- 09 Sep, 2019 9 commits
-
-
Ard Biesheuvel authored
The pure NEON AES implementation predates the bit-slicing one, and is generally slower, unless the algorithm in question can only execute sequentially. So advertising the skciphers that the bit-slicing driver implements as well serves no real purpose, and we can just disable them. Note that the bit-slicing driver also has a link time dependency on the pure NEON driver, for CBC encryption and for XTS tweak calculation, so we still need both drivers on systems that do not implement the Crypto Extensions. At the same time, expose those modaliases for the AES instruction based driver. This is necessary since otherwise, we may end up loading the wrong driver when any of the skciphers are instantiated before the CPU capability based module loading has completed. Finally, add the missing modalias for cts(cbc(aes)) so requests for this algorithm will autoload the correct module. Signed-off-by:
Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Ard Biesheuvel authored
Replace the vector load from memory sequence with a simple instruction sequence to compose the tweak vector directly. Signed-off-by:
-
Ard Biesheuvel authored
Replace the vector load from memory sequence with a simple instruction sequence to compose the tweak vector directly. Signed-off-by:
-
Ard Biesheuvel authored
Replace the vector load from memory sequence with a simple instruction sequence to compose the tweak vector directly. Signed-off-by:
-
Ard Biesheuvel authored
When the ARM AES instruction based crypto driver was introduced, there were no known implementations that could benefit from a 4-way interleave, and so a 3-way interleave was used instead. Since we have sufficient space in the SIMD register file, let's switch to a 4-way interleave to align with the 64-bit driver, and to ensure that we can reach optimum performance when running under emulation on high end 64-bit cores. Signed-off-by:
-
Ard Biesheuvel authored
Reduce the scope of the kernel_neon_begin/end regions so that the SIMD unit is released (and thus preemption re-enabled) if the crypto operation cannot be completed in a single scatterwalk step. This avoids scheduling blackouts due to preemption being enabled for unbounded periods, resulting in a more responsive system. After this change, we can also permit the cipher_walk infrastructure to sleep, so set the 'atomic' parameter to skcipher_walk_virt() to false as well. Signed-off-by:
-
Ard Biesheuvel authored
The AES round keys are arrays of u32s in native endianness now, so update the function prototypes accordingly. Signed-off-by:
-
Herbert Xu authored
skcipher_walk_done may be called with an error by internal or external callers. For those internal callers we shouldn't unmap pages but for external callers we must unmap any pages that are in use. This patch distinguishes between the two cases by checking whether walk->nbytes is zero or not. For internal callers, we now set walk->nbytes to zero prior to the call. For external callers, walk->nbytes has always been non-zero (as zero is used to indicate the termination of a walk). Reported-by:
-
zhong jiang authored
PTR_ERR_OR_ZERO contains if(IS_ERR(...)) + PTR_ERR. It is better to use it directly. hence just replace it. Signed-off-by:
zhong jiang <zhongjiang@huawei.com> Acked-by:
Will Deacon <will@kernel.org> Signed-off-by:
-
- 05 Sep, 2019 25 commits
-
-
Hans de Goede authored
lib/crypto/sha256.c and include/crypto/sha256_base.h define 99% identical functions to init a sha256_state struct for sha224 or sha256 use. This commit moves the functions from lib/crypto/sha256.c to include/crypto/sha.h (making them static inline) and makes the sha224/256_base_init static inline functions from include/crypto/sha256_base.h wrappers around the now also static inline include/crypto/sha.h functions. Signed-off-by:
Hans de Goede <hdegoede@redhat.com> Signed-off-by:
-
Hans de Goede authored
The generic sha256 implementation from lib/crypto/sha256.c uses data structs defined in crypto/sha.h, so lets move the function prototypes there too. Signed-off-by:
-
Hans de Goede authored
Rename the sha*_init arrays to n2_sha*_init so that they do not conflict with the functions declared in crypto/sha256.h. Also rename md5_init to n2_md5_init for consistency. This is a preparation patch for folding crypto/sha256.h into crypto/sha.h. Signed-off-by:
-
Hans de Goede authored
Rename the sha*_init arrays to chcr_sha*_init so that they do not conflict with the functions declared in crypto/sha256.h. This is a preparation patch for folding crypto/sha256.h into crypto/sha.h. Signed-off-by:
-
Hans de Goede authored
Rename the algo_init arrays to cc_algo_init so that they do not conflict with the functions declared in crypto/sha256.h. This is a preparation patch for folding crypto/sha256.h into crypto/sha.h. Signed-off-by:
Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by:
-
Hans de Goede authored
Rename static / file-local functions so that they do not conflict with the functions declared in crypto/sha256.h. This is a preparation patch for folding crypto/sha256.h into crypto/sha.h. Signed-off-by:
-
Hans de Goede authored
Rename static / file-local functions so that they do not conflict with the functions declared in crypto/sha256.h. This is a preparation patch for folding crypto/sha256.h into crypto/sha.h. Signed-off-by:
-
Hans de Goede authored
Rename static / file-local functions so that they do not conflict with the functions declared in crypto/sha256.h. This is a preparation patch for folding crypto/sha256.h into crypto/sha.h. Signed-off-by:
-
Hans de Goede authored
Rename static / file-local functions so that they do not conflict with the functions declared in crypto/sha256.h. This is a preparation patch for folding crypto/sha256.h into crypto/sha.h. Signed-off-by:
-
Daniel Mack authored
The timeriomem_rng driver only accesses the first 4 bytes of the given memory area and currently, it also forces that memory resource to be exactly 4 bytes in size. This, however, is problematic when used with device-trees that are generated from things like FPGA toolchains, where the minimum size of an exposed memory block may be something like 4k. Hence, let's only check for what's needed for the driver to operate properly; namely that we have enough memory available to read the random data from. Signed-off-by:
Daniel Mack <daniel@zonque.org> Signed-off-by:
-
Pascal van Leeuwen authored
This patch adds support for the basic AES-CCM AEAD cipher suite. Signed-off-by:
Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by:
-
Pascal van Leeuwen authored
This patch adds support for AES in output feedback mode (AES-OFB). Signed-off-by:
-
Pascal van Leeuwen authored
This patch adds support for AES in 128 bit cipher feedback mode (AES-CFB). Signed-off-by:
-
Pascal van Leeuwen authored
This patch adds support for the basic AES-GCM AEAD cipher suite. Signed-off-by:
-
Pascal van Leeuwen authored
Some minor cleanup changing e.g. "if (!x) A else B" to "if (x) B else A", merging some back-to-back if's with the same condition, collapsing some back-to-back assignments to the same variable and replacing some weird assignments with proper symbolics. Signed-off-by:
-
Pascal van Leeuwen authored
Moved counter mode handling code in front as it doesn't depend on the rest of the code to be executed, it can just do its thing and exit. Signed-off-by:
-
Pascal van Leeuwen authored
Instead of having a fixed value (of 300) all over the place, the value for for .cra_priority is now made into a define (SAFEXCEL_CRA_PRIORITY). This makes it easier to play with, e.g. during development. Signed-off-by:
-
Pascal van Leeuwen authored
This patch probes the supported algorithms from the hardware and only registers the ones that the hardware actually supports. This is necessary because this is a generic driver supposed to run on a wide variety of engines, which may or may not implement certain algorithms. Signed-off-by:
-
Pascal van Leeuwen authored
This patch adds support for the AES-XTS skcipher algorithm. Signed-off-by:
-
Pascal van Leeuwen authored
ctx->alg and ctx->mode were set from safexcel_send_req through the various safexcel_encrypt and _decrypt routines, but this makes little sense as these are static per ciphersuite. So moved to _init instead, in preparation of adding more ciphersuites. Signed-off-by:
-
Vic Wu authored
Record crypto key to context during setkey and set the key to transform state buffer in encrypt/decrypt process. Signed-off-by:
Vic Wu <vic.wu@mediatek.com> Tested-by:
John Crispin <john@phrozen.og> Signed-off-by:
-
Ryder Lee authored
This patch adds support to OFB/CFB mode. Signed-off-by:
Ryder Lee <ryder.lee@mediatek.com> Signed-off-by:
-
Ryder Lee authored
The driver was treating -EBUSY as indication of queueing to backlog without checking that backlog is enabled for the request. Fix it by checking request flags. Signed-off-by:
-
Ryder Lee authored
Add a pre-computed text length to avoid uninitialized value in the check. Fixes: e4727066 ("crypto: mediatek - Add empty messages check in GCM mode") Signed-off-by:
-
Ryder Lee authored
Move mtk_aes_find_dev() to right functions as nobody uses the 'cryp' under current flows. We can also avoid duplicate checks here and there in this way. Signed-off-by:
-
- 30 Aug, 2019 6 commits
-
-
Mao Wenan authored
When CRYPTO_DEV_HISI_SEC=y, below compilation error is found after 'commit 894b68d8 ("crypto: hisilicon/des - switch to new verification routines")': drivers/crypto/hisilicon/sec/sec_algs.o: In function `sec_alg_skcipher_setkey_des_cbc': sec_algs.c:(.text+0x11f0): undefined reference to `des_expand_key' drivers/crypto/hisilicon/sec/sec_algs.o: In function `sec_alg_skcipher_setkey_des_ecb': sec_algs.c:(.text+0x1390): undefined reference to `des_expand_key' make: *** [vmlinux] Error 1 This because DES library has been moved to lib/crypto in this commit '04007b0e ("crypto: des - split off DES library from generic DES cipher driver")'. Fix this by selecting CRYPTO_LIB_DES in CRYPTO_DEV_HISI_SEC. Fixes: 04007b0e ("crypto: des - split off DES library from generic DES cipher driver") Fixes: 894b68d8 ("crypto: hisilicon/des - switch to new verification routines") Signed-off-by:
Mao Wenan <maowenan@huawei.com> Acked-by:
Jonathan Cameron <Jonathan.Cameron@huawei.com> Signed-off-by:
-
Hans de Goede authored
lib/crypto/sha256.c / lib/crypto/libsha256.o may end up being a module, so it needs a MODULE_LICENSE() line, add this. Signed-off-by:
-
Ard Biesheuvel authored
For correctness and compliance with the XTS-AES specification, we are adding support for ciphertext stealing to XTS implementations, even though no use cases are known that will be enabled by this. Since the ccp driver already has a fallback skcipher standby for dealing with input sizes other than [16, 512, 1024, 2048, 4096], just drop the check against the block size. Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gary Hook <gary.hook@amd.com> Signed-off-by:
-
YueHaibing authored
drivers/crypto/nx/nx.h:12:19: warning: nx_driver_string defined but not used [-Wunused-const-variable=] drivers/crypto/nx/nx.h:13:19: warning: nx_driver_version defined but not used [-Wunused-const-variable=] They are never used, so just remove it. Reported-by:
Hulk Robot <hulkci@huawei.com> Signed-off-by:
YueHaibing <yuehaibing@huawei.com> Signed-off-by:
-
YueHaibing authored
drivers/crypto/atmel-i2c.h:68:3: warning: error_list defined but not used [-Wunused-const-variable=] error_list is only used in atmel-i2c.c, so just move the definition over there. Reported-by:
-
YueHaibing authored
crypto/aegis.h:27:32: warning: crypto_aegis_const defined but not used [-Wunused-const-variable=] crypto_aegis_const is only used in aegis128-core.c, just move the definition over there. Reported-by:
-
