26 Jan, 2008
3 commits
-
Move s390 crypto Kconfig options to drivers/crypto/Kconfig to have all
hardware crypto devices in one place.This also makes messing up the kernel source tree easier for some people.
Signed-off-by: Jan Glauber
Signed-off-by: Martin Schwidefsky -
Currently it is possible to select HW_RANDOM as a module and have
hifn795x built-in. This causes a build problem because hifn795x
will then call hwrng_register which isn't built-in.This patch introduces a new config option to control the hifn795x
RNG which lets us avoid this problem.Signed-off-by: Herbert Xu
-
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (125 commits)
[CRYPTO] twofish: Merge common glue code
[CRYPTO] hifn_795x: Fixup container_of() usage
[CRYPTO] cast6: inline bloat--
[CRYPTO] api: Set default CRYPTO_MINALIGN to unsigned long long
[CRYPTO] tcrypt: Make xcbc available as a standalone test
[CRYPTO] xcbc: Remove bogus hash/cipher test
[CRYPTO] xcbc: Fix algorithm leak when block size check fails
[CRYPTO] tcrypt: Zero axbuf in the right function
[CRYPTO] padlock: Only reset the key once for each CBC and ECB operation
[CRYPTO] api: Include sched.h for cond_resched in scatterwalk.h
[CRYPTO] salsa20-asm: Remove unnecessary dependency on CRYPTO_SALSA20
[CRYPTO] tcrypt: Add select of AEAD
[CRYPTO] salsa20: Add x86-64 assembly version
[CRYPTO] salsa20_i586: Salsa20 stream cipher algorithm (i586 version)
[CRYPTO] gcm: Introduce rfc4106
[CRYPTO] api: Show async type
[CRYPTO] chainiv: Avoid lock spinning where possible
[CRYPTO] seqiv: Add select AEAD in Kconfig
[CRYPTO] scatterwalk: Handle zero nbytes in scatterwalk_map_and_copy
[CRYPTO] null: Allow setkey on digest_null
...
11 Jan, 2008
22 commits
-
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
[CRYPTO] padlock: Fix alignment fault in aes_crypt_copy -
Signed-off-by: Alexey Dobriyan
Signed-off-by: Herbert Xu -
Currently we reset the key for each segment fed to the xcrypt instructions.
This patch optimises this for CBC and ECB so that we only do this once for
each encrypt/decrypt operation.Signed-off-by: Herbert Xu
-
With the impending addition of the givcipher type, both blkcipher and
ablkcipher algorithms will use it to create givcipher objects. As such
it no longer makes sense to split the system between ablkcipher and
blkcipher. In particular, both ablkcipher.c and blkcipher.c would need
to use the givcipher type which has to reside in ablkcipher.c since it
shares much code with it.This patch merges the two Kconfig options as well as the modules into one.
Signed-off-by: Herbert Xu
-
This patch adds __dev{init,exit} annotations.
Signed-off-by: Adrian Bunk
Signed-off-by: Herbert Xu -
crypto_blkcipher_decrypt is wrong because it does not care about
the IV.Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
There is no reason to keep the IV in the private structre. Instead keep
just a pointer to make the patch smaller :)
This also remove a few memcpy()sSigned-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
Signed-off-by: Patrick McHardy
Acked-by: Evgeniy Polyakov
Signed-off-by: Herbert Xu -
The current PLL initalization has a number of deficiencies:
- uses fixed multiplier of 8, which overclocks the chip when using a
reference clock that operates at frequencies above 33MHz. According
to a comment in the BSD source, this is true for the external clock
on almost all every board.- writes to a reserved bit
- doesn't follow the initialization procedure specified in chapter
6.11.1 of the HIFN hardware users guide- doesn't allow to use the PCI clock
This patch adds a module parameter to specify the reference clock
(pci or external) and its frequency and uses that to calculate the
optimum multiplier to reach the maximal speed. By default it uses
the external clock and assumes a speed of 66MHz, which effectively
halfs the frequency currently used.Signed-off-by: Patrick McHardy
Acked-by: Evgeniy Polyakov
Signed-off-by: Herbert Xu -
Up until now we have ablkcipher algorithms have been identified as
type BLKCIPHER with the ASYNC bit set. This is suboptimal because
ablkcipher refers to two things. On the one hand it refers to the
top-level ablkcipher interface with requests. On the other hand it
refers to and algorithm type underneath.As it is you cannot request a synchronous block cipher algorithm
with the ablkcipher interface on top. This is a problem because
we want to be able to eventually phase out the blkcipher top-level
interface.This patch fixes this by making ABLKCIPHER its own type, just as
we have distinct types for HASH and DIGEST. The type it associated
with the algorithm implementation only.Which top-level interface is used for synchronous block ciphers is
then determined by the mask that's used. If it's a specific mask
then the old blkcipher interface is given, otherwise we go with the
new ablkcipher interface.Signed-off-by: Herbert Xu
-
alpha:
drivers/crypto/hifn_795x.c: In function 'ablkcipher_walk_init':
drivers/crypto/hifn_795x.c:1231: error: implicit declaration of function 'sg_init_table'
drivers/crypto/hifn_795x.c:1243: error: implicit declaration of function 'sg_set_page'
drivers/crypto/hifn_795x.c: In function 'ablkcipher_walk_exit':
drivers/crypto/hifn_795x.c:1257: error: implicit declaration of function 'sg_page'
drivers/crypto/hifn_795x.c:1257: warning: passing argument 1 of '__free_pages' makes pointer from integer without a cast
drivers/crypto/hifn_795x.c: In function 'ablkcipher_add':
drivers/crypto/hifn_795x.c:1278: warning: passing argument 1 of 'kmap_atomic' makes pointer from integer without a cast
drivers/crypto/hifn_795x.c: In function 'ablkcipher_walk':
drivers/crypto/hifn_795x.c:1336: warning: passing argument 1 of 'kmap_atomic' makes pointer from integer without a cast
drivers/crypto/hifn_795x.c: In function 'hifn_setup_session':
drivers/crypto/hifn_795x.c:1465: warning: assignment makes pointer from integer without a cast
drivers/crypto/hifn_795x.c:1469: warning: assignment makes pointer from integer without a cast
drivers/crypto/hifn_795x.c:1472: warning: assignment makes pointer from integer without a cast
drivers/crypto/hifn_795x.c: In function 'ablkcipher_get':
drivers/crypto/hifn_795x.c:1593: warning: passing argument 1 of 'kmap_atomic' makes pointer from integer without a cast
{standard input}: Assembler messages:
{standard input}:7: Warning: setting incorrect section attributes for .got
drivers/crypto/hifn_795x.c: In function 'hifn_process_ready':
drivers/crypto/hifn_795x.c:1653: warning: passing argument 1 of 'kmap_atomic' makes pointer from integer without a cast
drivers/crypto/hifn_795x.c: In function 'hifn_probe':
drivers/crypto/hifn_795x.c:2438: error: 'DMA_32BIT_MASK' undeclared (first use in this function)
drivers/crypto/hifn_795x.c:2438: error: (Each undeclared identifier is reported only once
drivers/crypto/hifn_795x.c:2438: error: for each function it appears in.)
drivers/crypto/hifn_795x.c:2443: warning: format '%d' expects type 'int', but argument 4 has type 'long int'
drivers/crypto/hifn_795x.c:2443: warning: format '%d' expects type 'int', but argument 4 has type 'long int'Signed-off-by: Andrew Morton
Signed-off-by: Herbert Xu -
The HIFN driver is currently selectable on s390 but wont compile.
Since it looks like HIFN needs PCI make the Kconfig dependent on PCI,
which is not available on s390.Signed-off-by: Jan Glauber
Acked-by: Evgeniy Polyakov
Signed-off-by: Herbert Xu -
This patch forces HIFN driver to invoke crypto request callbacks from
tasklet (softirq context) instead of hardirq context, since network
stack expects it to be called from bottom halves.It is done by simply scheduling callback invocation via dedicated
tasklet. Workqueue solution was dropped because of tooo slow
rescheduling performance (7 times slower than tasklet, for mode details
one can check this link:
http://tservice.net.ru/~s0mbre/blog/devel/other/2007_11_09.html).Driver passed all AES and DES tests in tcryt.c module.
Signed-off-by: Evgeniy Polyakov
Signed-off-by: Herbert Xu -
The Geode AES crypto engine supports only 128 bit long key. This
patch adds fallback for other key sizes which are required by the
AES standard.Signed-off-by: Sebastian Siewior
Acked-by: Jordan Crouse
Signed-off-by: Herbert Xu -
This patch moves macros in geode-aes.c into geode-aes.h.
Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
The code waits in a busy loop until the hardware finishes the encryption
or decryption process. This wants a cpu_relax() :)
The busy loop finishes either if the encryption is done or if the counter
is zero. If the latter is true than the hardware failed. Since this
should not happen, leave sith a BUG().Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
It is enough if the IV is copied before and after the while loop.
With DM-Crypt is seems not be required to save the IV after encrytion
because a new one is used in the request (dunno about other users).
It is not save to load the IV within while loop and not save afterwards
because we mill end up with the wrong IV if the request goes consists
of more than one page.Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
This three defines are used in all AES related hardware.
Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
alias isn't required because the module provides PCI ids.
Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
HIFN driver update to use DES weak key checks (exported in this patch).
Signed-off-by: Evgeniy Polyakov
Signed-off-by: Herbert Xu -
This is a driver for HIFN 795x crypto accelerator chips.
It passed all tests for AES, DES and DES3_EDE except weak test for DES,
since hardware can not determine weak keys.Signed-off-by: Evgeniy Polyakov
Signed-off-by: Herbert Xu -
The previous patch fixed spurious read faults from occuring by copying
the data if we happen to have a single block at the end of a page. It
appears that gcc cannot guarantee 16-byte alignment in the kernel with
__attribute__. The following report from Torben Viets shows a buffer
that's only 8-byte aligned:> eneral protection fault: 0000 [#1]
> Modules linked in: xt_TCPMSS xt_tcpmss iptable_mangle ipt_MASQUERADE
> xt_tcpudp xt_mark xt_state iptable_nat nf_nat nf_conntrack_ipv4
> iptable_filter ip_tables x_tables pppoe pppox af_packet ppp_generic slhc
> aes_i586
> CPU: 0
> EIP: 0060:[] Not tainted VLI
> EFLAGS: 00010292 (2.6.23.12 #7)
> EIP is at aes_crypt_copy+0x28/0x40
> eax: f7639ff0 ebx: f6c24050 ecx: 00000001 edx: f6c24030
> esi: f7e89dc8 edi: f7639ff0 ebp: 00010000 esp: f7e89dc8Since the hardware must have 16-byte alignment, the following patch fixes
this by open coding the alignment adjustment.Signed-off-by: Herbert Xu
28 Dec, 2007
2 commits
-
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
[CRYPTO] padlock: Fix spurious ECB page fault -
The xcryptecb instruction always processes an even number of blocks so
we need to ensure th existence of an extra block if we have to process
an odd number of blocks.Signed-off-by: Herbert Xu
04 Dec, 2007
1 commit
-
The previous commit ("uml: keep UML Kconfig in sync with x86") is not
enough, unfortunately. If we go that way, we need to add dependencies
on !UML for several options.Signed-off-by: Al Viro
Signed-off-by: Jeff Dike
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
11 Nov, 2007
1 commit
-
Currently the Geode AES module fails to encrypt or decrypt if
the coherent bits are not set what is currently the case if the
encryption does not occur inplace. However, the encryption works
on my Geode machine _only_ if the coherent bits are always set.Signed-off-by: Sebastian Siewior
Acked-by: Jordan Crouse
Signed-off-by: Herbert Xu
27 Oct, 2007
1 commit
-
This patch fixes the errors made in the users of the crypto layer during
the sg_init_table conversion. It also adds a few conversions that were
missing altogether.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
11 Oct, 2007
4 commits
-
There are currently several SHA implementations that all define their own
initialization vectors and size values. Since this values are idential
move them to a header file under include/crypto.Signed-off-by: Jan Glauber
Signed-off-by: Herbert Xu -
Loading the crypto algorithm by the alias instead of by module directly
has the advantage that all possible implementations of this algorithm
are loaded automatically and the crypto API can choose the best one
depending on its priority.Additionally it ensures that the generic implementation as well as the
HW driver (if available) is loaded in case the HW driver needs the
generic version as fallback in corner cases.Also remove the probe for sha1 in padlock's init code.
Quote from Herbert:
The probe is actually pointless since we can always probe when
the algorithm is actually used which does not lead to dead-locks
like this.Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
Loading the crypto algorithm by the alias instead of by module directly
has the advantage that all possible implementations of this algorithm
are loaded automatically and the crypto API can choose the best one
depending on its priority.Additionally it ensures that the generic implementation as well as the
HW driver (if available) is loaded in case the HW driver needs the
generic version as fallback in corner cases.Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
Hardware drivers shouldn't default to m.
Signed-off-by: Adrian Bunk
Signed-off-by: Herbert Xu
19 Aug, 2007
1 commit
-
Signed-off-by: Jan Engelhardt
Signed-off-by: Stefan Richter (edited MACINTOSH_DRIVERS per Geert Uytterhoeven's remark)
Signed-off-by: Linus Torvalds
17 Jul, 2007
1 commit
-
Use menuconfigs instead of menus, so the whole menu can be disabled at once
instead of going through all options.Signed-off-by: Jan Engelhardt
Cc: Michael Buesch
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
24 May, 2007
1 commit
-
Allow in-place crypto operations. Also remove the coherent user flag
(we use it automagically now), and by default use the user written
key rather then the HW hidden key - this makes crypto just work without
any special considerations, and thats OK, since its our only usage
model.Signed-off-by: Jordan Crouse
Signed-off-by: Herbert Xu
18 May, 2007
1 commit
-
Turning it into a boolean was unnecessary and caused ALGAPI to be
pinned down as a boolean to. This patch makes it a tristate again.Signed-off-by: Herbert Xu
10 May, 2007
1 commit
-
Disband drivers/s390/Kconfig, use the common Kconfig files. The s390
specific config options from drivers/s390/Kconfig are moved to the
respective common Kconfig files.Signed-off-by: Martin Schwidefsky
09 May, 2007
1 commit
-
Fix several typos in help text in Kconfig* files.
Signed-off-by: David Sterba
Signed-off-by: Adrian Bunk
