21 Jan, 2021
2 commits
-
In case no job rings are available, secure memory structures are not
initialized, since caam_jr_probe()->init_misc_func()->caam_sm_startup()
is not called.
This could happen if all job ring devices bind to the jr uio driver
instead of the caam/jr driver.
Running sm_test in this case will lead to a crash.Add a check to verify that SM has been initialized - if not the tests
will be skipped.Reported-by: Gaurav Jain
Signed-off-by: Horia Geantă
Reviewed-by: Gaurav Jain -
Introduction
===Currently we are facing some limitations in the caam/jr module lifecycle.
There are some discussion in upstream:
Link: https://lore.kernel.org/linux-crypto/20190904023515.7107-13-andrew.smirnov@gmail.com
Link: https://lore.kernel.org/linux-crypto/20191105151353.6522-1-andrew.smirnov@gmail.com
but in the end it all seems to get down to implementations not being able
to gracefully unregister crypto algorithms from crypto API while there are
users / allocated tfms (cra_refcnt > 1).[*] OTOH functionalities in caam/jr that don't interact with crypto API
(like Secure Memory or black keys / blobs generation) don't face this
limitation.Issue at hand
===When unloading the caam_jr module, the .remove callback for the last JR
device exits with -EBUSY (see "Introduction" above) and doesn't perform
the clean-up (crypto algorithms unregistering etc.).One side effect of this is leeding to an oops, which occurs due to a
corruption in the linked list of "misc devices"
(drivers/char/misc.c - misc_list):
1. caam_jr module is unloaded without calling unregister_algs()->
caam_keygen_exit()->misc_deregister() for the last job ring device;
this leaves a dangling entry in the misc_list double-linked list
2. rng_core module is unloaded and calls misc_deregister(); this implies
removing the corresponding entry in the misc_list; while doing this the
dangling entry is accessed - which leads to an oops since the address is
no longer valid (address points to the caam_jr module address space,
but caam_jr has been previously unloaded).Fix this by moving the clean-up of non-crypto related functionalities [*]
before crypto related ones.Fixes: 3af836d4b311 ("MLK-24420-3 crypto: caam - add ioctl calls for black keys and blobs generation")
Signed-off-by: Horia Geantă
Reviewed-by: Gaurav Jain
16 Jan, 2021
1 commit
-
There are cases when default / POR value for RTSDCTL[ENT_DLY] is
equal or greater than minimum value that kernel tries to program (3200).In this case, (re-)programming of RTSDCTL[ENT_DLY] and related RTFRQMIN,
RTFRQMAX is skipped - this logic is fine.
However, RNG sample size (RTSDCTL[SAMP_SIZE]) and associated self-test
parameters must be (re-)programmed irrespective of this condition.This solves the issue of RNG performance dropping after a suspend/resume
cycle on parts where caam loses power AND default value for
RTSDCTL[ENT_DLY] is >= 3200 AND RNG handles are successfully instantiated.Fixes: 29d925df53cf ("LF-2943 crypto: caam - optimize RNG sample size")
Signed-off-by: Horia Geantă
Reviewed-by: Varun Sethi
15 Jan, 2021
1 commit
-
There are cases when the interrupt status register (JRINTR) is non-zero,
even though:
1. An interrupt was generated, but it was masked OR
2. There was no interrupt generated at all
for the corresponding job ring.1. The case when interrupt is masked (JRCFGR_LS[IMSK]=1b'1)
while other events have happened and are being accounted for, e.g.
-JRINTR[HALT]=2b'10 - input job ring underwent a flush of all on-going
jobs and processing of still-existing jobs (sitting in the ring) has been
halted
-JRINTR[HALT]=2b'01 - input job ring is currently undergoing a flush
-JRINTR[ENTER_FAIL]=1b'1 - SecMon / SNVS transitioned to FAIL MODE
It doesn't matter whether these events would assert the interrupt signal
or not, interrupt is anyhow masked.2. The case when interrupt is not masked (JRCFGR_LS[IMSK]=1b'0), however
the events accounted for in JRINTR do not generate interrupts, e.g.:
-JRINTR[HALT]=2b'01
-JRINTR[ENTER_FAIL]=1b'1 and JRCFGR_MS[FAIL_MODE]=1b'0Currently in these cases, when the JR interrupt handler is invoked (as a
consequence of JR sharing the interrupt line with other devices - e.g.
the two JRs on i.MX7ULP) it continues execution instead of returning
IRQ_NONE.
This could lead to situations like interrupt handler clearing JRINTR (and
thus also the JRINTR[HALT] field) while corresponding job ring is
suspended and then that job ring failing on resume path, due to expecting
JRINTR[HALT]=b'10 and reading instead JRINTR[HALT]=b'00.Fix this by checking status of JRINTR[JRI] in the JR interrupt handler.
If JRINTR[JRI]=1b'0, there was no interrupt generated for this JR and
handler must return IRQ_NONE.Signed-off-by: Horia Geantă
Reviewed-by: Varun Sethi
04 Jan, 2021
1 commit
-
This is the 5.10.4 stable release
* tag 'v5.10.4': (717 commits)
Linux 5.10.4
x86/CPU/AMD: Save AMD NodeId as cpu_die_id
drm/edid: fix objtool warning in drm_cvt_modes()
...Signed-off-by: Jason Liu
Conflicts:
drivers/gpu/drm/imx/dcss/dcss-plane.c
drivers/media/i2c/ov5640.c
30 Dec, 2020
9 commits
-
[ Upstream commit d33a23b0532d5d1b5b700e8641661261e7dbef61 ]
The bitreverse helper is almost always built into the kernel,
but in a rare randconfig build it is possible to hit a case
in which it is a loadable module while the atmel-i2c driver
is built-in:arm-linux-gnueabi-ld: drivers/crypto/atmel-i2c.o: in function `atmel_i2c_checksum':
atmel-i2c.c:(.text+0xa0): undefined reference to `byte_rev_table'Add one more 'select' statement to prevent this.
Fixes: 11105693fa05 ("crypto: atmel-ecc - introduce Microchip / Atmel ECC driver")
Signed-off-by: Arnd Bergmann
Signed-off-by: Herbert Xu
Signed-off-by: Sasha Levin -
[ Upstream commit 732b764099f651a088fd931d7b8121b6aa84e62e ]
This patch fixes the following smatch warnings:
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-hash.c:412
sun8i_ce_hash_run() warn: possible memory leak of 'result'
Note: "buf" is leaked as well.Furthermore, in case of ENOMEM, crypto_finalize_hash_request() was not
called which was an error.Fixes: 56f6d5aee88d ("crypto: sun8i-ce - support hash algorithms")
Reported-by: kernel test robot
Reported-by: Dan Carpenter
Signed-off-by: Corentin Labbe
Signed-off-by: Herbert Xu
Signed-off-by: Sasha Levin -
[ Upstream commit ff8107200367f4abe0e5bce66a245e8d0f2d229e ]
The pm_runtime_enable will increase power disable depth.
Thus a pairing decrement is needed on the error handling
path to keep it balanced according to context.Fixes: f7b2b5dd6a62a ("crypto: omap-aes - add error check for pm_runtime_get_sync")
Signed-off-by: Zhang Qilong
Signed-off-by: Herbert Xu
Signed-off-by: Sasha Levin -
[ Upstream commit 5bdad829c31a09069fd508534f03c2ea1576ac75 ]
Clang warns:
drivers/crypto/amcc/crypto4xx_core.c:921:60: warning: operator '?:' has
lower precedence than '|'; '|' will be evaluated first
[-Wbitwise-conditional-parentheses]
(crypto_tfm_alg_type(req->tfm) == CRYPTO_ALG_TYPE_AEAD) ?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^
drivers/crypto/amcc/crypto4xx_core.c:921:60: note: place parentheses
around the '|' expression to silence this warning
(crypto_tfm_alg_type(req->tfm) == CRYPTO_ALG_TYPE_AEAD) ?
^
)
drivers/crypto/amcc/crypto4xx_core.c:921:60: note: place parentheses
around the '?:' expression to evaluate it first
(crypto_tfm_alg_type(req->tfm) == CRYPTO_ALG_TYPE_AEAD) ?
^
(
1 warning generated.It looks like this should have been a logical OR so that
PD_CTL_HASH_FINAL gets added to the w bitmask if crypto_tfm_alg_type
is either CRYPTO_ALG_TYPE_AHASH or CRYPTO_ALG_TYPE_AEAD. Change the
operator so that everything works properly.Fixes: 4b5b79998af6 ("crypto: crypto4xx - fix stalls under heavy load")
Link: https://github.com/ClangBuiltLinux/linux/issues/1198
Signed-off-by: Nathan Chancellor
Reviewed-by: Christian Lamparter
Signed-off-by: Herbert Xu
Signed-off-by: Sasha Levin -
[ Upstream commit 3b5c130fb2e4c045369791c33c83b59f6e84f7d6 ]
The return value of qat_hal_rd_ae_csr() is always a CSR value and never
a status and should not be stored in the status variable of
qat_hal_put_rel_rd_xfer().This removes the assignment as qat_hal_rd_ae_csr() is not expected to
fail.
A more comprehensive handling of the theoretical corner case which could
result in a fail will be submitted in a separate patch.Fixes: 8c9478a400b7 ("crypto: qat - reduce stack size with KASAN")
Signed-off-by: Jack Xu
Reviewed-by: Giovanni Cabiddu
Reviewed-by: Fiona Trahe
Signed-off-by: Herbert Xu
Signed-off-by: Sasha Levin -
[ Upstream commit ab95bd2aa904e4f53b7358efeea1d57693fb7889 ]
At the time xts fallback tfm allocation fails the device struct
hasn't been enabled yet in the caam xts tfm's private context.Fix this by using the device struct from xts algorithm's private context
or, when not available, by replacing dev_err with pr_err.Fixes: 9d9b14dbe077 ("crypto: caam/jr - add fallback for XTS with more than 8B IV")
Fixes: 83e8aa912138 ("crypto: caam/qi - add fallback for XTS with more than 8B IV")
Fixes: 36e2d7cfdcf1 ("crypto: caam/qi2 - add fallback for XTS with more than 8B IV")
Signed-off-by: Horia Geantă
Reviewed-by: Iuliana Prodan
Signed-off-by: Herbert Xu
Signed-off-by: Sasha Levin -
[ Upstream commit c98e233062cd9d0e2f10e445a671f0799daaef67 ]
An incorrect sizeof() is being used, sizeof(priv->ring[i].rdr_req) is
not correct, it should be sizeof(*priv->ring[i].rdr_req). Note that
since the size of ** is the same size as * this is not causing any
issues.Addresses-Coverity: ("Sizeof not portable (SIZEOF_MISMATCH)")
Fixes: 9744fec95f06 ("crypto: inside-secure - remove request list to improve performance")
Signed-off-by: Colin Ian King
Acked-by: Antoine Tenart
Signed-off-by: Herbert Xu
Signed-off-by: Sasha Levin -
[ Upstream commit 0237616173fd363a54bd272aa3bd376faa1d7caa ]
current_desc_hdr() returns a u32 but in fact this is a __be32,
leading to a lot of sparse warnings.Change the return type to __be32 and ensure it is handled as
sure by the caller.Fixes: 3e721aeb3df3 ("crypto: talitos - handle descriptor not found in error path")
Signed-off-by: Christophe Leroy
Signed-off-by: Herbert Xu
Signed-off-by: Sasha Levin -
[ Upstream commit 195404db27f9533c71fdcb78d32a77075c2cb4a2 ]
current_desc_hdr() compares the value of the current descriptor
with the next_desc member of the talitos_desc struct.While the current descriptor is obtained from in_be32() which
return CPU ordered bytes, next_desc member is in big endian order.Convert the current descriptor into big endian before comparing it
with next_desc.This fixes a sparse warning.
Fixes: 37b5e8897eb5 ("crypto: talitos - chain in buffered data for ahash on SEC1")
Signed-off-by: Christophe Leroy
Signed-off-by: Herbert Xu
Signed-off-by: Sasha Levin
23 Dec, 2020
1 commit
-
Update caam/qi to work with QBMan from NXP SDK.
Signed-off-by: Horia GeantăSquashed "crypto: caam/qi - fix FD congestion weight" fix.
Signed-off-by: Vlad PelinSolved rebase conflicts:
Signed-off-by: Pankaj Gupta
18 Dec, 2020
1 commit
-
* origin/crypto/dcp:
MLK-23746 crypto: dcp - add power management support
crypto: dcp - check zero-length input
14 Dec, 2020
24 commits
-
Added suspend/resume operations for PM support in the DCP driver.
After a suspend/resume cycle DCP would still be in a low-power mode
and have its clocks gated, thus requiring state to be saved beforehand:
- Control register value(DCP_CTRL)
- Channel control register value(DCP_CHANNELCTRL)Signed-off-by: Dragos Rosioru
Reviewed-by: Horia Geantă -
In case of zero-length input for ablkcipher algorithms, IV copying
accesses invalid memory - due to (last_out_len-AES_BLOCK_SIZE)
turning into a big unsigned offset for last_out_len = 0U.Since zero-length input is allowed for ablkcipher / skcipher algorithms,
make this case a no-op by returning immediately.Signed-off-by: Horia Geantă
-
The following stack trace is met when stress-testing suspend/resume:
[...]
PM: suspend devices took 1.972 seconds
[...]
SError Interrupt on CPU1, code 0xbf000002 -- SError
CPU: 1 PID: 213 Comm: hwrng Not tainted 5.4.70-2.3.0+g72209dedd129 #1
Hardware name: Freescale i.MX8DXL EVK (DT)
pstate: 60000005 (nZCv daif -PAN -UAO)
pc : _raw_spin_unlock_bh+0x0/0x28
lr : caam_jr_enqueue+0x24c/0x378
sp : ffff8000127dbd10
x29: ffff8000127dbd10 x28: ffff00003cac5940
x27: 00000000bcb5ef80 x26: 0000000000000010
x25: ffff800011c12000 x24: ffff8000127dbdb8
x23: ffff800010ca2298 x22: ffff00003c8aec10
x21: ffff00003cb5ef80 x20: 00000000ffffff8d
x19: 0000000000000010 x18: 000000000000000e
x17: 0000000000000001 x16: 0000000000000019
x15: 0000000000000033 x14: 000000000000004c
x13: 0000000000000068 x12: ffff800011188e90
x11: ffff00003c897210 x10: 0000000000000026
x9 : 00000000a4dcb313 x8 : 0000000000000000
x7 : 0000000000000001 x6 : ffff800011b59000
x5 : 0000000000000000 x4 : 0000000000000001
x3 : 0000000000000004 x2 : 0000000000000014
x1 : 00000000000001ec x0 : ffff00003cac5940
Kernel panic - not syncing: Asynchronous SError Interrupt
CPU: 1 PID: 213 Comm: hwrng Not tainted 5.4.70-2.3.0+g72209dedd129 #1
Hardware name: Freescale i.MX8DXL EVK (DT)
Call trace:
dump_backtrace+0x0/0x140
show_stack+0x14/0x20
dump_stack+0xb4/0x114
panic+0x158/0x324
nmi_panic+0x84/0x88
arm64_serror_panic+0x74/0x80
do_serror+0x80/0x138
el1_error+0x84/0xf8
_raw_spin_unlock_bh+0x0/0x28
caam_rng_read_one.isra.0+0x1c8/0x3a0
caam_read+0x80/0xa8
hwrng_fillfn+0x8c/0x140
kthread+0x138/0x158
ret_from_fork+0x10/0x1c
SMP: stopping secondary CPUs
Kernel Offset: disabled
CPU features: 0x0002,20002008
Memory Limit: noneThis happens when:
-the generic "hwrng" kthread tries to draw entropy and
-the current rng is caam's rng and
-the job ring used for caam rng hasn't been resumed yet
(after a suspend)The issue has been noticed also in upstream (for TPM device in ChromeOS)
and the fix proposed involved making the "hwrng" kthread freezable:
03a3bb7ae631 ("hwrng: core - Freeze khwrng thread during suspend")
ff296293b353 ("random: Support freezable kthreads in add_hwgenerator_randomness()")
59b569480dc8 ("random: Use wait_event_freezable() in add_hwgenerator_randomness()")However, because these commits introduced a regression in virtio-rng
(Link: https://lore.kernel.org/lkml/4a45b3e0-ed3a-61d3-bfc6-957c7ba631bb@maciej.szmigiero.name)
they were later reverted in commit
08e97aec700a ("Revert "hwrng: core - Freeze khwrng thread during suspend"")Since there was no progress in upstream and fixing virtio-rng regression
is not trivial, the solution chosen is to unregister / re-register
caam rng driver from hwrng during suspend / resume.Signed-off-by: Horia Geantă
Tested-by: Iuliana Prodan -
The global driver_data.jr_list contains the list of active job rings
at a given moment.Picking a JR is done using caam_jr_alloc(), which goes through this list
and chooses the JR with the least number of users ("tfm_count").During the JR suspend/resume, this list must be updated to reflect that
the JR is no longer available - otherwise caam_jr_alloc() could return
a JR that has been suspended.While this is rather a theoretical issue (i.e. was not met in practice),
it is a prerequisite for fixing the RNG failure met during suspend/resume.Signed-off-by: Horia Geantă
Tested-by: Iuliana Prodan -
TRNG "sample size" (the total number of entropy samples that will be taken
during entropy generation) default / POR value is very conservatively
set to 2500.Let's set it to 512, the same as the caam driver in U-boot
(drivers/crypto/fsl_caam.c) does.This solves the issue of RNG performance dropping after a suspend/resume
cycle on parts where caam loses power, since the initial U-boot setttings
are lost and kernel does not restore them when resuming.Note: when changing the sample size, the self-test parameters need to be
updated accordingly.Signed-off-by: Horia Geantă
Reviewed-by: Iuliana Prodan -
Remove read of rtmctl register, which is not needed after
commit 8439e94fceb3 ("crypto: caam - fix sparse warnings").Fixes: 8439e94fceb3 ("crypto: caam - fix sparse warnings")
Signed-off-by: Horia Geantă
Reviewed-by: Iuliana Prodan -
In case access to the controller register map is not permitted,
reading from debugfs fails:Internal error: synchronous external abort: 96000010 [#4] PREEMPT SMP
Modules linked in: fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine rng_core authenc libdes crct10dif_ce flexcan can_dev caam error
CPU: 1 PID: 754 Comm: cat Tainted: G D 5.10.0-rc2-04337-g6408bfd541a8 #1
Hardware name: Freescale i.MX8DXL EVK (DT)
pstate: 60000005 (nZCv daif -PAN -UAO -TCO BTYPE=--)
pc : caam_debugfs_u64_get+0x1c/0x34 [caam]
lr : simple_attr_read+0x70/0x124
sp : ffff8000137a3d30
x29: ffff8000137a3d30 x28: ffff000017581c80
x27: 0000000000000000 x26: 0000000000000000
x25: 0000000000020000 x24: 0000ffffb1124000
x23: ffff000017731550 x22: 0000000000000000
x21: ffff8000137a3e50 x20: ffff000017731500
x19: ffff000017581c80 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000
x15: 0000000000000000 x14: 0000000000000000
x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000000000 x10: 0000000000000000
x9 : 0000000000000000 x8 : 0000000000000000
x7 : 0000000000000200 x6 : 0000000040000028
x5 : 0000000000000000 x4 : 0000000000000000
x3 : 0000000000000001 x2 : ffff800013400f10
x1 : ffff8000137a3d80 x0 : 0000000000000000
Call trace:
caam_debugfs_u64_get+0x1c/0x34 [caam]
full_proxy_read+0x60/0xbc
vfs_read+0xac/0x1e0
ksys_read+0x6c/0x100
__arm64_sys_read+0x20/0x30
el0_svc_common.constprop.0+0x78/0x1a0
do_el0_svc+0x24/0x90
el0_sync_handler+0x254/0x260
el0_sync+0x174/0x180
Code: 52800000 d503233f 394e2463 d50323bf (f9400042)Use instead the job ring register map, which contains aliases
for the registers in the controller register map.Fixes: 46356e022ec8 ("MLKU-114-1 crypto: caam - reduce page 0 regs access to minimum")
Signed-off-by: Horia Geantă
Reviewed-by: Iuliana Prodan -
This patch adds the Kernel support for the caam-keygen user-space
application. It has two IOCTL calls for key and blob generation and
import a black key from a blob.This support is included in CRYPTO_DEV_FSL_CAAM_TK_API (tagged key
support).Signed-off-by: Iuliana Prodan
Reviewed-by: Horia Geantă
(cherry picked from commit 60baeafa838f98a5ab1069716b8e41d28e155137)Squashed fixes:
dd746ff04645 ("MLK-24496 crypto: caam - add tag object header to blob")
b8c49eddfd68 ("MLK-24517-3 crypto: caam - add null terminator to temporary buffer")
d7c41169bc8e ("MLK-24517-4 crypto: caam - validate arguments received from user-space")Signed-off-by: Iuliana Prodan
Reviewed-by: Horia Geantă -
CAAM's Black Key mechanism is intended for protection
of user keys against bus snooping. This automatically
encapsulates and decapsulates cryptographic keys ''on-the-fly''
in an encrypted data structure called a Black Key.
Before a value is copied from a Key Register to memory,
CAAM will automatically encrypt the key as a Black Key
(encrypted key) using the current value in the JDKEKR or
TDKEKR as the encryption key.CAAM's built-in Blob Protocol provides a method for protecting
user-defined data across system power cycles. CAAM protects data
in a data structure called a Blob, which provides both confidentiality
and integrity protection. The data to be protected is encrypted so that
it can be safely placed into non-volatile storage before the SoC is
powered down.This patch includes the support to generate a black key from random or
from a plaintext. Also one can encapsulate it into a blob or decapsulate
a black key from a blob.
The key and blob generation descriptors are exported into a separate file,
such that they could be shared with other interfaces (qi, qi2).This feature has support only for black keys, encapsulated in
black blobs in General Memory.In caamkeyblob_test.c file is a test that validates the above
operations: create a black key from plaintext or from random,
encapsulate and decapsulate a blob and compare the obtained black key.
This test is configured as a kernel module.Signed-off-by: Franck LENORMAND
Signed-off-by: Iuliana Prodan
Reviewed-by: Horia Geantă
(cherry picked from commit 84287c5d3b804d50399fd2cb29be6133d13d5d32)Squashed fixes:
9c24012e6b02 ("MLK-24496 crypto: caam - fix blob encapsulation/decapsulation")
cd078fac33b6 ("MLK-24517-1 crypto: caam - removed unnecessary validation of black key for blob decapsulation")
8888926c54e8 ("MLK-24517-2 crypto: caam - removed unnecessary validation of black key for blob encapsulation")
e4b484ce2d60 ("MLK-24497 crypto: caam - update job descriptor with inline commands")Signed-off-by: Iuliana Prodan
Reviewed-by: Horia GeantăSquashed LF commit (rebase-v5.10-rc2/crypto/caam):
035f5933cc45 ("crypto: caam: change kzfree to kfree_sensitive")Signed-off-by: Horia Geantă
-
Tagged keys are keys that contain metadata indicating what
they are and how to handle them using the new added tag_object API.
A tag object represents the metadata (or simply a header/configuration)
and the actual data (e.g. black key) obtained from hardware.
The support, for tagged keys, to skcipher algorithms, is done by
adding new transformations, with tk prefix to distinguish
between plaintext and tagged keys.
The tk_ transformations can be used directly by their name:
struct sockaddr_alg sa = {
.salg_family = AF_ALG,
.salg_type = "skcipher", /* this selects the symmetric cipher */
.salg_name = "tk(cbc(aes))" /* this is the cipher name */
};
or for dm-crypt, e.g. using dmsetup:
dmsetup -v create encrypted --table "0 $(blockdev --getsz /dev/mmcblk2p10)
crypt capi:tk(cbc(aes))-plain :32:logon:seckey 0 /dev/mmcblk2p10 0 1
sector_size:512".
tk_ transformations will know how to handle tagged keys, by loading the
proper settings for KEY command.The API expects that the object (the actual data) from a tag object
to be a buffer (defined by address and size).Signed-off-by: Iuliana Prodan
Reviewed-by: Horia Geantă
(cherry picked from commit 04cab5a13d93d33a2e3a469235c9019eeaab5ad7)Squashed fix:
9ca04c0a0065 ("MLK-24497 crypto: caam - update tagged object functionality by adding red key length")Signed-off-by: Iuliana Prodan
Reviewed-by: Horia Geantă -
Add support for suspend and resume operation for PM in CAAM driver.
When the CAAM goes in suspend, the hardware is considered to do nothing.
On some platforms, the power of the CAAM is not turned off so it keeps
its configuration.On other platforms, it doesn't so it is necessary to save the state of
the CAAM:
- JRs MID
- Address of input and output ringsLimitation:
When the CAAM is powered OFF, it is resetted so the JDKEK and TDKEK
changes. This impacts crypto transforms using MDHA split-keys
which are kept over suspend as they are encrypted with the JDKEK:
- hmac(*) from caamhash.c
- authenc(hmac(*),*) from caamalg.c
- echainiv(authenc(hmac(*),*)) from caamalg.c
The issue was already present in current code so this patch does not
add a regression in this regard.Reviewed-by: Horia Geant?
Signed-off-by: Franck LENORMAND
(cherry picked from commit c151af80cfda82eae533a80fb2bb0158dffe556d)Differences vs. i.MX BSP:
-RNG re-initialization done in ctrl, not in jrThe fix for MLK-22518 (drivers: crypto: caam: jr: Allow quiesce when quiesced)
is integrated in this patch.Signed-off-by: Horia Geantă
Signed-off-by: Franck LENORMAND
Signed-off-by: Leonard Crestez
Signed-off-by: Dong Aisheng -
RNG (re-)initialization will be needed on pm resume path,
thus refactor the corresponding code out of the probe callback.Signed-off-by: Horia Geantă
Reviewed-by: Valentin Ciocoi Radulescu
Signed-off-by: Leonard Crestez
Signed-off-by: Dong Aisheng
(cherry picked from commit e0cc7eeee0e1e9058133e6aebd1ca0d39cf466d7)-moved "pr_support" from caam_probe() (local variable) into
ctrldev private struct
-s/RDSTA_IFMASK/RDSTA_MASKSigned-off-by: Horia Geantă
-
In caam_jr_enqueue, under heavy DDR load, smp_wmb() or dma_wmb()
fail to make the input ring be updated before the CAAM starts
reading it. So, CAAM will process, again, an old descriptor address
and will put it in the output ring. This will make caam_jr_dequeue()
to fail, since this old descriptor is not in the software ring.
To fix this, use wmb() which works on the full system instead of
inner/outer shareable domains.Signed-off-by: Iuliana Prodan
Reviewed-by: Horia Geantă -
This patch add the support for job ring UIO so
that userspace drivers can have access to the
caam job ringsSigned-off-by: Sandeep Malik
Signed-off-by: Gagandeep Singh
Signed-off-by: Horia Geantăcrypto: caam - build config changes (squash to UIO)
Signed-off-by: Horia Geantă
-
Dynamically create a platform device for the caam_dma driver
at caam_probe() time.Signed-off-by: Radu Alexe
Signed-off-by: Horia GeantăUse devres for caam_dma platform device unregistering.
Signed-off-by: Horia Geantă
-
The caam_dma is a memcpy DMA driver based on the DMA functionality of
the CAAM hardware block. It creates a DMA channel for each JR of the
CAAM. This patch adds functionality that is used by the caam_dma that is
not yet part of the JR driver.Signed-off-by: Radu Alexe
Signed-off-by: Horia Geantă -
TLS 1.0 descriptors run on SEC 4.x or higher. For now, only
tls10(hmac(sha1),cbc(aes)) algorithm is registered by the driver.Known limitations:
- when src == dst - there should be no element in the src scatterlist
array that contains both associated data and message data.
- when src != dst - associated data is not copied from source into
destination.
- for decryption when src != dst the size of the destination should be
large enough so that the buffer may contain the decrypted authenc and
padded data.Signed-off-by: Radu Alexe
Signed-off-by: Franck LENORMAND
Signed-off-by: Horia Geantă -
TLS 1.0 descriptors run on SEC 4.x or higher.
For now, only tls10(hmac(sha1),cbc(aes)) algorithm
is registered by the driver.Known limitations:
- when src == dst - there should be no element in the src scatterlist array
that contains both associated data and message data.
- when src != dst - associated data is not copied from source into
destination.
- for decryption when src != dst the size of the destination should be
large enough so that the buffer may contain the decrypted authenc and
padded data.Signed-off-by: Tudor Ambarus
Signed-off-by: Cristian Stoica
Signed-off-by: Alex Porosanu
Signed-off-by: Franck LENORMAND
Signed-off-by: Horia Geantă
Signed-off-by: Radu Alexe -
CHAs of SEC work natively in BE mode. When moving
data to the alignment blocks, swapping is needed
for LE platforms. This is done by means of the MOVEB
command. This patch adds support
to DCL for this command.Signed-off-by: Alex Porosanu
Signed-off-by: Radu Alexe -
During driver upstreaming OPR was removed due to lacking users.
Add OPR back, since in LSDK / LSDK-based ADKs there is at least
one user (ASF / VortiQa IPsec).Signed-off-by: Horia Geantă
-
During driver upstreaming all unused dpseci API was trimmed down.
Add the API back to be in sync with files provided by MC f/w release.Signed-off-by: Horia Geantă
-
The structure partid is not suitable to represent the DECO MID register.
This patch replace partid by masterid which is more appropriate.
Reviewed-by: Horia Geantă
Signed-off-by: Franck LENORMAND
(cherry picked from commit 2d8dab735757dae8efb35bb0371970a7d27e98be)
Signed-off-by: Horia Geantă -
This patch allows CAAM to be enabled as a wakeup source for the
Mega/Fast mix domain. If CAAM is enabled as a wakeup source, it
will continue to be powered on across Deep Sleep Mode (DSM). This
allows CAAM to be functional after the system resumes from DSM.Signed-off-by: Victoria Milhoan
(cherry picked from commit 290744e3b40a563319324e234fa5a65b49fd4d82)
Signed-off-by: Dan Douglass
Signed-off-by: Vipul Kumar
(cherry picked from commit 0bf9c6f84f1d74d9e6d9384c4b11bbdf9301c94e)Changed commit headline prefix.
Signed-off-by: Horia Geantă
-
A tagged key is a key which has been tagged with metadata
using tag_object.h API.We add the support for these keys to caamalg.
For each algo of caamalg which supports tagged keys , it is done by:
- Creating a modified version of the algo
- Registering the modified version
- When the modified transform is used, it gets
the load parameter of the key.Signed-off-by: Franck LENORMAND
(cherry picked from commit 88dee97d985890dbf37cafa7934c476d0ecfd0b3)
(Vipul: Fixed merge conflicts)
Conflicts:
drivers/crypto/caam/caamalg.c
Signed-off-by: Vipul Kumar
(cherry picked from commit 5adebac40a7a8065c074f4a69f4ad760c67233f5)-port from ablkcipher to current skcipher implementation
-since in linux-imx true key_inline was always true: a. simplify
the descriptors and b. use key_cmd_opt to differentiate b/w tk and non-tk
cases
-change commit headline prefixSigned-off-by: Horia Geantă