1. 25 Dec, 2008 17 commits
    • Herbert Xu's avatar
      crypto: hash - Export shash through hash · 5f7082ed
      Herbert Xu authored
      This patch allows shash algorithms to be used through the old hash
      interface.  This is a transitional measure so we can convert the
      underlying algorithms to shash before converting the users across.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      5f7082ed
    • Herbert Xu's avatar
      crypto: api - Call type show function before legacy for proc · 67cd080c
      Herbert Xu authored
      This patch makes /proc/crypto call the type-specific show function
      if one is present before calling the legacy show functions for
      cipher/digest/compress.  This allows us to reuse the type values
      for those legacy types.  In particular, hash and digest will share
      one type value while shash is phased in as the default hash type.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      67cd080c
    • Herbert Xu's avatar
      crypto: hash - Add import/export interface · dec8b786
      Herbert Xu authored
      It is often useful to save the partial state of a hash function
      so that it can be used as a base for two or more computations.
      
      The most prominent example is HMAC where all hashes start from
      a base determined by the key.  Having an import/export interface
      means that we only have to compute that base once rather than
      for each message.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      dec8b786
    • Herbert Xu's avatar
      crypto: hash - Export shash through ahash · 3b2f6df0
      Herbert Xu authored
      This patch allows shash algorithms to be used through the ahash
      interface.  This is required before we can convert digest algorithms
      over to shash.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      3b2f6df0
    • Herbert Xu's avatar
      crypto: hash - Add shash interface · 7b5a080b
      Herbert Xu authored
      The shash interface replaces the current synchronous hash interface.
      It improves over hash in two ways.  Firstly shash is reentrant,
      meaning that the same tfm may be used by two threads simultaneously
      as all hashing state is stored in a local descriptor.
      
      The other enhancement is that shash no longer takes scatter list
      entries.  This is because shash is specifically designed for
      synchronous algorithms and as such scatter lists are unnecessary.
      
      All existing hash users will be converted to shash once the
      algorithms have been completely converted.
      
      There is also a new finup function that combines update with final.
      This will be extended to ahash once the algorithm conversion is
      done.
      
      This is also the first time that an algorithm type has their own
      registration function.  Existing algorithm types will be converted
      to this way in due course.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      7b5a080b
    • Herbert Xu's avatar
      crypto: api - Rebirth of crypto_alloc_tfm · 7b0bac64
      Herbert Xu authored
      This patch reintroduces a completely revamped crypto_alloc_tfm.
      The biggest change is that we now take two crypto_type objects
      when allocating a tfm, a frontend and a backend.  In fact this
      simply formalises what we've been doing behind the API's back.
      
      For example, as it stands crypto_alloc_ahash may use an
      actual ahash algorithm or a crypto_hash algorithm.  Putting
      this in the API allows us to do this much more cleanly.
      
      The existing types will be converted across gradually.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      7b0bac64
    • Herbert Xu's avatar
      crypto: api - Move type exit function into crypto_tfm · 4a779486
      Herbert Xu authored
      The type exit function needs to undo any allocations done by the type
      init function.  However, the type init function may differ depending
      on the upper-level type of the transform (e.g., a crypto_blkcipher
      instantiated as a crypto_ablkcipher).
      
      So we need to move the exit function out of the lower-level
      structure and into crypto_tfm itself.
      
      As it stands this is a no-op since nobody uses exit functions at
      all.  However, all cases where a lower-level type is instantiated
      as a different upper-level type (such as blkcipher as ablkcipher)
      will be converted such that they allocate the underlying transform
      and use that instead of casting (e.g., crypto_ablkcipher casted
      into crypto_blkcipher).  That will need to use a different exit
      function depending on the upper-level type.
      
      This patch also allows the type init/exit functions to call (or not)
      cra_init/cra_exit instead of always calling them from the top level.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      4a779486
    • Neil Horman's avatar
      crypto: ansi_cprng - Allow resetting of DT value · 2566578a
      Neil Horman authored
      	This is a patch that was sent to me by Jarod Wilson, marking off my
      outstanding todo to allow the ansi cprng to set/reset the DT counter value in a
      cprng instance.  Currently crytpo_rng_reset accepts a seed byte array which is
      interpreted by the ansi_cprng as a {V key} tuple.  This patch extends that tuple
      to now be {V key DT}, with DT an optional value during reset.  This patch also
      fixes  a bug we noticed in which the offset of the key area of the seed is
      started at DEFAULT_PRNG_KSZ rather than DEFAULT_BLK_SZ as it should be.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      Signed-off-by: default avatarJarod Wilson <jarod@redhat.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      2566578a
    • Herbert Xu's avatar
      crypto: padlock - Avoid resetting cword on successive operations · 420a4b20
      Herbert Xu authored
      Resetting the control word is quite expensive.  Fortunately this
      isn't an issue for the common operations such as CBC and ECB as
      the whole operation is done through a single call.  However, modes
      such as LRW and XTS have to call padlock over and over again for
      one operation which really hurts if each call resets the control
      word.
      
      This patch uses an idea by Sebastian Siewior to store the last
      control word used on a CPU and only reset the control word if
      that changes.
      
      Note that any task switch automatically resets the control word
      so we only need to be accurate with regard to the stored control
      word when no task switches occur.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      420a4b20
    • Kent Liu's avatar
      crypto: crc32c-intel - Update copyright head · 1c06da81
      Kent Liu authored
      The original copyright head for crc32c-intel.c is incorrect. Please merge
      the patch to update it.
      Signed-Off-By: default avatarKent Liu <kent.liu@intel.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      1c06da81
    • Vishnu Suresh's avatar
      crypto: talitos - Preempt overflow interrupts off-by-one fix · 4b24ea97
      Vishnu Suresh authored
      In commit ec6644d6 "crypto: talitos - Preempt
      overflow interrupts", the test in atomic_inc_not_zero was interpreted by the
      author to be applied after the increment operation (not before). This off-by-one
      fix prevents overflow error interrupts from occurring when requests are frequent
      and large enough to do so.
      Signed-off-by: default avatarVishnu Suresh <Vishnu@freescale.com>
      Signed-off-by: default avatarKim Phillips <kim.phillips@freescale.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      4b24ea97
    • Harvey Harrison's avatar
      crypto: camellia - use kernel-provided bitops, unaligned access · 32bd78e0
      Harvey Harrison authored
      Remove the private implementation of 32-bit rotation and unaligned
      access with byteswapping.
      
      As a bonus, fixes sparse warnings:
      crypto/camellia.c:602:2: warning: cast to restricted __be32
      crypto/camellia.c:603:2: warning: cast to restricted __be32
      crypto/camellia.c:604:2: warning: cast to restricted __be32
      crypto/camellia.c:605:2: warning: cast to restricted __be32
      crypto/camellia.c:710:2: warning: cast to restricted __be32
      crypto/camellia.c:711:2: warning: cast to restricted __be32
      crypto/camellia.c:712:2: warning: cast to restricted __be32
      crypto/camellia.c:713:2: warning: cast to restricted __be32
      crypto/camellia.c:714:2: warning: cast to restricted __be32
      crypto/camellia.c:715:2: warning: cast to restricted __be32
      crypto/camellia.c:716:2: warning: cast to restricted __be32
      crypto/camellia.c:717:2: warning: cast to restricted __be32
      
      [Thanks to Tomoyuki Okazaki for spotting the typo]
      Tested-by: default avatarCarlo E. Prelz <fluido@fluido.as>
      Signed-off-by: default avatarHarvey Harrison <harvey.harrison@gmail.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      32bd78e0
    • Neil Horman's avatar
      crypto: testmgr - Trigger a panic when self test fails in FIPS mode · d12d6b6d
      Neil Horman authored
      The FIPS specification requires that should self test for any supported
      crypto algorithm fail during operation in fips mode, we need to prevent
      the use of any crypto functionality until such time as the system can
      be re-initialized.  Seems like the best way to handle that would be
      to panic the system if we were in fips mode and failed a self test.
      This patch implements that functionality.  I've built and run it
      successfully.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      d12d6b6d
    • Kim Phillips's avatar
      crypto: talitos - Perform auth check in h/w if on sec 2.1 and above · fe5720e2
      Kim Phillips authored
      SEC version 2.1 and above adds the capability to do the IPSec ICV
      memcmp in h/w. Results of the cmp are written back in the descriptor
      header, along with the done status.  A new callback is added that
      checks these ICCR bits instead of performing the memcmp on the core,
      and is enabled by h/w capability.
      Signed-off-by: default avatarKim Phillips <kim.phillips@freescale.com>
      
      After testing on different parts, another condition was added
      before using h/w auth check because different
      SEC revisions require different handling.
      
      The SEC 3.0 allows a more flexible link table where
      the auth data can span separate link table entries.
      The SEC 2.4/2.1 does not support this case.
      So a test was added in the decrypt routine
      for a fragmented case; the h/w auth check is disallowed for
      revisions not having the extent in the link table;
      in this case the hw auth check is done by software.
      
      A portion of a previous change for SEC 3.0 link table handling
      was removed since it became dead code with the hw auth check supported.
      
      This seems to be the best compromise for using hw auth check
      on supporting SEC revisions; it keeps the link table logic
      simpler for the fragmented cases.
      Signed-off-by: default avatarLee Nipper <lee.nipper@freescale.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      fe5720e2
    • Lee Nipper's avatar
      crypto: talitos - Implement done interrupt mitigation · 1c2e8811
      Lee Nipper authored
      In talitos_interrupt, upon one done interrupt, mask further done interrupts,
      and ack only any error interrupt.
      In talitos_done, unmask done interrupts after completing processing.
      In flush_channel, ack each done channel processed.
      Keep done overflow interrupts masked because even though each pkt
      is ack'ed, a few done overflows still occur.
      Signed-off-by: default avatarLee Nipper <lee.nipper@freescale.com>
      Signed-off-by: default avatarKim Phillips <kim.phillips@freescale.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      1c2e8811
    • Kim Phillips's avatar
      crypto: talitos - Pass correct interrupt status to error handler · 40405f10
      Kim Phillips authored
      Since we ack early, the re-read interrupt status in talitos_error
      may be already updated with a new value.  Pass the error ISR value
      directly in order to report and handle the error based on the correct
      error status.
      
      Also remove unused error tasklet.
      Signed-off-by: default avatarKim Phillips <kim.phillips@freescale.com>
      Signed-off-by: default avatarLee Nipper <lee.nipper@freescale.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      40405f10
    • Evgeniy Polyakov's avatar
      crypto: hifn - Disable driver when physical size exceeds 32 bits · a44b56cc
      Evgeniy Polyakov authored
      On Tue, Sep 23, 2008 at 08:06:32PM +0200, Dimitri Puzin (max@psycast.de) wrote:
      > With this patch applied it still doesn't work as expected. The overflow
      > messages are gone however syslog shows
      > [  120.924266] hifn0: abort: c: 0, s: 1, d: 0, r: 0.
      > when doing cryptsetup luksFormat as in original e-mail. At this point
      > cryptsetup hangs and can't be killed with -SIGKILL. I've attached
      > SysRq-t dump of this condition.
      
      Yes, I was wrong with the patch: HIFN does not support 64-bit addresses
      afaics.
      
      Attached patch should not allow HIFN to be registered on 64-bit arch, so
      crypto layer will fallback to the software algorithms.
      Signed-off-by: default avatarEvgeniy Polyakov <johnpol@2ka.mipt.ru>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      a44b56cc
  2. 24 Dec, 2008 8 commits
  3. 23 Dec, 2008 7 commits
  4. 22 Dec, 2008 7 commits
  5. 20 Dec, 2008 1 commit