Re: padata - is serial actually serial?

[Gary R Hook]

On 06/15/2016 06:52 AM, Steffen Klassert wrote:

Hi Jason.

On Tue, Jun 14, 2016 at 11:00:54PM +0200, Jason A. Donenfeld wrote:

Hi Steffen & Folks,

I submit a job to padata_do_parallel(). When the parallel() function
triggers, I do some things, and then call padata_do_serial(). Finally
the serial() function triggers, where I complete the job (check a
nonce, etc).

The padata API is very appealing because not only does it allow for
parallel computation, but it claims that the serial() functions will
execute in the order that jobs were originally submitted to
padata_do_parallel().

Unfortunately, in practice, I'm pretty sure I'm seeing deviations from
this. When I submit tons and tons of tasks at rapid speed to
padata_do_parallel(), it seems like the serial() function isn't being
called in the exactly the same order that tasks were submitted to
padata_do_parallel().

Is this known (expected) behavior? Or have I stumbled upon a potential
bug that's worthwhile for me to investigate more?


It should return in the same order as the job were submitted,
given that the submitting cpu and the callback cpu are fixed
for all the jobs you want to preserve the order.  If you submit
jobs from more than one cpu, we can not know in which order
they are enqueued. The cpu that gets the lock as the first
has its job in front.


Isn't there an element of indeterminacy at the application thread level
(i.e. user space) too? We don't know how the jobs are being submitted, but
unless that is being handled by a single thread in a single process, I
think all bets are off with respect to ordering.

Then again, perhaps I'm not grokking the details here.


Same if you use more than one callback cpu
we can't know in which order they are dequeued, because the
serial workers are scheduled independent on each cpu.

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Encryption output buffer description in algif_aead.c file

[Gary R Hook]

On 06/24/2016 07:01 AM, Stephan Mueller wrote:

Am Freitag, 24. Juni 2016, 17:24:02 schrieb Harsh Jain:

Hi Harsh,



379  * The memory structure for cipher operation has the following
380  * structure:
381  *  AEAD encryption input:  assoc data || plaintext
382  *  AEAD encryption output: cipherntext || auth tag
383  *  AEAD decryption input:  assoc data || ciphertext || auth
tag 384  *  AEAD decryption output: plaintext


Right, it returns AAD prepended to the stated output. Do you want to provide a
patch?


If testmgr.c is any model, the caller is expected to populate the 
destination
buffer with the AAD. Is my understanding correct? And should this 
comment clarify
that point: i.e. the length of the destination is the sum of the lengths 
of the

aad + ciphertext + tag?

Gary

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 3/4] crypto: ccp - CCP versioning support

[Gary R Hook]

Future hardware may introduce new algorithms wherein the
driver will need to manage resources for different versions
of the cryptographic coprocessor. This precursor patch
determines the version of the available device, and marks
and registers algorithms accordingly. A structure is added
which manages the version-specific data.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-crypto-aes.c |   12 ++-
 drivers/crypto/ccp/ccp-crypto-sha.c |9 +++-
 drivers/crypto/ccp/ccp-dev.c|   27 
 drivers/crypto/ccp/ccp-dev.h|8 +++
 drivers/crypto/ccp/ccp-pci.c|8 ++-
 drivers/crypto/ccp/ccp-platform.c   |   39 +--
 include/linux/ccp.h |   17 +++
 7 files changed, 115 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-crypto-aes.c 
b/drivers/crypto/ccp/ccp-crypto-aes.c
index 7984f91..89291c1 100644
--- a/drivers/crypto/ccp/ccp-crypto-aes.c
+++ b/drivers/crypto/ccp/ccp-crypto-aes.c
@@ -1,7 +1,7 @@
 /*
  * AMD Cryptographic Coprocessor (CCP) AES crypto API support
  *
- * Copyright (C) 2013 Advanced Micro Devices, Inc.
+ * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
  *
  * Author: Tom Lendacky <thomas.lenda...@amd.com>
  *
@@ -259,6 +259,7 @@ static struct crypto_alg ccp_aes_rfc3686_defaults = {
 
 struct ccp_aes_def {
enum ccp_aes_mode mode;
+   unsigned int version;
const char *name;
const char *driver_name;
unsigned int blocksize;
@@ -269,6 +270,7 @@ struct ccp_aes_def {
 static struct ccp_aes_def aes_algs[] = {
{
.mode   = CCP_AES_MODE_ECB,
+   .version= CCP_VERSION(3, 0),
.name   = "ecb(aes)",
.driver_name= "ecb-aes-ccp",
.blocksize  = AES_BLOCK_SIZE,
@@ -277,6 +279,7 @@ static struct ccp_aes_def aes_algs[] = {
},
{
.mode   = CCP_AES_MODE_CBC,
+   .version= CCP_VERSION(3, 0),
.name   = "cbc(aes)",
.driver_name= "cbc-aes-ccp",
.blocksize  = AES_BLOCK_SIZE,
@@ -285,6 +288,7 @@ static struct ccp_aes_def aes_algs[] = {
},
{
.mode   = CCP_AES_MODE_CFB,
+   .version= CCP_VERSION(3, 0),
.name   = "cfb(aes)",
.driver_name= "cfb-aes-ccp",
.blocksize  = AES_BLOCK_SIZE,
@@ -293,6 +297,7 @@ static struct ccp_aes_def aes_algs[] = {
},
{
.mode   = CCP_AES_MODE_OFB,
+   .version= CCP_VERSION(3, 0),
.name   = "ofb(aes)",
.driver_name= "ofb-aes-ccp",
.blocksize  = 1,
@@ -301,6 +306,7 @@ static struct ccp_aes_def aes_algs[] = {
},
{
.mode   = CCP_AES_MODE_CTR,
+   .version= CCP_VERSION(3, 0),
.name   = "ctr(aes)",
.driver_name= "ctr-aes-ccp",
.blocksize  = 1,
@@ -309,6 +315,7 @@ static struct ccp_aes_def aes_algs[] = {
},
{
.mode   = CCP_AES_MODE_CTR,
+   .version= CCP_VERSION(3, 0),
.name   = "rfc3686(ctr(aes))",
.driver_name= "rfc3686-ctr-aes-ccp",
.blocksize  = 1,
@@ -357,8 +364,11 @@ static int ccp_register_aes_alg(struct list_head *head,
 int ccp_register_aes_algs(struct list_head *head)
 {
int i, ret;
+   unsigned int ccpversion = ccp_version();
 
for (i = 0; i < ARRAY_SIZE(aes_algs); i++) {
+   if (aes_algs[i].version > ccpversion)
+   continue;
ret = ccp_register_aes_alg(head, _algs[i]);
if (ret)
return ret;
diff --git a/drivers/crypto/ccp/ccp-crypto-sha.c 
b/drivers/crypto/ccp/ccp-crypto-sha.c
index 8ef06fa..b5ad728 100644
--- a/drivers/crypto/ccp/ccp-crypto-sha.c
+++ b/drivers/crypto/ccp/ccp-crypto-sha.c
@@ -1,7 +1,7 @@
 /*
  * AMD Cryptographic Coprocessor (CCP) SHA crypto API support
  *
- * Copyright (C) 2013 Advanced Micro Devices, Inc.
+ * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
  *
  * Author: Tom Lendacky <thomas.lenda...@amd.com>
  *
@@ -341,6 +341,7 @@ static void ccp_hmac_sha_cra_exit(struct crypto_tfm *tfm)
 }
 
 struct ccp_sha_def {
+   unsigned int version;
const char *name;
const char *drv_name;
enum ccp_sha_type type;
@@ -350,6 +351,7 @@ struct ccp_sha_def {
 
 static struct ccp_sha_def sha_algs[] = {
{
+   .version= CCP_VERSION(3, 0),
  

[PATCH 4/4] crypto: ccp - Add abstraction for device-specific calls

[Gary R Hook]

Support for different generations of the coprocessor
requires that an abstraction layer be implemented for
interacting with the hardware. This patch splits out
version-specific functions to a separate file and populates
the version structure (acting as a driver) with function
pointers.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile   |2 
 drivers/crypto/ccp/ccp-dev-v3.c   |  534 +
 drivers/crypto/ccp/ccp-dev.c  |  306 +
 drivers/crypto/ccp/ccp-dev.h  |  138 +-
 drivers/crypto/ccp/ccp-ops.c  |  381 +-
 drivers/crypto/ccp/ccp-pci.c  |   10 -
 drivers/crypto/ccp/ccp-platform.c |7 
 7 files changed, 711 insertions(+), 667 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-dev-v3.c

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index 55a1f39..b750592 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -1,5 +1,5 @@
 obj-$(CONFIG_CRYPTO_DEV_CCP_DD) += ccp.o
-ccp-objs := ccp-dev.o ccp-ops.o ccp-platform.o
+ccp-objs := ccp-dev.o ccp-ops.o ccp-dev-v3.o ccp-platform.o
 ccp-$(CONFIG_PCI) += ccp-pci.o
 
 obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) += ccp-crypto.o
diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
new file mode 100644
index 000..4f81c9f
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -0,0 +1,534 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) driver
+ *
+ * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
+ *
+ * Author: Tom Lendacky <thomas.lenda...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "ccp-dev.h"
+
+static int ccp_do_cmd(struct ccp_op *op, u32 *cr, unsigned int cr_count)
+{
+   struct ccp_cmd_queue *cmd_q = op->cmd_q;
+   struct ccp_device *ccp = cmd_q->ccp;
+   void __iomem *cr_addr;
+   u32 cr0, cmd;
+   unsigned int i;
+   int ret = 0;
+
+   /* We could read a status register to see how many free slots
+* are actually available, but reading that register resets it
+* and you could lose some error information.
+*/
+   cmd_q->free_slots--;
+
+   cr0 = (cmd_q->id << REQ0_CMD_Q_SHIFT)
+ | (op->jobid << REQ0_JOBID_SHIFT)
+ | REQ0_WAIT_FOR_WRITE;
+
+   if (op->soc)
+   cr0 |= REQ0_STOP_ON_COMPLETE
+  | REQ0_INT_ON_COMPLETE;
+
+   if (op->ioc || !cmd_q->free_slots)
+   cr0 |= REQ0_INT_ON_COMPLETE;
+
+   /* Start at CMD_REQ1 */
+   cr_addr = ccp->io_regs + CMD_REQ0 + CMD_REQ_INCR;
+
+   mutex_lock(>req_mutex);
+
+   /* Write CMD_REQ1 through CMD_REQx first */
+   for (i = 0; i < cr_count; i++, cr_addr += CMD_REQ_INCR)
+   iowrite32(*(cr + i), cr_addr);
+
+   /* Tell the CCP to start */
+   wmb();
+   iowrite32(cr0, ccp->io_regs + CMD_REQ0);
+
+   mutex_unlock(>req_mutex);
+
+   if (cr0 & REQ0_INT_ON_COMPLETE) {
+   /* Wait for the job to complete */
+   ret = wait_event_interruptible(cmd_q->int_queue,
+  cmd_q->int_rcvd);
+   if (ret || cmd_q->cmd_error) {
+   /* On error delete all related jobs from the queue */
+   cmd = (cmd_q->id << DEL_Q_ID_SHIFT)
+ | op->jobid;
+
+   iowrite32(cmd, ccp->io_regs + DEL_CMD_Q_JOB);
+
+   if (!ret)
+   ret = -EIO;
+   } else if (op->soc) {
+   /* Delete just head job from the queue on SoC */
+   cmd = DEL_Q_ACTIVE
+ | (cmd_q->id << DEL_Q_ID_SHIFT)
+ | op->jobid;
+
+   iowrite32(cmd, ccp->io_regs + DEL_CMD_Q_JOB);
+   }
+
+   cmd_q->free_slots = CMD_Q_DEPTH(cmd_q->q_status);
+
+   cmd_q->int_rcvd = 0;
+   }
+
+   return ret;
+}
+
+static int ccp_perform_aes(struct ccp_op *op)
+{
+   u32 cr[6];
+
+   /* Fill out the register contents for REQ1 through REQ6 */
+   cr[0] = (CCP_ENGINE_AES << REQ1_ENGINE_SHIFT)
+   | (op->u.aes.type << REQ1_AES_TYPE_SHIFT)
+   | (op->u.aes.mode << REQ1_AES_MODE_SHIFT)
+   | (op->u.aes.action << REQ1_AES_ACTION_SHIFT)
+   | (op->ksb_key << REQ1_KEY_KSB_SHIFT);
+   cr[1] = op->src.u.dma.length - 1;
+   cr[2] = ccp_addr_lo(>src.u.dma);
+   cr[3] 

[PATCH 0/4] crypto: ccp - CCP driver updates 2016-03-01

[Gary R Hook]

The following patches are includes in this update series:

- Remove the extraneous family check
- Refactor code to enable support for >1 CCPs in a system
- Add initial support for versioning
- Refactor: move version-specific code to separate files 
  where possible; abstract worker functions through a
  struct of function pointers

This patch series is based on cryptodev-2.6

---

Gary R Hook (4):
  crypto: ccp - Remove check for x86 family and model
  crypto: ccp - Support for multiple CCPs
  crypto: ccp - CCP versioning support
  crypto: ccp - Add abstraction for device-specific calls


 drivers/crypto/ccp/Makefile |2 
 drivers/crypto/ccp/ccp-crypto-aes.c |   12 +
 drivers/crypto/ccp/ccp-crypto-sha.c |9 +
 drivers/crypto/ccp/ccp-dev-v3.c |  534 +++
 drivers/crypto/ccp/ccp-dev.c|  471 ++-
 drivers/crypto/ccp/ccp-dev.h|  155 ++
 drivers/crypto/ccp/ccp-ops.c|  381 +
 drivers/crypto/ccp/ccp-pci.c|   23 +-
 drivers/crypto/ccp/ccp-platform.c   |   48 +++
 include/linux/ccp.h |   17 +
 10 files changed, 938 insertions(+), 714 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-dev-v3.c

--
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 1/4] crypto: ccp - Remove check for x86 family and model

[Gary R Hook]

Each x86 SoC will make use of a unique PCI ID for the CCP
device so it is not necessary to check for the CPU family
and model.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.c |   47 ++
 1 file changed, 11 insertions(+), 36 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c
index 861bacc..725c590 100644
--- a/drivers/crypto/ccp/ccp-dev.c
+++ b/drivers/crypto/ccp/ccp-dev.c
@@ -1,7 +1,7 @@
 /*
  * AMD Cryptographic Coprocessor (CCP) driver
  *
- * Copyright (C) 2013 Advanced Micro Devices, Inc.
+ * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
  *
  * Author: Tom Lendacky <thomas.lenda...@amd.com>
  *
@@ -577,41 +577,22 @@ bool ccp_queues_suspended(struct ccp_device *ccp)
 }
 #endif
 
-#ifdef CONFIG_X86
-static const struct x86_cpu_id ccp_support[] = {
-   { X86_VENDOR_AMD, 22, },
-   { },
-};
-#endif
-
 static int __init ccp_mod_init(void)
 {
 #ifdef CONFIG_X86
-   struct cpuinfo_x86 *cpuinfo = _cpu_data;
int ret;
 
-   if (!x86_match_cpu(ccp_support))
-   return -ENODEV;
-
-   switch (cpuinfo->x86) {
-   case 22:
-   if ((cpuinfo->x86_model < 48) || (cpuinfo->x86_model > 63))
-   return -ENODEV;
-
-   ret = ccp_pci_init();
-   if (ret)
-   return ret;
-
-   /* Don't leave the driver loaded if init failed */
-   if (!ccp_get_device()) {
-   ccp_pci_exit();
-   return -ENODEV;
-   }
-
-   return 0;
+   ret = ccp_pci_init();
+   if (ret)
+   return ret;
 
-   break;
+   /* Don't leave the driver loaded if init failed */
+   if (!ccp_get_device()) {
+   ccp_pci_exit();
+   return -ENODEV;
}
+
+   return 0;
 #endif
 
 #ifdef CONFIG_ARM64
@@ -636,13 +617,7 @@ static int __init ccp_mod_init(void)
 static void __exit ccp_mod_exit(void)
 {
 #ifdef CONFIG_X86
-   struct cpuinfo_x86 *cpuinfo = _cpu_data;
-
-   switch (cpuinfo->x86) {
-   case 22:
-   ccp_pci_exit();
-   break;
-   }
+   ccp_pci_exit();
 #endif
 
 #ifdef CONFIG_ARM64

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 2/4] crypto: ccp - Support for multiple CCPs

[Gary R Hook]

Enable management of >1 CCPs in a system. Each device will
get a unique identifier, as well as uniquely named
resources. Treat each CCP as an orthogonal unit and register
 resources individually.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.c  |  113 +
 drivers/crypto/ccp/ccp-dev.h  |9 +++
 drivers/crypto/ccp/ccp-pci.c  |7 +-
 drivers/crypto/ccp/ccp-platform.c |4 +
 4 files changed, 114 insertions(+), 19 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c
index 725c590..dd71e67 100644
--- a/drivers/crypto/ccp/ccp-dev.c
+++ b/drivers/crypto/ccp/ccp-dev.c
@@ -16,6 +16,8 @@
 #include 
 #include 
 #include 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -37,20 +39,96 @@ struct ccp_tasklet_data {
struct ccp_cmd *cmd;
 };
 
-static struct ccp_device *ccp_dev;
-static inline struct ccp_device *ccp_get_device(void)
+/* List of CCPs, CCP count, read-write access lock, and access functions
+ *
+ * Lock structure: get ccp_unit_lock for reading whenever we need to
+ * examine the CCP list. While holding it for reading we can acquire
+ * the RR lock to update the round-robin next-CCP pointer. The unit lock
+ * must be acquired before the RR lock.
+ *
+ * If the unit-lock is acquired for writing, we have total control over
+ * the list, so there's no value in getting the RR lock.
+ */
+static DEFINE_RWLOCK(ccp_unit_lock);
+static LIST_HEAD(ccp_units);
+
+/* Round-robin counter */
+static DEFINE_RWLOCK(ccp_rr_lock);
+static struct ccp_device *ccp_rr;
+
+/* Ever-increasing value to produce unique unit numbers */
+static atomic_t ccp_unit_ordinal;
+unsigned int ccp_increment_unit_ordinal(void)
 {
-   return ccp_dev;
+   return atomic_inc_return(_unit_ordinal);
 }
 
+/*
+ * Put this CCP on the unit list, which makes it available
+ * for use.
+ */
 static inline void ccp_add_device(struct ccp_device *ccp)
 {
-   ccp_dev = ccp;
+   unsigned long flags;
+
+   write_lock_irqsave(_unit_lock, flags);
+   list_add_tail(>entry, _units);
+   if (!ccp_rr)
+   /* We already have the list lock (we're first) so this
+* pointer can't change on us. Set its initial value.
+*/
+   ccp_rr = ccp;
+   write_unlock_irqrestore(_unit_lock, flags);
 }
 
+/* Remove this unit from the list of devices. If the next device
+ * up for use is this one, adjust the pointer. If this is the last
+ * device, NULL the pointer.
+ */
 static inline void ccp_del_device(struct ccp_device *ccp)
 {
-   ccp_dev = NULL;
+   unsigned long flags;
+
+   write_lock_irqsave(_unit_lock, flags);
+   if (ccp_rr == ccp) {
+   /* ccp_unit_lock is read/write; any read access
+* will be suspended while we make changes to the
+* list and RR pointer.
+*/
+   if (list_is_last(_rr->entry, _units))
+   ccp_rr = list_first_entry(_units, struct ccp_device,
+ entry);
+   else
+   ccp_rr = list_next_entry(ccp_rr, entry);
+   }
+   list_del(>entry);
+   if (list_empty(_units))
+   ccp_rr = NULL;
+   write_unlock_irqrestore(_unit_lock, flags);
+}
+
+static struct ccp_device *ccp_get_device(void)
+{
+   unsigned long flags;
+   struct ccp_device *dp = NULL;
+
+   /* We round-robin through the unit list.
+* The (ccp_rr) pointer refers to the next unit to use.
+*/
+   read_lock_irqsave(_unit_lock, flags);
+   if (!list_empty(_units)) {
+   write_lock_irqsave(_rr_lock, flags);
+   dp = ccp_rr;
+   if (list_is_last(_rr->entry, _units))
+   ccp_rr = list_first_entry(_units, struct ccp_device,
+ entry);
+   else
+   ccp_rr = list_next_entry(ccp_rr, entry);
+   write_unlock_irqrestore(_rr_lock, flags);
+   }
+   read_unlock_irqrestore(_unit_lock, flags);
+
+   return dp;
 }
 
 /**
@@ -60,10 +138,14 @@ static inline void ccp_del_device(struct ccp_device *ccp)
  */
 int ccp_present(void)
 {
-   if (ccp_get_device())
-   return 0;
+   unsigned long flags;
+   int ret;
 
-   return -ENODEV;
+   read_lock_irqsave(_unit_lock, flags);
+   ret = list_empty(_units);
+   read_unlock_irqrestore(_unit_lock, flags);
+
+   return ret ? -ENODEV : 0;
 }
 EXPORT_SYMBOL_GPL(ccp_present);
 
@@ -309,6 +391,10 @@ struct ccp_device *ccp_alloc_struct(struct device *dev)
ccp->ksb_count = KSB_COUNT;
ccp->ksb_start = 0;
 
+   ccp->ord = ccp_increment_unit_ordinal();
+   snprintf(ccp->name, MAX_CCP_NAME_LEN, "ccp-%u", ccp->ord);
+   snprintf(ccp->rngname, MAX_CCP_NA

[PATCH] crypto: ccp - Use different flag vars for nested locks

[Gary R Hook]

This patch fixes a coccinelle warning about reusing a flags
variable in nested lock acquisition.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.c |6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c
index 336e5b7..9c7bce8 100644
--- a/drivers/crypto/ccp/ccp-dev.c
+++ b/drivers/crypto/ccp/ccp-dev.c
@@ -120,7 +120,7 @@ void ccp_del_device(struct ccp_device *ccp)
 
 static struct ccp_device *ccp_get_device(void)
 {
-   unsigned long flags;
+   unsigned long flags, rrflags;
struct ccp_device *dp = NULL;
 
/* We round-robin through the unit list.
@@ -128,14 +128,14 @@ static struct ccp_device *ccp_get_device(void)
 */
read_lock_irqsave(_unit_lock, flags);
if (!list_empty(_units)) {
-   write_lock_irqsave(_rr_lock, flags);
+   write_lock_irqsave(_rr_lock, rrflags);
dp = ccp_rr;
if (list_is_last(_rr->entry, _units))
ccp_rr = list_first_entry(_units, struct ccp_device,
  entry);
else
ccp_rr = list_next_entry(ccp_rr, entry);
-   write_unlock_irqrestore(_rr_lock, flags);
+   write_unlock_irqrestore(_rr_lock, rrflags);
}
read_unlock_irqrestore(_unit_lock, flags);
 

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp - fix lock acquisition code

[Gary R Hook]

This patch simplifies an unneeded read-write lock.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.c |6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c
index 336e5b7..4dbc187 100644
--- a/drivers/crypto/ccp/ccp-dev.c
+++ b/drivers/crypto/ccp/ccp-dev.c
@@ -53,7 +53,7 @@ static DEFINE_RWLOCK(ccp_unit_lock);
 static LIST_HEAD(ccp_units);
 
 /* Round-robin counter */
-static DEFINE_RWLOCK(ccp_rr_lock);
+static DEFINE_SPINLOCK(ccp_rr_lock);
 static struct ccp_device *ccp_rr;
 
 /* Ever-increasing value to produce unique unit numbers */
@@ -128,14 +128,14 @@ static struct ccp_device *ccp_get_device(void)
 */
read_lock_irqsave(_unit_lock, flags);
if (!list_empty(_units)) {
-   write_lock_irqsave(_rr_lock, flags);
+   spin_lock(_rr_lock);
dp = ccp_rr;
if (list_is_last(_rr->entry, _units))
ccp_rr = list_first_entry(_units, struct ccp_device,
  entry);
else
ccp_rr = list_next_entry(ccp_rr, entry);
-   write_unlock_irqrestore(_rr_lock, flags);
+   spin_unlock(_rr_lock);
}
read_unlock_irqrestore(_unit_lock, flags);
 

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: ccp - Use different flag vars for nested locks

[Gary R Hook]

On 03/11/2016 08:22 PM, Herbert Xu wrote:

On Fri, Mar 11, 2016 at 10:40:11AM -0600, Gary R Hook wrote:

@@ -128,14 +128,14 @@ static struct ccp_device *ccp_get_device(void)
 */
read_lock_irqsave(_unit_lock, flags);
if (!list_empty(_units)) {
-   write_lock_irqsave(_rr_lock, flags);
+   write_lock_irqsave(_rr_lock, rrflags);

The right thing to do is to drop the _irqsave on the inner lock.

Also why is this a write lock at all as nobody seems to take it
as a read lock?

Roger on the _irqsave.

As for this being a read-write lock: an optimization during development 
removed the need for a read acquisition. This use of the lock was 
overlooked, and now only needs to be a spin lock.


Since the function of this patch has changed, and the subject line 
should be different, do you prefer a v2 patch, or a new patch? This one 
can be ignored, of course.


Gary
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] MAINTAINERS: Add a new maintainer for the CCP driver

[Gary R Hook]

On 03/21/2016 11:43 AM, Tom Lendacky wrote:

Gary will be taking over future development of the CCP driver, so add
him as a co-maintainer of the driver.

Signed-off-by: Tom Lendacky 
---
  MAINTAINERS |1 +
  1 file changed, 1 insertion(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index 30aca4a..8c42c07 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -623,6 +623,7 @@ F:  include/linux/altera_jtaguart.h
  
  AMD CRYPTOGRAPHIC COPROCESSOR (CCP) DRIVER

  M:Tom Lendacky 
+M: Gary Hook 
  L:linux-crypto@vger.kernel.org
  S:Supported
  F:drivers/crypto/ccp/



Acked-by: Gary Hook 

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: ccp - Register the CCP as a DMA resource

[Gary R Hook]

On 04/04/2016 04:47 PM, Tom Lendacky wrote:

On 04/04/2016 03:50 PM, Gary R Hook wrote:

The CCP has the ability to provide DMA services to the
kernel using pass-through mode of the device. Register
these services as general purpose DMA channels.
---

You're missing a cc: to David Miller, be sure to check who
should be included when emailing.

D'oh! Of course.

  drivers/crypto/ccp/Kconfig |1
  drivers/crypto/ccp/Makefile|6
  drivers/crypto/ccp/ccp-dev-v3.c|   13 +
  drivers/crypto/ccp/ccp-dev.h   |   49 ++
  drivers/crypto/ccp/ccp-dmaengine.c |  718 
  drivers/crypto/ccp/ccp-ops.c   |   77 
  6 files changed, 856 insertions(+), 8 deletions(-)
  create mode 100644 drivers/crypto/ccp/ccp-dmaengine.c

For some reason the diffstat is missing include/linux/ccp.h


Ack.


  
@@ -408,11 +408,19 @@ static int ccp_init(struct ccp_device *ccp)
  
  	ccp_add_device(ccp);
  
+	/* Register the DMA engine support */

+   ret = ccp_dmaengine_register(ccp);
+   if (ret)
+   goto e_hwrng;
+

This either needs to be before ccp_add_device() or you need to
remove the device in the error path.

Ack. Device registration should be the final step.

/* Enable interrupts */
iowrite32(qim, ccp->io_regs + IRQ_MASK_REG);
  
  	return 0;
  
+e_hwrng:

+   hwrng_unregister(>hwrng);
+
  e_kthread:
for (i = 0; i < ccp->cmd_q_count; i++)
if (ccp->cmd_q[i].kthread)
@@ -436,6 +444,9 @@ static void ccp_destroy(struct ccp_device *ccp)
/* Remove this device from the list of available units first */
ccp_del_device(ccp);
  
+	/* Unregister the DMA engine */

+   ccp_dmaengine_unregister(ccp);
+
/* Unregister the RNG */
hwrng_unregister(>hwrng);
  
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h

index 7745d0b..aa447a7 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -22,9 +22,12 @@
  #include 
  #include 
  #include 
+#include 
+#include 
+#include 
  
  #define MAX_CCP_NAME_LEN		16

-#define MAX_DMAPOOL_NAME_LEN   32
+#define MAX_DMA_NAME_LEN   40

Any reason this needed to be increased to 40? Though this change
may not be needed based on comment below.

This will be removed, per the comment below.



diff --git a/drivers/crypto/ccp/ccp-dmaengine.c 
b/drivers/crypto/ccp/ccp-dmaengine.c
new file mode 100644
index 000..241ad8a
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-dmaengine.c
@@ -0,0 +1,718 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) driver
+ *
+ * Copyright (C) 2015 Advanced Micro Devices, Inc.

2016.


+ *
+ * Author: Tom Lendacky <thomas.lenda...@amd.com>

This should be your name.

Ack.

...


+int ccp_dmaengine_register(struct ccp_device *ccp)
+{
+   struct ccp_dma_chan *chan;
+   struct dma_device *dma_dev = >dma_dev;
+   struct dma_chan *dma_chan;
+   char dma_cache_name[MAX_DMA_NAME_LEN];

This can't be a local function variable.  You'll need to allocate
memory for the cache names and track them (or use devm_kasprintf).
While kmem_cache_create() dups the string, a path down to 
sysfs_slab_alias() shows that the pointer is saved elsewhere. 
devm_kasprintf() will be used to build the cache name string.




diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index eefdf59..3467a1e 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -1311,7 +1311,7 @@ static int ccp_run_passthru_cmd(struct ccp_cmd_queue 
*cmd_q,
if (!pt->final && (pt->src_len & (CCP_PASSTHRU_BLOCKSIZE - 1)))
return -EINVAL;
  
-	if (!pt->src || !pt->dst)

+   if (!pt->src_sg || !pt->dst_sg)
No reason to change this in this patch. If you're trying to distinguish
between sg and dma addr because of the new passthru function you should
change the src and dst name in the new function - src_dma / dst_dma.

Done.


--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v2] crypto: ccp - Register the CCP as a DMA resource

[Gary R Hook]

The CCP has the ability to provide DMA services to the
kernel using pass-through mode of the device. Register
these services as general purpose DMA channels.
---
 drivers/crypto/ccp/Kconfig |1 
 drivers/crypto/ccp/Makefile|6 
 drivers/crypto/ccp/ccp-dev-v3.c|   11 +
 drivers/crypto/ccp/ccp-dev.h   |   47 ++
 drivers/crypto/ccp/ccp-dmaengine.c |  727 
 drivers/crypto/ccp/ccp-ops.c   |   69 +++
 include/linux/ccp.h|   36 ++
 7 files changed, 893 insertions(+), 4 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-dmaengine.c

diff --git a/drivers/crypto/ccp/Kconfig b/drivers/crypto/ccp/Kconfig
index 6e37845..79cabfb 100644
--- a/drivers/crypto/ccp/Kconfig
+++ b/drivers/crypto/ccp/Kconfig
@@ -3,6 +3,7 @@ config CRYPTO_DEV_CCP_DD
depends on CRYPTO_DEV_CCP
default m
select HW_RANDOM
+   select DMA_ENGINE
select CRYPTO_SHA1
select CRYPTO_SHA256
help
diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index b750592..ee4d274 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -1,5 +1,9 @@
 obj-$(CONFIG_CRYPTO_DEV_CCP_DD) += ccp.o
-ccp-objs := ccp-dev.o ccp-ops.o ccp-dev-v3.o ccp-platform.o
+ccp-objs := ccp-dev.o \
+   ccp-ops.o \
+   ccp-dev-v3.o \
+   ccp-platform.o \
+   ccp-dmaengine.o
 ccp-$(CONFIG_PCI) += ccp-pci.o
 
 obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) += ccp-crypto.o
diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 7d5eab4..597fc50 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -406,6 +406,11 @@ static int ccp_init(struct ccp_device *ccp)
goto e_kthread;
}
 
+   /* Register the DMA engine support */
+   ret = ccp_dmaengine_register(ccp);
+   if (ret)
+   goto e_hwrng;
+
ccp_add_device(ccp);
 
/* Enable interrupts */
@@ -413,6 +418,9 @@ static int ccp_init(struct ccp_device *ccp)
 
return 0;
 
+e_hwrng:
+   hwrng_unregister(>hwrng);
+
 e_kthread:
for (i = 0; i < ccp->cmd_q_count; i++)
if (ccp->cmd_q[i].kthread)
@@ -436,6 +444,9 @@ static void ccp_destroy(struct ccp_device *ccp)
/* Remove this device from the list of available units first */
ccp_del_device(ccp);
 
+   /* Unregister the DMA engine */
+   ccp_dmaengine_unregister(ccp);
+
/* Unregister the RNG */
hwrng_unregister(>hwrng);
 
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 7745d0b..5d986c9 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -22,6 +22,9 @@
 #include 
 #include 
 #include 
+#include 
+#include 
+#include 
 
 #define MAX_CCP_NAME_LEN   16
 #define MAX_DMAPOOL_NAME_LEN   32
@@ -167,6 +170,39 @@ extern struct ccp_vdata ccpv3;
 struct ccp_device;
 struct ccp_cmd;
 
+struct ccp_dma_cmd {
+   struct list_head entry;
+
+   struct ccp_cmd ccp_cmd;
+};
+
+struct ccp_dma_desc {
+   struct list_head entry;
+
+   struct ccp_device *ccp;
+
+   struct list_head pending;
+   struct list_head active;
+
+   enum dma_status status;
+   struct dma_async_tx_descriptor tx_desc;
+   size_t len;
+};
+
+struct ccp_dma_chan {
+   struct ccp_device *ccp;
+
+   spinlock_t lock;
+   struct list_head pending;
+   struct list_head active;
+   struct list_head complete;
+
+   struct tasklet_struct cleanup_tasklet;
+
+   enum dma_status status;
+   struct dma_chan dma_chan;
+};
+
 struct ccp_cmd_queue {
struct ccp_device *ccp;
 
@@ -261,6 +297,14 @@ struct ccp_device {
unsigned int hwrng_retries;
 
/*
+* Support for the CCP DMA capabilities
+*/
+   struct dma_device dma_dev;
+   struct ccp_dma_chan *ccp_dma_chan;
+   struct kmem_cache *dma_cmd_cache;
+   struct kmem_cache *dma_desc_cache;
+
+   /*
 * A counter used to generate job-ids for cmds submitted to the CCP
 */
atomic_t current_id cacheline_aligned;
@@ -418,4 +462,7 @@ int ccp_cmd_queue_thread(void *data);
 
 int ccp_run_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd);
 
+int ccp_dmaengine_register(struct ccp_device *ccp);
+void ccp_dmaengine_unregister(struct ccp_device *ccp);
+
 #endif
diff --git a/drivers/crypto/ccp/ccp-dmaengine.c 
b/drivers/crypto/ccp/ccp-dmaengine.c
new file mode 100644
index 000..94f77b0
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-dmaengine.c
@@ -0,0 +1,727 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) driver
+ *
+ * Copyright (C) 2016 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook <gary.h...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Fre

[PATCH] crypto: ccp - Register the CCP as a DMA resource

[Gary R Hook]

The CCP has the ability to provide DMA services to the
kernel using pass-through mode of the device. Register
these services as general purpose DMA channels.
---
 drivers/crypto/ccp/Kconfig |1 
 drivers/crypto/ccp/Makefile|6 
 drivers/crypto/ccp/ccp-dev-v3.c|   13 +
 drivers/crypto/ccp/ccp-dev.h   |   49 ++
 drivers/crypto/ccp/ccp-dmaengine.c |  718 
 drivers/crypto/ccp/ccp-ops.c   |   77 
 6 files changed, 856 insertions(+), 8 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-dmaengine.c

diff --git a/drivers/crypto/ccp/Kconfig b/drivers/crypto/ccp/Kconfig
index 6e37845..79cabfb 100644
--- a/drivers/crypto/ccp/Kconfig
+++ b/drivers/crypto/ccp/Kconfig
@@ -3,6 +3,7 @@ config CRYPTO_DEV_CCP_DD
depends on CRYPTO_DEV_CCP
default m
select HW_RANDOM
+   select DMA_ENGINE
select CRYPTO_SHA1
select CRYPTO_SHA256
help
diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index b750592..ee4d274 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -1,5 +1,9 @@
 obj-$(CONFIG_CRYPTO_DEV_CCP_DD) += ccp.o
-ccp-objs := ccp-dev.o ccp-ops.o ccp-dev-v3.o ccp-platform.o
+ccp-objs := ccp-dev.o \
+   ccp-ops.o \
+   ccp-dev-v3.o \
+   ccp-platform.o \
+   ccp-dmaengine.o
 ccp-$(CONFIG_PCI) += ccp-pci.o
 
 obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) += ccp-crypto.o
diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 7d5eab4..65babf4 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -290,7 +290,7 @@ static int ccp_init(struct ccp_device *ccp)
struct device *dev = ccp->dev;
struct ccp_cmd_queue *cmd_q;
struct dma_pool *dma_pool;
-   char dma_pool_name[MAX_DMAPOOL_NAME_LEN];
+   char dma_pool_name[MAX_DMA_NAME_LEN];
unsigned int qmr, qim, i;
int ret;
 
@@ -408,11 +408,19 @@ static int ccp_init(struct ccp_device *ccp)
 
ccp_add_device(ccp);
 
+   /* Register the DMA engine support */
+   ret = ccp_dmaengine_register(ccp);
+   if (ret)
+   goto e_hwrng;
+
/* Enable interrupts */
iowrite32(qim, ccp->io_regs + IRQ_MASK_REG);
 
return 0;
 
+e_hwrng:
+   hwrng_unregister(>hwrng);
+
 e_kthread:
for (i = 0; i < ccp->cmd_q_count; i++)
if (ccp->cmd_q[i].kthread)
@@ -436,6 +444,9 @@ static void ccp_destroy(struct ccp_device *ccp)
/* Remove this device from the list of available units first */
ccp_del_device(ccp);
 
+   /* Unregister the DMA engine */
+   ccp_dmaengine_unregister(ccp);
+
/* Unregister the RNG */
hwrng_unregister(>hwrng);
 
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 7745d0b..aa447a7 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -22,9 +22,12 @@
 #include 
 #include 
 #include 
+#include 
+#include 
+#include 
 
 #define MAX_CCP_NAME_LEN   16
-#define MAX_DMAPOOL_NAME_LEN   32
+#define MAX_DMA_NAME_LEN   40
 
 #define MAX_HW_QUEUES  5
 #define MAX_CMD_QLEN   100
@@ -167,6 +170,39 @@ extern struct ccp_vdata ccpv3;
 struct ccp_device;
 struct ccp_cmd;
 
+struct ccp_dma_cmd {
+   struct list_head entry;
+
+   struct ccp_cmd ccp_cmd;
+};
+
+struct ccp_dma_desc {
+   struct list_head entry;
+
+   struct ccp_device *ccp;
+
+   struct list_head pending;
+   struct list_head active;
+
+   enum dma_status status;
+   struct dma_async_tx_descriptor tx_desc;
+   size_t len;
+};
+
+struct ccp_dma_chan {
+   struct ccp_device *ccp;
+
+   spinlock_t lock;
+   struct list_head pending;
+   struct list_head active;
+   struct list_head complete;
+
+   struct tasklet_struct cleanup_tasklet;
+
+   enum dma_status status;
+   struct dma_chan dma_chan;
+};
+
 struct ccp_cmd_queue {
struct ccp_device *ccp;
 
@@ -261,6 +297,14 @@ struct ccp_device {
unsigned int hwrng_retries;
 
/*
+* Support for the CCP DMA capabilities
+*/
+   struct dma_device dma_dev;
+   struct ccp_dma_chan *ccp_dma_chan;
+   struct kmem_cache *dma_cmd_cache;
+   struct kmem_cache *dma_desc_cache;
+
+   /*
 * A counter used to generate job-ids for cmds submitted to the CCP
 */
atomic_t current_id cacheline_aligned;
@@ -418,4 +462,7 @@ int ccp_cmd_queue_thread(void *data);
 
 int ccp_run_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd);
 
+int ccp_dmaengine_register(struct ccp_device *ccp);
+void ccp_dmaengine_unregister(struct ccp_device *ccp);
+
 #endif
diff --git a/drivers/crypto/ccp/ccp-dmaengine.c 
b/drivers/crypto/ccp/ccp-dmaengine.c
new file mode 100644
index 000..241ad8a
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-dmaengine.c
@@ -0,0 +1,718 @@
+/*

Re: IV generation in cryptographic driver in AEAD

[Gary R Hook]

On 05/20/2016 06:31 PM, Herbert Xu wrote:

On Fri, May 20, 2016 at 10:50:38AM -0500, Gary R Hook wrote:


Why is (or should) setting geniv (be) required?

crypto_givcipher_default() appears to call crypto_default_geniv() if
the geniv member
is NULL. That function returns "eseqiv" or "chainiv" (under certain
conditions). If an
implementation isn't generating its own IVs, shouldn't the default
happen anyway? Or is
this more a matter of populating the structure with known,
intentional values?

Thank you for any illumination provided.


In the upstream kernel AEAD geniv has been completely phased out
and no longer exists.  Denis is working on an old kernel that still
has it.

We haven't yet phased it out for skcipher but I'm working on it.


...and there was light.

Thank you; very helpful.

(I'll work harder on my line wraps... If someone knows how to get 
Thunderbird

to do it for me, I'd love to know.)
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: IV generation in cryptographic driver in AEAD

[Gary R Hook]

On 05/19/2016 11:19 PM, Herbert Xu wrote:

Denis B  wrote:

My algs struct now looks like this:

static struct crypto_alg pp_crypto_algs[] = {
   {
  .cra_name = "authenc(hmac(sha256),cbc(aes))",
  .cra_driver_name = "pp_crypto_cbc_hmac_sha256",
  .cra_priority = 1, /**TODO set to highest values after
implementing encrypt decrypt functions */
  .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
  .cra_blocksize = AES_BLOCK_SIZE,
  .cra_ctxsize = sizeof(struct pp_crypto_aead_ctx),
  .cra_type = _nivaead_type,
  .cra_u = {
.aead = {
.setkey = pp_crypto_aead_setkey,
.setauthsize = pp_crypto_aead_setauthsize,
.decrypt = pp_crypto_aead_dec,
.encrypt = pp_crypto_aead_enc,
.givencrypt = NULL,
.givdecrypt = NULL,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA256_DIGEST_SIZE,


You also need to set geniv to "eseqiv".


I just gotta ask. Forgive my ignorance.

Why is (or should) setting geniv (be) required?

crypto_givcipher_default() appears to call crypto_default_geniv() if the 
geniv member
is NULL. That function returns "eseqiv" or "chainiv" (under certain 
conditions). If an
implementation isn't generating its own IVs, shouldn't the default 
happen anyway? Or is
this more a matter of populating the structure with known, intentional 
values?


Thank you for any illumination provided.

Gary

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Typos and RSA

[Gary R Hook]

I am working on hooking up RSA functionality to the akcipher API. It appears
that no other code, to date, uses this API. Can anyone confirm or deny that
conclusion?

I have questions about invoking akcipher transform functions, and can 
find no
information about specifics that vex me. If there is other code to look 
at, I'm
happy to. Otherwise, I can embarrass myself here with a display of 
ignorance.


Gary
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Typos and RSA

[Gary R Hook]

Thanks so much.

There are exactly 3 references to that symbol (in my freshly pulled copy 
of cryptodev-2.6).
testmgr.c precipitates my questions, and public_key.c doesn't actually 
provide any content
in the source input buffer, neither modulus nor plaintext. Thus, it 
doesn't clarify things

either.

But I truly appreciate your attention.

So I'll go ahead and ask, because I did look at the two areas mentioned 
by Stephan, but
neither seem to clarify (to my admittedly ignorant eyes... I'm a real 
newbie on crypto here)

usage.

Here's my question:

The source input (as set via akcipher_request_set_crypt()) to akcipher 
is supposed to be
the modulus + plaintext. testmgr hands this in via a scatterlist with 2 
elements, wherein
the first is the modulus, the second the payload. The source length 
however, appears to

be the aggregate length of these two elements. Okay, good enough.

Since the API provides no information about the modulus length, one 
might guess that the
only way to ascertain the separate lengths of the two parts is to read 
the values from
the scatterlist structures. I get that the key (exponent) length is what 
really matters,

but the source input fields are clearly of arbitrary and unequal length.

So please forgive my ignorance, but I'm not seeing it: how do we 
decompose the two parts
of src and get their lengths? What can we expect on the receiving end of 
the encrypt
function with respect to the source data structure? A two-element 
scatterlist? Or...?
What can we conclude from the calls made in do_test_rsa() in testmgr.c, 
vs the call in
public_key_verify_signature() in public_key.c re: invocation and 
provided data.


Any clarification is greatly appreciated.

Gary


On 05/17/2016 05:18 PM, Tadeusz Struk wrote:

On 05/17/2016 03:16 PM, Stephan Mueller wrote:

I am working on hooking up RSA functionality to the akcipher API. It appears

that no other code, to date, uses this API. Can anyone confirm or deny that
conclusion?

This is not correct. The asymmetric key API uses that code. So does the module
signing code.

Also you can have a look at testmgr.c for examples.
"git grep crypto_alloc_akcipher" is also useful.

Thanks,


--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Typos and RSA

[Gary R Hook]

Ah enlightenment can be such an uncomfortable thing...

On 05/17/2016 05:56 PM, Stephan Mueller wrote:

Am Dienstag, 17. Mai 2016, 17:46:44 schrieb Gary R Hook:

Hi Gary,


Thanks so much.

There are exactly 3 references to that symbol (in my freshly pulled copy
of cryptodev-2.6).
testmgr.c precipitates my questions, and public_key.c doesn't actually
provide any content
in the source input buffer, neither modulus nor plaintext. Thus, it
doesn't clarify things
either.

But I truly appreciate your attention.

So I'll go ahead and ask, because I did look at the two areas mentioned
by Stephan, but
neither seem to clarify (to my admittedly ignorant eyes... I'm a real
newbie on crypto here)
usage.

Here is an example from a current code of mine (all kccavs symbols are private
to my code):


Yes, thank you. After spending more time wandering through rsa.c & 
rsa_helper.c

I have come to realize that I have been laboring under a paradigm imposed by
my implementation requirements. Now that I have that cleared up, the 
answer to
my question it self-evident.Although I'm still not clear on why testmgr 
feels
the need to create a SGL table with an empty second element (for the 
existing

tests), rather than a single SGL. But that's neither here nor there.

As I said, I'm a newbie with lots to learn about this stuff. Thanks for your
patience.


--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: constify ccp_actions structure

[Gary R Hook]

On 05/01/2016 06:52 AM, Julia Lawall wrote:

The ccp_actions structure is never modified, so declare it as const.

Done with the help of Coccinelle.

Signed-off-by: Julia Lawall 


Acked-by: Gary Hook 


---
  drivers/crypto/ccp/ccp-dev-v3.c |2 +-
  drivers/crypto/ccp/ccp-dev.h|2 +-
  2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 597fc50..d7a7103 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -526,7 +526,7 @@ static irqreturn_t ccp_irq_handler(int irq, void *data)
return IRQ_HANDLED;
  }
  
-static struct ccp_actions ccp3_actions = {

+static const struct ccp_actions ccp3_actions = {
.perform_aes = ccp_perform_aes,
.perform_xts_aes = ccp_perform_xts_aes,
.perform_sha = ccp_perform_sha,
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 5d986c9..bd41ffce 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -162,7 +162,7 @@ struct ccp_actions {
  /* Structure to hold CCP version-specific values */
  struct ccp_vdata {
unsigned int version;
-   struct ccp_actions *perform;
+   const struct ccp_actions *perform;
  };
  
  extern struct ccp_vdata ccpv3;




--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v3] crypto: ccp - Register the CCP as a DMA resource

[Gary R Hook]

The CCP has the ability to provide DMA services to the
kernel using pass-through mode of the device. Register
these services as general purpose DMA channels.

Changes since v2:
- Add a Signed-off-by

Changes since v1:
- Allocate memory for a string in ccp_dmaengine_register
- Ensure register/unregister calls are properly ordered
- Verified all changed files are listed in the diffstat
- Undo some superfluous changes
- Added a cc:

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Kconfig |1 
 drivers/crypto/ccp/Makefile|6 
 drivers/crypto/ccp/ccp-dev-v3.c|   11 +
 drivers/crypto/ccp/ccp-dev.h   |   47 ++
 drivers/crypto/ccp/ccp-dmaengine.c |  727 
 drivers/crypto/ccp/ccp-ops.c   |   69 +++
 include/linux/ccp.h|   36 ++
 7 files changed, 893 insertions(+), 4 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-dmaengine.c

diff --git a/drivers/crypto/ccp/Kconfig b/drivers/crypto/ccp/Kconfig
index 6e37845..79cabfb 100644
--- a/drivers/crypto/ccp/Kconfig
+++ b/drivers/crypto/ccp/Kconfig
@@ -3,6 +3,7 @@ config CRYPTO_DEV_CCP_DD
depends on CRYPTO_DEV_CCP
default m
select HW_RANDOM
+   select DMA_ENGINE
select CRYPTO_SHA1
select CRYPTO_SHA256
help
diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index b750592..ee4d274 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -1,5 +1,9 @@
 obj-$(CONFIG_CRYPTO_DEV_CCP_DD) += ccp.o
-ccp-objs := ccp-dev.o ccp-ops.o ccp-dev-v3.o ccp-platform.o
+ccp-objs := ccp-dev.o \
+   ccp-ops.o \
+   ccp-dev-v3.o \
+   ccp-platform.o \
+   ccp-dmaengine.o
 ccp-$(CONFIG_PCI) += ccp-pci.o
 
 obj-$(CONFIG_CRYPTO_DEV_CCP_CRYPTO) += ccp-crypto.o
diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 7d5eab4..597fc50 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -406,6 +406,11 @@ static int ccp_init(struct ccp_device *ccp)
goto e_kthread;
}
 
+   /* Register the DMA engine support */
+   ret = ccp_dmaengine_register(ccp);
+   if (ret)
+   goto e_hwrng;
+
ccp_add_device(ccp);
 
/* Enable interrupts */
@@ -413,6 +418,9 @@ static int ccp_init(struct ccp_device *ccp)
 
return 0;
 
+e_hwrng:
+   hwrng_unregister(>hwrng);
+
 e_kthread:
for (i = 0; i < ccp->cmd_q_count; i++)
if (ccp->cmd_q[i].kthread)
@@ -436,6 +444,9 @@ static void ccp_destroy(struct ccp_device *ccp)
/* Remove this device from the list of available units first */
ccp_del_device(ccp);
 
+   /* Unregister the DMA engine */
+   ccp_dmaengine_unregister(ccp);
+
/* Unregister the RNG */
hwrng_unregister(>hwrng);
 
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 7745d0b..5d986c9 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -22,6 +22,9 @@
 #include 
 #include 
 #include 
+#include 
+#include 
+#include 
 
 #define MAX_CCP_NAME_LEN   16
 #define MAX_DMAPOOL_NAME_LEN   32
@@ -167,6 +170,39 @@ extern struct ccp_vdata ccpv3;
 struct ccp_device;
 struct ccp_cmd;
 
+struct ccp_dma_cmd {
+   struct list_head entry;
+
+   struct ccp_cmd ccp_cmd;
+};
+
+struct ccp_dma_desc {
+   struct list_head entry;
+
+   struct ccp_device *ccp;
+
+   struct list_head pending;
+   struct list_head active;
+
+   enum dma_status status;
+   struct dma_async_tx_descriptor tx_desc;
+   size_t len;
+};
+
+struct ccp_dma_chan {
+   struct ccp_device *ccp;
+
+   spinlock_t lock;
+   struct list_head pending;
+   struct list_head active;
+   struct list_head complete;
+
+   struct tasklet_struct cleanup_tasklet;
+
+   enum dma_status status;
+   struct dma_chan dma_chan;
+};
+
 struct ccp_cmd_queue {
struct ccp_device *ccp;
 
@@ -261,6 +297,14 @@ struct ccp_device {
unsigned int hwrng_retries;
 
/*
+* Support for the CCP DMA capabilities
+*/
+   struct dma_device dma_dev;
+   struct ccp_dma_chan *ccp_dma_chan;
+   struct kmem_cache *dma_cmd_cache;
+   struct kmem_cache *dma_desc_cache;
+
+   /*
 * A counter used to generate job-ids for cmds submitted to the CCP
 */
atomic_t current_id cacheline_aligned;
@@ -418,4 +462,7 @@ int ccp_cmd_queue_thread(void *data);
 
 int ccp_run_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd);
 
+int ccp_dmaengine_register(struct ccp_device *ccp);
+void ccp_dmaengine_unregister(struct ccp_device *ccp);
+
 #endif
diff --git a/drivers/crypto/ccp/ccp-dmaengine.c 
b/drivers/crypto/ccp/ccp-dmaengine.c
new file mode 100644
index 000..94f77b0
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-dmaengine.c
@@ -0,0 +1,727 @@
+/*
+ * AMD Cryp

[PATCH] crypto: ccp - Ensure all dependencies are specified

[Gary R Hook]

A DMA_ENGINE requires DMADEVICES in Kconfig

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Kconfig |1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/crypto/ccp/Kconfig b/drivers/crypto/ccp/Kconfig
index 79cabfb..2238f77 100644
--- a/drivers/crypto/ccp/Kconfig
+++ b/drivers/crypto/ccp/Kconfig
@@ -4,6 +4,7 @@ config CRYPTO_DEV_CCP_DD
default m
select HW_RANDOM
select DMA_ENGINE
+   select DMADEVICES
select CRYPTO_SHA1
select CRYPTO_SHA256
help

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [cryptodev:master 56/59] warning: (RAPIDIO_DMA_ENGINE && ..) selects DMA_ENGINE which has unmet direct dependencies (DMADEVICES)

[Gary R Hook]

On 04/20/2016 05:35 AM, kbuild test robot wrote:

tree:   
https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
head:   21ec757d2dd8650f978d27ad53cb1fcca8bb5e2b
commit: 58ea8abf490415c390e0cc671e875510c9b66318 [56/59] crypto: ccp - Register 
the CCP as a DMA resource
config: i386-randconfig-x018-201616 (attached as .config)
reproduce:
 git checkout 58ea8abf490415c390e0cc671e875510c9b66318
 # save the attached .config to linux build tree
 make ARCH=i386

All warnings (new ones prefixed by >>):

warning: (RAPIDIO_DMA_ENGINE && SND_SOC_SH4_SIU && CRYPTO_DEV_CCP_DD) selects 
DMA_ENGINE which has unmet direct dependencies (DMADEVICES)


I have sent a separate patch that appears to fix the 3 krobot problems. 
Apologies if I do not have the protocol correct.


Gary

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 03/10] crypto: ccp - Refactoring: symbol cleanup

[Gary R Hook]

Form and use of the local storage block in the CCP is
particular to the device version. Much of the code that
accesses the storage block can treat it as a virtual
resource, and will under go some renaming. Device-specific
access to the memory will be moved into device file.
Service functions will be added to the actions
structure.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v3.c |   32 ++---
 drivers/crypto/ccp/ccp-dev.c|7 +
 drivers/crypto/ccp/ccp-dev.h|   43 +++---
 drivers/crypto/ccp/ccp-ops.c|  266 ---
 4 files changed, 175 insertions(+), 173 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 1a94d2e..19eafb8 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -100,10 +100,10 @@ static int ccp_perform_aes(struct ccp_op *op)
| (op->u.aes.type << REQ1_AES_TYPE_SHIFT)
| (op->u.aes.mode << REQ1_AES_MODE_SHIFT)
| (op->u.aes.action << REQ1_AES_ACTION_SHIFT)
-   | (op->ksb_key << REQ1_KEY_KSB_SHIFT);
+   | (op->sb_key << REQ1_KEY_KSB_SHIFT);
cr[1] = op->src.u.dma.length - 1;
cr[2] = ccp_addr_lo(>src.u.dma);
-   cr[3] = (op->ksb_ctx << REQ4_KSB_SHIFT)
+   cr[3] = (op->sb_ctx << REQ4_KSB_SHIFT)
| (CCP_MEMTYPE_SYSTEM << REQ4_MEMTYPE_SHIFT)
| ccp_addr_hi(>src.u.dma);
cr[4] = ccp_addr_lo(>dst.u.dma);
@@ -130,10 +130,10 @@ static int ccp_perform_xts_aes(struct ccp_op *op)
cr[0] = (CCP_ENGINE_XTS_AES_128 << REQ1_ENGINE_SHIFT)
| (op->u.xts.action << REQ1_AES_ACTION_SHIFT)
| (op->u.xts.unit_size << REQ1_XTS_AES_SIZE_SHIFT)
-   | (op->ksb_key << REQ1_KEY_KSB_SHIFT);
+   | (op->sb_key << REQ1_KEY_KSB_SHIFT);
cr[1] = op->src.u.dma.length - 1;
cr[2] = ccp_addr_lo(>src.u.dma);
-   cr[3] = (op->ksb_ctx << REQ4_KSB_SHIFT)
+   cr[3] = (op->sb_ctx << REQ4_KSB_SHIFT)
| (CCP_MEMTYPE_SYSTEM << REQ4_MEMTYPE_SHIFT)
| ccp_addr_hi(>src.u.dma);
cr[4] = ccp_addr_lo(>dst.u.dma);
@@ -159,7 +159,7 @@ static int ccp_perform_sha(struct ccp_op *op)
| REQ1_INIT;
cr[1] = op->src.u.dma.length - 1;
cr[2] = ccp_addr_lo(>src.u.dma);
-   cr[3] = (op->ksb_ctx << REQ4_KSB_SHIFT)
+   cr[3] = (op->sb_ctx << REQ4_KSB_SHIFT)
| (CCP_MEMTYPE_SYSTEM << REQ4_MEMTYPE_SHIFT)
| ccp_addr_hi(>src.u.dma);
 
@@ -182,11 +182,11 @@ static int ccp_perform_rsa(struct ccp_op *op)
/* Fill out the register contents for REQ1 through REQ6 */
cr[0] = (CCP_ENGINE_RSA << REQ1_ENGINE_SHIFT)
| (op->u.rsa.mod_size << REQ1_RSA_MOD_SIZE_SHIFT)
-   | (op->ksb_key << REQ1_KEY_KSB_SHIFT)
+   | (op->sb_key << REQ1_KEY_KSB_SHIFT)
| REQ1_EOM;
cr[1] = op->u.rsa.input_len - 1;
cr[2] = ccp_addr_lo(>src.u.dma);
-   cr[3] = (op->ksb_ctx << REQ4_KSB_SHIFT)
+   cr[3] = (op->sb_ctx << REQ4_KSB_SHIFT)
| (CCP_MEMTYPE_SYSTEM << REQ4_MEMTYPE_SHIFT)
| ccp_addr_hi(>src.u.dma);
cr[4] = ccp_addr_lo(>dst.u.dma);
@@ -216,10 +216,10 @@ static int ccp_perform_passthru(struct ccp_op *op)
| ccp_addr_hi(>src.u.dma);
 
if (op->u.passthru.bit_mod != CCP_PASSTHRU_BITWISE_NOOP)
-   cr[3] |= (op->ksb_key << REQ4_KSB_SHIFT);
+   cr[3] |= (op->sb_key << REQ4_KSB_SHIFT);
} else {
-   cr[2] = op->src.u.ksb * CCP_KSB_BYTES;
-   cr[3] = (CCP_MEMTYPE_KSB << REQ4_MEMTYPE_SHIFT);
+   cr[2] = op->src.u.sb * CCP_SB_BYTES;
+   cr[3] = (CCP_MEMTYPE_SB << REQ4_MEMTYPE_SHIFT);
}
 
if (op->dst.type == CCP_MEMTYPE_SYSTEM) {
@@ -227,8 +227,8 @@ static int ccp_perform_passthru(struct ccp_op *op)
cr[5] = (CCP_MEMTYPE_SYSTEM << REQ6_MEMTYPE_SHIFT)
| ccp_addr_hi(>dst.u.dma);
} else {
-   cr[4] = op->dst.u.ksb * CCP_KSB_BYTES;
-   cr[5] = (CCP_MEMTYPE_KSB << REQ6_MEMTYPE_SHIFT);
+   cr[4] = op->dst.u.sb * CCP_SB_BYTES;
+   cr[5] = (CCP_MEMTYPE_SB << REQ6_MEMTYPE_SHIFT);
}
 
if (op->eom)
@@ -322,9 +322,9 @@ static int ccp_init(struct ccp_device *ccp)
cmd_q->dma_pool = dma_pool;
 
/* Reserve 2 KSB regions for the queue */
-   cmd_q->ksb_key = KSB_START + c

[PATCH 01/10] crypto: ccp - Abstract PCI info for the CCP

[Gary R Hook]

Device-specific values for the BAR and offset should be found
in the version data structure.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v3.c |3 +++
 drivers/crypto/ccp/ccp-dev.h|3 +++
 drivers/crypto/ccp/ccp-pci.c|   15 +++
 3 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index d7a7103..2f7f3c5 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -4,6 +4,7 @@
  * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
  *
  * Author: Tom Lendacky <thomas.lenda...@amd.com>
+ * Author: Gary R Hook <gary.h...@amd.com>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
@@ -541,4 +542,6 @@ static const struct ccp_actions ccp3_actions = {
 struct ccp_vdata ccpv3 = {
.version = CCP_VERSION(3, 0),
.perform = _actions,
+   .bar = 2,
+   .offset = 0x2,
 };
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 5fbee638..8824e41 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -4,6 +4,7 @@
  * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
  *
  * Author: Tom Lendacky <thomas.lenda...@amd.com>
+ * Author: Gary R Hook <gary.h...@amd.com>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
@@ -163,6 +164,8 @@ struct ccp_actions {
 struct ccp_vdata {
unsigned int version;
const struct ccp_actions *perform;
+   const unsigned int bar;
+   const unsigned int offset;
 };
 
 extern struct ccp_vdata ccpv3;
diff --git a/drivers/crypto/ccp/ccp-pci.c b/drivers/crypto/ccp/ccp-pci.c
index 0bf262e..072bced 100644
--- a/drivers/crypto/ccp/ccp-pci.c
+++ b/drivers/crypto/ccp/ccp-pci.c
@@ -4,6 +4,7 @@
  * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
  *
  * Author: Tom Lendacky <thomas.lenda...@amd.com>
+ * Author: Gary R Hook <gary.h...@amd.com>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
@@ -25,9 +26,6 @@
 
 #include "ccp-dev.h"
 
-#define IO_BAR 2
-#define IO_OFFSET  0x2
-
 #define MSIX_VECTORS   2
 
 struct ccp_msix {
@@ -156,10 +154,11 @@ static int ccp_find_mmio_area(struct ccp_device *ccp)
resource_size_t io_len;
unsigned long io_flags;
 
-   io_flags = pci_resource_flags(pdev, IO_BAR);
-   io_len = pci_resource_len(pdev, IO_BAR);
-   if ((io_flags & IORESOURCE_MEM) && (io_len >= (IO_OFFSET + 0x800)))
-   return IO_BAR;
+   io_flags = pci_resource_flags(pdev, ccp->vdata->bar);
+   io_len = pci_resource_len(pdev, ccp->vdata->bar);
+   if ((io_flags & IORESOURCE_MEM) &&
+   (io_len >= (ccp->vdata->offset + 0x800)))
+   return ccp->vdata->bar;
 
return -EIO;
 }
@@ -216,7 +215,7 @@ static int ccp_pci_probe(struct pci_dev *pdev, const struct 
pci_device_id *id)
dev_err(dev, "pci_iomap failed\n");
goto e_device;
}
-   ccp->io_regs = ccp->io_map + IO_OFFSET;
+   ccp->io_regs = ccp->io_map + ccp->vdata->offset;
 
ret = dma_set_mask_and_coherent(dev, DMA_BIT_MASK(48));
if (ret) {

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 00/10] Enablement of a v5 CCP

[Gary R Hook]

The following series updates the CCP driver to support
both current and new cryptographic coprocessor models.
Refactor code to further separate device-specific code
from driver logic, then add equivalent support for the
new device version.

---

Gary R Hook (10):
  crypto: ccp - Abstract PCI info for the CCP
  crypto: ccp - Shorten the fields of the action structure
  crypto: ccp - Refactoring: symbol cleanup
  crypto: ccp - Refactor the storage block allocation code
  crypto: ccp - Refactor code supporting the CCP's RNG
  crypto: ccp - Refactor code to enable checks for queue space.
  crypto: ccp - Let a v5 CCP provide the same function as v3
  crypto: ccp - Add support for the RNG in a version 5 CCP
  crypto: ccp - Enable DMA service on a v5 CCP
  crypto: ccp - Enable use of the additional CCP


 drivers/crypto/ccp/Makefile |1 
 drivers/crypto/ccp/ccp-crypto-sha.c |   18 +
 drivers/crypto/ccp/ccp-dev-v3.c |  177 --
 drivers/crypto/ccp/ccp-dev-v5.c | 1011 +++
 drivers/crypto/ccp/ccp-dev.c|   58 ++
 drivers/crypto/ccp/ccp-dev.h|  288 --
 drivers/crypto/ccp/ccp-ops.c|  576 +++-
 drivers/crypto/ccp/ccp-pci.c|   23 -
 include/linux/ccp.h |3 
 9 files changed, 1744 insertions(+), 411 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-dev-v5.c

--
This Signature Intentionally Left Blank
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 08/10] crypto: ccp - Add support for the RNG in a version 5 CCP

[Gary R Hook]

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v3.c |   13 -
 drivers/crypto/ccp/ccp-dev-v5.c |7 +++
 drivers/crypto/ccp/ccp-dev.c|   23 +++
 drivers/crypto/ccp/ccp-dev.h|2 ++
 4 files changed, 36 insertions(+), 9 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index ff2d2a4..578522d 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -432,14 +432,9 @@ static int ccp_init(struct ccp_device *ccp)
dev_dbg(dev, "Registering device...\n");
ccp_add_device(ccp);
 
-   /* Register the RNG */
-   ccp->hwrng.name = ccp->rngname;
-   ccp->hwrng.read = ccp_trng_read;
-   ret = hwrng_register(>hwrng);
-   if (ret) {
-   dev_err(dev, "error registering hwrng (%d)\n", ret);
+   ret = ccp_register_rng(ccp);
+   if (ret)
goto e_kthread;
-   }
 
/* Register the DMA engine support */
ret = ccp_dmaengine_register(ccp);
@@ -449,7 +444,7 @@ static int ccp_init(struct ccp_device *ccp)
return 0;
 
 e_hwrng:
-   hwrng_unregister(>hwrng);
+   ccp_unregister_rng(ccp);
 
 e_kthread:
for (i = 0; i < ccp->cmd_q_count; i++)
@@ -475,7 +470,7 @@ static void ccp_destroy(struct ccp_device *ccp)
ccp_dmaengine_unregister(ccp);
 
/* Unregister the RNG */
-   hwrng_unregister(>hwrng);
+   ccp_unregister_rng(ccp);
 
/* Remove this device from the list of available units */
ccp_del_device(ccp);
diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index 16dad96..ddce220 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -828,6 +828,10 @@ static int ccp5_init(struct ccp_device *ccp)
/* Put this on the unit list to make it available */
ccp_add_device(ccp);
 
+   ret = ccp_register_rng(ccp);
+   if (ret)
+   goto e_kthread;
+
return 0;
 
 e_kthread:
@@ -852,6 +856,9 @@ static void ccp5_destroy(struct ccp_device *ccp)
struct ccp_cmd *cmd;
unsigned int i;
 
+   /* Unregister the RNG */
+   ccp_unregister_rng(ccp);
+
/* Remove this device from the list of available units first */
ccp_del_device(ccp);
 
diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c
index 6b44730..38a98d8 100644
--- a/drivers/crypto/ccp/ccp-dev.c
+++ b/drivers/crypto/ccp/ccp-dev.c
@@ -119,6 +119,29 @@ void ccp_del_device(struct ccp_device *ccp)
write_unlock_irqrestore(_unit_lock, flags);
 }
 
+
+
+int ccp_register_rng(struct ccp_device *ccp)
+{
+   int ret = 0;
+
+   dev_dbg(ccp->dev, "Registering RNG...\n");
+   /* Register an RNG */
+   ccp->hwrng.name = ccp->rngname;
+   ccp->hwrng.read = ccp_trng_read;
+   ret = hwrng_register(>hwrng);
+   if (ret)
+   dev_err(ccp->dev, "error registering hwrng (%d)\n", ret);
+
+   return ret;
+}
+
+void ccp_unregister_rng(struct ccp_device *ccp)
+{
+   if (ccp->hwrng.name)
+   hwrng_unregister(>hwrng);
+}
+
 static struct ccp_device *ccp_get_device(void)
 {
unsigned long flags;
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 5ff4a73..d04bd61 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -601,6 +601,8 @@ int ccp_trng_read(struct hwrng *rng, void *data, size_t 
max, bool wait);
 
 int ccp_run_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd);
 
+int ccp_register_rng(struct ccp_device *ccp);
+void ccp_unregister_rng(struct ccp_device *ccp);
 int ccp_dmaengine_register(struct ccp_device *ccp);
 void ccp_dmaengine_unregister(struct ccp_device *ccp);
 

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp - Fix non-conforming comment style

[Gary R Hook]

Adhere to the cryptodev comment convention.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.h |   24 
 1 file changed, 8 insertions(+), 16 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index bd41ffce..5fbee638 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -253,16 +253,14 @@ struct ccp_device {
 
struct device *dev;
 
-   /*
-* Bus specific device information
+   /* Bus specific device information
 */
void *dev_specific;
int (*get_irq)(struct ccp_device *ccp);
void (*free_irq)(struct ccp_device *ccp);
unsigned int irq;
 
-   /*
-* I/O area used for device communication. The register mapping
+   /* I/O area used for device communication. The register mapping
 * starts at an offset into the mapped bar.
 *   The CMD_REQx registers and the Delete_Cmd_Queue_Job register
 *   need to be protected while a command queue thread is accessing
@@ -272,8 +270,7 @@ struct ccp_device {
void __iomem *io_map;
void __iomem *io_regs;
 
-   /*
-* Master lists that all cmds are queued on. Because there can be
+   /* Master lists that all cmds are queued on. Because there can be
 * more than one CCP command queue that can process a cmd a separate
 * backlog list is neeeded so that the backlog completion call
 * completes before the cmd is available for execution.
@@ -283,34 +280,29 @@ struct ccp_device {
struct list_head cmd;
struct list_head backlog;
 
-   /*
-* The command queues. These represent the queues available on the
+   /* The command queues. These represent the queues available on the
 * CCP that are available for processing cmds
 */
struct ccp_cmd_queue cmd_q[MAX_HW_QUEUES];
unsigned int cmd_q_count;
 
-   /*
-* Support for the CCP True RNG
+   /* Support for the CCP True RNG
 */
struct hwrng hwrng;
unsigned int hwrng_retries;
 
-   /*
-* Support for the CCP DMA capabilities
+   /* Support for the CCP DMA capabilities
 */
struct dma_device dma_dev;
struct ccp_dma_chan *ccp_dma_chan;
struct kmem_cache *dma_cmd_cache;
struct kmem_cache *dma_desc_cache;
 
-   /*
-* A counter used to generate job-ids for cmds submitted to the CCP
+   /* A counter used to generate job-ids for cmds submitted to the CCP
 */
atomic_t current_id cacheline_aligned;
 
-   /*
-* The CCP uses key storage blocks (KSB) to maintain context for certain
+   /* The CCP uses key storage blocks (KSB) to maintain context for certain
 * operations. To prevent multiple cmds from using the same KSB range
 * a command queue reserves a KSB range for the duration of the cmd.
 * Each queue, will however, reserve 2 KSB blocks for operations that

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 05/10] crypto: ccp - Refactor code supporting the CCP's RNG

[Gary R Hook]

Make the RNG support code common (where possible) in
preparation for adding a v5 device.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v3.c |   51 ---
 drivers/crypto/ccp/ccp-dev.c|   28 +
 drivers/crypto/ccp/ccp-dev.h|1 +
 3 files changed, 40 insertions(+), 40 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 5b06599..373ac4f 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -307,35 +307,6 @@ static int ccp_perform_ecc(struct ccp_op *op)
return ccp_do_cmd(op, cr, ARRAY_SIZE(cr));
 }
 
-static int ccp_trng_read(struct hwrng *rng, void *data, size_t max, bool wait)
-{
-   struct ccp_device *ccp = container_of(rng, struct ccp_device, hwrng);
-   u32 trng_value;
-   int len = min_t(int, sizeof(trng_value), max);
-
-   /*
-* Locking is provided by the caller so we can update device
-* hwrng-related fields safely
-*/
-   trng_value = ioread32(ccp->io_regs + TRNG_OUT_REG);
-   if (!trng_value) {
-   /* Zero is returned if not data is available or if a
-* bad-entropy error is present. Assume an error if
-* we exceed TRNG_RETRIES reads of zero.
-*/
-   if (ccp->hwrng_retries++ > TRNG_RETRIES)
-   return -EIO;
-
-   return 0;
-   }
-
-   /* Reset the counter and save the rng value */
-   ccp->hwrng_retries = 0;
-   memcpy(data, _value, len);
-
-   return len;
-}
-
 static int ccp_init(struct ccp_device *ccp)
 {
struct device *dev = ccp->dev;
@@ -495,17 +466,6 @@ static void ccp_destroy(struct ccp_device *ccp)
/* Remove this device from the list of available units first */
ccp_del_device(ccp);
 
-   /* Unregister the DMA engine */
-   ccp_dmaengine_unregister(ccp);
-
-   /* Unregister the RNG */
-   hwrng_unregister(>hwrng);
-
-   /* Stop the queue kthreads */
-   for (i = 0; i < ccp->cmd_q_count; i++)
-   if (ccp->cmd_q[i].kthread)
-   kthread_stop(ccp->cmd_q[i].kthread);
-
/* Build queue interrupt mask (two interrupt masks per queue) */
qim = 0;
for (i = 0; i < ccp->cmd_q_count; i++) {
@@ -523,6 +483,17 @@ static void ccp_destroy(struct ccp_device *ccp)
}
iowrite32(qim, ccp->io_regs + IRQ_STATUS_REG);
 
+   /* Unregister the DMA engine */
+   ccp_dmaengine_unregister(ccp);
+
+   /* Unregister the RNG */
+   hwrng_unregister(>hwrng);
+
+   /* Stop the queue kthreads */
+   for (i = 0; i < ccp->cmd_q_count; i++)
+   if (ccp->cmd_q[i].kthread)
+   kthread_stop(ccp->cmd_q[i].kthread);
+
ccp->free_irq(ccp);
 
for (i = 0; i < ccp->cmd_q_count; i++)
diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c
index 9c8cfbb..6b44730 100644
--- a/drivers/crypto/ccp/ccp-dev.c
+++ b/drivers/crypto/ccp/ccp-dev.c
@@ -409,6 +409,34 @@ struct ccp_device *ccp_alloc_struct(struct device *dev)
return ccp;
 }
 
+int ccp_trng_read(struct hwrng *rng, void *data, size_t max, bool wait)
+{
+   struct ccp_device *ccp = container_of(rng, struct ccp_device, hwrng);
+   u32 trng_value;
+   int len = min_t(int, sizeof(trng_value), max);
+
+   /* Locking is provided by the caller so we can update device
+* hwrng-related fields safely
+*/
+   trng_value = ioread32(ccp->io_regs + TRNG_OUT_REG);
+   if (!trng_value) {
+   /* Zero is returned if not data is available or if a
+* bad-entropy error is present. Assume an error if
+* we exceed TRNG_RETRIES reads of zero.
+*/
+   if (ccp->hwrng_retries++ > TRNG_RETRIES)
+   return -EIO;
+
+   return 0;
+   }
+
+   /* Reset the counter and save the rng value */
+   ccp->hwrng_retries = 0;
+   memcpy(data, _value, len);
+
+   return len;
+}
+
 #ifdef CONFIG_PM
 bool ccp_queues_suspended(struct ccp_device *ccp)
 {
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 4e38a61..0c44c5e0 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -440,6 +440,7 @@ void ccp_del_device(struct ccp_device *ccp);
 struct ccp_device *ccp_alloc_struct(struct device *dev);
 bool ccp_queues_suspended(struct ccp_device *ccp);
 int ccp_cmd_queue_thread(void *data);
+int ccp_trng_read(struct hwrng *rng, void *data, size_t max, bool wait);
 
 int ccp_run_cmd(struct ccp_cmd_queue *cmd_q, struct ccp_cmd *cmd);
 

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 07/10] crypto: ccp - Let a v5 CCP provide the same function as v3

[Gary R Hook]

Enable equivalent function on a v5 CCP. Add support for a
version 5 CCP which enables AES/XTS/SHA services. Also,
more work on the data structures to virtualize
functionality.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile |1 
 drivers/crypto/ccp/ccp-crypto-sha.c |   18 +
 drivers/crypto/ccp/ccp-dev-v3.c |   28 +
 drivers/crypto/ccp/ccp-dev-v5.c |  961 +++
 drivers/crypto/ccp/ccp-dev.h|  164 ++
 drivers/crypto/ccp/ccp-ops.c|  279 +++---
 drivers/crypto/ccp/ccp-pci.c|6 
 include/linux/ccp.h |3 
 8 files changed, 1340 insertions(+), 120 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-dev-v5.c

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index ee4d274..346ceb8 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -2,6 +2,7 @@ obj-$(CONFIG_CRYPTO_DEV_CCP_DD) += ccp.o
 ccp-objs := ccp-dev.o \
ccp-ops.o \
ccp-dev-v3.o \
+   ccp-dev-v5.o \
ccp-platform.o \
ccp-dmaengine.o
 ccp-$(CONFIG_PCI) += ccp-pci.o
diff --git a/drivers/crypto/ccp/ccp-crypto-sha.c 
b/drivers/crypto/ccp/ccp-crypto-sha.c
index 8f36af6..84a652b 100644
--- a/drivers/crypto/ccp/ccp-crypto-sha.c
+++ b/drivers/crypto/ccp/ccp-crypto-sha.c
@@ -4,6 +4,7 @@
  * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
  *
  * Author: Tom Lendacky <thomas.lenda...@amd.com>
+ * Author: Gary R Hook <gary.h...@amd.com>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
@@ -134,7 +135,22 @@ static int ccp_do_sha_update(struct ahash_request *req, 
unsigned int nbytes,
rctx->cmd.engine = CCP_ENGINE_SHA;
rctx->cmd.u.sha.type = rctx->type;
rctx->cmd.u.sha.ctx = >ctx_sg;
-   rctx->cmd.u.sha.ctx_len = sizeof(rctx->ctx);
+
+   switch (rctx->type) {
+   case CCP_SHA_TYPE_1:
+   rctx->cmd.u.sha.ctx_len = SHA1_DIGEST_SIZE;
+   break;
+   case CCP_SHA_TYPE_224:
+   rctx->cmd.u.sha.ctx_len = SHA224_DIGEST_SIZE;
+   break;
+   case CCP_SHA_TYPE_256:
+   rctx->cmd.u.sha.ctx_len = SHA256_DIGEST_SIZE;
+   break;
+   default:
+   /* Should never get here */
+   break;
+   }
+
rctx->cmd.u.sha.src = sg;
rctx->cmd.u.sha.src_len = rctx->hash_cnt;
rctx->cmd.u.sha.opad = ctx->u.sha.key_len ?
diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 02c8c95..ff2d2a4 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -405,6 +405,7 @@ static int ccp_init(struct ccp_device *ccp)
init_waitqueue_head(>sb_queue);
init_waitqueue_head(>suspend_queue);
 
+   dev_dbg(dev, "Starting threads...\n");
/* Create a kthread for each queue */
for (i = 0; i < ccp->cmd_q_count; i++) {
struct task_struct *kthread;
@@ -424,6 +425,13 @@ static int ccp_init(struct ccp_device *ccp)
wake_up_process(kthread);
}
 
+   dev_dbg(dev, "Enabling interrupts...\n");
+   /* Enable interrupts */
+   iowrite32(qim, ccp->io_regs + IRQ_MASK_REG);
+
+   dev_dbg(dev, "Registering device...\n");
+   ccp_add_device(ccp);
+
/* Register the RNG */
ccp->hwrng.name = ccp->rngname;
ccp->hwrng.read = ccp_trng_read;
@@ -438,11 +446,6 @@ static int ccp_init(struct ccp_device *ccp)
if (ret)
goto e_hwrng;
 
-   ccp_add_device(ccp);
-
-   /* Enable interrupts */
-   iowrite32(qim, ccp->io_regs + IRQ_MASK_REG);
-
return 0;
 
 e_hwrng:
@@ -468,7 +471,13 @@ static void ccp_destroy(struct ccp_device *ccp)
struct ccp_cmd *cmd;
unsigned int qim, i;
 
-   /* Remove this device from the list of available units first */
+   /* Unregister the DMA engine */
+   ccp_dmaengine_unregister(ccp);
+
+   /* Unregister the RNG */
+   hwrng_unregister(>hwrng);
+
+   /* Remove this device from the list of available units */
ccp_del_device(ccp);
 
/* Build queue interrupt mask (two interrupt masks per queue) */
@@ -488,12 +497,6 @@ static void ccp_destroy(struct ccp_device *ccp)
}
iowrite32(qim, ccp->io_regs + IRQ_STATUS_REG);
 
-   /* Unregister the DMA engine */
-   ccp_dmaengine_unregister(ccp);
-
-   /* Unregister the RNG */
-   hwrng_unregister(>hwrng);
-
/* Stop the queue kthreads */
for (i = 0; i < ccp->cmd_q_count; i++)
if (ccp->cmd_q[i].kthread)
@@ -570,6 +573,7 @@ static const struct ccp_actions ccp3_actions = {
 
 struct ccp_vdata ccpv3 = {
.versi

[PATCH 04/10] crypto: ccp - Refactor the storage block allocation code

[Gary R Hook]

Move the KSB access/management functions to the v3
device file, and add function pointers to the actions
structure. At the operations layer all of the references
to the storage block will be generic (virtual). This is
in preparation for a version 5 device, in which the
private storage block is managed differently.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v3.c |   52 +++
 drivers/crypto/ccp/ccp-dev.h|   74 +++
 drivers/crypto/ccp/ccp-ops.c|   52 ++-
 3 files changed, 98 insertions(+), 80 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 19eafb8..5b06599 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -20,6 +20,56 @@
 
 #include "ccp-dev.h"
 
+static u32 ccp_alloc_ksb(struct ccp_cmd_queue *cmd_q, unsigned int count)
+{
+   int start;
+   struct ccp_device *ccp = cmd_q->ccp;
+
+   for (;;) {
+   mutex_lock(>sb_mutex);
+
+   start = (u32)bitmap_find_next_zero_area(ccp->sb,
+   ccp->sb_count,
+   ccp->sb_start,
+   count, 0);
+   if (start <= ccp->sb_count) {
+   bitmap_set(ccp->sb, start, count);
+
+   mutex_unlock(>sb_mutex);
+   break;
+   }
+
+   ccp->sb_avail = 0;
+
+   mutex_unlock(>sb_mutex);
+
+   /* Wait for KSB entries to become available */
+   if (wait_event_interruptible(ccp->sb_queue, ccp->sb_avail))
+   return 0;
+   }
+
+   return KSB_START + start;
+}
+
+static void ccp_free_ksb(struct ccp_cmd_queue *cmd_q, unsigned int start,
+unsigned int count)
+{
+   struct ccp_device *ccp = cmd_q->ccp;
+
+   if (!start)
+   return;
+
+   mutex_lock(>sb_mutex);
+
+   bitmap_clear(ccp->sb, start - KSB_START, count);
+
+   ccp->sb_avail = 1;
+
+   mutex_unlock(>sb_mutex);
+
+   wake_up_interruptible_all(>sb_queue);
+}
+
 static int ccp_do_cmd(struct ccp_op *op, u32 *cr, unsigned int cr_count)
 {
struct ccp_cmd_queue *cmd_q = op->cmd_q;
@@ -534,6 +584,8 @@ static const struct ccp_actions ccp3_actions = {
.rsa = ccp_perform_rsa,
.passthru = ccp_perform_passthru,
.ecc = ccp_perform_ecc,
+   .sballoc = ccp_alloc_ksb,
+   .sbfree = ccp_free_ksb,
.init = ccp_init,
.destroy = ccp_destroy,
.irqhandler = ccp_irq_handler,
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 1e30568..4e38a61 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -147,30 +147,6 @@
 #define CCP_SB_BYTES   32
 
 struct ccp_op;
-
-/* Structure for computation functions that are device-specific */
-struct ccp_actions {
-   int (*aes)(struct ccp_op *);
-   int (*xts_aes)(struct ccp_op *);
-   int (*sha)(struct ccp_op *);
-   int (*rsa)(struct ccp_op *);
-   int (*passthru)(struct ccp_op *);
-   int (*ecc)(struct ccp_op *);
-   int (*init)(struct ccp_device *);
-   void (*destroy)(struct ccp_device *);
-   irqreturn_t (*irqhandler)(int, void *);
-};
-
-/* Structure to hold CCP version-specific values */
-struct ccp_vdata {
-   unsigned int version;
-   const struct ccp_actions *perform;
-   const unsigned int bar;
-   const unsigned int offset;
-};
-
-extern struct ccp_vdata ccpv3;
-
 struct ccp_device;
 struct ccp_cmd;
 
@@ -306,13 +282,22 @@ struct ccp_device {
 */
atomic_t current_id cacheline_aligned;
 
-   /* The CCP uses key storage blocks (KSB) to maintain context for certain
-* operations. To prevent multiple cmds from using the same KSB range
-* a command queue reserves a KSB range for the duration of the cmd.
-* Each queue, will however, reserve 2 KSB blocks for operations that
-* only require single KSB entries (eg. AES context/iv and key) in order
-* to avoid allocation contention.  This will reserve at most 10 KSB
-* entries, leaving 40 KSB entries available for dynamic allocation.
+   /* The v3 CCP uses key storage blocks (SB) to maintain context for
+* certain operations. To prevent multiple cmds from using the same
+* SB range a command queue reserves an SB range for the duration of
+* the cmd. Each queue, will however, reserve 2 SB blocks for
+* operations that only require single SB entries (eg. AES context/iv
+* and key) in order to avoid allocation contention.  This will reserve
+* at most 10 SB entries, leaving 40 SB entri

D'oh! (Re: robot build error)

[Gary R Hook]

Please ignore this patch.


[PATCH] crypto: CCP - build error: label 'e_hwrng' undefined

Gary R Hook Wed, 10 Aug 2016 12:27:28 -0700

Fix goto target for when registration fails

Reported-by: kbuild test robot <fengguang...@intel.com>
Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


diff --git a/drivers/crypto/ccp/ccp-dev-v5.c
b/drivers/crypto/ccp/ccp-dev-v5.c
index 4086714..114675e 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -835,7 +835,7 @@ static int ccp5_init(struct ccp_device *ccp)
/* Register the DMA engine support */
ret = ccp_dmaengine_register(ccp);
if (ret)
-   goto e_hwrng;
+   goto e_kthread;

return 0;


--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [cryptodev:master 17/45] drivers/crypto/ccp/ccp-dev-v5.c:838:3: error: label 'e_hwrng' used but not defined

[Gary R Hook]

A patch for this will be submitted shortly.

On 08/10/2016 10:30 AM, kbuild test robot wrote:

tree:   
https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master
head:   47856204146ba6fd0f198dbb23c4ed7ad1c3fd99
commit: 99d90b2ebd8b327c0c496798db99009b30c70945 [17/45] crypto: ccp - Enable 
DMA service on a v5 CCP
config: i386-randconfig-h1-08102150 (attached as .config)
compiler: gcc-6 (Debian 6.1.1-9) 6.1.1 20160705
reproduce:
git checkout 99d90b2ebd8b327c0c496798db99009b30c70945
# save the attached .config to linux build tree
make ARCH=i386

Note: the cryptodev/master HEAD 47856204146ba6fd0f198dbb23c4ed7ad1c3fd99 builds 
fine.
  It only hurts bisectibility.

All errors (new ones prefixed by >>):

   drivers/crypto/ccp/ccp-dev-v5.c: In function 'ccp5_init':

drivers/crypto/ccp/ccp-dev-v5.c:838:3: error: label 'e_hwrng' used but not 
defined

  goto e_hwrng;
  ^~~~

vim +/e_hwrng +838 drivers/crypto/ccp/ccp-dev-v5.c

   832  if (ret)
   833  goto e_kthread;
   834  
   835  /* Register the DMA engine support */
   836  ret = ccp_dmaengine_register(ccp);
   837  if (ret)
 > 838   goto e_hwrng;
   839  
   840  return 0;
   841  

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: CCP - build error: label 'e_hwrng' undefined

[Gary R Hook]

Fix goto target for when registration fails

Reported-by: kbuild test robot <fengguang...@intel.com>
Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index 4086714..114675e 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -835,7 +835,7 @@ static int ccp5_init(struct ccp_device *ccp)
/* Register the DMA engine support */
ret = ccp_dmaengine_register(ccp);
if (ret)
-   goto e_hwrng;
+   goto e_kthread;
 
return 0;
 

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

testmgr.h

[Gary R Hook]

Q: Is there a policy (de facto or otherwise) on adding tests to testmgr.h?
Two cases:

1) Tests from the NIST document(s) on various ciphers and hashes wherein
we add to an existing set of tests? For example, 3DES ECB mode, or AES
GCM? I suppose this question is really about, "how much is enough?"

2) Adding testing for a mode that has not heretofore been included? For
example, 3DES CFB mode? Pretty sure the answer here is "yes".

Over-arching concern: do we want to include official NIST test cases, or
eschew them?

There was no obvious reference to this (by way of grepping for testmgr)
in any of the existing Documentation. That I could find. If I missed
something, please excuse me.

Thanks,
Gary
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: RSA key size not allowed in FIPS

[Gary R Hook]

On 08/09/2016 09:10 AM, Tapas Sarangi wrote:


Ps : I could not send any attachment, is it possible to send attachment to
this mailing list ?


Pretty sure that's frowned upon.
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp - Set the AES size field for all modes

[Gary R Hook]

Ensure that the size field is correctly populated for
all AES modes.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |3 +--
 drivers/crypto/ccp/ccp-dev.h|1 +
 drivers/crypto/ccp/ccp-ops.c|8 
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index 612898b..9c6ff8b8 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -284,8 +284,7 @@ static int ccp5_perform_aes(struct ccp_op *op)
CCP_AES_ENCRYPT() = op->u.aes.action;
CCP_AES_MODE() = op->u.aes.mode;
CCP_AES_TYPE() = op->u.aes.type;
-   if (op->u.aes.mode == CCP_AES_MODE_CFB)
-   CCP_AES_SIZE() = 0x7f;
+   CCP_AES_SIZE() = op->u.aes.size;
 
CCP5_CMD_FUNCTION() = function.raw;
 
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 649e561..2b5c01f 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -467,6 +467,7 @@ struct ccp_aes_op {
enum ccp_aes_type type;
enum ccp_aes_mode mode;
enum ccp_aes_action action;
+   unsigned int size;
 };
 
 struct ccp_xts_aes_op {
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 50fae44..6878160 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -692,6 +692,14 @@ static int ccp_run_aes_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
goto e_ctx;
}
}
+   switch (aes->mode) {
+   case CCP_AES_MODE_CFB: /* CFB128 only */
+   case CCP_AES_MODE_CTR:
+   op.u.aes.size = AES_BLOCK_SIZE * BITS_PER_BYTE - 1;
+   break;
+   default:
+   op.u.aes.size = 0;
+   }
 
/* Prepare the input and output data workareas. For in-place
 * operations we need to set the dma direction to BIDIRECTIONAL

Re: [PATCH] crypto: ccp: Fix DMA operations when IOMMU is enabled

[Gary R Hook]

On 01/27/2017 03:28 PM, Gary R Hook wrote:

An I/O page fault occurs when the IOMMU is enabled on a
system that supports the v5 CCP.  DMA operations use a
Request ID value that does not match what is expected by
the IOMMU, resulting in the I/O page fault.  Setting the
Request ID value to 0 corrects this issue.


Herbert,

Hoping to get some 4.10 love on this patch, plus one other. Do we see
a possibility at this late date?



Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index e2ce819..612898b 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -959,7 +959,7 @@ static irqreturn_t ccp5_irq_handler(int irq, void *data)
 static void ccp5_config(struct ccp_device *ccp)
 {
/* Public side */
-   iowrite32(0x1249, ccp->io_regs + CMD5_REQID_CONFIG_OFFSET);
+   iowrite32(0x0, ccp->io_regs + CMD5_REQID_CONFIG_OFFSET);
 }

 static void ccp5other_config(struct ccp_device *ccp)

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer

Re: [PATCH] crypto: ccp: Fix double add when creating new DMA command

[Gary R Hook]

On 01/27/2017 05:09 PM, Gary R Hook wrote:

Eliminate a double-add by creating a new list to manage
command descriptors when created; move the descriptor to
the pending list when the command is submitted.


Herbert,

Another patch that could use some 4.10 love. Possible?

Thanks,
Gary




Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.h   |1 +
 drivers/crypto/ccp/ccp-dmaengine.c |6 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 830f35e..649e561 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -238,6 +238,7 @@ struct ccp_dma_chan {
struct ccp_device *ccp;

spinlock_t lock;
+   struct list_head created;
struct list_head pending;
struct list_head active;
struct list_head complete;
diff --git a/drivers/crypto/ccp/ccp-dmaengine.c 
b/drivers/crypto/ccp/ccp-dmaengine.c
index 6553912..e5d9278 100644
--- a/drivers/crypto/ccp/ccp-dmaengine.c
+++ b/drivers/crypto/ccp/ccp-dmaengine.c
@@ -63,6 +63,7 @@ static void ccp_free_chan_resources(struct dma_chan *dma_chan)
ccp_free_desc_resources(chan->ccp, >complete);
ccp_free_desc_resources(chan->ccp, >active);
ccp_free_desc_resources(chan->ccp, >pending);
+   ccp_free_desc_resources(chan->ccp, >created);

spin_unlock_irqrestore(>lock, flags);
 }
@@ -273,6 +274,7 @@ static dma_cookie_t ccp_tx_submit(struct 
dma_async_tx_descriptor *tx_desc)
spin_lock_irqsave(>lock, flags);

cookie = dma_cookie_assign(tx_desc);
+   list_del(>entry);
list_add_tail(>entry, >pending);

spin_unlock_irqrestore(>lock, flags);
@@ -426,7 +428,7 @@ static struct ccp_dma_desc *ccp_create_desc(struct dma_chan 
*dma_chan,

spin_lock_irqsave(>lock, sflags);

-   list_add_tail(>entry, >pending);
+   list_add_tail(>entry, >created);

spin_unlock_irqrestore(>lock, sflags);

@@ -610,6 +612,7 @@ static int ccp_terminate_all(struct dma_chan *dma_chan)
/*TODO: Purge the complete list? */
ccp_free_desc_resources(chan->ccp, >active);
ccp_free_desc_resources(chan->ccp, >pending);
+   ccp_free_desc_resources(chan->ccp, >created);

spin_unlock_irqrestore(>lock, flags);

@@ -679,6 +682,7 @@ int ccp_dmaengine_register(struct ccp_device *ccp)
chan->ccp = ccp;

spin_lock_init(>lock);
+   INIT_LIST_HEAD(>created);
INIT_LIST_HEAD(>pending);
INIT_LIST_HEAD(>active);
INIT_LIST_HEAD(>complete);

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer

[PATCH 0/4] Minor CCP driver improvements and clean-up

[Gary R Hook]

The following series implements:
 - Move verbose init messages to debug mode
 - Set the start-of-cmmand bit for all SHA operations
 - Update the queue pointers in the event of an error
 - Simplify buffer management and eliminate an unused option

---

Gary R Hook (4):
  crypto: ccp - Change mode for detailed CCP init messages
  crypto: ccp - Set the start-of-command bit
  crypto: ccp - Update the command queue on errors
  crypto: ccp - Simplify some buffer management routines


 drivers/crypto/ccp/ccp-dev-v5.c |   12 ++-
 drivers/crypto/ccp/ccp-ops.c|  142 +++
 2 files changed, 63 insertions(+), 91 deletions(-)

--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 4/4] crypto: ccp - Simplify some buffer management routines

[Gary R Hook]

The reverse-get/set functions can be simplified by
eliminating unused code.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-ops.c |  142 +-
 1 file changed, 56 insertions(+), 86 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 1a27af3..f426ba5 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -184,62 +184,46 @@ static void ccp_get_dm_area(struct ccp_dm_workarea *wa, 
unsigned int wa_offset,
 }
 
 static int ccp_reverse_set_dm_area(struct ccp_dm_workarea *wa,
+  unsigned int wa_offset,
   struct scatterlist *sg,
-  unsigned int len, unsigned int se_len,
-  bool sign_extend)
+  unsigned int sg_offset,
+  unsigned int len)
 {
-   unsigned int nbytes, sg_offset, dm_offset, sb_len, i;
-   u8 buffer[CCP_REVERSE_BUF_SIZE];
-
-   if (WARN_ON(se_len > sizeof(buffer)))
-   return -EINVAL;
-
-   sg_offset = len;
-   dm_offset = 0;
-   nbytes = len;
-   while (nbytes) {
-   sb_len = min_t(unsigned int, nbytes, se_len);
-   sg_offset -= sb_len;
-
-   scatterwalk_map_and_copy(buffer, sg, sg_offset, sb_len, 0);
-   for (i = 0; i < sb_len; i++)
-   wa->address[dm_offset + i] = buffer[sb_len - i - 1];
-
-   dm_offset += sb_len;
-   nbytes -= sb_len;
-
-   if ((sb_len != se_len) && sign_extend) {
-   /* Must sign-extend to nearest sign-extend length */
-   if (wa->address[dm_offset - 1] & 0x80)
-   memset(wa->address + dm_offset, 0xff,
-  se_len - sb_len);
-   }
+   u8 *p, *q;
+
+   ccp_set_dm_area(wa, wa_offset, sg, sg_offset, len);
+
+   p = wa->address + wa_offset;
+   q = p + len - 1;
+   while (p < q) {
+   *p = *p ^ *q;
+   *q = *p ^ *q;
+   *p = *p ^ *q;
+   p++;
+   q--;
}
-
return 0;
 }
 
 static void ccp_reverse_get_dm_area(struct ccp_dm_workarea *wa,
+   unsigned int wa_offset,
struct scatterlist *sg,
+   unsigned int sg_offset,
unsigned int len)
 {
-   unsigned int nbytes, sg_offset, dm_offset, sb_len, i;
-   u8 buffer[CCP_REVERSE_BUF_SIZE];
-
-   sg_offset = 0;
-   dm_offset = len;
-   nbytes = len;
-   while (nbytes) {
-   sb_len = min_t(unsigned int, nbytes, sizeof(buffer));
-   dm_offset -= sb_len;
-
-   for (i = 0; i < sb_len; i++)
-   buffer[sb_len - i - 1] = wa->address[dm_offset + i];
-   scatterwalk_map_and_copy(buffer, sg, sg_offset, sb_len, 1);
-
-   sg_offset += sb_len;
-   nbytes -= sb_len;
+   u8 *p, *q;
+
+   p = wa->address + wa_offset;
+   q = p + len - 1;
+   while (p < q) {
+   *p = *p ^ *q;
+   *q = *p ^ *q;
+   *p = *p ^ *q;
+   p++;
+   q--;
}
+
+   ccp_get_dm_area(wa, wa_offset, sg, sg_offset, len);
 }
 
 static void ccp_free_data(struct ccp_data *data, struct ccp_cmd_queue *cmd_q)
@@ -1262,8 +1246,7 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
if (ret)
goto e_sb;
 
-   ret = ccp_reverse_set_dm_area(, rsa->exp, rsa->exp_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, 0, rsa->exp, 0, rsa->exp_len);
if (ret)
goto e_exp;
ret = ccp_copy_to_sb(cmd_q, , op.jobid, op.sb_key,
@@ -1281,16 +1264,12 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
if (ret)
goto e_exp;
 
-   ret = ccp_reverse_set_dm_area(, rsa->mod, rsa->mod_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, 0, rsa->mod, 0, rsa->mod_len);
if (ret)
goto e_src;
-   src.address += o_len;   /* Adjust the address for the copy operation */
-   ret = ccp_reverse_set_dm_area(, rsa->src, rsa->src_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, o_len, rsa->src, 0, rsa->src_len);
if (ret)
goto e_src;
-   src.address -= o_len;   /* Reset the address to original value */
 
/* Prepare the output area for the operation */
ret = ccp_init_data(, cmd_q, rsa-&g

[PATCH 1/4] crypto: ccp - Change mode for detailed CCP init messages

[Gary R Hook]

The CCP initialization messages only need to be sent to
syslog in debug mode.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index e2ce819..5fb6c8c 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -532,7 +532,7 @@ static int ccp_find_lsb_regions(struct ccp_cmd_queue 
*cmd_q, u64 status)
status >>= LSB_REGION_WIDTH;
}
queues = bitmap_weight(cmd_q->lsbmask, MAX_LSB_CNT);
-   dev_info(cmd_q->ccp->dev, "Queue %d can access %d LSB regions\n",
+   dev_dbg(cmd_q->ccp->dev, "Queue %d can access %d LSB regions\n",
 cmd_q->id, queues);
 
return queues ? 0 : -EINVAL;
@@ -574,7 +574,7 @@ static int ccp_find_and_assign_lsb_to_q(struct ccp_device 
*ccp,
 */
cmd_q->lsb = bitno;
bitmap_clear(lsb_pub, bitno, 1);
-   dev_info(ccp->dev,
+   dev_dbg(ccp->dev,
 "Queue %d gets LSB %d\n",
 i, bitno);
break;
@@ -732,7 +732,6 @@ static int ccp5_init(struct ccp_device *ccp)
ret = -EIO;
goto e_pool;
}
-   dev_notice(dev, "%u command queues available\n", ccp->cmd_q_count);
 
/* Turn off the queues and disable interrupts until ready */
for (i = 0; i < ccp->cmd_q_count; i++) {

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 3/4] crypto: ccp - Update the command queue on errors

[Gary R Hook]

Move the command queue tail pointer when an error is
detected. Always return the error.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index 5fb6c8c..d9e1876 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -250,17 +250,20 @@ static int ccp5_do_cmd(struct ccp5_desc *desc,
ret = wait_event_interruptible(cmd_q->int_queue,
   cmd_q->int_rcvd);
if (ret || cmd_q->cmd_error) {
+   /* Log the error and flush the queue by
+* moving the head pointer
+*/
if (cmd_q->cmd_error)
ccp_log_error(cmd_q->ccp,
  cmd_q->cmd_error);
-   /* A version 5 device doesn't use Job IDs... */
+   iowrite32(tail, cmd_q->reg_head_lo);
if (!ret)
ret = -EIO;
}
cmd_q->int_rcvd = 0;
}
 
-   return 0;
+   return ret;
 }
 
 static int ccp5_perform_aes(struct ccp_op *op)

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 2/4] crypto: ccp - Set the start-of-command bit

[Gary R Hook]

The start-of-command bit should be set for every sha
operation.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-ops.c |1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 50fae44..1a27af3 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -1077,6 +1077,7 @@ static int ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
case CCP_SHA_TYPE_1:
case CCP_SHA_TYPE_224:
case CCP_SHA_TYPE_256:
+   op.soc = 1;
memcpy(ctx.address + ioffset, init, ctx_size);
break;
default:

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 2/4] crypto: ccp - Set the start-of-command bit

[Gary R Hook]

It turns out that this change will negatively impact performance. Please 
ignore.

I will submit a V2 patch set.

On 01/30/2017 08:28 AM, Gary R Hook wrote:

The start-of-command bit should be set for every sha
operation.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-ops.c |1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 50fae44..1a27af3 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -1077,6 +1077,7 @@ static int ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
case CCP_SHA_TYPE_1:
case CCP_SHA_TYPE_224:
case CCP_SHA_TYPE_256:
+   op.soc = 1;
memcpy(ctx.address + ioffset, init, ctx_size);
break;
default:

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp: Fix DMA operations when IOMMU is enabled

[Gary R Hook]

An I/O page fault occurs when the IOMMU is enabled on a
system that supports the v5 CCP.  DMA operations use a
Request ID value that does not match what is expected by
the IOMMU, resulting in the I/O page fault.  Setting the
Request ID value to 0 corrects this issue.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index e2ce819..612898b 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -959,7 +959,7 @@ static irqreturn_t ccp5_irq_handler(int irq, void *data)
 static void ccp5_config(struct ccp_device *ccp)
 {
/* Public side */
-   iowrite32(0x1249, ccp->io_regs + CMD5_REQID_CONFIG_OFFSET);
+   iowrite32(0x0, ccp->io_regs + CMD5_REQID_CONFIG_OFFSET);
 }
 
 static void ccp5other_config(struct ccp_device *ccp)

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp: Fix double add when creating new DMA command

[Gary R Hook]

Eliminate a double-add by creating a new list to manage
command descriptors when created; move the descriptor to
the pending list when the command is submitted. This


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.h   |1 +
 drivers/crypto/ccp/ccp-dmaengine.c |6 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 830f35e..649e561 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -238,6 +238,7 @@ struct ccp_dma_chan {
struct ccp_device *ccp;
 
spinlock_t lock;
+   struct list_head created;
struct list_head pending;
struct list_head active;
struct list_head complete;
diff --git a/drivers/crypto/ccp/ccp-dmaengine.c 
b/drivers/crypto/ccp/ccp-dmaengine.c
index 6553912..e5d9278 100644
--- a/drivers/crypto/ccp/ccp-dmaengine.c
+++ b/drivers/crypto/ccp/ccp-dmaengine.c
@@ -63,6 +63,7 @@ static void ccp_free_chan_resources(struct dma_chan *dma_chan)
ccp_free_desc_resources(chan->ccp, >complete);
ccp_free_desc_resources(chan->ccp, >active);
ccp_free_desc_resources(chan->ccp, >pending);
+   ccp_free_desc_resources(chan->ccp, >created);
 
spin_unlock_irqrestore(>lock, flags);
 }
@@ -273,6 +274,7 @@ static dma_cookie_t ccp_tx_submit(struct 
dma_async_tx_descriptor *tx_desc)
spin_lock_irqsave(>lock, flags);
 
cookie = dma_cookie_assign(tx_desc);
+   list_del(>entry);
list_add_tail(>entry, >pending);
 
spin_unlock_irqrestore(>lock, flags);
@@ -426,7 +428,7 @@ static struct ccp_dma_desc *ccp_create_desc(struct dma_chan 
*dma_chan,
 
spin_lock_irqsave(>lock, sflags);
 
-   list_add_tail(>entry, >pending);
+   list_add_tail(>entry, >created);
 
spin_unlock_irqrestore(>lock, sflags);
 
@@ -610,6 +612,7 @@ static int ccp_terminate_all(struct dma_chan *dma_chan)
/*TODO: Purge the complete list? */
ccp_free_desc_resources(chan->ccp, >active);
ccp_free_desc_resources(chan->ccp, >pending);
+   ccp_free_desc_resources(chan->ccp, >created);
 
spin_unlock_irqrestore(>lock, flags);
 
@@ -679,6 +682,7 @@ int ccp_dmaengine_register(struct ccp_device *ccp)
chan->ccp = ccp;
 
spin_lock_init(>lock);
+   INIT_LIST_HEAD(>created);
INIT_LIST_HEAD(>pending);
INIT_LIST_HEAD(>active);
INIT_LIST_HEAD(>complete);

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v2 2/3] crypto: ccp - Update the command queue on errors

[Gary R Hook]

Move the command queue tail pointer when an error is
detected. Always return the error.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index 5fb6c8c..d9e1876 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -250,17 +250,20 @@ static int ccp5_do_cmd(struct ccp5_desc *desc,
ret = wait_event_interruptible(cmd_q->int_queue,
   cmd_q->int_rcvd);
if (ret || cmd_q->cmd_error) {
+   /* Log the error and flush the queue by
+* moving the head pointer
+*/
if (cmd_q->cmd_error)
ccp_log_error(cmd_q->ccp,
  cmd_q->cmd_error);
-   /* A version 5 device doesn't use Job IDs... */
+   iowrite32(tail, cmd_q->reg_head_lo);
if (!ret)
ret = -EIO;
}
cmd_q->int_rcvd = 0;
}
 
-   return 0;
+   return ret;
 }
 
 static int ccp5_perform_aes(struct ccp_op *op)

[PATCH v2 1/3] crypto: ccp - Change mode for detailed CCP init messages

[Gary R Hook]

The CCP initialization messages only need to be sent to
syslog in debug mode.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index e2ce819..5fb6c8c 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -532,7 +532,7 @@ static int ccp_find_lsb_regions(struct ccp_cmd_queue 
*cmd_q, u64 status)
status >>= LSB_REGION_WIDTH;
}
queues = bitmap_weight(cmd_q->lsbmask, MAX_LSB_CNT);
-   dev_info(cmd_q->ccp->dev, "Queue %d can access %d LSB regions\n",
+   dev_dbg(cmd_q->ccp->dev, "Queue %d can access %d LSB regions\n",
 cmd_q->id, queues);
 
return queues ? 0 : -EINVAL;
@@ -574,7 +574,7 @@ static int ccp_find_and_assign_lsb_to_q(struct ccp_device 
*ccp,
 */
cmd_q->lsb = bitno;
bitmap_clear(lsb_pub, bitno, 1);
-   dev_info(ccp->dev,
+   dev_dbg(ccp->dev,
 "Queue %d gets LSB %d\n",
 i, bitno);
break;
@@ -732,7 +732,6 @@ static int ccp5_init(struct ccp_device *ccp)
ret = -EIO;
goto e_pool;
}
-   dev_notice(dev, "%u command queues available\n", ccp->cmd_q_count);
 
/* Turn off the queues and disable interrupts until ready */
for (i = 0; i < ccp->cmd_q_count; i++) {

[PATCH v2 3/3] crypto: ccp - Simplify some buffer management routines

[Gary R Hook]

The reverse-get/set functions can be simplified by
eliminating unused code.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-ops.c |  142 +-
 1 file changed, 56 insertions(+), 86 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 50fae44..efac3d5 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -184,62 +184,46 @@ static void ccp_get_dm_area(struct ccp_dm_workarea *wa, 
unsigned int wa_offset,
 }
 
 static int ccp_reverse_set_dm_area(struct ccp_dm_workarea *wa,
+  unsigned int wa_offset,
   struct scatterlist *sg,
-  unsigned int len, unsigned int se_len,
-  bool sign_extend)
+  unsigned int sg_offset,
+  unsigned int len)
 {
-   unsigned int nbytes, sg_offset, dm_offset, sb_len, i;
-   u8 buffer[CCP_REVERSE_BUF_SIZE];
-
-   if (WARN_ON(se_len > sizeof(buffer)))
-   return -EINVAL;
-
-   sg_offset = len;
-   dm_offset = 0;
-   nbytes = len;
-   while (nbytes) {
-   sb_len = min_t(unsigned int, nbytes, se_len);
-   sg_offset -= sb_len;
-
-   scatterwalk_map_and_copy(buffer, sg, sg_offset, sb_len, 0);
-   for (i = 0; i < sb_len; i++)
-   wa->address[dm_offset + i] = buffer[sb_len - i - 1];
-
-   dm_offset += sb_len;
-   nbytes -= sb_len;
-
-   if ((sb_len != se_len) && sign_extend) {
-   /* Must sign-extend to nearest sign-extend length */
-   if (wa->address[dm_offset - 1] & 0x80)
-   memset(wa->address + dm_offset, 0xff,
-  se_len - sb_len);
-   }
+   u8 *p, *q;
+
+   ccp_set_dm_area(wa, wa_offset, sg, sg_offset, len);
+
+   p = wa->address + wa_offset;
+   q = p + len - 1;
+   while (p < q) {
+   *p = *p ^ *q;
+   *q = *p ^ *q;
+   *p = *p ^ *q;
+   p++;
+   q--;
}
-
return 0;
 }
 
 static void ccp_reverse_get_dm_area(struct ccp_dm_workarea *wa,
+   unsigned int wa_offset,
struct scatterlist *sg,
+   unsigned int sg_offset,
unsigned int len)
 {
-   unsigned int nbytes, sg_offset, dm_offset, sb_len, i;
-   u8 buffer[CCP_REVERSE_BUF_SIZE];
-
-   sg_offset = 0;
-   dm_offset = len;
-   nbytes = len;
-   while (nbytes) {
-   sb_len = min_t(unsigned int, nbytes, sizeof(buffer));
-   dm_offset -= sb_len;
-
-   for (i = 0; i < sb_len; i++)
-   buffer[sb_len - i - 1] = wa->address[dm_offset + i];
-   scatterwalk_map_and_copy(buffer, sg, sg_offset, sb_len, 1);
-
-   sg_offset += sb_len;
-   nbytes -= sb_len;
+   u8 *p, *q;
+
+   p = wa->address + wa_offset;
+   q = p + len - 1;
+   while (p < q) {
+   *p = *p ^ *q;
+   *q = *p ^ *q;
+   *p = *p ^ *q;
+   p++;
+   q--;
}
+
+   ccp_get_dm_area(wa, wa_offset, sg, sg_offset, len);
 }
 
 static void ccp_free_data(struct ccp_data *data, struct ccp_cmd_queue *cmd_q)
@@ -1261,8 +1245,7 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
if (ret)
goto e_sb;
 
-   ret = ccp_reverse_set_dm_area(, rsa->exp, rsa->exp_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, 0, rsa->exp, 0, rsa->exp_len);
if (ret)
goto e_exp;
ret = ccp_copy_to_sb(cmd_q, , op.jobid, op.sb_key,
@@ -1280,16 +1263,12 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
if (ret)
goto e_exp;
 
-   ret = ccp_reverse_set_dm_area(, rsa->mod, rsa->mod_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, 0, rsa->mod, 0, rsa->mod_len);
if (ret)
goto e_src;
-   src.address += o_len;   /* Adjust the address for the copy operation */
-   ret = ccp_reverse_set_dm_area(, rsa->src, rsa->src_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, o_len, rsa->src, 0, rsa->src_len);
if (ret)
goto e_src;
-   src.address -= o_len;   /* Reset the address to original value */
 
/* Prepare the output area for the operation */
ret = ccp_init_data(, cmd_q, rsa-&g

[PATCH v2 0/3] Minor CCP improvements and clean-up

[Gary R Hook]

The following series implements...
 - Move verbose init messages to debug mode
 - Update the queue pointers in the event of an error
 - Simply buffer management and eliminate an unused option


---

Gary R Hook (3):
  crypto: ccp - Change mode for detailed CCP init messages
  crypto: ccp - Update the command queue on errors
  crypto: ccp - Simplify some buffer management routines


 drivers/crypto/ccp/ccp-dev-v5.c |   12 ++-
 drivers/crypto/ccp/ccp-ops.c|  142 +++
 2 files changed, 63 insertions(+), 91 deletions(-)

--
On a perpetual search for comfortable underwear

[PATCH 3/3] crypto: ccp - Add 3DES function on v5 CCPs

[Gary R Hook]

Wire up support for Triple DES in ECB mode.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile  |1 
 drivers/crypto/ccp/ccp-crypto-des3.c |  254 ++
 drivers/crypto/ccp/ccp-crypto-main.c |   10 +
 drivers/crypto/ccp/ccp-crypto.h  |   22 +++
 drivers/crypto/ccp/ccp-dev-v3.c  |1 
 drivers/crypto/ccp/ccp-dev-v5.c  |   54 +++
 drivers/crypto/ccp/ccp-dev.h |   14 ++
 drivers/crypto/ccp/ccp-ops.c |  198 +++
 include/linux/ccp.h  |   57 +++-
 9 files changed, 608 insertions(+), 3 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-des3.c

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index fd77225..563594a 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -14,4 +14,5 @@ ccp-crypto-objs := ccp-crypto-main.o \
   ccp-crypto-aes-xts.o \
   ccp-crypto-rsa.o \
   ccp-crypto-aes-galois.o \
+  ccp-crypto-des3.o \
   ccp-crypto-sha.o
diff --git a/drivers/crypto/ccp/ccp-crypto-des3.c 
b/drivers/crypto/ccp/ccp-crypto-des3.c
new file mode 100644
index 000..5af7347
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-crypto-des3.c
@@ -0,0 +1,254 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) DES3 crypto API support
+ *
+ * Copyright (C) 2016 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook <gh...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "ccp-crypto.h"
+
+static int ccp_des3_complete(struct crypto_async_request *async_req, int ret)
+{
+   struct ablkcipher_request *req = ablkcipher_request_cast(async_req);
+   struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+   struct ccp_des3_req_ctx *rctx = ablkcipher_request_ctx(req);
+
+   if (ret)
+   return ret;
+
+   if (ctx->u.des3.mode != CCP_DES3_MODE_ECB)
+   memcpy(req->info, rctx->iv, DES3_EDE_BLOCK_SIZE);
+
+   return 0;
+}
+
+static int ccp_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
+   unsigned int key_len)
+{
+   struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ablkcipher_tfm(tfm));
+   struct ccp_crypto_ablkcipher_alg *alg =
+   ccp_crypto_ablkcipher_alg(crypto_ablkcipher_tfm(tfm));
+   u32 *flags = >base.crt_flags;
+
+
+   /* From des_generic.c:
+*
+* RFC2451:
+*   If the first two or last two independent 64-bit keys are
+*   equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the
+*   same as DES.  Implementers MUST reject keys that exhibit this
+*   property.
+*/
+   const u32 *K = (const u32 *)key;
+
+   if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
+!((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
+(*flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
+   *flags |= CRYPTO_TFM_RES_WEAK_KEY;
+   return -EINVAL;
+   }
+
+   /* It's not clear that there is any support for a keysize of 112.
+* If needed, the caller should make K1 == K3
+*/
+   ctx->u.des3.type = CCP_DES3_TYPE_168;
+   ctx->u.des3.mode = alg->mode;
+   ctx->u.des3.key_len = key_len;
+
+   memcpy(ctx->u.des3.key, key, key_len);
+   sg_init_one(>u.des3.key_sg, ctx->u.des3.key, key_len);
+
+   return 0;
+}
+
+static int ccp_des3_crypt(struct ablkcipher_request *req, bool encrypt)
+{
+   struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+   struct ccp_des3_req_ctx *rctx = ablkcipher_request_ctx(req);
+   struct scatterlist *iv_sg = NULL;
+   unsigned int iv_len = 0;
+   int ret;
+
+   if (!ctx->u.des3.key_len)
+   return -EINVAL;
+
+   if (((ctx->u.des3.mode == CCP_DES3_MODE_ECB) ||
+(ctx->u.des3.mode == CCP_DES3_MODE_CBC)) &&
+   (req->nbytes & (DES3_EDE_BLOCK_SIZE - 1)))
+   return -EINVAL;
+
+   if (ctx->u.des3.mode != CCP_DES3_MODE_ECB) {
+   if (!req->info)
+   return -EINVAL;
+
+   memcpy(rctx->iv, req->info, DES3_EDE_BLOCK_SIZE);
+   iv_sg = >iv_sg;
+   iv_len = DES3_EDE_BLOCK_SIZE;
+   sg_init_one(iv_sg, rctx->iv, iv_len);
+   }
+
+   memset(>cmd, 0, sizeof(rctx->cmd));
+   INIT_LIST_HEAD(>cmd.entry);
+   rctx->cmd.engine = CCP_ENGINE_DES3;
+   rctx->cmd.u.des3.type = ctx->u.des3.type;
+   rctx->cmd.u.des3.mode = ctx->u.des3.mode;
+   rctx->cmd.u.des3.action = (

[PATCH 2/3] crypto: ccp - Add support for AES GCM on v5 CCPs

[Gary R Hook]

A version 5 device provides the primitive commands
required for AES GCM. This patch adds support for
en/decryption.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile|2 
 drivers/crypto/ccp/ccp-crypto-aes-galois.c |  257 
 drivers/crypto/ccp/ccp-crypto-main.c   |   20 ++
 drivers/crypto/ccp/ccp-crypto.h|   14 ++
 drivers/crypto/ccp/ccp-ops.c   |  252 +++
 include/linux/ccp.h|9 +
 6 files changed, 554 insertions(+)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-aes-galois.c

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index 346ceb8..fd77225 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -12,4 +12,6 @@ ccp-crypto-objs := ccp-crypto-main.o \
   ccp-crypto-aes.o \
   ccp-crypto-aes-cmac.o \
   ccp-crypto-aes-xts.o \
+  ccp-crypto-rsa.o \
+  ccp-crypto-aes-galois.o \
   ccp-crypto-sha.o
diff --git a/drivers/crypto/ccp/ccp-crypto-aes-galois.c 
b/drivers/crypto/ccp/ccp-crypto-aes-galois.c
new file mode 100644
index 000..8bc18c9
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-crypto-aes-galois.c
@@ -0,0 +1,257 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) AES GCM crypto API support
+ *
+ * Copyright (C) 2016 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook <gary.h...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "ccp-crypto.h"
+
+#defineAES_GCM_IVSIZE  12
+
+static int ccp_aes_gcm_complete(struct crypto_async_request *async_req, int 
ret)
+{
+   return ret;
+}
+
+static int ccp_aes_gcm_setkey(struct crypto_aead *tfm, const u8 *key,
+ unsigned int key_len)
+{
+   struct ccp_ctx *ctx = crypto_aead_ctx(tfm);
+
+   switch (key_len) {
+   case AES_KEYSIZE_128:
+   ctx->u.aes.type = CCP_AES_TYPE_128;
+   break;
+   case AES_KEYSIZE_192:
+   ctx->u.aes.type = CCP_AES_TYPE_192;
+   break;
+   case AES_KEYSIZE_256:
+   ctx->u.aes.type = CCP_AES_TYPE_256;
+   break;
+   default:
+   crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
+   return -EINVAL;
+   }
+
+   ctx->u.aes.mode = CCP_AES_MODE_GCM;
+   ctx->u.aes.key_len = key_len;
+
+   memcpy(ctx->u.aes.key, key, key_len);
+   sg_init_one(>u.aes.key_sg, ctx->u.aes.key, key_len);
+
+   return 0;
+}
+
+static int ccp_aes_gcm_setauthsize(struct crypto_aead *tfm,
+  unsigned int authsize)
+{
+   return 0;
+}
+
+static int ccp_aes_gcm_crypt(struct aead_request *req, bool encrypt)
+{
+   struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+   struct ccp_ctx *ctx = crypto_aead_ctx(tfm);
+   struct ccp_aes_req_ctx *rctx = aead_request_ctx(req);
+   struct scatterlist *iv_sg = NULL;
+   unsigned int iv_len = 0;
+   int i;
+   int ret = 0;
+
+   if (!ctx->u.aes.key_len)
+   return -EINVAL;
+
+   if (ctx->u.aes.mode != CCP_AES_MODE_GCM)
+   return -EINVAL;
+
+   if (!req->iv)
+   return -EINVAL;
+
+   /*
+* 5 parts:
+*   plaintext/ciphertext input
+*   AAD
+*   key
+*   IV
+*   Destination+tag buffer
+*/
+
+   /* According to the way AES GCM has been implemented here,
+* per RFC 4106 it seems, the provided IV is fixed at 12 bytes,
+* occupies the beginning of the IV array. Write a 32-bit
+* integer after that (bytes 13-16) with a value of "1".
+*/
+   memcpy(rctx->iv, req->iv, AES_GCM_IVSIZE);
+   for (i = 0; i < 3; i++)
+   rctx->iv[i + AES_GCM_IVSIZE] = 0;
+   rctx->iv[AES_BLOCK_SIZE - 1] = 1;
+
+   /* Set up a scatterlist for the IV */
+   iv_sg = >iv_sg;
+   iv_len = AES_BLOCK_SIZE;
+   sg_init_one(iv_sg, rctx->iv, iv_len);
+
+   /* The AAD + plaintext are concatenated in the src buffer */
+   memset(>cmd, 0, sizeof(rctx->cmd));
+   INIT_LIST_HEAD(>cmd.entry);
+   rctx->cmd.engine = CCP_ENGINE_AES;
+   rctx->cmd.u.aes.type = ctx->u.aes.type;
+   rctx->cmd.u.aes.mode = ctx->u.aes.mode;
+   rctx->cmd.u.aes.action =
+   (encrypt) ? CCP_AES_ACTION_ENCRYPT : CCP_AES_ACTION_DECRYPT;
+   rctx->cmd.u.aes.key = >u.aes.key_sg;
+   rctx->cmd.u.aes.key_len = ctx->u.aes.key_len;
+   

[PATCH 0/3] Support new function in the newer CCP

[Gary R Hook]

The following series implements new function in a version 5
coprocessor. New features are:
 - Support for SHA-2 384-bit and 512-bit hashing
 - Support for AES GCM encryption
 - Support for 3DES encryption

---

Gary R Hook (3):
  crypto: ccp - Add SHA-2 384-/512-/bit support
  crypto: ccp - Add support for AES GCM on v5 CCPs
  crypto: ccp - Add 3DES function on v5 CCPs


 drivers/crypto/ccp/Makefile|3 
 drivers/crypto/ccp/ccp-crypto-aes-galois.c |  257 ++
 drivers/crypto/ccp/ccp-crypto-des3.c   |  254 ++
 drivers/crypto/ccp/ccp-crypto-main.c   |   30 ++
 drivers/crypto/ccp/ccp-crypto-sha.c|   22 +
 drivers/crypto/ccp/ccp-crypto.h|   44 ++
 drivers/crypto/ccp/ccp-dev-v3.c|1 
 drivers/crypto/ccp/ccp-dev-v5.c|   54 +++
 drivers/crypto/ccp/ccp-dev.h   |   14 +
 drivers/crypto/ccp/ccp-ops.c   |  522 
 include/linux/ccp.h|   68 
 11 files changed, 1263 insertions(+), 6 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-aes-galois.c
 create mode 100644 drivers/crypto/ccp/ccp-crypto-des3.c

--
I'm pretty sure donuts would help.

[PATCH 1/3] crypto: ccp - Add SHA-2 384-/512-bit support

[Gary R Hook]

Incorporate 384-bit and 512-bit hashing for a version 5 CCP
device


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-crypto-sha.c |   22 +++
 drivers/crypto/ccp/ccp-crypto.h |8 ++--
 drivers/crypto/ccp/ccp-ops.c|   72 +++
 include/linux/ccp.h |2 +
 4 files changed, 101 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-crypto-sha.c 
b/drivers/crypto/ccp/ccp-crypto-sha.c
index 84a652b..6b46eea 100644
--- a/drivers/crypto/ccp/ccp-crypto-sha.c
+++ b/drivers/crypto/ccp/ccp-crypto-sha.c
@@ -146,6 +146,12 @@ static int ccp_do_sha_update(struct ahash_request *req, 
unsigned int nbytes,
case CCP_SHA_TYPE_256:
rctx->cmd.u.sha.ctx_len = SHA256_DIGEST_SIZE;
break;
+   case CCP_SHA_TYPE_384:
+   rctx->cmd.u.sha.ctx_len = SHA384_DIGEST_SIZE;
+   break;
+   case CCP_SHA_TYPE_512:
+   rctx->cmd.u.sha.ctx_len = SHA512_DIGEST_SIZE;
+   break;
default:
/* Should never get here */
break;
@@ -393,6 +399,22 @@ struct ccp_sha_def {
.digest_size= SHA256_DIGEST_SIZE,
.block_size = SHA256_BLOCK_SIZE,
},
+   {
+   .version= CCP_VERSION(5, 0),
+   .name   = "sha384",
+   .drv_name   = "sha384-ccp",
+   .type   = CCP_SHA_TYPE_384,
+   .digest_size= SHA384_DIGEST_SIZE,
+   .block_size = SHA384_BLOCK_SIZE,
+   },
+   {
+   .version= CCP_VERSION(5, 0),
+   .name   = "sha512",
+   .drv_name   = "sha512-ccp",
+   .type   = CCP_SHA_TYPE_512,
+   .digest_size= SHA512_DIGEST_SIZE,
+   .block_size = SHA512_BLOCK_SIZE,
+   },
 };
 
 static int ccp_register_hmac_alg(struct list_head *head,
diff --git a/drivers/crypto/ccp/ccp-crypto.h b/drivers/crypto/ccp/ccp-crypto.h
index 8335b32..95cce27 100644
--- a/drivers/crypto/ccp/ccp-crypto.h
+++ b/drivers/crypto/ccp/ccp-crypto.h
@@ -137,9 +137,11 @@ struct ccp_aes_cmac_exp_ctx {
u8 buf[AES_BLOCK_SIZE];
 };
 
-/* SHA related defines */
-#define MAX_SHA_CONTEXT_SIZE   SHA256_DIGEST_SIZE
-#define MAX_SHA_BLOCK_SIZE SHA256_BLOCK_SIZE
+/* SHA-related defines
+ * These values must be large enough to accommodate any variant
+ */
+#define MAX_SHA_CONTEXT_SIZE   SHA512_DIGEST_SIZE
+#define MAX_SHA_BLOCK_SIZE SHA512_BLOCK_SIZE
 
 struct ccp_sha_ctx {
struct scatterlist opad_sg;
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index f1396c3..0d82080 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -41,6 +41,20 @@
cpu_to_be32(SHA256_H6), cpu_to_be32(SHA256_H7),
 };
 
+static const __be64 ccp_sha384_init[SHA512_DIGEST_SIZE / sizeof(__be64)] = {
+   cpu_to_be64(SHA384_H0), cpu_to_be64(SHA384_H1),
+   cpu_to_be64(SHA384_H2), cpu_to_be64(SHA384_H3),
+   cpu_to_be64(SHA384_H4), cpu_to_be64(SHA384_H5),
+   cpu_to_be64(SHA384_H6), cpu_to_be64(SHA384_H7),
+};
+
+static const __be64 ccp_sha512_init[SHA512_DIGEST_SIZE / sizeof(__be64)] = {
+   cpu_to_be64(SHA512_H0), cpu_to_be64(SHA512_H1),
+   cpu_to_be64(SHA512_H2), cpu_to_be64(SHA512_H3),
+   cpu_to_be64(SHA512_H4), cpu_to_be64(SHA512_H5),
+   cpu_to_be64(SHA512_H6), cpu_to_be64(SHA512_H7),
+};
+
 #defineCCP_NEW_JOBID(ccp)  ((ccp->vdata->version == CCP_VERSION(3, 
0)) ? \
ccp_gen_jobid(ccp) : 0)
 
@@ -955,6 +969,18 @@ static int ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
return -EINVAL;
block_size = SHA256_BLOCK_SIZE;
break;
+   case CCP_SHA_TYPE_384:
+   if (cmd_q->ccp->vdata->version < CCP_VERSION(4, 0)
+   || sha->ctx_len < SHA384_DIGEST_SIZE)
+   return -EINVAL;
+   block_size = SHA384_BLOCK_SIZE;
+   break;
+   case CCP_SHA_TYPE_512:
+   if (cmd_q->ccp->vdata->version < CCP_VERSION(4, 0)
+   || sha->ctx_len < SHA512_DIGEST_SIZE)
+   return -EINVAL;
+   block_size = SHA512_BLOCK_SIZE;
+   break;
default:
return -EINVAL;
}
@@ -1042,6 +1068,21 @@ static int ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
sb_count = 1;
ooffset = ioffset = 0;
break;
+   case CCP_SHA_TYPE_384:
+   digest_size = SHA384_DIGEST_SIZE;
+   init = (void *) ccp_sha384_init;
+   ctx_size = SHA512_DIGEST_SIZE;
+   sb_count 

[PATCH] crypto: ccp - Reference the correct structure member

[Gary R Hook]

Fix a build break by referencing the proper structure member
name when invoking functions. Remove unneeded akcipher
structure.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile  |1 -
 drivers/crypto/ccp/ccp-crypto-main.c |8 
 drivers/crypto/ccp/ccp-ops.c |   10 +-
 3 files changed, 5 insertions(+), 14 deletions(-)

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index 563594a..60919a3 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -12,7 +12,6 @@ ccp-crypto-objs := ccp-crypto-main.o \
   ccp-crypto-aes.o \
   ccp-crypto-aes-cmac.o \
   ccp-crypto-aes-xts.o \
-  ccp-crypto-rsa.o \
   ccp-crypto-aes-galois.o \
   ccp-crypto-des3.o \
   ccp-crypto-sha.o
diff --git a/drivers/crypto/ccp/ccp-crypto-main.c 
b/drivers/crypto/ccp/ccp-crypto-main.c
index 228210c..8dccbdd 100644
--- a/drivers/crypto/ccp/ccp-crypto-main.c
+++ b/drivers/crypto/ccp/ccp-crypto-main.c
@@ -40,7 +40,6 @@
 /* List heads for the supported algorithms */
 static LIST_HEAD(hash_algs);
 static LIST_HEAD(cipher_algs);
-static LIST_HEAD(akcipher_algs);
 static LIST_HEAD(aead_algs);
 
 /* For any tfm, requests for that tfm must be returned on the order
@@ -366,7 +365,6 @@ static void ccp_unregister_algs(void)
 {
struct ccp_crypto_ahash_alg *ahash_alg, *ahash_tmp;
struct ccp_crypto_ablkcipher_alg *ablk_alg, *ablk_tmp;
-   struct ccp_crypto_akcipher_alg *ak_alg, *ak_tmp;
struct ccp_crypto_aead *aead_alg, *aead_tmp;
 
list_for_each_entry_safe(ahash_alg, ahash_tmp, _algs, entry) {
@@ -381,12 +379,6 @@ static void ccp_unregister_algs(void)
kfree(ablk_alg);
}
 
-   list_for_each_entry_safe(ak_alg, ak_tmp, _algs, entry) {
-   crypto_unregister_akcipher(_alg->alg);
-   list_del(_alg->entry);
-   kfree(ak_alg);
-   }
-
list_for_each_entry_safe(aead_alg, aead_tmp, _algs, entry) {
crypto_unregister_aead(_alg->alg);
list_del(_alg->entry);
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 6e2aa2c..7ae7f14 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -709,7 +709,7 @@ static int ccp_run_aes_gcm_cmd(struct ccp_cmd_queue *cmd_q,
while (aad.sg_wa.bytes_left) {
ccp_prepare_data(, NULL, , AES_BLOCK_SIZE, true);
 
-   ret = cmd_q->ccp->vdata->ccp_act->aes();
+   ret = cmd_q->ccp->vdata->perform->aes();
if (ret) {
cmd->engine_error = cmd_q->cmd_error;
goto e_aad;
@@ -758,7 +758,7 @@ static int ccp_run_aes_gcm_cmd(struct ccp_cmd_queue *cmd_q,
}
}
 
-   ret = cmd_q->ccp->vdata->ccp_act->aes();
+   ret = cmd_q->ccp->vdata->perform->aes();
if (ret) {
cmd->engine_error = cmd_q->cmd_error;
goto e_dst;
@@ -807,7 +807,7 @@ static int ccp_run_aes_gcm_cmd(struct ccp_cmd_queue *cmd_q,
op.dst.u.dma.length = AES_BLOCK_SIZE;
op.eom = 1;
op.u.aes.size = 0;
-   ret = cmd_q->ccp->vdata->ccp_act->aes();
+   ret = cmd_q->ccp->vdata->perform->aes();
if (ret)
goto e_dst;
 
@@ -1197,7 +1197,7 @@ static int ccp_run_des3_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
int ret;
 
/* Error checks */
-   if (!cmd_q->ccp->vdata->ccp_act->des3)
+   if (!cmd_q->ccp->vdata->perform->des3)
return -EINVAL;
 
if (des3->key_len != DES3_EDE_KEY_SIZE)
@@ -1335,7 +1335,7 @@ static int ccp_run_des3_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
op.soc = 0;
}
 
-   ret = cmd_q->ccp->vdata->ccp_act->des3();
+   ret = cmd_q->ccp->vdata->perform->des3();
if (ret) {
cmd->engine_error = cmd_q->cmd_error;
goto e_dst;

Re: [PATCH 0/3] Support new function in the newer CCP

[Gary R Hook]

On 02/15/2017 03:55 PM, Gary R Hook wrote:

The following series implements new function in a version 5
coprocessor. New features are:
 - Support for SHA-2 384-bit and 512-bit hashing
 - Support for AES GCM encryption
 - Support for 3DES encryption



Please ignore. This patchset introduces build breaks. Will send a V2 
shortly.





---

Gary R Hook (3):
  crypto: ccp - Add SHA-2 384-/512-/bit support
  crypto: ccp - Add support for AES GCM on v5 CCPs
  crypto: ccp - Add 3DES function on v5 CCPs


 drivers/crypto/ccp/Makefile|3
 drivers/crypto/ccp/ccp-crypto-aes-galois.c |  257 ++
 drivers/crypto/ccp/ccp-crypto-des3.c   |  254 ++
 drivers/crypto/ccp/ccp-crypto-main.c   |   30 ++
 drivers/crypto/ccp/ccp-crypto-sha.c|   22 +
 drivers/crypto/ccp/ccp-crypto.h|   44 ++
 drivers/crypto/ccp/ccp-dev-v3.c|1
 drivers/crypto/ccp/ccp-dev-v5.c|   54 +++
 drivers/crypto/ccp/ccp-dev.h   |   14 +
 drivers/crypto/ccp/ccp-ops.c   |  522

 include/linux/ccp.h|   68 
 11 files changed, 1263 insertions(+), 6 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-aes-galois.c
 create mode 100644 drivers/crypto/ccp/ccp-crypto-des3.c

--
I'm pretty sure donuts would help.


--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer

Re: [PATCH] crypto: ccp - Reference the correct structure member

[Gary R Hook]

On 02/27/2017 11:10 AM, Gary R Hook wrote:

Fix a build break by referencing the proper structure member
name when invoking functions. Remove unneeded akcipher
structure.


Please ignore. I was mistakenly under the impression that the referenced
patchset had been accepted.



Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile  |1 -
 drivers/crypto/ccp/ccp-crypto-main.c |8 
 drivers/crypto/ccp/ccp-ops.c |   10 +-
 3 files changed, 5 insertions(+), 14 deletions(-)

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index 563594a..60919a3 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -12,7 +12,6 @@ ccp-crypto-objs := ccp-crypto-main.o \
ccp-crypto-aes.o \
ccp-crypto-aes-cmac.o \
ccp-crypto-aes-xts.o \
-  ccp-crypto-rsa.o \
ccp-crypto-aes-galois.o \
ccp-crypto-des3.o \
ccp-crypto-sha.o
diff --git a/drivers/crypto/ccp/ccp-crypto-main.c
b/drivers/crypto/ccp/ccp-crypto-main.c
index 228210c..8dccbdd 100644
--- a/drivers/crypto/ccp/ccp-crypto-main.c
+++ b/drivers/crypto/ccp/ccp-crypto-main.c
@@ -40,7 +40,6 @@
 /* List heads for the supported algorithms */
 static LIST_HEAD(hash_algs);
 static LIST_HEAD(cipher_algs);
-static LIST_HEAD(akcipher_algs);
 static LIST_HEAD(aead_algs);

 /* For any tfm, requests for that tfm must be returned on the order
@@ -366,7 +365,6 @@ static void ccp_unregister_algs(void)
 {
 struct ccp_crypto_ahash_alg *ahash_alg, *ahash_tmp;
 struct ccp_crypto_ablkcipher_alg *ablk_alg, *ablk_tmp;
-   struct ccp_crypto_akcipher_alg *ak_alg, *ak_tmp;
 struct ccp_crypto_aead *aead_alg, *aead_tmp;

 list_for_each_entry_safe(ahash_alg, ahash_tmp, _algs, entry) {
@@ -381,12 +379,6 @@ static void ccp_unregister_algs(void)
 kfree(ablk_alg);
 }

-   list_for_each_entry_safe(ak_alg, ak_tmp, _algs, entry) {
-   crypto_unregister_akcipher(_alg->alg);
-   list_del(_alg->entry);
-   kfree(ak_alg);
-   }
-
 list_for_each_entry_safe(aead_alg, aead_tmp, _algs, entry) {
 crypto_unregister_aead(_alg->alg);
 list_del(_alg->entry);
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 6e2aa2c..7ae7f14 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -709,7 +709,7 @@ static int ccp_run_aes_gcm_cmd(struct ccp_cmd_queue
*cmd_q,
 while (aad.sg_wa.bytes_left) {
 ccp_prepare_data(, NULL, ,
AES_BLOCK_SIZE, true);

-   ret = cmd_q->ccp->vdata->ccp_act->aes();
+   ret = cmd_q->ccp->vdata->perform->aes();
 if (ret) {
 cmd->engine_error = cmd_q->cmd_error;
 goto e_aad;
@@ -758,7 +758,7 @@ static int ccp_run_aes_gcm_cmd(struct ccp_cmd_queue
*cmd_q,
 }
 }

-   ret = cmd_q->ccp->vdata->ccp_act->aes();
+   ret = cmd_q->ccp->vdata->perform->aes();
 if (ret) {
 cmd->engine_error = cmd_q->cmd_error;
 goto e_dst;
@@ -807,7 +807,7 @@ static int ccp_run_aes_gcm_cmd(struct ccp_cmd_queue
*cmd_q,
 op.dst.u.dma.length = AES_BLOCK_SIZE;
 op.eom = 1;
 op.u.aes.size = 0;
-   ret = cmd_q->ccp->vdata->ccp_act->aes();
+   ret = cmd_q->ccp->vdata->perform->aes();
 if (ret)
 goto e_dst;

@@ -1197,7 +1197,7 @@ static int ccp_run_des3_cmd(struct ccp_cmd_queue
*cmd_q, struct ccp_cmd *cmd)
 int ret;

 /* Error checks */
-   if (!cmd_q->ccp->vdata->ccp_act->des3)
+   if (!cmd_q->ccp->vdata->perform->des3)
 return -EINVAL;

 if (des3->key_len != DES3_EDE_KEY_SIZE)
@@ -1335,7 +1335,7 @@ static int ccp_run_des3_cmd(struct ccp_cmd_queue
*cmd_q, struct ccp_cmd *cmd)
 op.soc = 0;
 }

-   ret = cmd_q->ccp->vdata->ccp_act->des3();
+   ret = cmd_q->ccp->vdata->perform->des3();
 if (ret) {
 cmd->engine_error = cmd_q->cmd_error;
 goto e_dst;



--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer

[PATCH 2/2] crypto: ccp - Improve info reported when an error occurs

[Gary R Hook]

Add human readable strings to log messages about CCP errors

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v3.c |3 ++
 drivers/crypto/ccp/ccp-dev-v5.c |3 ++
 drivers/crypto/ccp/ccp-dev.c|   53 +++
 drivers/crypto/ccp/ccp-dev.h|2 +
 4 files changed, 61 insertions(+)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index b6615b1..8d2dbac 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -124,6 +124,9 @@ static int ccp_do_cmd(struct ccp_op *op, u32 *cr, unsigned 
int cr_count)
/* On error delete all related jobs from the queue */
cmd = (cmd_q->id << DEL_Q_ID_SHIFT)
  | op->jobid;
+   if (cmd_q->cmd_error)
+   ccp_log_error(cmd_q->ccp,
+ cmd_q->cmd_error);
 
iowrite32(cmd, ccp->io_regs + DEL_CMD_Q_JOB);
 
diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index a90ca9e..faf3cb3 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -243,6 +243,9 @@ static int ccp5_do_cmd(struct ccp5_desc *desc,
ret = wait_event_interruptible(cmd_q->int_queue,
   cmd_q->int_rcvd);
if (ret || cmd_q->cmd_error) {
+   if (cmd_q->cmd_error)
+   ccp_log_error(cmd_q->ccp,
+ cmd_q->cmd_error);
/* A version 5 device doesn't use Job IDs... */
if (!ret)
ret = -EIO;
diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c
index 38a98d8..d9885ce 100644
--- a/drivers/crypto/ccp/ccp-dev.c
+++ b/drivers/crypto/ccp/ccp-dev.c
@@ -40,6 +40,59 @@ struct ccp_tasklet_data {
struct ccp_cmd *cmd;
 };
 
+/* Human-readable error strings */
+char *ccp_error_codes[] = {
+   "",
+   "ERR 01: ILLEGAL_ENGINE",
+   "ERR 02: ILLEGAL_KEY_ID",
+   "ERR 03: ILLEGAL_FUNCTION_TYPE",
+   "ERR 04: ILLEGAL_FUNCTION_MODE",
+   "ERR 05: ILLEGAL_FUNCTION_ENCRYPT",
+   "ERR 06: ILLEGAL_FUNCTION_SIZE",
+   "ERR 07: Zlib_MISSING_INIT_EOM",
+   "ERR 08: ILLEGAL_FUNCTION_RSVD",
+   "ERR 09: ILLEGAL_BUFFER_LENGTH",
+   "ERR 10: VLSB_FAULT",
+   "ERR 11: ILLEGAL_MEM_ADDR",
+   "ERR 12: ILLEGAL_MEM_SEL",
+   "ERR 13: ILLEGAL_CONTEXT_ID",
+   "ERR 14: ILLEGAL_KEY_ADDR",
+   "ERR 15: 0xF Reserved",
+   "ERR 16: Zlib_ILLEGAL_MULTI_QUEUE",
+   "ERR 17: Zlib_ILLEGAL_JOBID_CHANGE",
+   "ERR 18: CMD_TIMEOUT",
+   "ERR 19: IDMA0_AXI_SLVERR",
+   "ERR 20: IDMA0_AXI_DECERR",
+   "ERR 21: 0x15 Reserved",
+   "ERR 22: IDMA1_AXI_SLAVE_FAULT",
+   "ERR 23: IDMA1_AIXI_DECERR",
+   "ERR 24: 0x18 Reserved",
+   "ERR 25: ZLIBVHB_AXI_SLVERR",
+   "ERR 26: ZLIBVHB_AXI_DECERR",
+   "ERR 27: 0x1B Reserved",
+   "ERR 27: ZLIB_UNEXPECTED_EOM",
+   "ERR 27: ZLIB_EXTRA_DATA",
+   "ERR 30: ZLIB_BTYPE",
+   "ERR 31: ZLIB_UNDEFINED_SYMBOL",
+   "ERR 32: ZLIB_UNDEFINED_DISTANCE_S",
+   "ERR 33: ZLIB_CODE_LENGTH_SYMBOL",
+   "ERR 34: ZLIB _VHB_ILLEGAL_FETCH",
+   "ERR 35: ZLIB_UNCOMPRESSED_LEN",
+   "ERR 36: ZLIB_LIMIT_REACHED",
+   "ERR 37: ZLIB_CHECKSUM_MISMATCH0",
+   "ERR 38: ODMA0_AXI_SLVERR",
+   "ERR 39: ODMA0_AXI_DECERR",
+   "ERR 40: 0x28 Reserved",
+   "ERR 41: ODMA1_AXI_SLVERR",
+   "ERR 42: ODMA1_AXI_DECERR",
+   "ERR 43: LSB_PARITY_ERR",
+};
+
+void ccp_log_error(struct ccp_device *d, int e)
+{
+   dev_err(d->dev, "CCP error: %s (0x%x)\n", ccp_error_codes[e], e);
+}
+
 /* List of CCPs, CCP count, read-write access lock, and access functions
  *
  * Lock structure: get ccp_unit_lock for reading whenever we need to
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 08f58b0..da5f4a6 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -601,6 +601,8 @@ void ccp_platform_exit(void);
 void ccp_add_device(struct ccp_device *ccp);
 void ccp_del_device(struct ccp_device *ccp);
 
+extern void ccp_log_error(struct ccp_device *, int);
+
 struct ccp_device *ccp_alloc_struct(struct device *dev);
 bool ccp_queues_suspended(struct ccp_device *ccp);
 int ccp_cmd_queue_thread(void *data);

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v2 2/2] crypto: ccp - Make syslog errors human-readable

[Gary R Hook]

Add human-readable strings to log messages about CCP errors

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v3.c |3 ++
 drivers/crypto/ccp/ccp-dev-v5.c |3 ++
 drivers/crypto/ccp/ccp-dev.c|   53 +++
 drivers/crypto/ccp/ccp-dev.h|2 +
 4 files changed, 61 insertions(+)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index b6615b1..8d2dbac 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -124,6 +124,9 @@ static int ccp_do_cmd(struct ccp_op *op, u32 *cr, unsigned 
int cr_count)
/* On error delete all related jobs from the queue */
cmd = (cmd_q->id << DEL_Q_ID_SHIFT)
  | op->jobid;
+   if (cmd_q->cmd_error)
+   ccp_log_error(cmd_q->ccp,
+ cmd_q->cmd_error);
 
iowrite32(cmd, ccp->io_regs + DEL_CMD_Q_JOB);
 
diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index a90ca9e..faf3cb3 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -243,6 +243,9 @@ static int ccp5_do_cmd(struct ccp5_desc *desc,
ret = wait_event_interruptible(cmd_q->int_queue,
   cmd_q->int_rcvd);
if (ret || cmd_q->cmd_error) {
+   if (cmd_q->cmd_error)
+   ccp_log_error(cmd_q->ccp,
+ cmd_q->cmd_error);
/* A version 5 device doesn't use Job IDs... */
if (!ret)
ret = -EIO;
diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c
index 5d36eef..cafa633 100644
--- a/drivers/crypto/ccp/ccp-dev.c
+++ b/drivers/crypto/ccp/ccp-dev.c
@@ -40,6 +40,59 @@ struct ccp_tasklet_data {
struct ccp_cmd *cmd;
 };
 
+/* Human-readable error strings */
+char *ccp_error_codes[] = {
+   "",
+   "ERR 01: ILLEGAL_ENGINE",
+   "ERR 02: ILLEGAL_KEY_ID",
+   "ERR 03: ILLEGAL_FUNCTION_TYPE",
+   "ERR 04: ILLEGAL_FUNCTION_MODE",
+   "ERR 05: ILLEGAL_FUNCTION_ENCRYPT",
+   "ERR 06: ILLEGAL_FUNCTION_SIZE",
+   "ERR 07: Zlib_MISSING_INIT_EOM",
+   "ERR 08: ILLEGAL_FUNCTION_RSVD",
+   "ERR 09: ILLEGAL_BUFFER_LENGTH",
+   "ERR 10: VLSB_FAULT",
+   "ERR 11: ILLEGAL_MEM_ADDR",
+   "ERR 12: ILLEGAL_MEM_SEL",
+   "ERR 13: ILLEGAL_CONTEXT_ID",
+   "ERR 14: ILLEGAL_KEY_ADDR",
+   "ERR 15: 0xF Reserved",
+   "ERR 16: Zlib_ILLEGAL_MULTI_QUEUE",
+   "ERR 17: Zlib_ILLEGAL_JOBID_CHANGE",
+   "ERR 18: CMD_TIMEOUT",
+   "ERR 19: IDMA0_AXI_SLVERR",
+   "ERR 20: IDMA0_AXI_DECERR",
+   "ERR 21: 0x15 Reserved",
+   "ERR 22: IDMA1_AXI_SLAVE_FAULT",
+   "ERR 23: IDMA1_AIXI_DECERR",
+   "ERR 24: 0x18 Reserved",
+   "ERR 25: ZLIBVHB_AXI_SLVERR",
+   "ERR 26: ZLIBVHB_AXI_DECERR",
+   "ERR 27: 0x1B Reserved",
+   "ERR 27: ZLIB_UNEXPECTED_EOM",
+   "ERR 27: ZLIB_EXTRA_DATA",
+   "ERR 30: ZLIB_BTYPE",
+   "ERR 31: ZLIB_UNDEFINED_SYMBOL",
+   "ERR 32: ZLIB_UNDEFINED_DISTANCE_S",
+   "ERR 33: ZLIB_CODE_LENGTH_SYMBOL",
+   "ERR 34: ZLIB _VHB_ILLEGAL_FETCH",
+   "ERR 35: ZLIB_UNCOMPRESSED_LEN",
+   "ERR 36: ZLIB_LIMIT_REACHED",
+   "ERR 37: ZLIB_CHECKSUM_MISMATCH0",
+   "ERR 38: ODMA0_AXI_SLVERR",
+   "ERR 39: ODMA0_AXI_DECERR",
+   "ERR 40: 0x28 Reserved",
+   "ERR 41: ODMA1_AXI_SLVERR",
+   "ERR 42: ODMA1_AXI_DECERR",
+   "ERR 43: LSB_PARITY_ERR",
+};
+
+void ccp_log_error(struct ccp_device *d, int e)
+{
+   dev_err(d->dev, "CCP error: %s (0x%x)\n", ccp_error_codes[e], e);
+}
+
 /* List of CCPs, CCP count, read-write access lock, and access functions
  *
  * Lock structure: get ccp_unit_lock for reading whenever we need to
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 08f58b0..da5f4a6 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -601,6 +601,8 @@ void ccp_platform_exit(void);
 void ccp_add_device(struct ccp_device *ccp);
 void ccp_del_device(struct ccp_device *ccp);
 
+extern void ccp_log_error(struct ccp_device *, int);
+
 struct ccp_device *ccp_alloc_struct(struct device *dev);
 bool ccp_queues_suspended(struct ccp_device *ccp);
 int ccp_cmd_queue_thread(void *data);

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v2 0/2] Minor CCP driver changes

[Gary R Hook]

V2: point a goto statement at the correct label

The following series is for miscellaneous small changes.

---

Gary R Hook (2):
  crypto: ccp - clean up data structure
  crypto: ccp - Make syslog errors human-readable



 drivers/crypto/ccp/ccp-dev-v3.c |5 +++-
 drivers/crypto/ccp/ccp-dev-v5.c |   12 +++--
 drivers/crypto/ccp/ccp-dev.c|   53 +++
 drivers/crypto/ccp/ccp-dev.h|8 --
 drivers/crypto/ccp/ccp-pci.c|4 +--
 5 files changed, 73 insertions(+), 9 deletions(-)

--
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 1/2] crypto: ccp - data structure cleanup

[Gary R Hook]

Change names of data structure instances; add const
keyword where appropriate.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v3.c |2 +-
 drivers/crypto/ccp/ccp-dev-v5.c |7 +--
 drivers/crypto/ccp/ccp-dev.h|6 +++---
 drivers/crypto/ccp/ccp-pci.c|4 ++--
 4 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 578522d..b6615b1 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -566,7 +566,7 @@ static const struct ccp_actions ccp3_actions = {
.irqhandler = ccp_irq_handler,
 };
 
-struct ccp_vdata ccpv3 = {
+const struct ccp_vdata ccpv3 = {
.version = CCP_VERSION(3, 0),
.setup = NULL,
.perform = _actions,
diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index 9df1526..a90ca9e 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -839,6 +839,9 @@ static int ccp5_init(struct ccp_device *ccp)
 
return 0;
 
+e_hwrng:
+   ccp_unregister_rng(ccp);
+
 e_kthread:
for (i = 0; i < ccp->cmd_q_count; i++)
if (ccp->cmd_q[i].kthread)
@@ -994,7 +997,7 @@ static const struct ccp_actions ccp5_actions = {
.irqhandler = ccp5_irq_handler,
 };
 
-struct ccp_vdata ccpv5 = {
+const struct ccp_vdata ccpv5a = {
.version = CCP_VERSION(5, 0),
.setup = ccp5_config,
.perform = _actions,
@@ -1002,7 +1005,7 @@ struct ccp_vdata ccpv5 = {
.offset = 0x0,
 };
 
-struct ccp_vdata ccpv5other = {
+const struct ccp_vdata ccpv5b = {
.version = CCP_VERSION(5, 0),
.setup = ccp5other_config,
.perform = _actions,
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index ebc9365..08f58b0 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -639,8 +639,8 @@ struct ccp_vdata {
const unsigned int offset;
 };
 
-extern struct ccp_vdata ccpv3;
-extern struct ccp_vdata ccpv5;
-extern struct ccp_vdata ccpv5other;
+extern const struct ccp_vdata ccpv3;
+extern const struct ccp_vdata ccpv5a;
+extern const struct ccp_vdata ccpv5b;
 
 #endif
diff --git a/drivers/crypto/ccp/ccp-pci.c b/drivers/crypto/ccp/ccp-pci.c
index 239cbf2..28a9996 100644
--- a/drivers/crypto/ccp/ccp-pci.c
+++ b/drivers/crypto/ccp/ccp-pci.c
@@ -325,8 +325,8 @@ static int ccp_pci_resume(struct pci_dev *pdev)
 
 static const struct pci_device_id ccp_pci_table[] = {
{ PCI_VDEVICE(AMD, 0x1537), (kernel_ulong_t) },
-   { PCI_VDEVICE(AMD, 0x1456), (kernel_ulong_t) },
-   { PCI_VDEVICE(AMD, 0x1468), (kernel_ulong_t) },
+   { PCI_VDEVICE(AMD, 0x1456), (kernel_ulong_t) },
+   { PCI_VDEVICE(AMD, 0x1468), (kernel_ulong_t) },
/* Last entry must be zero */
{ 0, }
 };

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH -next] crypto: ccp - use kmem_cache_zalloc instead of kmem_cache_alloc/memset

[Gary R Hook]

On 09/14/2016 10:28 PM, Wei Yongjun wrote:

From: Wei Yongjun <weiyongj...@huawei.com>

Using kmem_cache_zalloc() instead of kmem_cache_alloc() and memset().

Signed-off-by: Wei Yongjun <weiyongj...@huawei.com>
---
 drivers/crypto/ccp/ccp-dmaengine.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dmaengine.c 
b/drivers/crypto/ccp/ccp-dmaengine.c
index ded26f4..2e5a05c 100644
--- a/drivers/crypto/ccp/ccp-dmaengine.c
+++ b/drivers/crypto/ccp/ccp-dmaengine.c
@@ -299,12 +299,10 @@ static struct ccp_dma_desc *ccp_alloc_dma_desc(struct 
ccp_dma_chan *chan,
 {
struct ccp_dma_desc *desc;

-   desc = kmem_cache_alloc(chan->ccp->dma_desc_cache, GFP_NOWAIT);
+   desc = kmem_cache_zalloc(chan->ccp->dma_desc_cache, GFP_NOWAIT);
if (!desc)
return NULL;

-   memset(desc, 0, sizeof(*desc));
-
dma_async_tx_descriptor_init(>tx_desc, >dma_chan);
desc->tx_desc.flags = flags;
desc->tx_desc.tx_submit = ccp_tx_submit;



Acked-by: Gary R Hook <gary.h...@amd.com>

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: ccp - Fix return value check in ccp_dmaengine_register()

[Gary R Hook]

On 09/17/2016 11:01 AM, Wei Yongjun wrote:

From: Wei Yongjun <weiyongj...@huawei.com>

Fix the retrn value check which testing the wrong variable
in ccp_dmaengine_register().

Fixes: 58ea8abf4904 ("crypto: ccp - Register the CCP as a DMA resource")
Signed-off-by: Wei Yongjun <weiyongj...@huawei.com>
---
 drivers/crypto/ccp/ccp-dmaengine.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/ccp/ccp-dmaengine.c 
b/drivers/crypto/ccp/ccp-dmaengine.c
index 94f77b0..32f645e 100644
--- a/drivers/crypto/ccp/ccp-dmaengine.c
+++ b/drivers/crypto/ccp/ccp-dmaengine.c
@@ -650,7 +650,7 @@ int ccp_dmaengine_register(struct ccp_device *ccp)
dma_desc_cache_name = devm_kasprintf(ccp->dev, GFP_KERNEL,
 "%s-dmaengine-desc-cache",
 ccp->name);
-   if (!dma_cmd_cache_name)
+   if (!dma_desc_cache_name)
return -ENOMEM;
ccp->dma_desc_cache = kmem_cache_create(dma_desc_cache_name,
sizeof(struct ccp_dma_desc),



Acked-by: Gary R Hook <gary.h...@amd.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v2 1/2] crypto: ccp - clean up data structure

[Gary R Hook]

Change names of data structure instances.  Add const
keyword where appropriate.  Add error handling path.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v3.c |2 +-
 drivers/crypto/ccp/ccp-dev-v5.c |9 ++---
 drivers/crypto/ccp/ccp-dev.h|6 +++---
 drivers/crypto/ccp/ccp-pci.c|4 ++--
 4 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 578522d..b6615b1 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -566,7 +566,7 @@ static const struct ccp_actions ccp3_actions = {
.irqhandler = ccp_irq_handler,
 };
 
-struct ccp_vdata ccpv3 = {
+const struct ccp_vdata ccpv3 = {
.version = CCP_VERSION(3, 0),
.setup = NULL,
.perform = _actions,
diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index f499e34..a90ca9e 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -835,10 +835,13 @@ static int ccp5_init(struct ccp_device *ccp)
/* Register the DMA engine support */
ret = ccp_dmaengine_register(ccp);
if (ret)
-   goto e_kthread;
+   goto e_hwrng;
 
return 0;
 
+e_hwrng:
+   ccp_unregister_rng(ccp);
+
 e_kthread:
for (i = 0; i < ccp->cmd_q_count; i++)
if (ccp->cmd_q[i].kthread)
@@ -994,7 +997,7 @@ static const struct ccp_actions ccp5_actions = {
.irqhandler = ccp5_irq_handler,
 };
 
-struct ccp_vdata ccpv5 = {
+const struct ccp_vdata ccpv5a = {
.version = CCP_VERSION(5, 0),
.setup = ccp5_config,
.perform = _actions,
@@ -1002,7 +1005,7 @@ struct ccp_vdata ccpv5 = {
.offset = 0x0,
 };
 
-struct ccp_vdata ccpv5other = {
+const struct ccp_vdata ccpv5b = {
.version = CCP_VERSION(5, 0),
.setup = ccp5other_config,
.perform = _actions,
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index ebc9365..08f58b0 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -639,8 +639,8 @@ struct ccp_vdata {
const unsigned int offset;
 };
 
-extern struct ccp_vdata ccpv3;
-extern struct ccp_vdata ccpv5;
-extern struct ccp_vdata ccpv5other;
+extern const struct ccp_vdata ccpv3;
+extern const struct ccp_vdata ccpv5a;
+extern const struct ccp_vdata ccpv5b;
 
 #endif
diff --git a/drivers/crypto/ccp/ccp-pci.c b/drivers/crypto/ccp/ccp-pci.c
index 239cbf2..28a9996 100644
--- a/drivers/crypto/ccp/ccp-pci.c
+++ b/drivers/crypto/ccp/ccp-pci.c
@@ -325,8 +325,8 @@ static int ccp_pci_resume(struct pci_dev *pdev)
 
 static const struct pci_device_id ccp_pci_table[] = {
{ PCI_VDEVICE(AMD, 0x1537), (kernel_ulong_t) },
-   { PCI_VDEVICE(AMD, 0x1456), (kernel_ulong_t) },
-   { PCI_VDEVICE(AMD, 0x1468), (kernel_ulong_t) },
+   { PCI_VDEVICE(AMD, 0x1456), (kernel_ulong_t) },
+   { PCI_VDEVICE(AMD, 0x1468), (kernel_ulong_t) },
/* Last entry must be zero */
{ 0, }
 };

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp - change bitfield type to unsigned ints

[Gary R Hook]

Bit fields are not sensitive to endianness, so use
a transparent standard data type

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.h |   42 +-
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index da5f4a6..0d996fe 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -541,23 +541,23 @@ static inline u32 ccp_addr_hi(struct ccp_dma_info *info)
  * word 7: upper 16 bits of key pointer; key memory type
  */
 struct dword0 {
-   __le32 soc:1;
-   __le32 ioc:1;
-   __le32 rsvd1:1;
-   __le32 init:1;
-   __le32 eom:1;   /* AES/SHA only */
-   __le32 function:15;
-   __le32 engine:4;
-   __le32 prot:1;
-   __le32 rsvd2:7;
+   unsigned int soc:1;
+   unsigned int ioc:1;
+   unsigned int rsvd1:1;
+   unsigned int init:1;
+   unsigned int eom:1; /* AES/SHA only */
+   unsigned int function:15;
+   unsigned int engine:4;
+   unsigned int prot:1;
+   unsigned int rsvd2:7;
 };
 
 struct dword3 {
-   __le32 src_hi:16;
-   __le32 src_mem:2;
-   __le32 lsb_cxt_id:8;
-   __le32 rsvd1:5;
-   __le32 fixed:1;
+   unsigned int  src_hi:16;
+   unsigned int  src_mem:2;
+   unsigned int  lsb_cxt_id:8;
+   unsigned int  rsvd1:5;
+   unsigned int  fixed:1;
 };
 
 union dword4 {
@@ -567,18 +567,18 @@ union dword4 {
 
 union dword5 {
struct {
-   __le32 dst_hi:16;
-   __le32 dst_mem:2;
-   __le32 rsvd1:13;
-   __le32 fixed:1;
+   unsigned int  dst_hi:16;
+   unsigned int  dst_mem:2;
+   unsigned int  rsvd1:13;
+   unsigned int  fixed:1;
} fields;
__le32 sha_len_hi;
 };
 
 struct dword7 {
-   __le32 key_hi:16;
-   __le32 key_mem:2;
-   __le32 rsvd1:14;
+   unsigned int  key_hi:16;
+   unsigned int  key_mem:2;
+   unsigned int  rsvd1:14;
 };
 
 struct ccp5_desc {

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH -next] crypto: ccp - Fix non static symbol warning

[Gary R Hook]

On 10/17/2016 10:08 AM, Wei Yongjun wrote:

From: Wei Yongjun <weiyongj...@huawei.com>

Fixes the following sparse warning:

drivers/crypto/ccp/ccp-dev.c:44:6: warning:
 symbol 'ccp_error_codes' was not declared. Should it be static?

Signed-off-by: Wei Yongjun <weiyongj...@huawei.com>


Excellent. Thank you.

Acked-by: Gary R Hook <gary.h...@amd.com>

--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH][TRIVIAL] crypto: ccp - fix typo "CPP"

[Gary R Hook]

On 10/20/2016 02:20 PM, Paul Bolle wrote:

The abbreviation for Cryptographic Coprocessor is "CCP".

Signed-off-by: Paul Bolle <pebo...@tiscali.nl>


Acked-by: Gary R Hook <gary.h...@amd.com>


---
 include/linux/ccp.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/linux/ccp.h b/include/linux/ccp.h
index a7653339fedb..c71dd8fa5764 100644
--- a/include/linux/ccp.h
+++ b/include/linux/ccp.h
@@ -11,8 +11,8 @@
  * published by the Free Software Foundation.
  */

-#ifndef __CPP_H__
-#define __CPP_H__
+#ifndef __CCP_H__
+#define __CCP_H__

 #include 
 #include 
@@ -553,7 +553,7 @@ enum ccp_engine {
 #define CCP_CMD_PASSTHRU_NO_DMA_MAP0x0002

 /**
- * struct ccp_cmd - CPP operation request
+ * struct ccp_cmd - CCP operation request
  * @entry: list element (ccp driver use only)
  * @work: work element used for callbacks (ccp driver use only)
  * @ccp: CCP device to be run on (ccp driver use only)



--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp - Clean up the LSB slot allocation code

[Gary R Hook]

Fix a few problems revealed by testing: verify consistent
units, especially in public slot allocation. Percolate
some common initialization code up to a common routine.
Add some comments.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v3.c |4 
 drivers/crypto/ccp/ccp-dev-v5.c |   20 
 drivers/crypto/ccp/ccp-dev.c|4 
 3 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 8d2dbac..7bc0998 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -404,10 +404,6 @@ static int ccp_init(struct ccp_device *ccp)
goto e_pool;
}
 
-   /* Initialize the queues used to wait for KSB space and suspend */
-   init_waitqueue_head(>sb_queue);
-   init_waitqueue_head(>suspend_queue);
-
dev_dbg(dev, "Starting threads...\n");
/* Create a kthread for each queue */
for (i = 0; i < ccp->cmd_q_count; i++) {
diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index faf3cb3..ff7816a 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -21,6 +21,12 @@
 
 #include "ccp-dev.h"
 
+/* Allocate the requested number of contiguous LSB slots
+ * from the LSB bitmap. Look in the private range for this
+ * queue first; failing that, check the public area.
+ * If no space is available, wait around.
+ * Return: first slot number
+ */
 static u32 ccp_lsb_alloc(struct ccp_cmd_queue *cmd_q, unsigned int count)
 {
struct ccp_device *ccp;
@@ -50,7 +56,7 @@ static u32 ccp_lsb_alloc(struct ccp_cmd_queue *cmd_q, 
unsigned int count)
bitmap_set(ccp->lsbmap, start, count);
 
mutex_unlock(>sb_mutex);
-   return start * LSB_ITEM_SIZE;
+   return start;
}
 
ccp->sb_avail = 0;
@@ -63,17 +69,18 @@ static u32 ccp_lsb_alloc(struct ccp_cmd_queue *cmd_q, 
unsigned int count)
}
 }
 
+/* Free a number of LSB slots from the bitmap, starting at
+ * the indicated starting slot number.
+ */
 static void ccp_lsb_free(struct ccp_cmd_queue *cmd_q, unsigned int start,
 unsigned int count)
 {
-   int lsbno = start / LSB_SIZE;
-
if (!start)
return;
 
-   if (cmd_q->lsb == lsbno) {
+   if (cmd_q->lsb == start) {
/* An entry from the private LSB */
-   bitmap_clear(cmd_q->lsbmap, start % LSB_SIZE, count);
+   bitmap_clear(cmd_q->lsbmap, start, count);
} else {
/* From the shared LSBs */
struct ccp_device *ccp = cmd_q->ccp;
@@ -751,9 +758,6 @@ static int ccp5_init(struct ccp_device *ccp)
goto e_pool;
}
 
-   /* Initialize the queue used to suspend */
-   init_waitqueue_head(>suspend_queue);
-
dev_dbg(dev, "Loading LSB map...\n");
/* Copy the private LSB mask to the public registers */
status_lo = ioread32(ccp->io_regs + LSB_PRIVATE_MASK_LO_OFFSET);
diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c
index d9885ce..653b5a5 100644
--- a/drivers/crypto/ccp/ccp-dev.c
+++ b/drivers/crypto/ccp/ccp-dev.c
@@ -478,6 +478,10 @@ struct ccp_device *ccp_alloc_struct(struct device *dev)
ccp->sb_count = KSB_COUNT;
ccp->sb_start = 0;
 
+   /* Initialize the wait queues */
+   init_waitqueue_head(>sb_queue);
+   init_waitqueue_head(>suspend_queue);
+
ccp->ord = ccp_increment_unit_ordinal();
snprintf(ccp->name, MAX_CCP_NAME_LEN, "ccp-%u", ccp->ord);
snprintf(ccp->rngname, MAX_CCP_NAME_LEN, "ccp-%u-rng", ccp->ord);

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp - change bitfield type to unsigned ints

[Gary R Hook]

Bit fields are not sensitive to endianness, so use
a transparent standard data type

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.h |   42 +-
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index da5f4a6..0d996fe 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -541,23 +541,23 @@ static inline u32 ccp_addr_hi(struct ccp_dma_info *info)
  * word 7: upper 16 bits of key pointer; key memory type
  */
 struct dword0 {
-   __le32 soc:1;
-   __le32 ioc:1;
-   __le32 rsvd1:1;
-   __le32 init:1;
-   __le32 eom:1;   /* AES/SHA only */
-   __le32 function:15;
-   __le32 engine:4;
-   __le32 prot:1;
-   __le32 rsvd2:7;
+   unsigned int soc:1;
+   unsigned int ioc:1;
+   unsigned int rsvd1:1;
+   unsigned int init:1;
+   unsigned int eom:1; /* AES/SHA only */
+   unsigned int function:15;
+   unsigned int engine:4;
+   unsigned int prot:1;
+   unsigned int rsvd2:7;
 };
 
 struct dword3 {
-   __le32 src_hi:16;
-   __le32 src_mem:2;
-   __le32 lsb_cxt_id:8;
-   __le32 rsvd1:5;
-   __le32 fixed:1;
+   unsigned int  src_hi:16;
+   unsigned int  src_mem:2;
+   unsigned int  lsb_cxt_id:8;
+   unsigned int  rsvd1:5;
+   unsigned int  fixed:1;
 };
 
 union dword4 {
@@ -567,18 +567,18 @@ union dword4 {
 
 union dword5 {
struct {
-   __le32 dst_hi:16;
-   __le32 dst_mem:2;
-   __le32 rsvd1:13;
-   __le32 fixed:1;
+   unsigned int  dst_hi:16;
+   unsigned int  dst_mem:2;
+   unsigned int  rsvd1:13;
+   unsigned int  fixed:1;
} fields;
__le32 sha_len_hi;
 };
 
 struct dword7 {
-   __le32 key_hi:16;
-   __le32 key_mem:2;
-   __le32 rsvd1:14;
+   unsigned int  key_hi:16;
+   unsigned int  key_mem:2;
+   unsigned int  rsvd1:14;
 };
 
 struct ccp5_desc {

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp - remove unneeded code

[Gary R Hook]

Clean up patch for an unneeded structure member.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.h |1 -
 1 file changed, 1 deletion(-)

diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 0d996fe..b96d788 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -515,7 +515,6 @@ struct ccp_op {
struct ccp_passthru_op passthru;
struct ccp_ecc_op ecc;
} u;
-   struct ccp_mem key;
 };
 
 static inline u32 ccp_addr_lo(struct ccp_dma_info *info)

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: ccp - Fix handling of RSA exponent on a v5 device

[Gary R Hook]

On 11/16/2016 03:01 AM, Herbert Xu wrote:

On Tue, Nov 15, 2016 at 03:41:25PM -0600, Gary R Hook wrote:

On 11/13/2016 03:49 AM, Herbert Xu wrote:

On Tue, Nov 01, 2016 at 02:05:05PM -0500, Gary R Hook wrote:

The exponent size in the ccp_op structure is in bits. A v5
CCP requires the exponent size to be in bytes, so convert
the size from bits to bytes when populating the descriptor.

The current code references the exponent in memory, but
these fields have not been set since the exponent is
actually store in the LSB. Populate the descriptor with
the LSB location (address).

Signed-off-by: Gary R Hook <gary.h...@amd.com>


Patch applied.  Thanks.



Thanks, Herbert.

Is there a possibility of getting this pushed to 4.9, being
it's a bug fix?


I thought ccp doesn't support RSA yet or is there another entry
path into this code?


The kernel crypto layer does not yet support RSA, true. However, we
designed the ccp.ko layer to be available to anyone that wants to use
it. The underlying module currently has differing behavior/results
between the v3 and v5 implementations of the RSA command function.
This patch fixes the borked v5 code.


--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: ccp - Fix handling of RSA exponent on a v5 device

[Gary R Hook]

On 11/17/2016 07:14 AM, Herbert Xu wrote:

On Wed, Nov 16, 2016 at 11:25:19AM -0600, Gary R Hook wrote:


The kernel crypto layer does not yet support RSA, true. However, we
designed the ccp.ko layer to be available to anyone that wants to use
it. The underlying module currently has differing behavior/results
between the v3 and v5 implementations of the RSA command function.
This patch fixes the borked v5 code.


Do you mean that an out-of-tree module could enter the buggy
code path?


I mean that anything that can call ccp_run_cmd() (in ccp.ko) can run
into a problem, yes. Is this likely? We don't know, as we don't know
if anyone actually uses this layer. But it _is_ possible to find the
problem.

--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH V2 6/9] crypto: ccp - Add support for RSA on the CCP

[Gary R Hook]

On 11/13/2016 03:39 AM, Herbert Xu wrote:

On Fri, Nov 04, 2016 at 11:04:32AM -0500, Gary R Hook wrote:


+   ctx->u.rsa.pkey.e = mpi_read_raw_data(raw_key.e, raw_key.e_sz);
+   if (!ctx->u.rsa.pkey.e)
+   goto e_ret;
+   ctx->u.rsa.e_buf = mpi_get_buffer(ctx->u.rsa.pkey.e,
+ >u.rsa.e_len, NULL);


You're converting a raw integer into an MPI and then back again.
Why?

In general drivers shouldn't touch the MPI stuff at all since the
hardware generally deals with raw integers.


D'oh! Yes, I see now what I missed before.

I will send out another patch set.

--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: ccp - Fix handling of RSA exponent on a v5 device

[Gary R Hook]

On 11/13/2016 03:49 AM, Herbert Xu wrote:

On Tue, Nov 01, 2016 at 02:05:05PM -0500, Gary R Hook wrote:

The exponent size in the ccp_op structure is in bits. A v5
CCP requires the exponent size to be in bytes, so convert
the size from bits to bytes when populating the descriptor.

The current code references the exponent in memory, but
these fields have not been set since the exponent is
actually store in the LSB. Populate the descriptor with
the LSB location (address).

Signed-off-by: Gary R Hook <gary.h...@amd.com>


Patch applied.  Thanks.



Thanks, Herbert.

Is there a possibility of getting this pushed to 4.9, being
it's a bug fix?

--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp - Fix handling of RSA exponent on a v5 device

[Gary R Hook]

The exponent size in the ccp_op structure is in bits. A v5
CCP requires the exponent size to be in bytes, so convert
the size from bits to bytes when populating the descriptor.

The current code references the exponent in memory, but
these fields have not been set since the exponent is
actually store in the LSB. Populate the descriptor with
the LSB location (address).

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |   10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index ff7816a..e2ce819 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -403,7 +403,7 @@ static int ccp5_perform_rsa(struct ccp_op *op)
CCP5_CMD_PROT() = 0;
 
function.raw = 0;
-   CCP_RSA_SIZE() = op->u.rsa.mod_size;
+   CCP_RSA_SIZE() = op->u.rsa.mod_size >> 3;
CCP5_CMD_FUNCTION() = function.raw;
 
CCP5_CMD_LEN() = op->u.rsa.input_len;
@@ -418,10 +418,10 @@ static int ccp5_perform_rsa(struct ccp_op *op)
CCP5_CMD_DST_HI() = ccp_addr_hi(>dst.u.dma);
CCP5_CMD_DST_MEM() = CCP_MEMTYPE_SYSTEM;
 
-   /* Key (Exponent) is in external memory */
-   CCP5_CMD_KEY_LO() = ccp_addr_lo(>exp.u.dma);
-   CCP5_CMD_KEY_HI() = ccp_addr_hi(>exp.u.dma);
-   CCP5_CMD_KEY_MEM() = CCP_MEMTYPE_SYSTEM;
+   /* Exponent is in LSB memory */
+   CCP5_CMD_KEY_LO() = op->sb_key * LSB_ITEM_SIZE;
+   CCP5_CMD_KEY_HI() = 0;
+   CCP5_CMD_KEY_MEM() = CCP_MEMTYPE_SB;
 
return ccp5_do_cmd(, op->cmd_q);
 }

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH V2 7/9] crypto: ccp - Enhance RSA support for a v5 CCP

[Gary R Hook]

Take advantage of the increased RSA key size support in
the v5 CCP.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-crypto-rsa.c |5 ++
 drivers/crypto/ccp/ccp-crypto.h |1 
 drivers/crypto/ccp/ccp-dev-v3.c |1 
 drivers/crypto/ccp/ccp-dev-v5.c |   10 +++--
 drivers/crypto/ccp/ccp-dev.h|2 +
 drivers/crypto/ccp/ccp-ops.c|   76 ++-
 6 files changed, 61 insertions(+), 34 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-crypto-rsa.c 
b/drivers/crypto/ccp/ccp-crypto-rsa.c
index 6cb6c6f..5e68c8d 100644
--- a/drivers/crypto/ccp/ccp-crypto-rsa.c
+++ b/drivers/crypto/ccp/ccp-crypto-rsa.c
@@ -45,7 +45,10 @@ static int ccp_rsa_complete(struct crypto_async_request 
*async_req, int ret)
 
 static int ccp_rsa_maxsize(struct crypto_akcipher *tfm)
 {
-   return CCP_RSA_MAXMOD;
+   if (ccp_version() > CCP_VERSION(3, 0))
+   return CCP5_RSA_MAXMOD;
+   else
+   return CCP_RSA_MAXMOD;
 }
 
 static int ccp_rsa_crypt(struct akcipher_request *req, bool encrypt)
diff --git a/drivers/crypto/ccp/ccp-crypto.h b/drivers/crypto/ccp/ccp-crypto.h
index aa525e6..76d8b63 100644
--- a/drivers/crypto/ccp/ccp-crypto.h
+++ b/drivers/crypto/ccp/ccp-crypto.h
@@ -223,6 +223,7 @@ struct ccp_rsa_req_ctx {
 };
 
 #defineCCP_RSA_MAXMOD  (4 * 1024 / 8)
+#defineCCP5_RSA_MAXMOD (16 * 1024 / 8)
 
 /* Common Context Structure */
 struct ccp_ctx {
diff --git a/drivers/crypto/ccp/ccp-dev-v3.c b/drivers/crypto/ccp/ccp-dev-v3.c
index 7bc0998..3a55628 100644
--- a/drivers/crypto/ccp/ccp-dev-v3.c
+++ b/drivers/crypto/ccp/ccp-dev-v3.c
@@ -571,4 +571,5 @@ static irqreturn_t ccp_irq_handler(int irq, void *data)
.perform = _actions,
.bar = 2,
.offset = 0x2,
+   .rsamax = CCP_RSA_MAX_WIDTH,
 };
diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index 05300a9..b31be75 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -421,10 +421,10 @@ static int ccp5_perform_rsa(struct ccp_op *op)
CCP5_CMD_DST_HI() = ccp_addr_hi(>dst.u.dma);
CCP5_CMD_DST_MEM() = CCP_MEMTYPE_SYSTEM;
 
-   /* Exponent is in LSB memory */
-   CCP5_CMD_KEY_LO() = op->sb_key * LSB_ITEM_SIZE;
-   CCP5_CMD_KEY_HI() = 0;
-   CCP5_CMD_KEY_MEM() = CCP_MEMTYPE_SB;
+   /* Key (Exponent) is in external memory */
+   CCP5_CMD_KEY_LO() = ccp_addr_lo(>exp.u.dma);
+   CCP5_CMD_KEY_HI() = ccp_addr_hi(>exp.u.dma);
+   CCP5_CMD_KEY_MEM() = CCP_MEMTYPE_SYSTEM;
 
return ccp5_do_cmd(, op->cmd_q);
 }
@@ -1013,6 +1013,7 @@ static void ccp5other_config(struct ccp_device *ccp)
.perform = _actions,
.bar = 2,
.offset = 0x0,
+   .rsamax = CCP5_RSA_MAX_WIDTH,
 };
 
 const struct ccp_vdata ccpv5b = {
@@ -1021,4 +1022,5 @@ static void ccp5other_config(struct ccp_device *ccp)
.perform = _actions,
.bar = 2,
.offset = 0x0,
+   .rsamax = CCP5_RSA_MAX_WIDTH,
 };
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 830f35e..f2e9bcb 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -193,6 +193,7 @@
 #define CCP_SHA_SB_COUNT   1
 
 #define CCP_RSA_MAX_WIDTH  4096
+#define CCP5_RSA_MAX_WIDTH 16384
 
 #define CCP_PASSTHRU_BLOCKSIZE 256
 #define CCP_PASSTHRU_MASKSIZE  32
@@ -638,6 +639,7 @@ struct ccp_vdata {
const struct ccp_actions *perform;
const unsigned int bar;
const unsigned int offset;
+   const unsigned int rsamax;
 };
 
 extern const struct ccp_vdata ccpv3;
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 213a752..f7398e9 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -1282,37 +1282,43 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
unsigned int sb_count, i_len, o_len;
int ret;
 
-   if (rsa->key_size > CCP_RSA_MAX_WIDTH)
+   /* Check against the maximum allowable size, in bits */
+   if (rsa->key_size > cmd_q->ccp->vdata->rsamax)
return -EINVAL;
 
if (!rsa->exp || !rsa->mod || !rsa->src || !rsa->dst)
return -EINVAL;
 
-   /* The RSA modulus must precede the message being acted upon, so
-* it must be copied to a DMA area where the message and the
-* modulus can be concatenated.  Therefore the input buffer
-* length required is twice the output buffer length (which
-* must be a multiple of 256-bits).
-*/
-   o_len = ((rsa->key_size + 255) / 256) * 32;
-   i_len = o_len * 2;
-
-   sb_count = o_len / CCP_SB_BYTES;
-
memset(, 0, sizeof(op));
op.cmd_q = cmd_q;
-   op.jobid = ccp_gen_jobid(cmd_q->ccp);
-   op.sb_key = cmd_q-&

[PATCH V2 8/9] crypto: ccp - Enable support for AES GCM on v5 CCPs

[Gary R Hook]

A version 5 device provides the primitive commands
required for AES GCM. This patch adds support for
en/decryption.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile|1 
 drivers/crypto/ccp/ccp-crypto-aes-galois.c |  257 
 drivers/crypto/ccp/ccp-crypto-main.c   |   12 +
 drivers/crypto/ccp/ccp-crypto.h|   14 ++
 drivers/crypto/ccp/ccp-dev-v5.c|2 
 drivers/crypto/ccp/ccp-dev.h   |1 
 drivers/crypto/ccp/ccp-ops.c   |  252 +++
 include/linux/ccp.h|9 +
 8 files changed, 548 insertions(+)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-aes-galois.c

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index 23f89b7..fd77225 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -13,4 +13,5 @@ ccp-crypto-objs := ccp-crypto-main.o \
   ccp-crypto-aes-cmac.o \
   ccp-crypto-aes-xts.o \
   ccp-crypto-rsa.o \
+  ccp-crypto-aes-galois.o \
   ccp-crypto-sha.o
diff --git a/drivers/crypto/ccp/ccp-crypto-aes-galois.c 
b/drivers/crypto/ccp/ccp-crypto-aes-galois.c
new file mode 100644
index 000..8bc18c9
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-crypto-aes-galois.c
@@ -0,0 +1,257 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) AES GCM crypto API support
+ *
+ * Copyright (C) 2016 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook <gary.h...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "ccp-crypto.h"
+
+#defineAES_GCM_IVSIZE  12
+
+static int ccp_aes_gcm_complete(struct crypto_async_request *async_req, int 
ret)
+{
+   return ret;
+}
+
+static int ccp_aes_gcm_setkey(struct crypto_aead *tfm, const u8 *key,
+ unsigned int key_len)
+{
+   struct ccp_ctx *ctx = crypto_aead_ctx(tfm);
+
+   switch (key_len) {
+   case AES_KEYSIZE_128:
+   ctx->u.aes.type = CCP_AES_TYPE_128;
+   break;
+   case AES_KEYSIZE_192:
+   ctx->u.aes.type = CCP_AES_TYPE_192;
+   break;
+   case AES_KEYSIZE_256:
+   ctx->u.aes.type = CCP_AES_TYPE_256;
+   break;
+   default:
+   crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
+   return -EINVAL;
+   }
+
+   ctx->u.aes.mode = CCP_AES_MODE_GCM;
+   ctx->u.aes.key_len = key_len;
+
+   memcpy(ctx->u.aes.key, key, key_len);
+   sg_init_one(>u.aes.key_sg, ctx->u.aes.key, key_len);
+
+   return 0;
+}
+
+static int ccp_aes_gcm_setauthsize(struct crypto_aead *tfm,
+  unsigned int authsize)
+{
+   return 0;
+}
+
+static int ccp_aes_gcm_crypt(struct aead_request *req, bool encrypt)
+{
+   struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+   struct ccp_ctx *ctx = crypto_aead_ctx(tfm);
+   struct ccp_aes_req_ctx *rctx = aead_request_ctx(req);
+   struct scatterlist *iv_sg = NULL;
+   unsigned int iv_len = 0;
+   int i;
+   int ret = 0;
+
+   if (!ctx->u.aes.key_len)
+   return -EINVAL;
+
+   if (ctx->u.aes.mode != CCP_AES_MODE_GCM)
+   return -EINVAL;
+
+   if (!req->iv)
+   return -EINVAL;
+
+   /*
+* 5 parts:
+*   plaintext/ciphertext input
+*   AAD
+*   key
+*   IV
+*   Destination+tag buffer
+*/
+
+   /* According to the way AES GCM has been implemented here,
+* per RFC 4106 it seems, the provided IV is fixed at 12 bytes,
+* occupies the beginning of the IV array. Write a 32-bit
+* integer after that (bytes 13-16) with a value of "1".
+*/
+   memcpy(rctx->iv, req->iv, AES_GCM_IVSIZE);
+   for (i = 0; i < 3; i++)
+   rctx->iv[i + AES_GCM_IVSIZE] = 0;
+   rctx->iv[AES_BLOCK_SIZE - 1] = 1;
+
+   /* Set up a scatterlist for the IV */
+   iv_sg = >iv_sg;
+   iv_len = AES_BLOCK_SIZE;
+   sg_init_one(iv_sg, rctx->iv, iv_len);
+
+   /* The AAD + plaintext are concatenated in the src buffer */
+   memset(>cmd, 0, sizeof(rctx->cmd));
+   INIT_LIST_HEAD(>cmd.entry);
+   rctx->cmd.engine = CCP_ENGINE_AES;
+   rctx->cmd.u.aes.type = ctx->u.aes.type;
+   rctx->cmd.u.aes.mode = ctx->u.aes.mode;
+   rctx->cmd.u.aes.action =
+   (encrypt) ? CCP_AES_ACTION_ENCRYPT : CCP_AES_ACTION_DECRYPT;
+   rctx->cmd.u.aes.key = &

[PATCH V2 6/9] crypto: ccp - Add support for RSA on the CCP

[Gary R Hook]

Wire up the CCP as an RSA cipher provider.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile  |1 
 drivers/crypto/ccp/ccp-crypto-main.c |   19 ++
 drivers/crypto/ccp/ccp-crypto-rsa.c  |  294 ++
 drivers/crypto/ccp/ccp-crypto.h  |   32 
 include/linux/ccp.h  |1 
 5 files changed, 346 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-rsa.c

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index 346ceb8..23f89b7 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -12,4 +12,5 @@ ccp-crypto-objs := ccp-crypto-main.o \
   ccp-crypto-aes.o \
   ccp-crypto-aes-cmac.o \
   ccp-crypto-aes-xts.o \
+  ccp-crypto-rsa.o \
   ccp-crypto-sha.o
diff --git a/drivers/crypto/ccp/ccp-crypto-main.c 
b/drivers/crypto/ccp/ccp-crypto-main.c
index e0380e5..38d4466 100644
--- a/drivers/crypto/ccp/ccp-crypto-main.c
+++ b/drivers/crypto/ccp/ccp-crypto-main.c
@@ -17,6 +17,7 @@
 #include 
 #include 
 #include 
+#include 
 
 #include "ccp-crypto.h"
 
@@ -33,9 +34,14 @@
 module_param(sha_disable, uint, 0444);
 MODULE_PARM_DESC(sha_disable, "Disable use of SHA - any non-zero value");
 
+static unsigned int rsa_disable;
+module_param(rsa_disable, uint, 0444);
+MODULE_PARM_DESC(rsa_disable, "Disable use of RSA - any non-zero value");
+
 /* List heads for the supported algorithms */
 static LIST_HEAD(hash_algs);
 static LIST_HEAD(cipher_algs);
+static LIST_HEAD(akcipher_algs);
 
 /* For any tfm, requests for that tfm must be returned on the order
  * received.  With multiple queues available, the CCP can process more
@@ -343,6 +349,12 @@ static int ccp_register_algs(void)
return ret;
}
 
+   if (!rsa_disable) {
+   ret = ccp_register_rsa_algs(_algs);
+   if (ret)
+   return ret;
+   }
+
return 0;
 }
 
@@ -350,6 +362,7 @@ static void ccp_unregister_algs(void)
 {
struct ccp_crypto_ahash_alg *ahash_alg, *ahash_tmp;
struct ccp_crypto_ablkcipher_alg *ablk_alg, *ablk_tmp;
+   struct ccp_crypto_akcipher_alg *ak_alg, *ak_tmp;
 
list_for_each_entry_safe(ahash_alg, ahash_tmp, _algs, entry) {
crypto_unregister_ahash(_alg->alg);
@@ -362,6 +375,12 @@ static void ccp_unregister_algs(void)
list_del(_alg->entry);
kfree(ablk_alg);
}
+
+   list_for_each_entry_safe(ak_alg, ak_tmp, _algs, entry) {
+   crypto_unregister_akcipher(_alg->alg);
+   list_del(_alg->entry);
+   kfree(ak_alg);
+   }
 }
 
 static int ccp_crypto_init(void)
diff --git a/drivers/crypto/ccp/ccp-crypto-rsa.c 
b/drivers/crypto/ccp/ccp-crypto-rsa.c
new file mode 100644
index 000..6cb6c6f
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-crypto-rsa.c
@@ -0,0 +1,294 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) RSA crypto API support
+ *
+ * Copyright (C) 2016 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook <gary.h...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "ccp-crypto.h"
+
+static inline struct akcipher_request *akcipher_request_cast(
+   struct crypto_async_request *req)
+{
+   return container_of(req, struct akcipher_request, base);
+}
+
+static int ccp_rsa_complete(struct crypto_async_request *async_req, int ret)
+{
+   struct akcipher_request *req = akcipher_request_cast(async_req);
+   struct ccp_rsa_req_ctx *rctx = akcipher_request_ctx(req);
+
+
+   if (!ret)
+   req->dst_len = rctx->cmd.u.rsa.mod_len;
+
+   ret = 0;
+
+   return ret;
+}
+
+static int ccp_rsa_maxsize(struct crypto_akcipher *tfm)
+{
+   return CCP_RSA_MAXMOD;
+}
+
+static int ccp_rsa_crypt(struct akcipher_request *req, bool encrypt)
+{
+   struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
+   struct ccp_ctx *ctx = akcipher_tfm_ctx(tfm);
+   struct ccp_rsa_req_ctx *rctx = akcipher_request_ctx(req);
+   int ret = 0;
+
+   if (!ctx->u.rsa.pkey.d && !ctx->u.rsa.pkey.e)
+   return -EINVAL;
+
+   memset(>cmd, 0, sizeof(rctx->cmd));
+   INIT_LIST_HEAD(>cmd.entry);
+   rctx->cmd.engine = CCP_ENGINE_RSA;
+
+   rctx->cmd.u.rsa.key_size = ctx->u.rsa.key_len; /* in bits */
+   if (encrypt) {
+   rctx->cmd.u.rsa.exp = >u.rsa.e_sg;
+   rctx->cmd.u.rsa.exp_len = ctx->u.rsa.e_len;
+   } else {
+   rctx->cmd.u.rsa

[PATCH V2 4/9] crypto: ccp - Add SHA-2 support

[Gary R Hook]

Incorporate 384-bit and 512-bit hashing for a version 5 CCP
device


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-crypto-sha.c |   22 +++
 drivers/crypto/ccp/ccp-crypto.h |8 ++--
 drivers/crypto/ccp/ccp-ops.c|   72 +++
 include/linux/ccp.h |2 +
 4 files changed, 101 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-crypto-sha.c 
b/drivers/crypto/ccp/ccp-crypto-sha.c
index 84a652b..6b46eea 100644
--- a/drivers/crypto/ccp/ccp-crypto-sha.c
+++ b/drivers/crypto/ccp/ccp-crypto-sha.c
@@ -146,6 +146,12 @@ static int ccp_do_sha_update(struct ahash_request *req, 
unsigned int nbytes,
case CCP_SHA_TYPE_256:
rctx->cmd.u.sha.ctx_len = SHA256_DIGEST_SIZE;
break;
+   case CCP_SHA_TYPE_384:
+   rctx->cmd.u.sha.ctx_len = SHA384_DIGEST_SIZE;
+   break;
+   case CCP_SHA_TYPE_512:
+   rctx->cmd.u.sha.ctx_len = SHA512_DIGEST_SIZE;
+   break;
default:
/* Should never get here */
break;
@@ -393,6 +399,22 @@ struct ccp_sha_def {
.digest_size= SHA256_DIGEST_SIZE,
.block_size = SHA256_BLOCK_SIZE,
},
+   {
+   .version= CCP_VERSION(5, 0),
+   .name   = "sha384",
+   .drv_name   = "sha384-ccp",
+   .type   = CCP_SHA_TYPE_384,
+   .digest_size= SHA384_DIGEST_SIZE,
+   .block_size = SHA384_BLOCK_SIZE,
+   },
+   {
+   .version= CCP_VERSION(5, 0),
+   .name   = "sha512",
+   .drv_name   = "sha512-ccp",
+   .type   = CCP_SHA_TYPE_512,
+   .digest_size= SHA512_DIGEST_SIZE,
+   .block_size = SHA512_BLOCK_SIZE,
+   },
 };
 
 static int ccp_register_hmac_alg(struct list_head *head,
diff --git a/drivers/crypto/ccp/ccp-crypto.h b/drivers/crypto/ccp/ccp-crypto.h
index 8335b32..95cce27 100644
--- a/drivers/crypto/ccp/ccp-crypto.h
+++ b/drivers/crypto/ccp/ccp-crypto.h
@@ -137,9 +137,11 @@ struct ccp_aes_cmac_exp_ctx {
u8 buf[AES_BLOCK_SIZE];
 };
 
-/* SHA related defines */
-#define MAX_SHA_CONTEXT_SIZE   SHA256_DIGEST_SIZE
-#define MAX_SHA_BLOCK_SIZE SHA256_BLOCK_SIZE
+/* SHA-related defines
+ * These values must be large enough to accommodate any variant
+ */
+#define MAX_SHA_CONTEXT_SIZE   SHA512_DIGEST_SIZE
+#define MAX_SHA_BLOCK_SIZE SHA512_BLOCK_SIZE
 
 struct ccp_sha_ctx {
struct scatterlist opad_sg;
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index efac3d5..213a752 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -41,6 +41,20 @@
cpu_to_be32(SHA256_H6), cpu_to_be32(SHA256_H7),
 };
 
+static const __be64 ccp_sha384_init[SHA512_DIGEST_SIZE / sizeof(__be64)] = {
+   cpu_to_be64(SHA384_H0), cpu_to_be64(SHA384_H1),
+   cpu_to_be64(SHA384_H2), cpu_to_be64(SHA384_H3),
+   cpu_to_be64(SHA384_H4), cpu_to_be64(SHA384_H5),
+   cpu_to_be64(SHA384_H6), cpu_to_be64(SHA384_H7),
+};
+
+static const __be64 ccp_sha512_init[SHA512_DIGEST_SIZE / sizeof(__be64)] = {
+   cpu_to_be64(SHA512_H0), cpu_to_be64(SHA512_H1),
+   cpu_to_be64(SHA512_H2), cpu_to_be64(SHA512_H3),
+   cpu_to_be64(SHA512_H4), cpu_to_be64(SHA512_H5),
+   cpu_to_be64(SHA512_H6), cpu_to_be64(SHA512_H7),
+};
+
 #defineCCP_NEW_JOBID(ccp)  ((ccp->vdata->version == CCP_VERSION(3, 
0)) ? \
ccp_gen_jobid(ccp) : 0)
 
@@ -947,6 +961,18 @@ static int ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
return -EINVAL;
block_size = SHA256_BLOCK_SIZE;
break;
+   case CCP_SHA_TYPE_384:
+   if (cmd_q->ccp->vdata->version < CCP_VERSION(4, 0)
+   || sha->ctx_len < SHA384_DIGEST_SIZE)
+   return -EINVAL;
+   block_size = SHA384_BLOCK_SIZE;
+   break;
+   case CCP_SHA_TYPE_512:
+   if (cmd_q->ccp->vdata->version < CCP_VERSION(4, 0)
+   || sha->ctx_len < SHA512_DIGEST_SIZE)
+   return -EINVAL;
+   block_size = SHA512_BLOCK_SIZE;
+   break;
default:
return -EINVAL;
}
@@ -1034,6 +1060,21 @@ static int ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
sb_count = 1;
ooffset = ioffset = 0;
break;
+   case CCP_SHA_TYPE_384:
+   digest_size = SHA384_DIGEST_SIZE;
+   init = (void *) ccp_sha384_init;
+   ctx_size = SHA512_DIGEST_SIZE;
+   sb_count 

[PATCH V2 3/9] crypto: ccp - Simplify some buffer management routines

[Gary R Hook]

The reverse-get/set functions can be simplified by
eliminating unused code.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-ops.c |  142 +-
 1 file changed, 56 insertions(+), 86 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 50fae44..efac3d5 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -184,62 +184,46 @@ static void ccp_get_dm_area(struct ccp_dm_workarea *wa, 
unsigned int wa_offset,
 }
 
 static int ccp_reverse_set_dm_area(struct ccp_dm_workarea *wa,
+  unsigned int wa_offset,
   struct scatterlist *sg,
-  unsigned int len, unsigned int se_len,
-  bool sign_extend)
+  unsigned int sg_offset,
+  unsigned int len)
 {
-   unsigned int nbytes, sg_offset, dm_offset, sb_len, i;
-   u8 buffer[CCP_REVERSE_BUF_SIZE];
-
-   if (WARN_ON(se_len > sizeof(buffer)))
-   return -EINVAL;
-
-   sg_offset = len;
-   dm_offset = 0;
-   nbytes = len;
-   while (nbytes) {
-   sb_len = min_t(unsigned int, nbytes, se_len);
-   sg_offset -= sb_len;
-
-   scatterwalk_map_and_copy(buffer, sg, sg_offset, sb_len, 0);
-   for (i = 0; i < sb_len; i++)
-   wa->address[dm_offset + i] = buffer[sb_len - i - 1];
-
-   dm_offset += sb_len;
-   nbytes -= sb_len;
-
-   if ((sb_len != se_len) && sign_extend) {
-   /* Must sign-extend to nearest sign-extend length */
-   if (wa->address[dm_offset - 1] & 0x80)
-   memset(wa->address + dm_offset, 0xff,
-  se_len - sb_len);
-   }
+   u8 *p, *q;
+
+   ccp_set_dm_area(wa, wa_offset, sg, sg_offset, len);
+
+   p = wa->address + wa_offset;
+   q = p + len - 1;
+   while (p < q) {
+   *p = *p ^ *q;
+   *q = *p ^ *q;
+   *p = *p ^ *q;
+   p++;
+   q--;
}
-
return 0;
 }
 
 static void ccp_reverse_get_dm_area(struct ccp_dm_workarea *wa,
+   unsigned int wa_offset,
struct scatterlist *sg,
+   unsigned int sg_offset,
unsigned int len)
 {
-   unsigned int nbytes, sg_offset, dm_offset, sb_len, i;
-   u8 buffer[CCP_REVERSE_BUF_SIZE];
-
-   sg_offset = 0;
-   dm_offset = len;
-   nbytes = len;
-   while (nbytes) {
-   sb_len = min_t(unsigned int, nbytes, sizeof(buffer));
-   dm_offset -= sb_len;
-
-   for (i = 0; i < sb_len; i++)
-   buffer[sb_len - i - 1] = wa->address[dm_offset + i];
-   scatterwalk_map_and_copy(buffer, sg, sg_offset, sb_len, 1);
-
-   sg_offset += sb_len;
-   nbytes -= sb_len;
+   u8 *p, *q;
+
+   p = wa->address + wa_offset;
+   q = p + len - 1;
+   while (p < q) {
+   *p = *p ^ *q;
+   *q = *p ^ *q;
+   *p = *p ^ *q;
+   p++;
+   q--;
}
+
+   ccp_get_dm_area(wa, wa_offset, sg, sg_offset, len);
 }
 
 static void ccp_free_data(struct ccp_data *data, struct ccp_cmd_queue *cmd_q)
@@ -1261,8 +1245,7 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
if (ret)
goto e_sb;
 
-   ret = ccp_reverse_set_dm_area(, rsa->exp, rsa->exp_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, 0, rsa->exp, 0, rsa->exp_len);
if (ret)
goto e_exp;
ret = ccp_copy_to_sb(cmd_q, , op.jobid, op.sb_key,
@@ -1280,16 +1263,12 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
if (ret)
goto e_exp;
 
-   ret = ccp_reverse_set_dm_area(, rsa->mod, rsa->mod_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, 0, rsa->mod, 0, rsa->mod_len);
if (ret)
goto e_src;
-   src.address += o_len;   /* Adjust the address for the copy operation */
-   ret = ccp_reverse_set_dm_area(, rsa->src, rsa->src_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, o_len, rsa->src, 0, rsa->src_len);
if (ret)
goto e_src;
-   src.address -= o_len;   /* Reset the address to original value */
 
/* Prepare the output area for the operation */
ret = ccp_init_data(, cmd_q, rsa-&g

[PATCH V2 2/9] crypto: ccp - Update the command queue on errors

[Gary R Hook]

Move the command queue tail pointer when an error is
detected. Always return the error.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index e2ce819..05300a9 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -250,17 +250,20 @@ static int ccp5_do_cmd(struct ccp5_desc *desc,
ret = wait_event_interruptible(cmd_q->int_queue,
   cmd_q->int_rcvd);
if (ret || cmd_q->cmd_error) {
+   /* Log the error and flush the queue by
+* moving the head pointer
+*/
if (cmd_q->cmd_error)
ccp_log_error(cmd_q->ccp,
  cmd_q->cmd_error);
-   /* A version 5 device doesn't use Job IDs... */
+   iowrite32(tail, cmd_q->reg_head_lo);
if (!ret)
ret = -EIO;
}
cmd_q->int_rcvd = 0;
}
 
-   return 0;
+   return ret;
 }
 
 static int ccp5_perform_aes(struct ccp_op *op)

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH V2 1/9] crypto: ccp - Fix handling of RSA exponent on a v5 device

[Gary R Hook]

The exponent size in the ccp_op structure is in bits. A v5
CCP requires the exponent size to be in bytes, so convert
the size from bits to bytes when populating the descriptor.

The current code references the exponent in memory, but
these fields have not been set since the exponent is
actually store in the LSB. Populate the descriptor with
the LSB location (address).

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |   10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index ff7816a..e2ce819 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -403,7 +403,7 @@ static int ccp5_perform_rsa(struct ccp_op *op)
CCP5_CMD_PROT() = 0;
 
function.raw = 0;
-   CCP_RSA_SIZE() = op->u.rsa.mod_size;
+   CCP_RSA_SIZE() = op->u.rsa.mod_size >> 3;
CCP5_CMD_FUNCTION() = function.raw;
 
CCP5_CMD_LEN() = op->u.rsa.input_len;
@@ -418,10 +418,10 @@ static int ccp5_perform_rsa(struct ccp_op *op)
CCP5_CMD_DST_HI() = ccp_addr_hi(>dst.u.dma);
CCP5_CMD_DST_MEM() = CCP_MEMTYPE_SYSTEM;
 
-   /* Key (Exponent) is in external memory */
-   CCP5_CMD_KEY_LO() = ccp_addr_lo(>exp.u.dma);
-   CCP5_CMD_KEY_HI() = ccp_addr_hi(>exp.u.dma);
-   CCP5_CMD_KEY_MEM() = CCP_MEMTYPE_SYSTEM;
+   /* Exponent is in LSB memory */
+   CCP5_CMD_KEY_LO() = op->sb_key * LSB_ITEM_SIZE;
+   CCP5_CMD_KEY_HI() = 0;
+   CCP5_CMD_KEY_MEM() = CCP_MEMTYPE_SB;
 
return ccp5_do_cmd(, op->cmd_q);
 }

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH V2 0/9] Enable hashing and ciphers for v5 CCP

[Gary R Hook]

The following series implements new function for a version
5 CCP: Support for SHA-2, wiring of RSA using the updated
framework, additional RSA features for new devices, AES GCM
mode, and Triple-DES in ECB and CBC mode.

---

Gary R Hook (9):
  crypto: ccp - Fix handling of RSA exponent on a v5 device
  crypto: ccp - Update the command queue on errors
  crypto: ccp - Simplify some buffer management routines
  crypto: ccp - Add SHA-2 support
  crypto: Move RSA+MPI constructs into an #include file
  crypto: ccp - Add support for RSA on the CCP
  crypto: ccp - Enhance RSA support for a v5 CCP
  crypto: ccp - Enable support for AES GCM on v5 CCPs
  crypto: ccp - Enable 3DES function on v5 CCPs


 crypto/rsa.c   |   16 -
 drivers/crypto/ccp/Makefile|3 
 drivers/crypto/ccp/ccp-crypto-aes-galois.c |  257 ++
 drivers/crypto/ccp/ccp-crypto-des3.c   |  254 ++
 drivers/crypto/ccp/ccp-crypto-main.c   |   41 ++
 drivers/crypto/ccp/ccp-crypto-rsa.c|  297 +++
 drivers/crypto/ccp/ccp-crypto-sha.c|   22 +
 drivers/crypto/ccp/ccp-crypto.h|   75 +++
 drivers/crypto/ccp/ccp-dev-v3.c|2 
 drivers/crypto/ccp/ccp-dev-v5.c|   67 ++-
 drivers/crypto/ccp/ccp-dev.h   |   17 +
 drivers/crypto/ccp/ccp-ops.c   |  740 
 include/crypto/internal/rsa.h  |   17 +
 include/linux/ccp.h|   69 +++
 14 files changed, 1736 insertions(+), 141 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-aes-galois.c
 create mode 100644 drivers/crypto/ccp/ccp-crypto-des3.c
 create mode 100644 drivers/crypto/ccp/ccp-crypto-rsa.c

--
This is my day job.
Follow me on FB/IG/Twitter: @grhphotographer and @grhookphoto
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH V2 9/9] crypto: ccp - Enable 3DES function on v5 CCPs

[Gary R Hook]

Wire up support for Triple DES in ECB mode.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile  |1 
 drivers/crypto/ccp/ccp-crypto-des3.c |  254 ++
 drivers/crypto/ccp/ccp-crypto-main.c |   10 +
 drivers/crypto/ccp/ccp-crypto.h  |   20 +++
 drivers/crypto/ccp/ccp-dev-v3.c  |1 
 drivers/crypto/ccp/ccp-dev-v5.c  |   54 +++
 drivers/crypto/ccp/ccp-dev.h |   14 ++
 drivers/crypto/ccp/ccp-ops.c |  198 +++
 include/linux/ccp.h  |   57 +++-
 9 files changed, 606 insertions(+), 3 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-des3.c

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index fd77225..563594a 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -14,4 +14,5 @@ ccp-crypto-objs := ccp-crypto-main.o \
   ccp-crypto-aes-xts.o \
   ccp-crypto-rsa.o \
   ccp-crypto-aes-galois.o \
+  ccp-crypto-des3.o \
   ccp-crypto-sha.o
diff --git a/drivers/crypto/ccp/ccp-crypto-des3.c 
b/drivers/crypto/ccp/ccp-crypto-des3.c
new file mode 100644
index 000..5af7347
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-crypto-des3.c
@@ -0,0 +1,254 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) DES3 crypto API support
+ *
+ * Copyright (C) 2016 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook <gh...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "ccp-crypto.h"
+
+static int ccp_des3_complete(struct crypto_async_request *async_req, int ret)
+{
+   struct ablkcipher_request *req = ablkcipher_request_cast(async_req);
+   struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+   struct ccp_des3_req_ctx *rctx = ablkcipher_request_ctx(req);
+
+   if (ret)
+   return ret;
+
+   if (ctx->u.des3.mode != CCP_DES3_MODE_ECB)
+   memcpy(req->info, rctx->iv, DES3_EDE_BLOCK_SIZE);
+
+   return 0;
+}
+
+static int ccp_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
+   unsigned int key_len)
+{
+   struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ablkcipher_tfm(tfm));
+   struct ccp_crypto_ablkcipher_alg *alg =
+   ccp_crypto_ablkcipher_alg(crypto_ablkcipher_tfm(tfm));
+   u32 *flags = >base.crt_flags;
+
+
+   /* From des_generic.c:
+*
+* RFC2451:
+*   If the first two or last two independent 64-bit keys are
+*   equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the
+*   same as DES.  Implementers MUST reject keys that exhibit this
+*   property.
+*/
+   const u32 *K = (const u32 *)key;
+
+   if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
+!((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
+(*flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
+   *flags |= CRYPTO_TFM_RES_WEAK_KEY;
+   return -EINVAL;
+   }
+
+   /* It's not clear that there is any support for a keysize of 112.
+* If needed, the caller should make K1 == K3
+*/
+   ctx->u.des3.type = CCP_DES3_TYPE_168;
+   ctx->u.des3.mode = alg->mode;
+   ctx->u.des3.key_len = key_len;
+
+   memcpy(ctx->u.des3.key, key, key_len);
+   sg_init_one(>u.des3.key_sg, ctx->u.des3.key, key_len);
+
+   return 0;
+}
+
+static int ccp_des3_crypt(struct ablkcipher_request *req, bool encrypt)
+{
+   struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+   struct ccp_des3_req_ctx *rctx = ablkcipher_request_ctx(req);
+   struct scatterlist *iv_sg = NULL;
+   unsigned int iv_len = 0;
+   int ret;
+
+   if (!ctx->u.des3.key_len)
+   return -EINVAL;
+
+   if (((ctx->u.des3.mode == CCP_DES3_MODE_ECB) ||
+(ctx->u.des3.mode == CCP_DES3_MODE_CBC)) &&
+   (req->nbytes & (DES3_EDE_BLOCK_SIZE - 1)))
+   return -EINVAL;
+
+   if (ctx->u.des3.mode != CCP_DES3_MODE_ECB) {
+   if (!req->info)
+   return -EINVAL;
+
+   memcpy(rctx->iv, req->info, DES3_EDE_BLOCK_SIZE);
+   iv_sg = >iv_sg;
+   iv_len = DES3_EDE_BLOCK_SIZE;
+   sg_init_one(iv_sg, rctx->iv, iv_len);
+   }
+
+   memset(>cmd, 0, sizeof(rctx->cmd));
+   INIT_LIST_HEAD(>cmd.entry);
+   rctx->cmd.engine = CCP_ENGINE_DES3;
+   rctx->cmd.u.des3.type = ctx->u.des3.type;
+   rctx->cmd.u.des3.mode = ctx->u.des3.mode;
+   rctx->cmd.u.des3.action = (

[PATCH] crypto: ccp - Update the command queue on errors

[Gary R Hook]

Move the command queue tail pointer when an error is
detected. Always return the error.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index ff7816a..0baa99e 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -250,17 +250,20 @@ static int ccp5_do_cmd(struct ccp5_desc *desc,
ret = wait_event_interruptible(cmd_q->int_queue,
   cmd_q->int_rcvd);
if (ret || cmd_q->cmd_error) {
+   /* Log the error and flush the queue by
+* moving the head pointer
+*/
if (cmd_q->cmd_error)
ccp_log_error(cmd_q->ccp,
  cmd_q->cmd_error);
-   /* A version 5 device doesn't use Job IDs... */
+   iowrite32(tail, cmd_q->reg_head_lo);
if (!ret)
ret = -EIO;
}
cmd_q->int_rcvd = 0;
}
 
-   return 0;
+   return ret;
 }
 
 static int ccp5_perform_aes(struct ccp_op *op)

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 4/6] crypto: ccp - Add RSA support for a v5 ccp

[Gary R Hook]

Take into account device implementation differences for
RSA.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-crypto-rsa.c |   14 +++--
 drivers/crypto/ccp/ccp-crypto.h |3 -
 drivers/crypto/ccp/ccp-dev.h|2 -
 drivers/crypto/ccp/ccp-ops.c|   97 +++
 4 files changed, 73 insertions(+), 43 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-crypto-rsa.c 
b/drivers/crypto/ccp/ccp-crypto-rsa.c
index 7dab43b..94411de 100644
--- a/drivers/crypto/ccp/ccp-crypto-rsa.c
+++ b/drivers/crypto/ccp/ccp-crypto-rsa.c
@@ -125,7 +125,7 @@ static void ccp_rsa_free_key_bufs(struct ccp_ctx *ctx)
 }
 
 static int ccp_rsa_setkey(struct crypto_akcipher *tfm, const void *key,
- unsigned int keylen, bool public)
+ unsigned int keylen, bool private)
 {
struct ccp_ctx *ctx = akcipher_tfm_ctx(tfm);
struct rsa_key raw_key;
@@ -139,10 +139,10 @@ static int ccp_rsa_setkey(struct crypto_akcipher *tfm, 
const void *key,
memset(_key, 0, sizeof(raw_key));
 
/* Code borrowed from crypto/rsa.c */
-   if (public)
-   ret = rsa_parse_pub_key(_key, key, keylen);
-   else
+   if (private)
ret = rsa_parse_priv_key(_key, key, keylen);
+   else
+   ret = rsa_parse_pub_key(_key, key, keylen);
if (ret)
goto e_ret;
 
@@ -169,7 +169,7 @@ static int ccp_rsa_setkey(struct crypto_akcipher *tfm, 
const void *key,
goto e_nkey;
sg_init_one(>u.rsa.n_sg, ctx->u.rsa.n_buf, ctx->u.rsa.n_len);
 
-   if (!public) {
+   if (private) {
ctx->u.rsa.pkey.d = mpi_read_raw_data(raw_key.d, raw_key.d_sz);
if (!ctx->u.rsa.pkey.d)
goto e_nkey;
@@ -196,13 +196,13 @@ e_ret:
 static int ccp_rsa_setprivkey(struct crypto_akcipher *tfm, const void *key,
  unsigned int keylen)
 {
-   return ccp_rsa_setkey(tfm, key, keylen, false);
+   return ccp_rsa_setkey(tfm, key, keylen, true);
 }
 
 static int ccp_rsa_setpubkey(struct crypto_akcipher *tfm, const void *key,
 unsigned int keylen)
 {
-   return ccp_rsa_setkey(tfm, key, keylen, true);
+   return ccp_rsa_setkey(tfm, key, keylen, false);
 }
 
 static int ccp_rsa_init_tfm(struct crypto_akcipher *tfm)
diff --git a/drivers/crypto/ccp/ccp-crypto.h b/drivers/crypto/ccp/ccp-crypto.h
index 4a1d206..c6cf318 100644
--- a/drivers/crypto/ccp/ccp-crypto.h
+++ b/drivers/crypto/ccp/ccp-crypto.h
@@ -138,8 +138,7 @@ struct ccp_aes_cmac_exp_ctx {
u8 buf[AES_BLOCK_SIZE];
 };
 
-/*
- * SHA-related defines
+/* SHA-related defines
  * These values must be large enough to accommodate any variant
  */
 #define MAX_SHA_CONTEXT_SIZE   SHA512_DIGEST_SIZE
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 0d996fe..143f00f 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -193,6 +193,7 @@
 #define CCP_SHA_SB_COUNT   1
 
 #define CCP_RSA_MAX_WIDTH  4096
+#define CCP5_RSA_MAX_WIDTH 16384
 
 #define CCP_PASSTHRU_BLOCKSIZE 256
 #define CCP_PASSTHRU_MASKSIZE  32
@@ -515,7 +516,6 @@ struct ccp_op {
struct ccp_passthru_op passthru;
struct ccp_ecc_op ecc;
} u;
-   struct ccp_mem key;
 };
 
 static inline u32 ccp_addr_lo(struct ccp_dma_info *info)
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 826782d..07b8dfb 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -1283,49 +1283,72 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
int i = 0;
int ret = 0;
 
-   if (rsa->key_size > CCP_RSA_MAX_WIDTH)
-   return -EINVAL;
+   if (cmd_q->ccp->vdata->version < CCP_VERSION(4, 0)) {
+   if (rsa->key_size > CCP_RSA_MAX_WIDTH)
+   return -EINVAL;
+   } else {
+   if (rsa->key_size > CCP5_RSA_MAX_WIDTH)
+   return -EINVAL;
+   }
 
if (!rsa->exp || !rsa->mod || !rsa->src || !rsa->dst)
return -EINVAL;
 
-   /* The RSA modulus must precede the message being acted upon, so
-* it must be copied to a DMA area where the message and the
-* modulus can be concatenated.  Therefore the input buffer
-* length required is twice the output buffer length (which
-* must be a multiple of 256-bits).
-*/
-   o_len = ((rsa->key_size + 255) / 256) * 32;
-   i_len = o_len * 2;
-
-   sb_count = o_len / CCP_SB_BYTES;
-
memset(, 0, sizeof(op));
op.cmd_q = cmd_q;
-   op.jobid = ccp_gen_jobid(cmd_q->ccp);
-   op.sb_key = cmd_q->ccp->vdata->perform->sballoc(cmd_q, 

[PATCH 3/6] crypto: ccp - Add support for RSA on the CCP

[Gary R Hook]

Wire up the v3 CCP as a cipher provider.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile  |1 
 drivers/crypto/ccp/ccp-crypto-main.c |   15 ++
 drivers/crypto/ccp/ccp-crypto-rsa.c  |  258 ++
 drivers/crypto/ccp/ccp-crypto.h  |   24 +++
 drivers/crypto/ccp/ccp-dev-v3.c  |   38 +
 drivers/crypto/ccp/ccp-ops.c |1 
 include/linux/ccp.h  |   34 
 7 files changed, 370 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-rsa.c

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index 346ceb8..23f89b7 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -12,4 +12,5 @@ ccp-crypto-objs := ccp-crypto-main.o \
   ccp-crypto-aes.o \
   ccp-crypto-aes-cmac.o \
   ccp-crypto-aes-xts.o \
+  ccp-crypto-rsa.o \
   ccp-crypto-sha.o
diff --git a/drivers/crypto/ccp/ccp-crypto-main.c 
b/drivers/crypto/ccp/ccp-crypto-main.c
index e0380e5..f3c4c25 100644
--- a/drivers/crypto/ccp/ccp-crypto-main.c
+++ b/drivers/crypto/ccp/ccp-crypto-main.c
@@ -33,6 +33,10 @@ static unsigned int sha_disable;
 module_param(sha_disable, uint, 0444);
 MODULE_PARM_DESC(sha_disable, "Disable use of SHA - any non-zero value");
 
+static unsigned int rsa_disable;
+module_param(rsa_disable, uint, 0444);
+MODULE_PARM_DESC(rsa_disable, "Disable use of RSA - any non-zero value");
+
 /* List heads for the supported algorithms */
 static LIST_HEAD(hash_algs);
 static LIST_HEAD(cipher_algs);
@@ -343,6 +347,14 @@ static int ccp_register_algs(void)
return ret;
}
 
+   if (!rsa_disable) {
+   ret = ccp_register_rsa_algs();
+   if (ret) {
+   rsa_disable = 1;
+   return ret;
+   }
+   }
+
return 0;
 }
 
@@ -362,6 +374,9 @@ static void ccp_unregister_algs(void)
list_del(_alg->entry);
kfree(ablk_alg);
}
+
+   if (!rsa_disable)
+   ccp_unregister_rsa_algs();
 }
 
 static int ccp_crypto_init(void)
diff --git a/drivers/crypto/ccp/ccp-crypto-rsa.c 
b/drivers/crypto/ccp/ccp-crypto-rsa.c
new file mode 100644
index 000..7dab43b
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-crypto-rsa.c
@@ -0,0 +1,258 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) RSA crypto API support
+ *
+ * Copyright (C) 2016 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook <gary.h...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "ccp-crypto.h"
+
+static inline struct akcipher_request *akcipher_request_cast(
+   struct crypto_async_request *req)
+{
+   return container_of(req, struct akcipher_request, base);
+}
+
+static int ccp_rsa_complete(struct crypto_async_request *async_req, int ret)
+{
+   struct akcipher_request *req = akcipher_request_cast(async_req);
+   struct ccp_rsa_req_ctx *rctx = akcipher_request_ctx(req);
+
+   if (!ret)
+   req->dst_len = rctx->cmd.u.rsa.d_len;
+
+   ret = 0;
+
+   return ret;
+}
+
+static int ccp_rsa_maxsize(struct crypto_akcipher *tfm)
+{
+   return CCP_RSA_MAXMOD;
+}
+
+static int ccp_rsa_crypt(struct akcipher_request *req, bool encrypt)
+{
+   struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
+   struct ccp_ctx *ctx = akcipher_tfm_ctx(tfm);
+   struct ccp_rsa_req_ctx *rctx = akcipher_request_ctx(req);
+   int ret = 0;
+
+   if (!ctx->u.rsa.pkey.d && !ctx->u.rsa.pkey.e)
+   return -EINVAL;
+
+   memset(>cmd, 0, sizeof(rctx->cmd));
+   INIT_LIST_HEAD(>cmd.entry);
+   rctx->cmd.engine = CCP_ENGINE_RSA;
+   rctx->cmd.u.rsa.mode = encrypt ? CCP_RSA_ENCRYPT : CCP_RSA_DECRYPT;
+
+   rctx->cmd.u.rsa.pkey = ctx->u.rsa.pkey;
+   rctx->cmd.u.rsa.key_size = ctx->u.rsa.key_len;
+   rctx->cmd.u.rsa.exp = >u.rsa.e_sg;
+   rctx->cmd.u.rsa.exp_len = ctx->u.rsa.e_len;
+   rctx->cmd.u.rsa.mod = >u.rsa.n_sg;
+   rctx->cmd.u.rsa.mod_len = ctx->u.rsa.n_len;
+   if (ctx->u.rsa.pkey.d) {
+   rctx->cmd.u.rsa.d_sg = >u.rsa.d_sg;
+   rctx->cmd.u.rsa.d_len = ctx->u.rsa.d_len;
+   }
+
+   rctx->cmd.u.rsa.src = req->src;
+   rctx->cmd.u.rsa.src_len = req->src_len;
+   rctx->cmd.u.rsa.dst = req->dst;
+   rctx->cmd.u.rsa.dst_len = req->dst_len;
+
+   ret = ccp_crypto_enqueue_request(>base, >cmd);
+
+   return ret;
+}
+
+static int ccp_rsa_e

[PATCH 1/6] crypto: ccp - Add SHA-2 support

[Gary R Hook]

Incorporate 384-bit and 512-bit hashing for a version 5 CCP
device


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-crypto-sha.c |   22 +++
 drivers/crypto/ccp/ccp-crypto.h |9 +++--
 drivers/crypto/ccp/ccp-ops.c|   70 +++
 include/linux/ccp.h |3 ++
 4 files changed, 101 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-crypto-sha.c 
b/drivers/crypto/ccp/ccp-crypto-sha.c
index 84a652b..6b46eea 100644
--- a/drivers/crypto/ccp/ccp-crypto-sha.c
+++ b/drivers/crypto/ccp/ccp-crypto-sha.c
@@ -146,6 +146,12 @@ static int ccp_do_sha_update(struct ahash_request *req, 
unsigned int nbytes,
case CCP_SHA_TYPE_256:
rctx->cmd.u.sha.ctx_len = SHA256_DIGEST_SIZE;
break;
+   case CCP_SHA_TYPE_384:
+   rctx->cmd.u.sha.ctx_len = SHA384_DIGEST_SIZE;
+   break;
+   case CCP_SHA_TYPE_512:
+   rctx->cmd.u.sha.ctx_len = SHA512_DIGEST_SIZE;
+   break;
default:
/* Should never get here */
break;
@@ -393,6 +399,22 @@ static struct ccp_sha_def sha_algs[] = {
.digest_size= SHA256_DIGEST_SIZE,
.block_size = SHA256_BLOCK_SIZE,
},
+   {
+   .version= CCP_VERSION(5, 0),
+   .name   = "sha384",
+   .drv_name   = "sha384-ccp",
+   .type   = CCP_SHA_TYPE_384,
+   .digest_size= SHA384_DIGEST_SIZE,
+   .block_size = SHA384_BLOCK_SIZE,
+   },
+   {
+   .version= CCP_VERSION(5, 0),
+   .name   = "sha512",
+   .drv_name   = "sha512-ccp",
+   .type   = CCP_SHA_TYPE_512,
+   .digest_size= SHA512_DIGEST_SIZE,
+   .block_size = SHA512_BLOCK_SIZE,
+   },
 };
 
 static int ccp_register_hmac_alg(struct list_head *head,
diff --git a/drivers/crypto/ccp/ccp-crypto.h b/drivers/crypto/ccp/ccp-crypto.h
index 8335b32..ae442ac 100644
--- a/drivers/crypto/ccp/ccp-crypto.h
+++ b/drivers/crypto/ccp/ccp-crypto.h
@@ -137,9 +137,12 @@ struct ccp_aes_cmac_exp_ctx {
u8 buf[AES_BLOCK_SIZE];
 };
 
-/* SHA related defines */
-#define MAX_SHA_CONTEXT_SIZE   SHA256_DIGEST_SIZE
-#define MAX_SHA_BLOCK_SIZE SHA256_BLOCK_SIZE
+/*
+ * SHA-related defines
+ * These values must be large enough to accommodate any variant
+ */
+#define MAX_SHA_CONTEXT_SIZE   SHA512_DIGEST_SIZE
+#define MAX_SHA_BLOCK_SIZE SHA512_BLOCK_SIZE
 
 struct ccp_sha_ctx {
struct scatterlist opad_sg;
diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 50fae44..8fedb14 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -41,6 +41,20 @@ static const __be32 ccp_sha256_init[SHA256_DIGEST_SIZE / 
sizeof(__be32)] = {
cpu_to_be32(SHA256_H6), cpu_to_be32(SHA256_H7),
 };
 
+static const __be64 ccp_sha384_init[SHA512_DIGEST_SIZE / sizeof(__be64)] = {
+   cpu_to_be64(SHA384_H0), cpu_to_be64(SHA384_H1),
+   cpu_to_be64(SHA384_H2), cpu_to_be64(SHA384_H3),
+   cpu_to_be64(SHA384_H4), cpu_to_be64(SHA384_H5),
+   cpu_to_be64(SHA384_H6), cpu_to_be64(SHA384_H7),
+};
+
+static const __be64 ccp_sha512_init[SHA512_DIGEST_SIZE / sizeof(__be64)] = {
+   cpu_to_be64(SHA512_H0), cpu_to_be64(SHA512_H1),
+   cpu_to_be64(SHA512_H2), cpu_to_be64(SHA512_H3),
+   cpu_to_be64(SHA512_H4), cpu_to_be64(SHA512_H5),
+   cpu_to_be64(SHA512_H6), cpu_to_be64(SHA512_H7),
+};
+
 #defineCCP_NEW_JOBID(ccp)  ((ccp->vdata->version == CCP_VERSION(3, 
0)) ? \
ccp_gen_jobid(ccp) : 0)
 
@@ -963,6 +977,16 @@ static int ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
return -EINVAL;
block_size = SHA256_BLOCK_SIZE;
break;
+   case CCP_SHA_TYPE_384:
+   if (sha->ctx_len < SHA384_DIGEST_SIZE)
+   return -EINVAL;
+   block_size = SHA384_BLOCK_SIZE;
+   break;
+   case CCP_SHA_TYPE_512:
+   if (sha->ctx_len < SHA512_DIGEST_SIZE)
+   return -EINVAL;
+   block_size = SHA512_BLOCK_SIZE;
+   break;
default:
return -EINVAL;
}
@@ -1050,6 +1074,21 @@ static int ccp_run_sha_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
sb_count = 1;
ooffset = ioffset = 0;
break;
+   case CCP_SHA_TYPE_384:
+   digest_size = SHA384_DIGEST_SIZE;
+   init = (void *) ccp_sha384_init;
+   ctx_size = SHA512_DIGEST_SIZE;
+   sb_count = 2;
+   ioffset = 0;
+   ooffset = 2

[PATCH 0/6] Enable hashing and ciphers for v5 CCP

[Gary R Hook]

The following series implements new function for a version 5
CCP: Support for SHA-2, wiring of RSA using the updated
framework, AES GCM mode, and Triple-DES in ECB mode.

---

Gary R Hook (6):
  crypto: ccp - Add SHA-2 support
  crypto: ccp - Remove unneeded sign-extension support
  crypto: ccp - Add support for RSA on the CCP
  crypto: ccp - Add RSA support for a v5 ccp
  crypto: ccp - Enable support for AES GCM on v5 CCPs
  crypto: ccp - Enable 3DES function on v5 CCPs


 drivers/crypto/ccp/Makefile|3 
 drivers/crypto/ccp/ccp-crypto-aes-galois.c |  252 +
 drivers/crypto/ccp/ccp-crypto-des3.c   |  254 +
 drivers/crypto/ccp/ccp-crypto-main.c   |   37 +
 drivers/crypto/ccp/ccp-crypto-rsa.c|  258 +
 drivers/crypto/ccp/ccp-crypto-sha.c|   22 +
 drivers/crypto/ccp/ccp-crypto.h|   69 ++-
 drivers/crypto/ccp/ccp-dev-v3.c|   39 +
 drivers/crypto/ccp/ccp-dev-v5.c|   67 ++
 drivers/crypto/ccp/ccp-dev.h   |   21 +
 drivers/crypto/ccp/ccp-ops.c   |  772 
 drivers/crypto/ccp/ccp-pci.c   |2 
 include/linux/ccp.h|  103 
 13 files changed, 1768 insertions(+), 131 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-aes-galois.c
 create mode 100644 drivers/crypto/ccp/ccp-crypto-des3.c
 create mode 100644 drivers/crypto/ccp/ccp-crypto-rsa.c

--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 5/6] crypto: ccp - Enable support for AES GCM on v5 CCPs

[Gary R Hook]

A version 5 device provides the primitive commands
required for AES GCM. This patch adds support for
en/decryption.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile|1 
 drivers/crypto/ccp/ccp-crypto-aes-galois.c |  252 +++
 drivers/crypto/ccp/ccp-crypto-main.c   |   12 +
 drivers/crypto/ccp/ccp-crypto.h|   14 +
 drivers/crypto/ccp/ccp-dev-v5.c|2 
 drivers/crypto/ccp/ccp-dev.h   |1 
 drivers/crypto/ccp/ccp-ops.c   |  262 
 include/linux/ccp.h|9 +
 8 files changed, 553 insertions(+)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-aes-galois.c

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index 23f89b7..fd77225 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -13,4 +13,5 @@ ccp-crypto-objs := ccp-crypto-main.o \
   ccp-crypto-aes-cmac.o \
   ccp-crypto-aes-xts.o \
   ccp-crypto-rsa.o \
+  ccp-crypto-aes-galois.o \
   ccp-crypto-sha.o
diff --git a/drivers/crypto/ccp/ccp-crypto-aes-galois.c 
b/drivers/crypto/ccp/ccp-crypto-aes-galois.c
new file mode 100644
index 000..5da324f
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-crypto-aes-galois.c
@@ -0,0 +1,252 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) AES crypto API support
+ *
+ * Copyright (C) 2013,2016 Advanced Micro Devices, Inc.
+ *
+ * Author: Tom Lendacky <thomas.lenda...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "ccp-crypto.h"
+
+#defineAES_GCM_IVSIZE  12
+
+static int ccp_aes_gcm_complete(struct crypto_async_request *async_req, int 
ret)
+{
+   return ret;
+}
+
+static int ccp_aes_gcm_setkey(struct crypto_aead *tfm, const u8 *key,
+ unsigned int key_len)
+{
+   struct ccp_ctx *ctx = crypto_aead_ctx(tfm);
+
+   switch (key_len) {
+   case AES_KEYSIZE_128:
+   ctx->u.aes.type = CCP_AES_TYPE_128;
+   break;
+   case AES_KEYSIZE_192:
+   ctx->u.aes.type = CCP_AES_TYPE_192;
+   break;
+   case AES_KEYSIZE_256:
+   ctx->u.aes.type = CCP_AES_TYPE_256;
+   break;
+   default:
+   crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
+   return -EINVAL;
+   }
+
+   ctx->u.aes.mode = CCP_AES_MODE_GCM;
+   ctx->u.aes.key_len = key_len;
+
+   memcpy(ctx->u.aes.key, key, key_len);
+   sg_init_one(>u.aes.key_sg, ctx->u.aes.key, key_len);
+
+   return 0;
+}
+
+static int ccp_aes_gcm_setauthsize(struct crypto_aead *tfm,
+  unsigned int authsize)
+{
+   return 0;
+}
+
+static int ccp_aes_gcm_crypt(struct aead_request *req, bool encrypt)
+{
+   struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+   struct ccp_ctx *ctx = crypto_aead_ctx(tfm);
+   struct ccp_aes_req_ctx *rctx = aead_request_ctx(req);
+   struct scatterlist *iv_sg = NULL;
+   unsigned int iv_len = 0;
+   int i;
+   int ret = 0;
+
+   if (!ctx->u.aes.key_len)
+   return -EINVAL;
+
+   if (ctx->u.aes.mode != CCP_AES_MODE_GCM)
+   return -EINVAL;
+
+   if (!req->iv)
+   return -EINVAL;
+
+   /*
+* 5 parts:
+*   plaintext/ciphertext input
+*   AAD
+*   key
+*   IV
+*   Destination+tag buffer
+*/
+
+   /* Copy the IV and initialize a scatterlist */
+   memset(rctx->iv, 0, AES_BLOCK_SIZE);
+   memcpy(rctx->iv, req->iv, AES_GCM_IVSIZE);
+   for (i = 0; i < 3; i++)
+   rctx->iv[i + AES_GCM_IVSIZE] = 0;
+   rctx->iv[AES_BLOCK_SIZE - 1] = 1;
+   iv_sg = >iv_sg;
+   iv_len = AES_BLOCK_SIZE;
+   sg_init_one(iv_sg, rctx->iv, iv_len);
+
+   /* The AAD + plaintext are concatenated in the src buffer */
+   memset(>cmd, 0, sizeof(rctx->cmd));
+   INIT_LIST_HEAD(>cmd.entry);
+   rctx->cmd.engine = CCP_ENGINE_AES;
+   rctx->cmd.u.aes.type = ctx->u.aes.type;
+   rctx->cmd.u.aes.mode = ctx->u.aes.mode;
+   rctx->cmd.u.aes.action =
+   (encrypt) ? CCP_AES_ACTION_ENCRYPT : CCP_AES_ACTION_DECRYPT;
+   rctx->cmd.u.aes.key = >u.aes.key_sg;
+   rctx->cmd.u.aes.key_len = ctx->u.aes.key_len;
+   rctx->cmd.u.aes.iv = iv_sg;
+   rctx->cmd.u.aes.iv_len = iv_len;
+   rctx->cmd.u.aes.src = req->src;
+   rctx->cmd.u.aes.s

[PATCH 2/6] crypto: ccp - Remove unneeded sign-extension support

[Gary R Hook]

The reverse-get/set functions can be simplified by
eliminating unused code.


Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-ops.c |  145 +-
 1 file changed, 59 insertions(+), 86 deletions(-)

diff --git a/drivers/crypto/ccp/ccp-ops.c b/drivers/crypto/ccp/ccp-ops.c
index 8fedb14..82cc637 100644
--- a/drivers/crypto/ccp/ccp-ops.c
+++ b/drivers/crypto/ccp/ccp-ops.c
@@ -198,62 +198,46 @@ static void ccp_get_dm_area(struct ccp_dm_workarea *wa, 
unsigned int wa_offset,
 }
 
 static int ccp_reverse_set_dm_area(struct ccp_dm_workarea *wa,
+  unsigned int wa_offset,
   struct scatterlist *sg,
-  unsigned int len, unsigned int se_len,
-  bool sign_extend)
+  unsigned int sg_offset,
+  unsigned int len)
 {
-   unsigned int nbytes, sg_offset, dm_offset, sb_len, i;
-   u8 buffer[CCP_REVERSE_BUF_SIZE];
-
-   if (WARN_ON(se_len > sizeof(buffer)))
-   return -EINVAL;
-
-   sg_offset = len;
-   dm_offset = 0;
-   nbytes = len;
-   while (nbytes) {
-   sb_len = min_t(unsigned int, nbytes, se_len);
-   sg_offset -= sb_len;
-
-   scatterwalk_map_and_copy(buffer, sg, sg_offset, sb_len, 0);
-   for (i = 0; i < sb_len; i++)
-   wa->address[dm_offset + i] = buffer[sb_len - i - 1];
-
-   dm_offset += sb_len;
-   nbytes -= sb_len;
-
-   if ((sb_len != se_len) && sign_extend) {
-   /* Must sign-extend to nearest sign-extend length */
-   if (wa->address[dm_offset - 1] & 0x80)
-   memset(wa->address + dm_offset, 0xff,
-  se_len - sb_len);
-   }
+   u8 *p, *q;
+
+   ccp_set_dm_area(wa, wa_offset, sg, sg_offset, len);
+
+   p = wa->address + wa_offset;
+   q = p + len - 1;
+   while (p < q) {
+   *p = *p ^ *q;
+   *q = *p ^ *q;
+   *p = *p ^ *q;
+   p++;
+   q--;
}
-
return 0;
 }
 
 static void ccp_reverse_get_dm_area(struct ccp_dm_workarea *wa,
+   unsigned int wa_offset,
struct scatterlist *sg,
+   unsigned int sg_offset,
unsigned int len)
 {
-   unsigned int nbytes, sg_offset, dm_offset, sb_len, i;
-   u8 buffer[CCP_REVERSE_BUF_SIZE];
-
-   sg_offset = 0;
-   dm_offset = len;
-   nbytes = len;
-   while (nbytes) {
-   sb_len = min_t(unsigned int, nbytes, sizeof(buffer));
-   dm_offset -= sb_len;
-
-   for (i = 0; i < sb_len; i++)
-   buffer[sb_len - i - 1] = wa->address[dm_offset + i];
-   scatterwalk_map_and_copy(buffer, sg, sg_offset, sb_len, 1);
-
-   sg_offset += sb_len;
-   nbytes -= sb_len;
+   u8 *p, *q;
+
+   p = wa->address + wa_offset;
+   q = p + len - 1;
+   while (p < q) {
+   *p = *p ^ *q;
+   *q = *p ^ *q;
+   *p = *p ^ *q;
+   p++;
+   q--;
}
+
+   ccp_get_dm_area(wa, wa_offset, sg, sg_offset, len);
 }
 
 static void ccp_free_data(struct ccp_data *data, struct ccp_cmd_queue *cmd_q)
@@ -1294,7 +1278,9 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
struct ccp_data dst;
struct ccp_op op;
unsigned int sb_count, i_len, o_len;
-   int ret;
+   unsigned int dm_offset;
+   int i = 0;
+   int ret = 0;
 
if (rsa->key_size > CCP_RSA_MAX_WIDTH)
return -EINVAL;
@@ -1331,8 +1317,7 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
if (ret)
goto e_sb;
 
-   ret = ccp_reverse_set_dm_area(, rsa->exp, rsa->exp_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, 0, rsa->exp, 0, rsa->exp_len);
if (ret)
goto e_exp;
ret = ccp_copy_to_sb(cmd_q, , op.jobid, op.sb_key,
@@ -1350,13 +1335,10 @@ static int ccp_run_rsa_cmd(struct ccp_cmd_queue *cmd_q, 
struct ccp_cmd *cmd)
if (ret)
goto e_exp;
 
-   ret = ccp_reverse_set_dm_area(, rsa->mod, rsa->mod_len,
- CCP_SB_BYTES, false);
+   ret = ccp_reverse_set_dm_area(, 0, rsa->mod, 0, rsa->mod_len);
if (ret)
goto e_src;
-   src.address += o_len;   /* Adjust the address for the copy operation */
-   ret = ccp_reverse_set_dm_area(, rsa->src, r

[PATCH 6/6] crypto: ccp - Enable 3DES function on v5 CCPs

[Gary R Hook]

Wire up support for Triple DES in ECB mode.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/Makefile  |1 
 drivers/crypto/ccp/ccp-crypto-des3.c |  254 ++
 drivers/crypto/ccp/ccp-crypto-main.c |   10 +
 drivers/crypto/ccp/ccp-crypto.h  |   25 +++
 drivers/crypto/ccp/ccp-dev-v3.c  |1 
 drivers/crypto/ccp/ccp-dev-v5.c  |   65 -
 drivers/crypto/ccp/ccp-dev.h |   18 ++
 drivers/crypto/ccp/ccp-ops.c |  201 +++
 drivers/crypto/ccp/ccp-pci.c |2 
 include/linux/ccp.h  |   57 +++-
 10 files changed, 624 insertions(+), 10 deletions(-)
 create mode 100644 drivers/crypto/ccp/ccp-crypto-des3.c

diff --git a/drivers/crypto/ccp/Makefile b/drivers/crypto/ccp/Makefile
index fd77225..563594a 100644
--- a/drivers/crypto/ccp/Makefile
+++ b/drivers/crypto/ccp/Makefile
@@ -14,4 +14,5 @@ ccp-crypto-objs := ccp-crypto-main.o \
   ccp-crypto-aes-xts.o \
   ccp-crypto-rsa.o \
   ccp-crypto-aes-galois.o \
+  ccp-crypto-des3.o \
   ccp-crypto-sha.o
diff --git a/drivers/crypto/ccp/ccp-crypto-des3.c 
b/drivers/crypto/ccp/ccp-crypto-des3.c
new file mode 100644
index 000..5af7347
--- /dev/null
+++ b/drivers/crypto/ccp/ccp-crypto-des3.c
@@ -0,0 +1,254 @@
+/*
+ * AMD Cryptographic Coprocessor (CCP) DES3 crypto API support
+ *
+ * Copyright (C) 2016 Advanced Micro Devices, Inc.
+ *
+ * Author: Gary R Hook <gh...@amd.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "ccp-crypto.h"
+
+static int ccp_des3_complete(struct crypto_async_request *async_req, int ret)
+{
+   struct ablkcipher_request *req = ablkcipher_request_cast(async_req);
+   struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+   struct ccp_des3_req_ctx *rctx = ablkcipher_request_ctx(req);
+
+   if (ret)
+   return ret;
+
+   if (ctx->u.des3.mode != CCP_DES3_MODE_ECB)
+   memcpy(req->info, rctx->iv, DES3_EDE_BLOCK_SIZE);
+
+   return 0;
+}
+
+static int ccp_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
+   unsigned int key_len)
+{
+   struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ablkcipher_tfm(tfm));
+   struct ccp_crypto_ablkcipher_alg *alg =
+   ccp_crypto_ablkcipher_alg(crypto_ablkcipher_tfm(tfm));
+   u32 *flags = >base.crt_flags;
+
+
+   /* From des_generic.c:
+*
+* RFC2451:
+*   If the first two or last two independent 64-bit keys are
+*   equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the
+*   same as DES.  Implementers MUST reject keys that exhibit this
+*   property.
+*/
+   const u32 *K = (const u32 *)key;
+
+   if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
+!((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
+(*flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
+   *flags |= CRYPTO_TFM_RES_WEAK_KEY;
+   return -EINVAL;
+   }
+
+   /* It's not clear that there is any support for a keysize of 112.
+* If needed, the caller should make K1 == K3
+*/
+   ctx->u.des3.type = CCP_DES3_TYPE_168;
+   ctx->u.des3.mode = alg->mode;
+   ctx->u.des3.key_len = key_len;
+
+   memcpy(ctx->u.des3.key, key, key_len);
+   sg_init_one(>u.des3.key_sg, ctx->u.des3.key, key_len);
+
+   return 0;
+}
+
+static int ccp_des3_crypt(struct ablkcipher_request *req, bool encrypt)
+{
+   struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+   struct ccp_des3_req_ctx *rctx = ablkcipher_request_ctx(req);
+   struct scatterlist *iv_sg = NULL;
+   unsigned int iv_len = 0;
+   int ret;
+
+   if (!ctx->u.des3.key_len)
+   return -EINVAL;
+
+   if (((ctx->u.des3.mode == CCP_DES3_MODE_ECB) ||
+(ctx->u.des3.mode == CCP_DES3_MODE_CBC)) &&
+   (req->nbytes & (DES3_EDE_BLOCK_SIZE - 1)))
+   return -EINVAL;
+
+   if (ctx->u.des3.mode != CCP_DES3_MODE_ECB) {
+   if (!req->info)
+   return -EINVAL;
+
+   memcpy(rctx->iv, req->info, DES3_EDE_BLOCK_SIZE);
+   iv_sg = >iv_sg;
+   iv_len = DES3_EDE_BLOCK_SIZE;
+   sg_init_one(iv_sg, rctx->iv, iv_len);
+   }
+
+   memset(>cmd, 0, sizeof(rctx->cmd));
+   INIT_LIST_HEAD(>cmd.entry);
+   rctx->cmd.engine = CCP_ENGINE_DES3;
+   rctx->cmd.u.des3.type = ctx->u.des3.type;
+   rctx->cmd

Re: [PATCH 3/6] crypto: ccp - Add support for RSA on the CCP

[Gary R Hook]

On 10/13/2016 01:25 PM, Stephan Mueller wrote:

Am Donnerstag, 13. Oktober 2016, 09:53:09 CEST schrieb Gary R Hook:

Hi Gary,


Wire up the v3 CCP as a cipher provider.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---

...snip...

+}
+
+static void ccp_free_mpi_key(struct ccp_rsa_key *key)
+{
+   mpi_free(key->d);
+   key->d = NULL;
+   mpi_free(key->e);
+   key->e = NULL;
+   mpi_free(key->n);
+   key->n = NULL;
+}


Could you please see whether that function can be turned into a common
function call? crypto/rsa.c implements the same code in rsa_free_mpi_key.


I am happy to do so, but was unsure of protocol. rsa.c is in a module, which
makes my module depend upon another. I do not want to do that. And moving
this function elsewhere makes no sense.

I would go with an inline function, but there's no obvious place for it.
The RSA software implementation uses the MPI library, but there's no
requirement to do so (witness the qat driver). Thus, an inline function 
can't

be put in internal/rsa.h without moving the rsa_mpi_key definition and
referencing mpi.h.

I think that RSA+MPI things, such as rsa_mpi_key and this function, could go
into internal/rsa.h, but it would be necessary to #include mpi.h.

Or: create a new include file that contains these (and any other) RSA/MPI
amalgams.

Which would you prefer?


+
+static int ccp_check_key_length(unsigned int len)
+{
+   /* In bits */
+   if (len < 8 || len > 16384)
+   return -EINVAL;
+   return 0;
+}
+
+static void ccp_rsa_free_key_bufs(struct ccp_ctx *ctx)
+{
+   /* Clean up old key data */
+   kfree(ctx->u.rsa.e_buf);
+   ctx->u.rsa.e_buf = NULL;
+   ctx->u.rsa.e_len = 0;
+   kfree(ctx->u.rsa.n_buf);
+   ctx->u.rsa.n_buf = NULL;
+   ctx->u.rsa.n_len = 0;
+   kfree(ctx->u.rsa.d_buf);


kzfree, please.


Of course. Done.



...snip...

+}
+
+static struct akcipher_alg rsa = {
+   .encrypt = ccp_rsa_encrypt,
+   .decrypt = ccp_rsa_decrypt,
+   .sign = NULL,
+   .verify = NULL,
+   .set_pub_key = ccp_rsa_setpubkey,
+   .set_priv_key = ccp_rsa_setprivkey,
+   .max_size = ccp_rsa_maxsize,
+   .init = ccp_rsa_init_tfm,
+   .exit = ccp_rsa_exit_tfm,
+   .reqsize = sizeof(struct ccp_rsa_req_ctx),
+   .base = {
+   .cra_name = "rsa",
+   .cra_driver_name = "rsa-ccp",
+   .cra_priority = 100,


Are you sure you want to leave it at 100? With this value, it will content
with the C implementation.


No, I don't. Our other functions are at 300 (CCP_CRA_PRIORITY), which is 
what

this should be.




+   .cra_module = THIS_MODULE,
+   .cra_ctxsize = sizeof(struct ccp_ctx),
+   },
+};
+
...snip...

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html




Ciao
Stephan



Thank you. I hope snipping is acceptable...

--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: CCP - change type of struct member lsb to signed

[Gary R Hook]

The lsb field uses a value of -1 to indicate that it
is unassigned. Therefore type must be a signed int.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev.h |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index da5f4a6..5afaa53 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -278,7 +278,7 @@ struct ccp_cmd_queue {
/* Private LSB that is assigned to this queue, or -1 if none.
 * Bitmap for my private LSB, unused otherwise
 */
-   unsigned int lsb;
+   int lsb;
DECLARE_BITMAP(lsbmap, PLSB_MAP_SIZE);
 
/* Queue processing thread */

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Git clone/pull not working?

[Gary R Hook]

Am I the only person that can't clone/pull from kernel.org? Been getting 
handshake errors this week, but other sites (e.g. libvirt.org) seem to 
be working fine.


I thought I'd ask first... perhaps it's just me/my employer?
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: Move RSA+MPI constructs into an #include file

[Gary R Hook]

Move RSA support of general use into internal/rsa.h.
This allows reuse of, e.g. RSA MPI keys and support
functions.

Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 crypto/rsa.c  |   16 
 include/crypto/internal/rsa.h |   17 +
 2 files changed, 17 insertions(+), 16 deletions(-)

diff --git a/crypto/rsa.c b/crypto/rsa.c
index 4c280b6..15e9220 100644
--- a/crypto/rsa.c
+++ b/crypto/rsa.c
@@ -16,12 +16,6 @@
 #include 
 #include 
 
-struct rsa_mpi_key {
-   MPI n;
-   MPI e;
-   MPI d;
-};
-
 /*
  * RSAEP function [RFC3447 sec 5.1.1]
  * c = m^e mod n;
@@ -240,16 +234,6 @@ err_free_m:
return ret;
 }
 
-static void rsa_free_mpi_key(struct rsa_mpi_key *key)
-{
-   mpi_free(key->d);
-   mpi_free(key->e);
-   mpi_free(key->n);
-   key->d = NULL;
-   key->e = NULL;
-   key->n = NULL;
-}
-
 static int rsa_check_key_length(unsigned int len)
 {
switch (len) {
diff --git a/include/crypto/internal/rsa.h b/include/crypto/internal/rsa.h
index 9e8f159..253b275 100644
--- a/include/crypto/internal/rsa.h
+++ b/include/crypto/internal/rsa.h
@@ -13,6 +13,7 @@
 #ifndef _RSA_HELPER_
 #define _RSA_HELPER_
 #include 
+#include 
 
 /**
  * rsa_key - RSA key structure
@@ -52,6 +53,22 @@ struct rsa_key {
size_t qinv_sz;
 };
 
+struct rsa_mpi_key {
+   MPI n;
+   MPI e;
+   MPI d;
+};
+
+static inline void rsa_free_mpi_key(struct rsa_mpi_key *key)
+{
+   mpi_free(key->d);
+   mpi_free(key->e);
+   mpi_free(key->n);
+   key->d = NULL;
+   key->e = NULL;
+   key->n = NULL;
+}
+
 int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
  unsigned int key_len);
 

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: ccp - Make some CCP DMA channels private

[Gary R Hook]

The CCP registers its queues as channels capable of handling
general DMA operations. The NTB driver will use DMA if
directed, but as public channels can be reserved for use in
asynchronous operations some channels should be held back
as private. Since the public/private determination is
handled at a device level, reserve the "other" (secondary)
CCP channels as private.

Add a module parameter that allows for override, to be
applied to all channels on all devices.

CC: <sta...@vger.kernel.org> # 4.10.x-
Signed-off-by: Gary R Hook <gary.h...@amd.com>
---
 drivers/crypto/ccp/ccp-dev-v5.c|1 +
 drivers/crypto/ccp/ccp-dev.h   |5 
 drivers/crypto/ccp/ccp-dmaengine.c |   41 
 3 files changed, 47 insertions(+)

diff --git a/drivers/crypto/ccp/ccp-dev-v5.c b/drivers/crypto/ccp/ccp-dev-v5.c
index 41cc853..fc08b4e 100644
--- a/drivers/crypto/ccp/ccp-dev-v5.c
+++ b/drivers/crypto/ccp/ccp-dev-v5.c
@@ -1015,6 +1015,7 @@ static void ccp5other_config(struct ccp_device *ccp)
 
 const struct ccp_vdata ccpv5b = {
.version = CCP_VERSION(5, 0),
+   .dma_chan_attr = DMA_PRIVATE,
.setup = ccp5other_config,
.perform = _actions,
.bar = 2,
diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 2b5c01f..aa36f3f 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -179,6 +179,10 @@
 
 /*  General CCP Defines  */
 
+#defineCCP_DMA_DFLT0x0
+#defineCCP_DMA_PRIV0x1
+#defineCCP_DMA_PUB 0x2
+
 #define CCP_DMAPOOL_MAX_SIZE   64
 #define CCP_DMAPOOL_ALIGN  BIT(5)
 
@@ -636,6 +640,7 @@ struct ccp_actions {
 /* Structure to hold CCP version-specific values */
 struct ccp_vdata {
const unsigned int version;
+   const unsigned int dma_chan_attr;
void (*setup)(struct ccp_device *);
const struct ccp_actions *perform;
const unsigned int bar;
diff --git a/drivers/crypto/ccp/ccp-dmaengine.c 
b/drivers/crypto/ccp/ccp-dmaengine.c
index 8d0eeb4..e00be01 100644
--- a/drivers/crypto/ccp/ccp-dmaengine.c
+++ b/drivers/crypto/ccp/ccp-dmaengine.c
@@ -10,6 +10,7 @@
  * published by the Free Software Foundation.
  */
 
+#include 
 #include 
 #include 
 #include 
@@ -25,6 +26,37 @@
(mask == 0) ? 64 : fls64(mask); \
 })
 
+/* The CCP as a DMA provider can be configured for public or private
+ * channels. Default is specified in the vdata for the device (PCI ID).
+ * This module parameter will override for all channels on all devices:
+ *   dma_chan_attr = 0x2 to force all channels public
+ * = 0x1 to force all channels private
+ * = 0x0 to defer to the vdata setting
+ * = any other value: warning, revert to 0x0
+ */
+static unsigned int dma_chan_attr = CCP_DMA_DFLT;
+module_param(dma_chan_attr, uint, 0444);
+MODULE_PARM_DESC(dma_chan_attr, "Set DMA channel visibility: 0 (default) = 
device defaults, 1 = make private, 2 = make public");
+
+unsigned int ccp_get_dma_chan_attr(struct ccp_device *ccp)
+{
+   switch (dma_chan_attr) {
+   case CCP_DMA_DFLT:
+   return ccp->vdata->dma_chan_attr;
+
+   case CCP_DMA_PRIV:
+   return DMA_PRIVATE;
+
+   case CCP_DMA_PUB:
+   return 0;
+
+   default:
+   dev_info_once(ccp->dev, "Invalid value for dma_chan_attr: %d\n",
+ dma_chan_attr);
+   return ccp->vdata->dma_chan_attr;
+   }
+}
+
 static void ccp_free_cmd_resources(struct ccp_device *ccp,
   struct list_head *list)
 {
@@ -675,6 +707,15 @@ int ccp_dmaengine_register(struct ccp_device *ccp)
dma_cap_set(DMA_SG, dma_dev->cap_mask);
dma_cap_set(DMA_INTERRUPT, dma_dev->cap_mask);
 
+   /* The DMA channels for this device can be set to public or private,
+* and overridden by the module parameter dma_chan_attr.
+* Default: according to the value in vdata (dma_chan_attr=0)
+* dma_chan_attr=0x1: all channels private (override vdata)
+* dma_chan_attr=0x2: all channels public (override vdata)
+*/
+   if (ccp_get_dma_chan_attr(ccp) == DMA_PRIVATE)
+   dma_cap_set(DMA_PRIVATE, dma_dev->cap_mask);
+
INIT_LIST_HEAD(_dev->channels);
for (i = 0; i < ccp->cmd_q_count; i++) {
chan = ccp->ccp_dma_chan + i;

Re: [PATCH 2/2] crypto: ccp - Mark driver as little-endian only

[Gary R Hook]

Ack. Didn't reply all  Sorry, Arnd.

There was a krobot warning about this and I submitted a patch just now.

(I thought) my mistake was (in this function) not handling the structure
elements in the same manner as other functions. My patch rectifies that.

On 03/28/2017 04:58 AM, Arnd Bergmann wrote:

The driver causes a warning when built as big-endian:

drivers/crypto/ccp/ccp-dev-v5.c: In function 'ccp5_perform_des3':
include/uapi/linux/byteorder/big_endian.h:32:26: error: large integer
implicitly truncated to unsigned type [-Werror=overflow]
 #define __cpu_to_le32(x) ((__force __le32)__swab32((x)))
  ^
include/linux/byteorder/generic.h:87:21: note: in expansion of macro
'__cpu_to_le32'
 #define cpu_to_le32 __cpu_to_le32
 ^
drivers/crypto/ccp/ccp-dev-v5.c:436:28: note: in expansion of macro
'cpu_to_le32'
  CCP5_CMD_KEY_MEM() = cpu_to_le32(CCP_MEMTYPE_SB);

The warning is correct, doing a 32-bit byte swap on a value that gets
assigned into a bit field cannot work, since we would only write zeroes
in this case, regardless of the input.


Yes, this was all wrong.


In fact, the use of bit fields in hardware defined data structures is
not portable to start with, so until all these bit fields get replaced
by something else, the driver cannot work on big-endian machines, and
I'm adding an annotation here to prevent it from being selected.


This is a driver that talks to hardware, a device which, AFAIK, has no
plan to be implemented in a big endian flavor. I clearly need to be more
diligent in building with various checkers enabled. I'd prefer my fix
over your suggested refusal to compile, if that's okay.


The CCPv3 code seems to not suffer from this problem, only v5 uses
bitfields.


Yes, I took a different approach when I wrote the code. IMO (arguably)
more readable. Same result: words full of hardware-dependent bit patterns.

Please help me understand what I could do better.

--
This is my day job. Follow me at:
IG/Twitter/Facebook: @grhookphoto
IG/Twitter/Facebook: @grhphotographer

Re: [PATCH 1/2] crypto: ccp - Reduce stack frame size with KASAN

[Gary R Hook]

On 03/28/2017 04:58 AM, Arnd Bergmann wrote:> The newly added AES GCM 
implementation uses one of the largest stack frames

in the kernel, around 1KB on normal 64-bit kernels, and 1.6KB when
CONFIG_KASAN
is enabled:

drivers/crypto/ccp/ccp-ops.c: In function 'ccp_run_aes_gcm_cmd':
drivers/crypto/ccp/ccp-ops.c:851:1: error: the frame size of 1632 bytes
is larger than 1536 bytes [-Werror=frame-larger-than=]

This is problematic for multiple reasons:

 - The crypto functions are often used in deep call chains, e.g. behind
   mm, fs and dm layers, making it more likely to run into an actual stack
   overflow

 - Using this much stack space is an indicator that the code is not
   written to be as efficient as it could be.


I'm not sure I agree that A -> B, but I will certainly look into this.


 - While this goes unnoticed at the moment in mainline with the frame size
   warning being disabled when KASAN is in use, I would like to enable
   the warning again, and the current code is slightly above my arbitrary
   pick for a limit of 1536 bytes (I already did patches for every other
   driver exceeding this).


I've got my stack frame size (also) set to 1536, and would have paid 
more attention

had a warning occurred due to my code.


A more drastic refactoring of the driver might be needed to reduce the
stack usage more substantially, but this patch is fairly simple and
at least addresses the third one of the problems I mentioned, reducing the
stack size by about 150 bytes and bringing it below the warning limit
I picked.


Again, I'll devote some time to this.


diff --git a/drivers/crypto/ccp/ccp-dev.h b/drivers/crypto/ccp/ccp-dev.h
index 3a45c2af2fbd..c5ea0796a891 100644
--- a/drivers/crypto/ccp/ccp-dev.h
+++ b/drivers/crypto/ccp/ccp-dev.h
@@ -432,24 +432,24 @@ struct ccp_dma_info {
 unsigned int offset;
 unsigned int length;
 enum dma_data_direction dir;
-};
+} __packed __aligned(4);


My gcc 4.8 doesn't understand __aligned(). Shouldn't we use
#pragma(4) here?



 struct ccp_dm_workarea {
 struct device *dev;
 struct dma_pool *dma_pool;
-   unsigned int length;

 u8 *address;
 struct ccp_dma_info dma;
+   unsigned int length;
 };

 struct ccp_sg_workarea {
 struct scatterlist *sg;
 int nents;
+   unsigned int dma_count;

 struct scatterlist *dma_sg;
 struct device *dma_dev;
-   unsigned int dma_count;
 enum dma_data_direction dma_dir;

 unsigned int sg_used;


I'm okay with rearranging, but I'm going to submit an alternative patch.