12 Mar, 2016
1 commit
-
Correct error in CAAM driver port. dma_map_sg_chained() had a patch
applied to traverse the sg list using a local copy to prevent
changing the value of the passed in sg list pointer.Signed-off-by: Dan Douglass
10 Feb, 2016
1 commit
-
During the crypto manager self test, a aead encryption opertation
is carried out. This operations allocates a aead request, which is
handed to the CAAM driver. The CAAM driver allocates and maps the
required structures.During the allocation aead extended descriptor, a DMA to device
mapping and synchronization are required. The order of this two
operations matter, which should be map and then sync. Otherwise,
there will be NULL pointer exception.This patch fix the order of this two operations, from sync-then-map
to map-then-sync.Signed-off-by: Ulises Cardenas
26 Jan, 2016
1 commit
-
Fix the DMA handle checking for the DMA maintainance.
Should not call the dma_sync_single_for_device if the handle is NULL,
otherwise, kernel will throw out the following complains:when do the following test:
insmod ./tcrypt.ko mode=402
Unable to handle kernel paging request at virtual address 70000000
pgd = d8c64000
[70000000] *pgd=00000000
Internal error: Oops: 805 [#1] PREEMPT SMP ARM
Modules linked in: tcrypt(+)
CPU: 1 PID: 789 Comm: insmod Not tainted 4.1.15-01516-g116e2fc-dirty #14
Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
task: d8b54280 ti: d8882000 task.ti: d8882000
PC is at v7_dma_clean_range+0x20/0x38
LR is at dma_cache_maint_page+0xc8/0x22c
pc : [] lr : [] psr: 200b0013
sp : d8883d08 ip : 8001e86c fp : 000004c0
r10: 80b8b000 r9 : 80b244f8 r8 : ee557000
r7 : 00000000 r6 : 80b8f41c r5 : 00000000 r4 : 70000000
r3 : 0000001f r2 : 00000020 r1 : 70000000 r0 : 70000000
Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
Control: 10c53c7d Table: 68c6404a DAC: 00000015
Process insmod (pid: 789, stack limit = 0xd8882210)
Stack: (0xd8883d08 to 0xd8884000)
3d00: ef26bfe0 00000002 00000018 00000001 00000000 00000000
3d20: ee557000 00000001 00000000 d86f0a10 00000000 d8bc2040 d8a7f5c4 8001b1a0
3d40: 8001e86c 8001b2c8 d88a5c40 d88a5c40 80b28bc4 d8a7f400 80beec48 8057f1dc
3d60: 00000002 00000000 00000000 00000038 00000018 80bdc1c0 68bc2128 d8a7f480
3d80: 00000000 80068c10 600b0013 00000100 00000000 d8a7f400 00000040 00000004
3da0: d871ca00 00000040 00000000 8057a9b0 8057a9a4 7f000d14 00000100 80068c10
3dc0: 7f005580 d8883de4 00000100 00000004 d8a7f400 7f005e80 7f005eb0 0000000c
3de0: d871ca00 00000040 00000100 7f0015ec 00000004 80b24648 00000000 00000000
3e00: d8bc2000 d8bc2040 00000008 ef26fa80 00000000 00001000 68c54000 ef26ae80
3e20: 00000000 00001000 00000000 ef270bc0 00000000 00001000 00000000 ef26db02
3e40: 00000000 00001000 00000000 00000000 02880288 d8883e54 d8883e54 00000000
3e60: 00000000 00000010 7f0062f8 80b27698 80b27698 d871ca00 d8882000 00000000
3e80: 00000008 7f003124 7f0062f8 80b27698 00000010 7f0062f8 80b27698 80b27698
3ea0: d871ca00 d8882000 00000000 7f009048 7f009000 00000000 80b27698 80009704
3ec0: 000000d0 ef26fa80 00000000 8040003e 00000001 00000001 d8883eec ef2709c0
3ee0: d8001f00 80b246bc 00000001 8040003e d8883f04 800905a8 00000001 00000001
3f00: d8883f14 d8001f00 000000d0 80b23260 00000008 7f0061a0 d871c3c0 0131e008
3f20: 0000017b 8000f684 d8882000 00000000 00000008 8008f968 00000000 00000000
3f40: 00000003 00000000 00000003 0131e008 0000017b 800906fc f0679000 0000b857
3f60: f0680070 f067ff25 f06840d0 0000671c 00006e8c 00000000 00000000 00000000
3f80: 0000001f 00000020 00000017 00000014 00000012 00000000 0131e018 00000008
3fa0: 0131e008 8000f500 0131e018 00000008 00000003 0131e008 00000000 00000000
3fc0: 0131e018 00000008 0131e008 0000017b 00000003 00000008 0131e008 00000008
3fe0: 7e8a6c38 7e8a6c28 0001f2c0 76f22340 600d0010 00000003 00000000 00000000
[] (v7_dma_clean_range) from [] (dma_cache_maint_page+0xc8/0x22c)
[] (dma_cache_maint_page) from [] (__dma_page_cpu_to_dev+0x24/0x88)
[] (__dma_page_cpu_to_dev) from [] (ahash_update_first+0x3cc/0x6f4)
[] (ahash_update_first) from [] (ahash_update+0xc/0x10)
[] (ahash_update) from [] (test_ahash_cycles+0x70/0x220 [tcrypt])
[] (test_ahash_cycles [tcrypt]) from [] (test_ahash_speed.constprop.1+0x19c/0x25c [tcrypt])
[] (test_ahash_speed.constprop.1 [tcrypt]) from [] (do_test+0xff8/0x301c [tcrypt])
[] (do_test [tcrypt]) from [] (tcrypt_mod_init+0x48/0xa0 [tcrypt])
[] (tcrypt_mod_init [tcrypt]) from [] (do_one_initcall+0x80/0x1d0)
[] (do_one_initcall) from [] (do_init_module+0x58/0x1b4)
[] (do_init_module) from [] (SyS_finit_module+0x68/0x6c)
[] (SyS_finit_module) from [] (ret_fast_syscall+0x0/0x3c)
Code: e1a02312 e2423001 e1c00003 f57ff04f (ee070f3a)
---[ end trace 63ad5840e079f2a5 ]---Signed-off-by: Jason Liu
23 Jan, 2016
1 commit
-
Fix cherry-picked from 5ec908319ab53072d3a2188e62ed2e5d7b846951
crypto: caam - only export the state we really need to export
Avoid exporting lots of state by only exporting what we really require,
which is the buffer containing the set of pending bytes to be hashed,
number of pending bytes, the context buffer, and the function pointer
state. This reduces down the exported state size to 216 bytes from
576 bytes.Signed-off-by: Russell King
Signed-off-by: Herbert Xu
21 Jan, 2016
36 commits
-
There is new flag that is checked in of_platform_device_create().
The flag is cleared prior to the call now so the device creates
successfully.Signed-off-by: Dan Douglass
-
caam_snvs driver involves snvs HP registers access that needs to
enable snvs clock source. The patch add the clock management.Signed-off-by: Fugang Duan
Signed-off-by: Dan Douglass -
Added missing reserved register for caam_secure_mem_v1 struct
Signed-off-by: Dan Douglass
-
* Add caam_aclk clock root dependency, imx7d caam
ip module needs caam_aclk and caam_ipg clock signals
to operate add additional clock signal.Signed-off-by: Adrian Alonso
Signed-off-by: Dan Douglass -
There are only 3 CAAM clocks that are required for i.mx6ul. Adding
logic to enable only the required clocks based on the device tree
compatibility node.Signed-off-by: Dan Douglass
-
CAAM only has a single clock in i.mx7d. Logic was added to initialize only the
single clock.The Secure Memory registers moved in CAAM era included in i.mx7d. This required
changes to support access to two different versions of the register map. The
registers are access through a data structure that overlay the register region.
Two new Secure Memory register structures were created to support the different
versions. Logic was also added to determine which version is implemented based on
the CAAM era, and access functions were added to support register access to the
Secure Memory Command and Status registers.Signed-off-by: Dan Douglass
-
Add cache coherency support to the CAAM scatterlist implementation.
Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
Replace of_irq_to_resource() in the SECVIO module with the simpler
equivalent irq_of_parse_and_map(). Also, add error checking to
to the SECVIO and Job Ring modules. Based on upstream commit
f7578496a671a96e501f16a5104893275e32c33a.Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
The CAAM driver prints a message for each algorithm it registers
with the Crypto API. This patch hides the messages unless debug is
enabled.Signed-off-by: Victoria Milhoan
(cherry picked from commit 84fcc913c4017d7c60ad19d07f277165b10e7848)
Signed-off-by: Dan Douglass -
This patch allows CAAM to be enabled as a wakeup source for the
Mega/Fast mix domain. If CAAM is enabled as a wakeup source, it
will continue to be powered on across Deep Sleep Mode (DSM). This
allows CAAM to be functional after the system resumes from DSM.Signed-off-by: Victoria Milhoan
(cherry picked from commit 290744e3b40a563319324e234fa5a65b49fd4d82)
Signed-off-by: Dan Douglass -
Add XCBC-AES support to the CAAM crypto accelerator core in
the i.MX6 family of SoC devices.Note that CAAM also goes by sec-4.0 or sec-5.0 in other product families (such as QorIQ).
Thus the property names are often tied to the sec-4.0+ nomenclature.Signed-off-by: Winston Hudson (b45308)
Signed-off-by: Dan Douglass -
Add more CAAM era values to the CAAM driver's caam_get_era()
function. Read only 32 bits of data since the data required
to identify the IP_ID and MAJ_REV is located in the first 32
bits of the register. And, update the function for use with
ARM/Little Endian devices.[: Edited to apply to 3.14]
Signed-off-by: Victoria Milhoan
(cherry picked from commit 6050d7faf2d0c063195aa9454c130548a9f8058f)
Signed-off-by: Dan Douglass -
Unregister Secure Memory platform device when the Secure Memory
module is shut down. This allows the Secure Memory module to
be inserted again successfully.Signed-off-by: Victoria Milhoan
(cherry picked from commit 785456f38234e64618ee9c74ab4258f39f00e73c)
Signed-off-by: Dan Douglass -
i.MX6 instantiates a CAAM with a low-power MDHA block, which does not
compute digests larger than 256 bits. Since the driver installs handlers
for hashes longer than 256 bits in several places, added the ability to
read and interpret the CHA version and instantiations registers, and then
only register handlers that it can support.[: Edited to include only caamhash changes]
Signed-off-by: Steve Cornelius
Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
Modify the Scatter-Gather entry definitions for the Freescale
CAAM driver.Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
i.MX6 devices have an issue wherein AXI bus transactions may not occur
in the correct order. This isn't a problem running single descriptors,
but can be if running multiple concurrent descriptors. Reworking the CAAM
driver to throttle to single requests is impractical, so this patch limits
the AXI pipeline to a depth of one (from a default of four) to preclude
this situation from occurring.Signed-off-by: Victoria Milhoan (b42089)
Signed-off-by: Dan Douglass -
Adds ARC4-ECB Mode support to the CAAM crypto accelerator core in
the i.MX6 family of SoC devices.Note that CAAM also goes by sec-4.0 or sec-5.0 in other product families (such as QorIQ).
Thus the property names are often tied to the sec-4.0+ nomenclature.Signed-off-by: Winston Hudson (b45308)
Signed-off-by: Dan Douglass -
Adds 3DES-ECB-EDE Mode support to the CAAM crypto accelerator core in
the i.MX6 family of SoC devices.Note that CAAM also goes by sec-4.0 or sec-5.0 in other product families (such as QorIQ).
Thus the property names are often tied to the sec-4.0+ nomenclature.Signed-off-by: Winston Hudson (b45308)
Signed-off-by: Dan Douglass -
Adds AES-ECB (Electronic Codebook) support to the CAAM crypto accelerator core in
the i.MX6 family of SoC devices.Note that CAAM also goes by sec-4.0 or sec-5.0 in other product families (such as QorIQ).
Thus the property names are often tied to the sec-4.0+ nomenclature.Signed-off-by: Winston Hudson (b45308)
Signed-off-by: Dan Douglass -
Adds DES-ECB Mode support to the CAAM crypto accelerator core in
the i.MX6 family of SoC devices.Note that CAAM also goes by sec-4.0 or sec-5.0 in other product families (such as QorIQ).
Thus the property names are often tied to the sec-4.0+ nomenclature.Signed-off-by: Winston Hudson (b45308)
Signed-off-by: Dan Douglass -
This patch enhances the CAAM driver's registration of crypto
algorithms into the Crypto API by only registering algorithms
supported by the CAAM hardware available.Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
The CRYPTO_ALG_KERN_DRIVER_ONLY flag is used to indicate that
the crypto algorithm is only available via a kernel driver.
This patch adds the flag only when the flag is available in the
kernel. Utilizing the flag based on it's availability in the
kernel allows the driver to compile on older kernel versions.The original community patch is located at
http://permalink.gmane.org/gmane.linux.kernel.cryptoapi/6547
for reference.Signed-off-by: Victoria Milhoan (b42089)
Signed-off-by: Dan Douglass -
By default, job ring 0 is the owner of the Secure Memory area
within CAAM. This patch modifies the Secure Memory module to
use job ring 0 for all accesses.Signed-off-by: Victoria Milhoan
(cherry picked from commit bb447bfb241d34492365bf881257b1a742a29c02)
Signed-off-by: Dan Douglass -
CAAM's kernel random generator adaptor (feeding /dev/hwrng) manages
a pair of data buffers that fill with RNG-sourced data for consumption.
While one buffer is being drained through the dev, the other is filling
in the background to be used on "standby".In the case where the completion of the buffer fill is deferred, a
cache invalidate call is required before the buffer can be put into use.Signed-off-by: Steve Cornelius
(cherry picked from commit b7f4221beefdc2cc38aeaadbd4b152d6a97c6e8e)
Signed-off-by: Dan Douglass -
Correct size of padded key buffers for the Secure Memory test module.
Signed-off-by: Steve Cornelius
(cherry picked from commit da77cf5583c064deefd09a5e91851ab4398701a0)
Signed-off-by: Dan Douglass -
Blob exportation and importation functions were adding padding to
the buffer mapping and cache control functions, which resulted in
incorrect CPU-level views into a DMA-ed blob.Also, corrected descriptor constructors to use symbolic form of
blob overhead calculation.Signed-off-by: Steve Cornelius
(cherry picked from commit c5f2cbb1fa51b0142742de77fe0a37c290bd04a0)
Signed-off-by: Dan Douglass -
Increase the size of BLOB_OVERHEAD.
Signed-off-by: Steve Cornelius
(cherry picked from commit 32aced88dedf1c1c11170d125d3cc546ffefb366)
Signed-off-by: Dan Douglass -
Converted sm_test to an example that can show:
- key covering
- secret encapsulation as external memory blob
- secret decapsulation from external memory blob
- checks and displays of the handling of key contentSigned-off-by: Steve Cornelius
(cherry picked from commit 45818b72fc4b3fe3fff755b1f9a27cd5519ca2cf)
Signed-off-by: Dan Douglass -
Extended/amended the prototype SM-API with the following functions:
- Added key covering (blackening) function in-place to a keyslot
- Added export operation to encapsulate data to external memory as a
secure memory blob (including descriptor capable of secure memory or
general memory blob generation)
- Removed in-place blob encapsulation
- Added import operation to decapsulate a blob from external memory into
secure memory (including descriptor capable of general memory or secure
memory content decapsulation)
- Removed in-place blob decapsulation[: Edited to apply to 3.10]
Signed-off-by: Steve Cornelius
Signed-off-by: Victoria Milhoan(cherry picked from commit c577769ed0347bb4e3428b5696fb7f209af0a7ad)
Signed-off-by: Dan Douglass -
Converted the prototype 3.0.x SNVS Security Violation Handler
subsystem to be device tree correct/compliant under 3.10 for ARM
platforms. Also, separated out SNVS property detection so as to make
it independent of CAAM, and corrected function namespace accordingly.Later releases of this subsystem are likely to be separate from the
kernel's CAAM driver space.[: Edited to apply to latest 3.10 kernel]
Signed-off-by: Steve Cornelius
Signed-off-by: Victoria Milhoan
(cherry picked from commit c8c128086eae012ced0c96d66f21f36bcbd14f66)
Signed-off-by: Dan Douglass -
1. Pull in secure memory support from 3.0.35 kernel.
2. Pull in SECVIO support from 3.0.35 kernel.
3. Make changes to support device tree.
4. Add device tree setting for SECVIO sources.[: Edited to apply to 3.14]
Signed-off-by: Dan Douglass
(cherry picked from commit f3bfd42e2db3af8326734bebf750e94e74734f6e)
Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
Add bit definitions for Blob protocol protinfo field.
Signed-off-by: Steve Cornelius
Signed-off-by: Dan Douglass -
These add changes to the driver private areas for the CAAM
controller and CAAM Secure Memory subsystems, and expand register
definitions to include the Secure Memory subsystems as reflected
in multiple areas (controller, rings, secure memory itself).[: Edited to apply to 3.14]
Signed-off-by: Steve Cornelius
Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
Added definitions to enable FIFO_STORE to encode options for storing
keys in AES-CCM mode[: Edited to apply to 3.14]
Signed-off-by: Steve Cornelius
(cherry picked from commit a3cd8e5fad274f33fc6f0030413f89a6339b1d5a)
Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
Adjust RNG timing parameters to support more i.MX6 devices.
Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
Freescale's CAAM includes a Random Number Generator. This change adds
a kernel configuration option to test the RNG's capabilities via the
hw_random framework.Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass