summaryrefslogtreecommitdiffstats
path: root/drivers/crypto/talitos.c
AgeCommit message (Collapse)Author
2010-05-22Merge remote branch 'origin' into secretlab/next-devicetreeGrant Likely
Merging in current state of Linus' tree to deal with merge conflicts and build failures in vio.c after merge. Conflicts: drivers/i2c/busses/i2c-cpm.c drivers/i2c/busses/i2c-mpc.c drivers/net/gianfar.c Also fixed up one line in arch/powerpc/kernel/vio.c to use the correct node pointer. Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
2010-05-22of: Remove duplicate fields from of_platform_driverGrant Likely
.name, .match_table and .owner are duplicated in both of_platform_driver and device_driver. This patch is a removes the extra copies from struct of_platform_driver and converts all users to the device_driver members. This patch is a pretty mechanical change. The usage model doesn't change and if any drivers have been missed, or if anything has been fixed up incorrectly, then it will fail with a compile time error, and the fixup will be trivial. This patch looks big and scary because it touches so many files, but it should be pretty safe. Signed-off-by: Grant Likely <grant.likely@secretlab.ca> Acked-by: Sean MacLennan <smaclennan@pikatech.com>
2010-05-19crypto: talitos - add support for sha224Kim Phillips
SEC h/w versions 2.1 and above support sha224 via explicit instruction. Performing sha224 ahashes on earlier versions is still possible because they support sha256 (sha224 is sha256 with different initial constants and a different truncation length). We do this by overriding hardware context self-initialization, and perform it manually in s/w instead. Thanks to Lee for his fixes for correct execution on actual sec2.0 h/w. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off by: Lee Nipper <lee.nipper@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2010-05-19crypto: talitos - add hash algorithmsLee Nipper
Add the following alorithms to talitos: md5, sha1, sha256, sha384, sha512. These are all type ahash. Signed-off-by: Lee Nipper <lee.nipper@gmail.com> Acked-By: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2010-05-19crypto: talitos - second prepare step for adding ahash algorithmsLee Nipper
Used talitos_alg_template in talitos_crypto_alg so that it will accommodate ahash algorithms. Added some preparation code for ahash allocation and removal. No actual algorithms yet. Signed-off-by: Lee Nipper <lee.nipper@gmail.com> Acked-By: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2010-05-19crypto: talitos - prepare for adding ahash algorithms Lee Nipper
No functional changes. Use a union in talitos_alg_template for the crypto_alg so that we can add a member later for ahash_alg. Signed-off-by: Lee Nipper <lee.nipper@gmail.com> Acked-By: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2010-05-18of: Always use 'struct device.of_node' to get device node pointer.Grant Likely
The following structure elements duplicate the information in 'struct device.of_node' and so are being eliminated. This patch makes all readers of these elements use device.of_node instead. (struct of_device *)->node (struct dev_archdata *)->prom_node (sparc) (struct dev_archdata *)->of_node (powerpc & microblaze) Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
2010-03-30include cleanup: Update gfp.h and slab.h includes to prepare for breaking ↵Tejun Heo
implicit slab.h inclusion from percpu.h percpu.h is included by sched.h and module.h and thus ends up being included when building most .c files. percpu.h includes slab.h which in turn includes gfp.h making everything defined by the two files universally available and complicating inclusion dependencies. percpu.h -> slab.h dependency is about to be removed. Prepare for this change by updating users of gfp and slab facilities include those headers directly instead of assuming availability. As this conversion needs to touch large number of source files, the following script is used as the basis of conversion. http://userweb.kernel.org/~tj/misc/slabh-sweep.py The script does the followings. * Scan files for gfp and slab usages and update includes such that only the necessary includes are there. ie. if only gfp is used, gfp.h, if slab is used, slab.h. * When the script inserts a new include, it looks at the include blocks and try to put the new include such that its order conforms to its surrounding. It's put in the include block which contains core kernel includes, in the same order that the rest are ordered - alphabetical, Christmas tree, rev-Xmas-tree or at the end if there doesn't seem to be any matching order. * If the script can't find a place to put a new include (mostly because the file doesn't have fitting include block), it prints out an error message indicating which .h file needs to be added to the file. The conversion was done in the following steps. 1. The initial automatic conversion of all .c files updated slightly over 4000 files, deleting around 700 includes and adding ~480 gfp.h and ~3000 slab.h inclusions. The script emitted errors for ~400 files. 2. Each error was manually checked. Some didn't need the inclusion, some needed manual addition while adding it to implementation .h or embedding .c file was more appropriate for others. This step added inclusions to around 150 files. 3. The script was run again and the output was compared to the edits from #2 to make sure no file was left behind. 4. Several build tests were done and a couple of problems were fixed. e.g. lib/decompress_*.c used malloc/free() wrappers around slab APIs requiring slab.h to be added manually. 5. The script was run on all .h files but without automatically editing them as sprinkling gfp.h and slab.h inclusions around .h files could easily lead to inclusion dependency hell. Most gfp.h inclusion directives were ignored as stuff from gfp.h was usually wildly available and often used in preprocessor macros. Each slab.h inclusion directive was examined and added manually as necessary. 6. percpu.h was updated not to include slab.h. 7. Build test were done on the following configurations and failures were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my distributed build env didn't work with gcov compiles) and a few more options had to be turned off depending on archs to make things build (like ipr on powerpc/64 which failed due to missing writeq). * x86 and x86_64 UP and SMP allmodconfig and a custom test config. * powerpc and powerpc64 SMP allmodconfig * sparc and sparc64 SMP allmodconfig * ia64 SMP allmodconfig * s390 SMP allmodconfig * alpha SMP allmodconfig * um on x86_64 SMP allmodconfig 8. percpu.h modifications were reverted so that it could be applied as a separate patch and serve as bisection point. Given the fact that I had only a couple of failures from tests on step 6, I'm fairly confident about the coverage of this conversion patch. If there is a breakage, it's likely to be something in one of the arch headers which should be easily discoverable easily on most builds of the specific arch. Signed-off-by: Tejun Heo <tj@kernel.org> Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-01-17crypto: Make Open Firmware device id constantMárton Németh
From: Márton Németh <nm127@freemail.hu> The match_table field of the struct of_device_id is constant in <linux/of_platform.h> so it is worth to make the initialization data also constant. The semantic match that finds this kind of pattern is as follows: (http://coccinelle.lip6.fr/) // <smpl> @r@ disable decl_init,const_decl_init; identifier I1, I2, x; @@ struct I1 { ... const struct I2 *x; ... }; @s@ identifier r.I1, y; identifier r.x, E; @@ struct I1 y = { .x = E, }; @c@ identifier r.I2; identifier s.E; @@ const struct I2 E[] = ... ; @depends on !c@ identifier r.I2; identifier s.E; @@ + const struct I2 E[] = ...; // </smpl> Signed-off-by: Márton Németh <nm127@freemail.hu> Cc: Julia Lawall <julia@diku.dk> Cc: cocci@diku.dk Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-08-13crypto: talitos - add support for 36 bit addressingKim Phillips
Enabling extended addressing in the h/w requires we always assign the extended address component (eptr) of the talitos h/w pointer. This is for e500 based platforms with large memories. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-08-13crypto: talitos - align locks on cache linesKim Phillips
align channel access locks onto separate cache lines (for performance reasons). This is done by placing per-channel variables into their own private struct, and using the cacheline_aligned attribute within that struct. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-08-13crypto: talitos - simplify hmac data size calculationKim Phillips
don't do request->src vs. assoc pointer math - it's the same as adding assoclen and ivsize (just with more effort). Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-06-02crypto: talitos - Avoid unnecessary decrypt checkKim Phillips
the ICV check bit only gets set in decrypt entry points Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-06-02crypto: talitos - containerof related codingstyleKim Phillips
no functional changes. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-06-02crypto: talitos - Whitespace/codingstyle/overrun lines cleanupKim Phillips
no functional changes. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-06-02crypto: talitos - Add ablkcipher algorithmsLee Nipper
Add these ablkcipher algorithms: cbc(aes), cbc(des3_ede). Added handling of chained scatterlists with zero length entry because eseqiv uses it. Added new map and unmap routines. Signed-off-by: Lee Nipper <lee.nipper@gmail.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2009-06-02crypto: talitos - scaffolding for new algorithm typesLee Nipper
This patch is preparation for adding new algorithm types. Some elements which are AEAD specific were renamed. The algorithm template structure was changed to use crypto_alg, and talitos_alg_alloc was made more general with respect to algorithm types. ipsec_esp_edesc is renamed to talitos_edesc to use it in the upcoming ablkcipher routines. Signed-off-by: Lee Nipper <lee.nipper@gmail.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: talitos - Ack done interrupt in isr instead of taskletLee Nipper
Previous commit for interrupt mitigation moved the done interrupt acknowlegement from the isr to the talitos_done tasklet. This patch moves the done interrupt acknowledgement back into the isr so that done interrupts will always be acknowledged. This covers the case for acknowledging interrupts for channel done processing that has actually already been completed by the tasklet prior to fielding a pending interrupt. Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: talitos - Preempt overflow interrupts off-by-one fixVishnu Suresh
In commit ec6644d6325b5a38525f1d5b20fd4bf7db05cf2a "crypto: talitos - Preempt overflow interrupts", the test in atomic_inc_not_zero was interpreted by the author to be applied after the increment operation (not before). This off-by-one fix prevents overflow error interrupts from occurring when requests are frequent and large enough to do so. Signed-off-by: Vishnu Suresh <Vishnu@freescale.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: talitos - Perform auth check in h/w if on sec 2.1 and aboveKim Phillips
SEC version 2.1 and above adds the capability to do the IPSec ICV memcmp in h/w. Results of the cmp are written back in the descriptor header, along with the done status. A new callback is added that checks these ICCR bits instead of performing the memcmp on the core, and is enabled by h/w capability. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> After testing on different parts, another condition was added before using h/w auth check because different SEC revisions require different handling. The SEC 3.0 allows a more flexible link table where the auth data can span separate link table entries. The SEC 2.4/2.1 does not support this case. So a test was added in the decrypt routine for a fragmented case; the h/w auth check is disallowed for revisions not having the extent in the link table; in this case the hw auth check is done by software. A portion of a previous change for SEC 3.0 link table handling was removed since it became dead code with the hw auth check supported. This seems to be the best compromise for using hw auth check on supporting SEC revisions; it keeps the link table logic simpler for the fragmented cases. Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: talitos - Implement done interrupt mitigationLee Nipper
In talitos_interrupt, upon one done interrupt, mask further done interrupts, and ack only any error interrupt. In talitos_done, unmask done interrupts after completing processing. In flush_channel, ack each done channel processed. Keep done overflow interrupts masked because even though each pkt is ack'ed, a few done overflows still occur. Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: talitos - Pass correct interrupt status to error handlerKim Phillips
Since we ack early, the re-read interrupt status in talitos_error may be already updated with a new value. Pass the error ISR value directly in order to report and handle the error based on the correct error status. Also remove unused error tasklet. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-11-30fix talitosAl Viro
talitos_remove() can be called from talitos_probe() on failure exit path, so it can't be __devexit. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-09-14crypto: talitos - Avoid consecutive packets going out with same IVKim Phillips
The SEC's h/w IV out implementation DMAs the trailing encrypted payload block of the last encryption to ctx->iv. Since the last encryption may still be pending completion, we can sufficiently prevent successive packets from being transmitted with the same IV by xoring with sequence number. Also initialize alg_list earlier to prevent oopsing on a failed probe. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-08-13crypto: talitos - Add handling for SEC 3.x treatment of link tableLee Nipper
Later SEC revision requires the link table (used for scatter/gather) to have an extra entry to account for the total length in descriptor [4], which contains cipher Input and ICV. This only applies to decrypt, not encrypt. Without this change, on 837x, a gather return/length error results when a decryption uses a link table to gather the fragments. This is observed by doing a ping with size of 1447 or larger with AES, or a ping with size 1455 or larger with 3des. So, add check for SEC compatible "fsl,3.0" for using extra link table entry. Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-17crypto: talitos - sparse fixKim Phillips
Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-17crypto: talitos - Stop leaking memory in error pathKim Phillips
free edescriptor when returning error (such as -EAGAIN). Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Acked-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-17crypto: talitos - Fix GFP flag usageKim Phillips
use GFP_ATOMIC when necessary; use atomic_t when allocating submit_count. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Acked-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-17crypto: talitos - Preempt overflow interruptsKim Phillips
add requests pending/submit count to prevent request queue full condition by preempting h/w overflow interrupts in software. We do this due to the delay in the delivery and handling of the channel overflow error interrupt. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Acked-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-17crypto: talitos - Correct dst != src case handlingLee Nipper
Seems that dst == src, but this fixes the logic in case it's not. Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-17crypto: talitos - Remove calls to of_node_putLee Nipper
Remove of_node_put calls since there is no corresponding of_node_get. This patch prevents an exception when talitos is loaded a 2nd time. This sequence: modprobe talitos; rmmod talitos; modprobe talitos causes this message: "WARNING: Bad of_node_put() on /soc8349@e0000000/crypto@30000". Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-10crypto: talitos - Add support for sha256 and md5 variantsLee Nipper
This patch adds support for: authenc(hmac(sha256),cbc(aes)), authenc(hmac(sha256),cbc(des3_ede)), authenc(hmac(md5),cbc(aes)), authenc(hmac(md5),cbc(des3_ede)). Some constant usage was changed to use aes, des, and sha include files. Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-10crypto: talitos - Use proper form for algorithm driver namesHerbert Xu
The name authenc(hmac(sha1-talitos),cbc(aes-talitos)) is potentially ambiguous since it could also mean using the generic authenc template on hmac(sha1-talitos) and cbc(aes-talitos). In general, parentheses should be reserved for templates that spawn algorithms. This patches changes it to the form authenc-hmac-sha1-cbc-aes-talitos. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-10crypto: talitos - Add support for 3desLee Nipper
This patch adds support for authenc(hmac(sha1),cbc(des3_ede)) to the talitos crypto driver for the Freescale Security Engine. Some adjustments were made to the scatterlist to link table conversion to make 3des work for ping -s 1439..1446. Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-10crypto: talitos - Freescale integrated security engine (SEC) driverKim Phillips
Add support for the SEC available on a wide range of PowerQUICC devices, e.g. MPC8349E, MPC8548E. This initial version supports authenc(hmac(sha1),cbc(aes)) for use with IPsec. Signed-off-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>