11 Jan, 2012
1 commit
-
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (54 commits)
crypto: gf128mul - remove leftover "(EXPERIMENTAL)" in Kconfig
crypto: serpent-sse2 - remove unneeded LRW/XTS #ifdefs
crypto: serpent-sse2 - select LRW and XTS
crypto: twofish-x86_64-3way - remove unneeded LRW/XTS #ifdefs
crypto: twofish-x86_64-3way - select LRW and XTS
crypto: xts - remove dependency on EXPERIMENTAL
crypto: lrw - remove dependency on EXPERIMENTAL
crypto: picoxcell - fix boolean and / or confusion
crypto: caam - remove DECO access initialization code
crypto: caam - fix polarity of "propagate error" logic
crypto: caam - more desc.h cleanups
crypto: caam - desc.h - convert spaces to tabs
crypto: talitos - convert talitos_error to struct device
crypto: talitos - remove NO_IRQ references
crypto: talitos - fix bad kfree
crypto: convert drivers/crypto/* to use module_platform_driver()
char: hw_random: convert drivers/char/hw_random/* to use module_platform_driver()
crypto: serpent-sse2 - should select CRYPTO_CRYPTD
crypto: serpent - rename serpent.c to serpent_generic.c
crypto: serpent - cleanup checkpatch errors and warnings
...
20 Dec, 2011
8 commits
-
The AES engine only supports 128 and 256 bit keys so we should correctly
test for that.Cc: Herbert Xu
Reported-by: Joe Perches
Signed-off-by: Jamie Iles
Signed-off-by: Herbert Xu -
Access to the SEC4 DECOs (DEscriptor COntrollers) (for debug purposes)
isn't supported or used, and its register access initialization code
erroneously makes illegal i/o accesses that show up as errors when
run under simulation. Remove it until proper support (via DECORR)
is added.Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
the polarity of the definition for error propagation was reverse
in the initial desc.h. Fix desc.h and its users.Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
manual removal of double-spaces - no non-whitespace changes.
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
this is the result of running unexpand -a on desc.h.
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
SEC2/3 h/w doesn't have a dedicated interrupt for errors,
and the only callsite for talitos_error has already done
the type conversion, so simplify talitos_error to take a
pointer to a struct device.Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
As prescribed by Linus:
https://lkml.org/lkml/2011/12/2/290
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
Fix a kfree to an invalid address which causes an oops when running
on SEC v2.0 h/w (introduced in commit 702331b "crypto: talitos - add
hmac algorithms").Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu
30 Nov, 2011
1 commit
-
This patch converts the drivers in drivers/crypto/* to use the
module_platform_driver() macro which makes the code smaller and a bit
simpler.Cc: James Hsiao
Cc: Sebastian Andrzej Siewior
Cc: Kim Phillips
Cc: "David S. Miller"
Signed-off-by: Axel Lin
Acked-by: Vladimir Zapolskiy
Acked-by: Jamie Iles
Signed-off-by: Herbert Xu
26 Nov, 2011
1 commit
-
* git://github.com/herbertx/crypto:
crypto: mv_cesa - fix hashing of chunks > 1920 bytes
21 Nov, 2011
6 commits
-
This was broken by commit 7759995c75ae0cbd4c861582908449f6b6208e7a (yes,
myself). The basic problem here is since the digest state is only saved
after the last chunk, the state array is only valid when handling the
first chunk of the next buffer. Broken since linux-3.0.Signed-off-by: Phil Sutter
Cc: # 3.1.x
Signed-off-by: Herbert Xu -
specifically, add these algorithm combinations:
authenc-hmac-md5-cbc-aes-caam
authenc-hmac-md5-cbc-des3_ede-caam
authenc-hmac-md5-cbc-des-caamSigned-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
Some later SEC v3.x are equipped with a second IRQ line.
By correctly assigning IRQ affinity, this feature can be
used to increase performance on dual core parts, like the
MPC8572E and P2020E.The existence of the 2nd IRQ is determined from the device
node's interrupt property. If present, the driver remaps
two of four channels, which in turn makes those channels
trigger their interrupts on the 2nd line instead of the first.
To handle single- and dual-IRQ combinations efficiently,
talitos gets two new interrupt handlers and back-half workers.[includes a fix to MCR_LO's address.]
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
Add a reg member to the channel struct and use it to
access channels.Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
talitos prints every algorithm it registers at module load time.
Algorithms are being added that make for an excessively noisy console
(latest HMACs patch makes an SEC 3.1 print 20 lines).
Instead, display the SEC h/w version number, and inform the
user of algorithm registration status in /proc/crypto, like so:talitos ffe30000.crypto: fsl,sec3.1 algorithms registered in /proc/crypto
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
Add these hmac algorithms to talitos:
hmac(md5),
hmac(sha1),
hmac(sha224),
hmac(sha256),
hmac(sha384),
hmac(sha512).
These are all type ahash.Signed-off-by: Lee Nipper
Fixed up to not register HMAC algorithms on sec2.0 devices.
Rationale (from Lee):on an 8349E Rev1.1, there's a problem with hmac for any talitos
hmac sequence requiring an intermediate hash context (Pointer
DWORD 1); the result is an incorrect hmac. An intermediate hash
context is required for something longer than (65536-blocksize),
and for other cases when update/finup/final are used inefficiently.
Interestingly, a normal hash (without hmac) works perfectly
when using an intermediate context.Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu
07 Nov, 2011
1 commit
-
* 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux: (230 commits)
Revert "tracing: Include module.h in define_trace.h"
irq: don't put module.h into irq.h for tracking irqgen modules.
bluetooth: macroize two small inlines to avoid module.h
ip_vs.h: fix implicit use of module_get/module_put from module.h
nf_conntrack.h: fix up fallout from implicit moduleparam.h presence
include: replace linux/module.h with "struct module" wherever possible
include: convert various register fcns to macros to avoid include chaining
crypto.h: remove unused crypto_tfm_alg_modname() inline
uwb.h: fix implicit use of asm/page.h for PAGE_SIZE
pm_runtime.h: explicitly requires notifier.h
linux/dmaengine.h: fix implicit use of bitmap.h and asm/page.h
miscdevice.h: fix up implicit use of lists and types
stop_machine.h: fix implicit use of smp.h for smp_processor_id
of: fix implicit use of errno.h in include/linux/of.h
of_platform.h: delete needless include
acpi: remove module.h include from platform/aclinux.h
miscdevice.h: delete unnecessary inclusion of module.h
device_cgroup.h: delete needless include
net: sch_generic remove redundant use of
net: inet_timewait_sock doesnt need
...Fix up trivial conflicts (other header files, and removal of the ab3550 mfd driver) in
- drivers/media/dvb/frontends/dibx000_common.c
- drivers/media/video/{mt9m111.c,ov6650.c}
- drivers/mfd/ab3550-core.c
- include/linux/dmaengine.h
01 Nov, 2011
1 commit
-
Part of the include cleanups means that the implicit
inclusion of module.h via device.h is going away. So
fix things up in advance.Signed-off-by: Paul Gortmaker
21 Oct, 2011
2 commits
-
The CDPR (Current Descriptor Pointer Register) can be unreliable
when trying to locate an offending descriptor. Handle that case by
(a) not OOPSing, and (b) reverting to the machine internal copy of
the descriptor header in order to report the correct execution unit
error.Note: printing all execution units' ISRs is not effective because it
results in an internal time out (ITO) error and the EU resetting its
ISR value (at least when specifying an invalid key length on an SEC
2.2/MPC8313E).Reported-by: Sven Schnelle
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
hifn_795x works only on 32 bit, remove the detection while loading
the module and catch non-32 bit systems at build time.Signed-off-by: Richard Weinberger
Signed-off-by: Herbert Xu
20 Oct, 2011
1 commit
-
The picoxcell crypto driver requires the clk API, but the platform in
mainline does not currently support it. Add an explicit dependency on
HAVE_CLK to avoid build breakage.Signed-off-by: Jamie Iles
Signed-off-by: Herbert Xu
15 Aug, 2011
1 commit
-
Fix a get/put_cpu() imbalance in the error case when qp == NULL
Signed-off-by: Thomas Meyer
Signed-off-by: Herbert Xu
10 Aug, 2011
4 commits
-
The completion callback will free the request so we must remove it from
the completion list before calling the callback.Cc: Herbert Xu
Signed-off-by: Jamie Iles
Signed-off-by: Herbert Xu -
Allow the crypto engines to be matched from device tree bindings.
Cc: devicetree-discuss@lists.ozlabs.org
Cc: Herbert Xu
Signed-off-by: Jamie Iles
Signed-off-by: Herbert Xu -
For using the device tree probing we use a connection ID for the
clk_get() operation.Cc: Herbert Xu
Signed-off-by: Jamie Iles
Signed-off-by: Herbert Xu -
Use a platform ID table and a single platform_driver. It's neater and
makes the device tree addition easier and more consistent. Rename the
match values to be inline with what they'll be in the device tree
bindings. There aren't any current in-tree users of the existing device
names.Cc: Herbert Xu
Signed-off-by: Jamie Iles
Signed-off-by: Herbert Xu
03 Aug, 2011
1 commit
-
When loading aes via the module alias, a padlock module failing to
load due to missing hardware is not particularly notable. With
v2.6.27-rc1~1107^2~14 (crypto: padlock - Make module loading quieter
when hardware isn't available, 2008-07-03), the padlock-aes module
suppresses the relevant messages when the "quiet" flag is in use; but
better to suppress this particular message completely, since the
administrator can already distinguish such errors by the absence of a
message indicating initialization failing or succeeding.This avoids occasional messages in syslog of the form
padlock_aes: VIA PadLock not detected.
Signed-off-by: Jonathan Nieder
Signed-off-by: Herbert Xu
28 Jul, 2011
1 commit
-
A small modification was necessary since in the machine description
for 'n2cp' and 'ncp' nodes, there no longer is an 'intr' property.That's OK because this property was always nothing more than an
array of integers '1' ... 'nr_inos + 1' so we can just compute it
in-place.Signed-off-by: David S. Miller
26 Jul, 2011
1 commit
-
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:
fs: take the ACL checks to common code
bury posix_acl_..._masq() variants
kill boilerplates around posix_acl_create_masq()
generic_acl: no need to clone acl just to push it to set_cached_acl()
kill boilerplate around posix_acl_chmod_masq()
reiserfs: cache negative ACLs for v1 stat format
xfs: cache negative ACLs if there is no attribute fork
9p: do no return 0 from ->check_acl without actually checking
vfs: move ACL cache lookup into generic code
CIFS: Fix oops while mounting with prefixpath
xfs: Fix wrong return value of xfs_file_aio_write
fix devtmpfs race
caam: don't pass bogus S_IFCHR to debugfs_create_...()
get rid of create_proc_entry() abuses - proc_mkdir() is there for purpose
asus-wmi: ->is_visible() can't return negative
fix jffs2 ACLs on big-endian with 16bit mode_t
9p: close ACL leaks
ocfs2_init_acl(): fix a leak
VFS : mount lock scalability for internal mounts
24 Jul, 2011
1 commit
-
it will be replaced with S_IFREG anyway
Signed-off-by: Al Viro
15 Jul, 2011
8 commits
-
caam now supports encrypt and decrypt
for aes, des and 3desSigned-off-by: Yuan Kang
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
Job descriptors only contain header and seq pointers.
Other commands are stored in separate shared descriptors
for encrypt, decrypt and givencrypt, stored as arrays
in caam_ctx.This requires additional macros to create math commands
to calculate assoclen and cryptlen.Signed-off-by: Yuan Kang
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
caam_ctx.key_phys to key_dma
caam_alg_template supports multiple algorithm types
listed in union, which requires cases for
different types in function caam_alg_allocSigned-off-by: Yuan Kang
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
"aead_authenc" and "ipsec_esp" changed to "aead,"
except for function "ipsec_esp," which is changed
to "init_aead_job."Variable name of aead_request structures changed
to "req" and name of aead_givcrypt_request structure
changed to "areq"Signed-off-by: Yuan Kang
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
crypto/ablkcipher.c's setkey() has already checked against the min, max
key sizes before it calls here, and all max_keysize assignments in the
algorithm template array do not exceed TALITOS_MAX_KEY_SIZE.Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
IRQ done notification is always set. Remove its explicit
assignment from the hot path by including it in the
descriptor header template assignment in talitos_cra_init.Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu -
Assign single target channel per tfm in talitos_cra_init instead of
performing channel scheduling dynamically during the encryption request.
This changes the talitos_submit interface to accept a new channel
number argument. Without this, rapid bursts of misc. sized requests
could make it possible for IPsec packets to be encrypted out-of-order,
which would result in packet drops due to sequence numbers falling
outside the anti-reply window on a peer gateway.Signed-off-by: Kim Phillips
Signed-off-by: Herbert Xu
30 Jun, 2011
1 commit
-
The Security function on the AMCC SoCs has multiple engines within a
single MMIO range. The crypto driver currently enables the 3DES
functionality by doing a blind write to the device control register.
This can unintentionally disable other functions like the PKA or TRNG
when the driver is loaded.Perform a read/modify/write to enable the 3DES function instead.
Signed-off-by: Josh Boyer
Signed-off-by: Herbert Xu
