- 09 Dec, 2022 12 commits
-
-
Giovanni Cabiddu authored
The acomp API allows to send requests with a NULL destination buffer. In this case, the algorithm implementation needs to allocate the destination scatter list, perform the operation and return the buffer to the user. For decompression, data is likely to expand and be bigger than the allocated buffer. This implements a re-submission mechanism for decompression requests that is triggered if the destination buffer, allocated by the driver, is not sufficiently big to store the output from decompression. If an overflow is detected when processing the callback for a decompression request with a NULL destination buffer, a workqueue is scheduled. This allocates a new scatter list of size CRYPTO_ACOMP_DST_MAX, now 128KB, creates a new firmware scatter list and resubmits the job to the hardware accelerator. Suggested-by:
Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:
Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by:
-
Giovanni Cabiddu authored
The acomp API allows to send requests with a NULL destination buffer. In this case, the algorithm implementation needs to allocate the destination scatter list, perform the operation and return the buffer to the user. For decompression, data is likely to expand and be bigger than the allocated buffer. Define the maximum size (128KB) that acomp implementations will allocate for decompression operations as destination buffer when they receive a request with a NULL destination buffer. Suggested-by:
-
Giovanni Cabiddu authored
Enable deflate for QAT GEN4 devices. This adds (1) logic to create configuration entries at probe time for the compression instances for QAT GEN4 devices; (2) the implementation of QAT GEN4 specific compression operations, required since the creation of the compression request template is different between GEN2 and GEN4; and (3) updates to the firmware API related to compression for GEN4. The implementation configures the device to produce data compressed dynamically, optimized for throughput over compression ratio. Signed-off-by:
Wojciech Ziemba <wojciech.ziemba@intel.com> Reviewed-by:
Adam Guerin <adam.guerin@intel.com> Signed-off-by:
-
Giovanni Cabiddu authored
Add infrastructure for implementing the acomp APIs in the QAT driver and expose the deflate algorithm for QAT GEN2 devices. This adds (1) the compression service which includes logic to create, allocate and handle compression instances; (2) logic to create configuration entries at probe time for the compression instances; (3) updates to the firmware API for allowing the compression service; and; (4) a back-end for deflate that implements the acomp api for QAT GEN2 devices. The implementation configures the device to produce data compressed statically, optimized for throughput over compression ratio. Signed-off-by:
-
Giovanni Cabiddu authored
Rename qat_crypto_dev_config() in adf_gen2_dev_config() and relocate it to the newly created file adf_gen2_config.c. This function is specific to QAT GEN2 devices and will be used also to configure the compression service. In addition change the drivers to use the dev_config() in the hardware data structure (which for GEN2 devices now points to adf_gen2_dev_config()), for consistency. Signed-off-by:
-
Giovanni Cabiddu authored
Move qat_algs_alloc_flags() from qat_crypto.h to qat_bl.h as this will be used also by the compression logic. Signed-off-by:
-
Giovanni Cabiddu authored
Move the structures qat_instance_backlog and qat_alg_req from qat_crypto.h to qat_algs_send.h since they are not unique to crypto. Both structures will be used by the compression service to support requests with the CRYPTO_TFM_REQ_MAY_BACKLOG flag set. Signed-off-by:
-
Giovanni Cabiddu authored
The compression service requires an additional pre-allocated buffer for each destination scatter list. Extend the function qat_alg_sgl_to_bufl() to take an additional structure that contains the dma address and the size of the extra buffer which will be appended in the destination FW SGL. The logic that unmaps buffers in qat_alg_free_bufl() has been changed to start unmapping from buffer 0 instead of skipping the initial buffers num_buff - num_mapped_bufs as that functionality was not used in the code. Signed-off-by:
-
Giovanni Cabiddu authored
The structure qat_crypto_request_buffs which contains the source and destination buffer lists and correspondent sizes and dma addresses is also required for the compression service. Rename it as qat_request_buffs and move it to qat_bl.h. Signed-off-by:
-
Giovanni Cabiddu authored
The functions qat_alg_sgl_to_bufl() and qat_alg_free_bufl() take as argument a qat_crypto_instance and a qat_crypto_request structure. These two structures are used only to get a reference to the adf_accel_dev and qat_crypto_request_buffs. In order to reuse these functions for the compression service, change the signature so that they take adf_accel_dev and qat_crypto_request_buffs. Signed-off-by:
-
Giovanni Cabiddu authored
Rename the functions qat_alg_sgl_to_bufl() and qat_alg_free_bufl() as qat_bl_sgl_to_bufl() and qat_bl_free_bufl() after their relocation into the qat_bl module. This commit does not implement any functional change. Signed-off-by:
-
Giovanni Cabiddu authored
Move the logic that maps, unmaps and converts scatterlists into QAT bufferlists from qat_algs.c to a new module, qat_bl. This is to allow reuse of the logic by the data compression service. This commit does not implement any functional change. Signed-off-by:
-
- 05 Dec, 2022 1 commit
-
-
Herbert Xu authored
Directly including asm/cache.h leads to build failures on powerpc so replace it with linux/cache.h instead. Fixes: e634ac4a ("crypto: api - Add crypto_tfm_ctx_dma") Reported-by:
Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by:
-
- 02 Dec, 2022 25 commits
-
-
Tianjia Zhang authored
Commit d2825fa9 ("crypto: sm3,sm4 - move into crypto directory") moves the SM3 and SM4 stand-alone library and the algorithm implementation for the Crypto API into the same directory, and the corresponding relationship of Kconfig is modified, CONFIG_CRYPTO_SM3/4 corresponds to the stand-alone library of SM3/4, and CONFIG_CRYPTO_SM3/4_GENERIC corresponds to the algorithm implementation for the Crypto API. Therefore, it is necessary for this module to depend on the correct algorithm. Fixes: d2825fa9 ("crypto: sm3,sm4 - move into crypto directory") Cc: Jason A. Donenfeld <Jason@zx2c4.com> Cc: stable@vger.kernel.org # v5.19+ Signed-off-by:
Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Signed-off-by:
-
Herbert Xu authored
This driver has been implicitly relying on kmalloc alignment to be sufficient for DMA. This may no longer be the case with upcoming arm64 changes. This patch changes it to explicitly request DMA alignment from the Crypto API. Signed-off-by: -
Herbert Xu authored
This patch adds helpers to access the kpp context structure and request context structure with an added alignment for DMA access. Signed-off-by: -
Herbert Xu authored
This patch adds helpers to access the akcipher context structure and request context structure with an added alignment for DMA access. Signed-off-by: -
Herbert Xu authored
Previously we limited the maximum alignment mask to 63. This is mostly due to stack usage for shash. This patch introduces a separate limit for shash algorithms and increases the general limit to 127 which is the value that we need for DMA allocations on arm64. Signed-off-by: -
Herbert Xu authored
This patch adds helpers to access the skcipher context structure and request context structure with an added alignment for DMA access. Signed-off-by: -
Herbert Xu authored
This patch adds helpers to access the ahash context structure and request context structure with an added alignment for DMA access. Signed-off-by: -
Herbert Xu authored
This patch adds helpers to access the aead context structure and request context structure with an added alignment for DMA access. Signed-off-by: -
Herbert Xu authored
This patch adds the helpers crypto_tfm_ctx_aligned and crypto_tfm_ctx_dma. The first aligns the tfm context to the value cra_alignmask. The second sets the alignment according to dma_cache_get_alignment(); This patch also moves crypto_tfm_ctx into algapi.h. Signed-off-by: -
Herbert Xu authored
The helper crypto_tfm_ctx is only used by the Crypto API algorithm code and should really be in algapi.h. However, for historical reasons many files relied on it to be in crypto.h. This patch changes those files to use algapi.h instead in prepartion for a move. Signed-off-by: -
Shang XiaoJing authored
omap_sham_probe() calls pm_runtime_get_sync() and calls pm_runtime_put_sync() latter to put usage_counter. However, pm_runtime_get_sync() will increment usage_counter even it failed. Fix it by replacing it with pm_runtime_resume_and_get() to keep usage counter balanced. Fixes: b359f034 ("crypto: omap-sham - Convert to use pm_runtime API") Signed-off-by:
Shang XiaoJing <shangxiaojing@huawei.com> Acked-by:
Mark Greer <mgreer@animalcreek.com> Signed-off-by:
-
Joe Fradley authored
curve25519-x86_64.c fails to build when CONFIG_GCOV_KERNEL is enabled. The error is "inline assembly requires more registers than available" thrown from the `fsqr()` function. Therefore, excluding this file from GCOV profiling until this issue is resolved. Thereby allowing CONFIG_GCOV_PROFILE_ALL to be enabled for x86. Signed-off-by:
Joe Fradley <joefradley@google.com> Signed-off-by:
-
Christophe JAILLET authored
There is no real point in allocating dedicated memory for the irqs array. MAXFLOW is only 2, so it is easier to allocated the needed space directly within the 'meson_dev' structure. This saves some memory allocation and avoids an indirection when using the irqs array. Fixes: 48fe583f ("crypto: amlogic - Add crypto accelerator...") Signed-off-by:
Christophe JAILLET <christophe.jaillet@wanadoo.fr> Signed-off-by:
-
Herbert Xu authored
The value of reqsize cannot be determined in case of fallbacks. Therefore it must be stored in the tfm and not the alg object. Signed-off-by: -
Herbert Xu authored
The value of reqsize must only be changed through the helper. Signed-off-by: -
Herbert Xu authored
The value of reqsize cannot be determined in case of fallbacks. Therefore it must be stored in the tfm and not the alg object. Signed-off-by: -
Herbert Xu authored
The value of reqsize must only be changed through the helper. Signed-off-by:
Gonglei <arei.gonglei@huawei.com> Signed-off-by:
-
Herbert Xu authored
The value of reqsize must only be changed through the helper. Signed-off-by:
Gaurav Jain <gaurav.jain@nxp.com> Signed-off-by:
-
Herbert Xu authored
The value of reqsize must only be changed through the helper. Signed-off-by:
-
Herbert Xu authored
The value of reqsize must only be changed through the helper. Signed-off-by:
Longfang Liu <liulongfang@huawei.com> Signed-off-by:
-
Herbert Xu authored
The value of reqsize should only be changed through a helper. To do so we need to first add a helper for this. Signed-off-by: -
Yushan Zhou authored
release_firmware() checks whether firmware pointer is NULL. Remove the redundant NULL check in release_tar_archive(). Signed-off-by:
Yushan Zhou <katrinzhou@tencent.com> Signed-off-by:
-
Herbert Xu authored
The value of reqsize must only be changed through the helper. Signed-off-by: -
Nikolaus Voss authored
If CAAM is not in "trusted" or "secure" state, a fixed non-volatile key is used instead of the unique device key. This is the default mode of operation without secure boot (HAB). In this scenario, CAAM encrypted blobs should be used only for testing but not in a production environment, so issue a warning. Signed-off-by:
Nikolaus Voss <nikolaus.voss@haag-streit.com> Reviewed-by:
Ahmad Fatoum <a.fatoum@pengutronix.de> Signed-off-by:
-
Wang Yufen authored
Fix to return a negative error code -EINVAL instead of 0. Fixes: 0cec19c7 ("crypto: qat - add support for compression for 4xxx") Signed-off-by:
Wang Yufen <wangyufen@huawei.com> Acked-by:
-
- 25 Nov, 2022 2 commits
-
-
Jason A. Donenfeld authored
The U2F zero apparently has a real TRNG in it with maximum quality, not one with quality of "1", which was likely a misinterpretation of the field as a boolean. So remove the assignment entirely, so that we get the default quality setting. In the u2f-zero firmware, the 0x21 RNG command used by this driver is handled as such [1]: case U2F_CUSTOM_GET_RNG: if (atecc_send_recv(ATECC_CMD_RNG,ATECC_RNG_P1,ATECC_RNG_P2, NULL, 0, appdata.tmp, sizeof(appdata.tmp), &res) == 0 ) { memmove(msg->pkt.init.payload, res.buf, 32); U2FHID_SET_LEN(msg, 32); usb_write((uint8_t*)msg, 64); } else { U2FHID_SET_LEN(msg, 0); usb_write((uint8_t*)msg, 64); } This same call to `atecc_send_recv(ATECC_CMD_RNG,ATECC_RNG_P1, ATECC_RNG_P2,...)` is then also used in the token's cryptographically critical "u2f_new_keypair" function, as its rather straightforward source of random bytes [2]: int8_t u2f_new_keypair(uint8_t * handle, uint8_t * appid, uint8_t * pubkey) { struct atecc_response res; uint8_t private_key[36]; int i; watchdog(); if (atecc_send_recv(ATECC_CMD_RNG,ATECC_RNG_P1,ATECC_RNG_P2, NULL, 0, appdata.tmp, sizeof(appdata.tmp), &res) != 0 ) { return -1; } So it seems rather plain that the ATECC RNG is considered to provide good random numbers. [1] https://github.com/conorpp/u2f-zero/blob/master/firmware/src/custom.c [2] https://github.com/conorpp/u2f-zero/blob/master/firmware/src/u2f_atecc.c Cc: Andrej Shadura <andrew.shadura@collabora.co.uk> Cc: Jiri Kosina <jkosina@suse.cz> Cc: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:Jason A. Donenfeld <Jason@zx2c4.com> Acked-by:
Andrej Shadura <andrew.shadura@collabora.co.uk> Signed-off-by:
-
Weili Qian authored
In function 'hisi_qm_resume', if the device fails to be started, directly returning error code will cause the device to be unavailable. However, the failure may be caused by device error, which will be reported to the driver, and driver can reset and restart device. Therefore, check device status instead of returning error code directly. Returns 0 if device error has occurred, otherwise returns error code. Signed-off-by:
Weili Qian <qianweili@huawei.com> Signed-off-by:
-
