743] talitos ff02.crypto: MDEUISR 0x8010_
[2.814678] talitos ff02.crypto: DESCBUF 0x20731f21_0018
[2.820616] talitos ff02.crypto: DESCBUF 0x0628d64c_0010
[2.826554] talitos ff02.crypto: DESCBUF 0x0631005c_0018
[2.832492] talitos ff02.crypto: DESCBUF 0x0628d664_0008
[2.838430] talitos ff02.crypto: DESCBUF 0x061b13a0_0080
[2.844369] talitos ff02.crypto: DESCBUF 0x0631006c_0080
[2.850307] talitos ff02.crypto: DESCBUF 0x0631006c_0018
[2.856245] talitos ff02.crypto: DESCBUF 0x063100ec_
[2.884972] talitos ff02.crypto: failed to reset channel 0
[2.890503] talitos ff02.crypto: done overflow, internal time out, or
rngu error: ISR 0x2000_0002
[2.900652] alg: aead: encryption failed on test 1 for
authenc-hmac-sha224-cbc-3des-talitos: ret=22
This is due to SHA224 not being supported by the HW. Allthough for
hash we are able to init the hash contet by SW, it is not
possible for AEAD. Therefore SHA224 AEAD has to be deactivated.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 09a2cd3a31d2..9bfda9d59ace 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -3045,6 +3045,11 @@ static struct talitos_crypto_alg
*talitos_alg_alloc(struct device *dev,
t_alg->algt.alg.aead.setkey = aead_setkey;
t_alg->algt.alg.aead.encrypt = aead_encrypt;
t_alg->algt.alg.aead.decrypt = aead_decrypt;
+ if (!(priv->features & TALITOS_FTR_SHA224_HWINIT) &&
+ !strncmp(alg->cra_name, "authenc(hmac(sha224)", 20)) {
+ kfree(t_alg);
+ return ERR_PTR(-ENOTSUPP);
+ }
break;
case CRYPTO_ALG_TYPE_AHASH:
alg = &t_alg->algt.alg.hash.halg.base;
--
2.13.3
[PATCH] crypto: talitos - fix setkey to check key weakness
Crypto manager test report the following failures:
[3.061081] alg: skcipher: setkey failed on test 5 for ecb-des-talitos:
flags=100
[3.069342] alg: skcipher-ddst: setkey failed on test 5 for ecb-des-talitos:
flags=100
[3.077754] alg: skcipher-ddst: setkey failed on test 5 for ecb-des-talitos:
flags=100
This is due to setkey being expected to detect weak keys.
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 8
1 file changed, 8 insertions(+)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index e7e31f8fd3d1..09a2cd3a31d2 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1494,12 +1494,20 @@ static int ablkcipher_setkey(struct crypto_ablkcipher
*cipher,
const u8 *key, unsigned int keylen)
{
struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
+ u32 tmp[DES_EXPKEY_WORDS];
if (keylen > TALITOS_MAX_KEY_SIZE) {
crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -EINVAL;
}
+ if (unlikely(crypto_ablkcipher_get_flags(cipher) &
+CRYPTO_TFM_REQ_WEAK_KEY) &&
+ !des_ekey(tmp, key)) {
+ crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY);
+ return -EINVAL;
+ }
+
memcpy(&ctx->key, key, keylen);
ctx->keylen = keylen;
--
2.13.3
Question about ahash export and import
Hello, Today, the talitos driver dma maps/unmaps context and keys at every single request. I'm looking at doing the dma mapping at hash init and doing unmapping at final/finup/digest However, I'm wondering how to manage hash exports and imports. I was initially thinking about doing a dma_sync_for_cpu() before any export and a dma_sync_for_device() after any export, but that supposes that the dma area is already mapped, which means that we have done the init and not yet done a final/finup/digest. I'm a bit sceptic when reading the following text in include/crypto/hash.h : @export: Export partial state of the transformation. This function dumps the * entire state of the ongoing transformation into a provided block of * data so it can be @import 'ed back later on. This is useful in case * you want to save partial result of the transformation after * processing certain amount of data and reload this partial result * multiple times later on for multiple re-use Does it mean that import may be called in lieu of hash init, or is hash init always called before doing an import ? Thanks Christophe
Re: Question about ahash export and import
Le 27/09/2017 à 11:08, Herbert Xu a écrit : On Tue, Sep 26, 2017 at 01:09:05PM +0200, Kamil Konieczny wrote: Can import() be called without _any_ init(), for example after reboot of machine ? Is following scenario valid: Of course it can. import must restore the state of the request to that at the time when export was called. import does not need to be called after init. init simply resets the hash state for new update/final calls. init(), update() 0 or more times, export(), save exported data to pernament storage reboot machine load crypto driver, import() saved state ? Yes this must be supported. Basically after any update call is complete (you've called the completion function), you should be able to call export and completely extract the partial (as opposed to finalised) hash state. Can we consider that once an export has been done, no new update call will be performed prior to doing an init or an import ? Or should it be possible to continue with an update or a final/finup call after an export ? Remember we need to support an arbitrarily large number of concurrent hashing operations. So you cannot keep a hash state in hardware indefinitely just because the user has not called finalize on it. Cheers, Christophe
Re: [PATCH 5/6] crypto: talitos - use kzalloc instead of kmalloc
Le 21/09/2017 à 09:19, Christophe Leroy a écrit :
Use kzalloc() to zeroize the extended descriptor at allocation and
further zeorising
This patch significantly degrades performances.
I will submit a new serie soon.
Christophe
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 23 +--
drivers/crypto/talitos.h | 2 --
2 files changed, 1 insertion(+), 24 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index cd8a37e60259..a5b608b54c74 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -75,7 +75,6 @@ static void to_talitos_ptr_len(struct talitos_ptr *ptr,
unsigned int len,
bool is_sec1)
{
if (is_sec1) {
- ptr->res = 0;
ptr->len1 = cpu_to_be16(len);
} else {
ptr->len = cpu_to_be16(len);
@@ -118,7 +117,6 @@ static void map_single_talitos_ptr(struct device *dev,
to_talitos_ptr_len(ptr, len, is_sec1);
to_talitos_ptr(ptr, dma_addr, is_sec1);
- to_talitos_ptr_ext_set(ptr, 0, is_sec1);
}
/*
@@ -287,7 +285,6 @@ int talitos_submit(struct device *dev, int ch, struct
talitos_desc *desc,
/* map descriptor and save caller data */
if (is_sec1) {
desc->hdr1 = desc->hdr;
- desc->next_desc = 0;
request->dma_desc = dma_map_single(dev, &desc->hdr1,
TALITOS_DESC_SIZE,
DMA_BIDIRECTIONAL);
@@ -1099,7 +1096,6 @@ static int sg_to_link_tbl_offset(struct scatterlist *sg,
int sg_count,
to_talitos_ptr(link_tbl_ptr + count,
sg_dma_address(sg) + offset, 0);
to_talitos_ptr_len(link_tbl_ptr + count, len, 0);
- to_talitos_ptr_ext_set(link_tbl_ptr + count, 0, 0);
count++;
cryptlen -= len;
offset = 0;
@@ -1125,7 +1121,6 @@ int talitos_sg_map(struct device *dev, struct scatterlist
*src,
bool is_sec1 = has_ftr_sec1(priv);
to_talitos_ptr_len(ptr, len, is_sec1);
- to_talitos_ptr_ext_set(ptr, 0, is_sec1);
if (sg_count == 1) {
to_talitos_ptr(ptr, sg_dma_address(src) + offset, is_sec1);
@@ -1197,11 +1192,9 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
if (desc->hdr & DESC_HDR_TYPE_IPSEC_ESP) {
to_talitos_ptr(&desc->ptr[2], edesc->iv_dma, is_sec1);
to_talitos_ptr_len(&desc->ptr[2], ivsize, is_sec1);
- to_talitos_ptr_ext_set(&desc->ptr[2], 0, is_sec1);
} else {
to_talitos_ptr(&desc->ptr[3], edesc->iv_dma, is_sec1);
to_talitos_ptr_len(&desc->ptr[3], ivsize, is_sec1);
- to_talitos_ptr_ext_set(&desc->ptr[3], 0, is_sec1);
}
/* cipher key */
@@ -1221,7 +1214,6 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct
aead_request *areq,
* typically 12 for ipsec
*/
to_talitos_ptr_len(&desc->ptr[4], cryptlen, is_sec1);
- to_talitos_ptr_ext_set(&desc->ptr[4], 0, is_sec1);
sg_link_tbl_len = cryptlen;
@@ -1275,8 +1267,6 @@ static int ipsec_esp(struct talitos_edesc *edesc, struct aead_request *areq,
to_talitos_ptr(tbl_ptr, edesc->dma_link_tbl + offset,
is_sec1);
}
- } else {
- edesc->icv_ool = false;
}
/* ICV data */
@@ -1386,7 +1376,7 @@ static struct talitos_edesc *talitos_edesc_alloc(struct
device *dev,
alloc_len += icv_stashing ? authsize : 0;
}
- edesc = kmalloc(alloc_len, GFP_DMA | flags);
+ edesc = kzalloc(alloc_len, GFP_DMA | flags);
if (!edesc) {
dev_err(dev, "could not allocate edescriptor\n");
err = ERR_PTR(-ENOMEM);
@@ -1467,7 +1457,6 @@ static int aead_decrypt(struct aead_request *req)
DESC_HDR_MODE1_MDEU_CICV;
/* reset integrity check result bits */
- edesc->desc.hdr_lo = 0;
return ipsec_esp(edesc, req, ipsec_esp_decrypt_hwauth_done);
}
@@ -1554,12 +1543,10 @@ static int common_nonsnoop(struct talitos_edesc *edesc,
bool is_sec1 = has_ftr_sec1(priv);
/* first DWORD empty */
- desc->ptr[0] = zero_entry;
/* cipher iv */
to_talitos_ptr(&desc->ptr[1], edesc->iv_dma, is_sec1);
to_talitos_ptr_len(&desc->ptr[1], ivsize, is_sec1);
- to_talitos_ptr_ext_set(&desc->ptr[1], 0, is_sec1);
/* cipher key */
map_single_talitos_ptr(dev, &desc->ptr[2], ctx->keylen,
@@ -1598,7 +1585,6 @@ static int common_nonsnoop(struct tali
[PATCH 11/18] crypto: talitos - use devm_ioremap()
Use devm_ioremap()
Signed-off-by: Christophe Leroy
---
drivers/crypto/talitos.c | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index f139a0cef2e2..83b2a70a1ba7 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -3008,8 +3008,6 @@ static int talitos_remove(struct platform_device *ofdev)
if (priv->irq[1])
tasklet_kill(&priv->done_task[1]);
- iounmap(priv->reg);
-
return 0;
}
@@ -3160,6 +3158,7 @@ static int talitos_probe(struct platform_device *ofdev)
struct talitos_private *priv;
int i, err;
int stride;
+ struct resource *res;
priv = devm_kzalloc(dev, sizeof(struct talitos_private), GFP_KERNEL);
if (!priv)
@@ -3173,7 +3172,10 @@ static int talitos_probe(struct platform_device *ofdev)
spin_lock_init(&priv->reg_lock);
- priv->reg = of_iomap(np, 0);
+ res = platform_get_resource(ofdev, IORESOURCE_MEM, 0);
+ if (!res)
+ return -ENXIO;
+ priv->reg = devm_ioremap(dev, res->start, resource_size(res));
if (!priv->reg) {
dev_err(dev, "failed to of_iomap\n");
err = -ENOMEM;
--
2.13.3
