crypto: cryptd - Protect per-CPU resource by disabling BH.
The access to cryptd_queue::cpu_queue is synchronized by disabling
preemption in cryptd_enqueue_request() and disabling BH in
cryptd_queue_worker(). This implies that access is allowed from BH.
If cryptd_enqueue_request() is invoked from preemptible context _and_
soft interrupt then this can lead to list corruption since
cryptd_enqueue_request() is not protected against access from
soft interrupt.
Replace get_cpu() in cryptd_enqueue_request() with local_bh_disable()
to ensure BH is always disabled.
Remove preempt_disable() from cryptd_queue_worker() since it is not
needed because local_bh_disable() ensures synchronisation.
Fixes: 254eff771441 ("crypto: cryptd - Per-CPU thread implementation...") Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Corentin Labbe [Mon, 2 May 2022 20:19:28 +0000 (20:19 +0000)]
crypto: sun8i-ce - rework debugging
The "Fallback for xxx" message is annoying, remove it and store the
information in the debugfs.
Let's add more precise fallback stats and display it better.
Signed-off-by: Corentin Labbe <clabbe@baylibre.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Corentin Labbe [Mon, 2 May 2022 20:19:27 +0000 (20:19 +0000)]
crypto: sun8i-ce - use sg_nents_for_len
When testing with some large SG list, the sun8i-ce drivers always
fallback even if it can handle it.
So use sg_nents_for_len() which permits to see less SGs than needed.
Signed-off-by: Corentin Labbe <clabbe@baylibre.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Corentin Labbe [Mon, 2 May 2022 20:19:18 +0000 (20:19 +0000)]
crypto: sun8i-ss - use sg_nents_for_len
When testing with some large SG list, the sun8i-ss drivers always
fallback even if it can handle it.
So use sg_nents_for_len() which permits to see less SGs than needed.
Signed-off-by: Corentin Labbe <clabbe@baylibre.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Corentin Labbe [Mon, 2 May 2022 20:19:14 +0000 (20:19 +0000)]
crypto: sun8i-ss - rework handling of IV
sun8i-ss fail handling IVs when doing decryption of multiple SGs in-place.
It should backup the last block of each SG source for using it later as
IVs.
In the same time remove allocation on requests path for storing all
IVs.
Corentin Labbe [Mon, 2 May 2022 20:19:13 +0000 (20:19 +0000)]
crypto: sun4i-ss - do not allocate backup IV on requests
Instead of allocate memory on each requests, it is easier to
pre-allocate buffer for backup IV.
This made error path easier. Signed-off-by: Corentin Labbe <clabbe@baylibre.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Masahiro Yamada [Sat, 7 May 2022 05:22:43 +0000 (14:22 +0900)]
crypto: vmx - Fix build error
When I refactored this Makefile, I accidentally changed the CONFIG
option.
Fixes: b52455a73db9 ("crypto: vmx - Align the short log with Makefile cleanups") Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Flushing system-wide workqueues is dangerous and will be forbidden.
Replace system_wq with local atmel_wq.
If CONFIG_CRYPTO_DEV_ATMEL_{I2C,ECC,SHA204A}=y, the ordering in Makefile
guarantees that module_init() for atmel-i2c runs before module_init()
for atmel-ecc and atmel-sha204a runs.
Returning an error value in an i2c remove callback results in an error
message being emitted by the i2c core, but otherwise it doesn't make a
difference. The device goes away anyhow and the devm cleanups are
called.
As atmel_sha204a_remove already emits an error message ant the additional
error message by the i2c core doesn't add any useful information, change
the return value to zero to suppress this error message.
Note that after atmel_sha204a_remove() returns *i2c_priv is freed, so there
is trouble ahead because atmel_sha204a_rng_done() might be called after
that freeing. So make the error message a bit more frightening.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: atmel-sha204a - Add support for ATSHA204 cryptochip
ATSHA204 is predecessor of ATSHA204A which supports less features and some
of them are slightly different.
Introduce a new compatible string for ATSHA204 cryptochip "atmel,atsha204".
Current version of Linux kernel driver atmel-sha204a.c implements only hw
random number generator which is same in both ATSHA204 and ATSHA204A
cryptochips. So driver already supports also ATSHA204 hw generator, so just
simply extends list of compatible strings.
Signed-off-by: Pali Rohár <pali@kernel.org> Acked-by: Rob Herring <robh@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Colin Ian King [Sun, 24 Apr 2022 18:11:56 +0000 (19:11 +0100)]
hwrng: optee - remove redundant initialization to variable rng_size
Variable rng_size is being initialized with a value that is never read,
the variable is being re-assigned later on. The initialization is
redundant and can be removed.
Cleans up cppcheck warning:
Variable 'rng_size' is assigned a value that is never used.
Signed-off-by: Colin Ian King <colin.i.king@gmail.com> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Haowen Bai [Sun, 24 Apr 2022 08:50:31 +0000 (16:50 +0800)]
crypto: qat - Fix unsigned function returning negative constant
The function qat_uclo_check_image_compat has an unsigned return type, but
returns a negative constant to indicate an error condition. So we change
unsigned to int.
Signed-off-by: Haowen Bai <baihaowen@meizu.com> Acked-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Since commit 358ba762d9f1 ("crypto: caam - enable prediction resistance
in HRWNG") the following CAAM errors can be seen on i.MX6SX:
caam_jr 2101000.jr: 20003c5b: CCB: desc idx 60: RNG: Hardware error
hwrng: no data available
This error is due to an incorrect entropy delay for i.MX6SX.
Fix it by increasing the minimum entropy delay for i.MX6SX
as done in U-Boot:
https://patchwork.ozlabs.org/project/uboot/patch/20220415111049.2565744-1-gaurav.jain@nxp.com/
As explained in the U-Boot patch:
"RNG self tests are run to determine the correct entropy delay.
Such tests are executed with different voltages and temperatures to identify
the worst case value for the entropy delay. For i.MX6SX, it was determined
that after adding a margin value of 1000 the minimum entropy delay should be
at least 12000."
Minghao Chi [Wed, 20 Apr 2022 03:02:18 +0000 (03:02 +0000)]
crypto: sun8i-ce - using pm_runtime_resume_and_get instead of pm_runtime_get_sync
Using pm_runtime_resume_and_get() to replace pm_runtime_get_sync and
pm_runtime_put_noidle. This change is just to simplify the code, no
actual functional changes.
Reported-by: Zeal Robot <zealci@zte.com.cn> Signed-off-by: Minghao Chi <chi.minghao@zte.com.cn> Tested-by: Corentin Labbe <clabbe.montjoie@gmail.com> Acked-by: Corentin Labbe <clabbe.montjoie@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: keembay - Make use of devm helper function devm_platform_ioremap_resource()
Use the devm_platform_ioremap_resource() helper instead of calling
platform_get_resource() and devm_ioremap_resource() separately.Make the
code simpler without functional changes.
Jacky Li [Thu, 14 Apr 2022 16:23:25 +0000 (16:23 +0000)]
crypto: ccp - Fix the INIT_EX data file open failure
There are 2 common cases when INIT_EX data file might not be
opened successfully and fail the sev initialization:
1. In user namespaces, normal user tasks (e.g. VMM) can change their
current->fs->root to point to arbitrary directories. While
init_ex_path is provided as a module param related to root file
system. Solution: use the root directory of init_task to avoid
accessing the wrong file.
2. Normal user tasks (e.g. VMM) don't have the privilege to access
the INIT_EX data file. Solution: open the file as root and
restore permissions immediately.
Fixes: 3d725965f836 ("crypto: ccp - Add SEV_INIT_EX support") Signed-off-by: Jacky Li <jackyli@google.com> Reviewed-by: Peter Gonda <pgonda@google.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The underlying option POLARFIRE_SOC_SYS_CTRL already supports
COMPILE_TEST so there is no need for this. What's more, if
we force this option on without the underlying option it fails
to build.
Reported-by: kernel test robot <lkp@intel.com> Reported-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
hisi_qm_get_free_qp_num() is to get the free queue number on the function.
It is a simple function and is only called by
hisi_qm_get_available_instances().
This patch modifies to get the free queue directly in
hisi_qm_get_available_instances(), and remove hisi_qm_get_free_qp_num().
Signed-off-by: Weili Qian <qianweili@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: hisilicon/qm - replace hisi_qm_release_qp() with hisi_qm_free_qps()
hisi_qm_free_qps() can release multiple queues in one call, and it is
already exported. So, replace hisi_qm_release_qp() with hisi_qm_free_qps()
in zip_crypto.c, and do not export hisi_qm_release_qp() outside qm.c.
Signed-off-by: Weili Qian <qianweili@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Peter Gonda [Wed, 13 Apr 2022 15:58:35 +0000 (08:58 -0700)]
crypto: ccp - Log when resetting PSP SEV state
Currently when the PSP returns a SECURE_DATA_INVALID error on INIT or
INIT_EX the driver retries the command once which should reset the PSP's
state SEV related state, meaning the PSP will regenerate its keying
material. This is logged with a dbg log but given this will change
system state this should be logged at a higher priority and with more
information.
Signed-off-by: Peter Gonda <pgonda@google.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: David Rientjes <rientjes@google.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: John Allen <john.allen@amd.com> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This function assumes that sizeof(void) is 1 and arithmetic works for
void pointers. This is a GNU C extention and may not work with other
compilers. Change this by using an u8 pointer.
Also move cn10k_read_trng() out of a loop thus saving some cycles.
Fixes: 38e9791a0209 ("hwrng: cn10k - Add random number generator support") Signed-off-by: Vladis Dronov <vdronov@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: arm64/sm4 - Fix wrong dependency of NEON/CE implementation
Commit d2825fa9365d ("crypto: sm3,sm4 - move into crypto directory")
moved the sm4 library implementation from the lib/crypto directory to
the crypto directory and configured the name as CRYPTO_SM4. The arm64
SM4 NEON/CE implementation depends on this and needs to be modified
uniformly.
Kai Ye [Sat, 9 Apr 2022 08:03:25 +0000 (16:03 +0800)]
crypto: hisilicon/qm - add last word dumping for ACC
Add last word dumping function during acc engines controller reset.
The last words are reported to the printed information during the
reset. The dmesg information included qm debugging registers and
engine debugging registers. It can help to improve debugging
capability.
Signed-off-by: Kai Ye <yekai13@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Kai Ye [Sat, 9 Apr 2022 08:03:21 +0000 (16:03 +0800)]
crypto: hisilicon/zip - support register checking
The value of the register is changed after the task running. A debugfs
file node is added to help users to check the change of register values.
Signed-off-by: Longfang Liu <liulongfang@huawei.com> Signed-off-by: Kai Ye <yekai13@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Kai Ye [Sat, 9 Apr 2022 08:03:20 +0000 (16:03 +0800)]
crypto: hisilicon/sec - support register checking
The value of the register is changed after the task running. A debugfs
file node is added to help users to check the change of register values.
Signed-off-by: Longfang Liu <liulongfang@huawei.com> Signed-off-by: Kai Ye <yekai13@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Kai Ye [Sat, 9 Apr 2022 08:03:19 +0000 (16:03 +0800)]
crypto: hisilicon/hpre - support register checking
The value of the register is changed after the task running. A debugfs
file node is added to help users to check the change of register values.
Signed-off-by: Longfang Liu <liulongfang@huawei.com> Signed-off-by: Kai Ye <yekai13@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Kai Ye [Sat, 9 Apr 2022 08:03:18 +0000 (16:03 +0800)]
crypto: hisilicon/qm - add register checking for ACC
Add register detection function to accelerator. Provided a tool that
user can checking differential register through Debugfs.
e.g.
cd /sys/kernel/debug/hisi_zip/<bdf>/zip_dfx
cat diff_regs
Signed-off-by: Longfang Liu <liulongfang@huawei.com> Signed-off-by: Kai Ye <yekai13@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Add a driver to access the hardware random number generator on the
Polarfire SoC. The hwrng can only be accessed via the system controller,
so use the mailbox interface the system controller exposes to access the
hwrng.
Signed-off-by: Conor Dooley <conor.dooley@microchip.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:55 +0000 (17:54 +0100)]
crypto: qat - remove line wrapping for pfvf_ops functions
Remove unnecessary line wrapping for the
adf_enable_vf2pf_interrupts() function, and harmonize pfvf_ops text.
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:54 +0000 (17:54 +0100)]
crypto: qat - use u32 variables in all GEN4 pfvf_ops
Change adf_gen4_enable_vf2pf_interrupts() to use a u32 variable,
consistently with both other GEN4 pfvf_ops and pfvf_ops of other
generations.
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:53 +0000 (17:54 +0100)]
crypto: qat - replace disable_vf2pf_interrupts()
As a consequence of the refactored VF2PF interrupt handling logic, a
function that disables specific VF2PF interrupts is no longer needed.
Instead, a simpler function that disables all the interrupts, also
hiding the device specific amount of VFs to be disabled from the
pfvf_ops users, would be sufficient.
This patch replaces disable_vf2pf_interrupts() with the new
disable_all_vf2pf_interrupts(), which doesn't need any argument and
disables all the VF2PF interrupts.
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:52 +0000 (17:54 +0100)]
crypto: qat - leverage the GEN2 VF mask definiton
Replace hard coded VF masks in adf_gen2_pfvf.c with the recently
introduced ADF_GEN2_VF_MSK.
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:51 +0000 (17:54 +0100)]
crypto: qat - rework the VF2PF interrupt handling logic
Change the VF2PF interrupt handler in the PF ISR and the definition of
the internal PFVF API to correct the current implementation, which can
result in missed interrupts.
More specifically, current HW generations consider a write to the mask
register, regardless of the value, as an acknowledge of any pending
VF2PF interrupt. Therefore, if there is an interrupt between the source
register read and the mask register write, such interrupt will not be
delivered and silently acknowledged, resulting in a lost VF2PF message.
To work around the problem, rather than disabling specific interrupts,
disable all the interrupts and re-enable only the ones that we are not
serving (excluding the already disabled ones too). This will force any
other pending interrupt to be triggered and be serviced by a subsequent
ISR.
This new approach requires, however, changes to the interrupt related
pfvf_ops functions. In particular, get_vf2pf_sources() has now been
removed in favor of disable_pending_vf2pf_interrupts(), which not only
retrieves and returns the pending (and enabled) sources, but also
disables them.
As a consequence, introduce the adf_disable_pending_vf2pf_interrupts()
utility in place of adf_disable_vf2pf_interrupts_irq(), which is no
longer needed.
Cc: stable@vger.kernel.org Fixes: 993161d ("crypto: qat - fix handling of VF to PF interrupts") Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Co-developed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:50 +0000 (17:54 +0100)]
crypto: qat - fix off-by-one error in PFVF debug print
PFVF Block Message requests for CRC use 0-based values to indicate
amounts, which have to be remapped to 1-based values on the receiving
side.
This patch fixes one debug print which was however using the wire value.
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:49 +0000 (17:54 +0100)]
crypto: qat - fix wording and formatting in code comment
Remove an unintentional extra space and improve the readability of a
PFVF related code comment.
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:48 +0000 (17:54 +0100)]
crypto: qat - test PFVF registers for spurious interrupts on GEN4
Spurious PFVF interrupts can happen when either the ISR is invoked
without a valid source being set or, otherwise, when no interrupt bit
is set in the PFVF register containing the message.
The latter test was present for GEN2 devices but missing for GEN4, this
patch fills the gap.
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Wojciech Ziemba [Thu, 7 Apr 2022 16:54:47 +0000 (17:54 +0100)]
crypto: qat - add check for invalid PFVF protocol version 0
PFVF protocol version 0 is not a valid version, but PF drivers
currently would report any such version from VFs as compatible.
This patch adds an extra check for the invalid PFVF protocol
version 0.
Signed-off-by: Wojciech Ziemba <wojciech.ziemba@intel.com> Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Marco Chiappero <marco.chiappero@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:46 +0000 (17:54 +0100)]
crypto: qat - add missing restarting event notification in VFs
VF drivers are notified via PFVF of the VFs being disabled, but
such notification was not propagated within the VF driver.
Dispatch the ADF_EVENT_RESTARTING event by adding a missing call
to adf_dev_restarting_notify().
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:45 +0000 (17:54 +0100)]
crypto: qat - remove unnecessary tests to detect PFVF support
Previously, the GEN4 host driver supported SR-IOV but had no working
implementation of the PFVF protocol to communicate with VF drivers.
Since all the host drivers for QAT devices now support both SR-IOV and
PFVF, remove the old and unnecessary checks to test PFVF support.
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The functions adf_enable_pf2vf_interrupts(), adf_flush_vf_wq() and
adf_disable_pf2vf_interrupts() are not referenced when the driver is
compiled with CONFIG_PCI_IOV=n. This patch removes these unused stubs.
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Marco Chiappero <marco.chiappero@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:43 +0000 (17:54 +0100)]
crypto: qat - remove unneeded braces
Remove unnecessary braces around a single statement in a for loop.
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Marco Chiappero [Thu, 7 Apr 2022 16:54:42 +0000 (17:54 +0100)]
crypto: qat - fix ETR sources enabled by default on GEN2 devices
When the driver starts the device, it enables all the necessary
interrupts. However interrupts associated to host rings are enabled by
default on all GEN2 devices (except for dh895x) even when SR-IOV is
active. Fix this behaviour by checking if data structures associated to
VFs have been allocated to determine whether to enable such interrupts
or not.
Since the logic for the fix is the same across GEN2 devices, replace
the function to be fixed (adf_enable_ints()) with a single one
(adf_gen2_enable_ints()) in the common GEN2 code in adf_gen2_hw_data.c.
Likewise, remove the unnecessary duplication of defines too.
Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: qat - set COMPRESSION capability for DH895XCC
The capability detection logic clears bits for the features that are
disabled in a certain SKU. For example, if the bit associate to
compression is not present in the LEGFUSE register, the correspondent
bit is cleared in the capability mask.
This change adds the compression capability to the mask as this was
missing in the commit that enhanced the capability detection logic.
Fixes: cfe4894eccdc ("crypto: qat - set COMPRESSION capability for QAT GEN2") Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Marco Chiappero <marco.chiappero@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Set the CIPHER capability for QAT DH895XCC devices if the hardware supports
it. This is done if both the CIPHER and the AUTHENTICATION engines are
available on the device.
Fixes: ad1332aa67ec ("crypto: qat - add support for capability detection") Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Marco Chiappero <marco.chiappero@intel.com> Reviewed-by: Marco Chiappero <marco.chiappero@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use a fine grained specification of DMA mapping directions
in certain cases, allowing both a more optimized operation
as well as shushing out a harmless, though persky
dma-debug warning.
crypto: ccree - rearrange init calls to avoid race
Rearrange init calls to avoid the rare race condition of
the cipher algs being registered and used while we still
init the hash code which uses the HW without proper lock.
Robin Murphy [Tue, 5 Apr 2022 12:25:11 +0000 (13:25 +0100)]
crypto: qat - stop using iommu_present()
Even if an IOMMU might be present for some PCI segment in the system,
that doesn't necessarily mean it provides translation for the device
we care about. Replace iommu_present() with a more appropriate check.
Signed-off-by: Robin Murphy <robin.murphy@arm.com> Acked-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Jakob Koschel [Thu, 31 Mar 2022 21:59:10 +0000 (23:59 +0200)]
crypto: cavium/nitrox - remove check of list iterator against head past the loop body
When list_for_each_entry() completes the iteration over the whole list
without breaking the loop, the iterator value will be a bogus pointer
computed based on the head element.
While it is safe to use the pointer to determine if it was computed
based on the head element, either with list_entry_is_head() or
&pos->member == head, using the iterator variable after the loop should
be avoided.
In preparation to limit the scope of a list iterator to the list
traversal loop, use a dedicated pointer to point to the found element [1].
crypto: ccp - When TSME and SME both detected notify user
CC_ATTR_HOST_MEM_ENCRYPT is used to relay that memory encryption has been
activated by the kernel.
As it's technically possible to enable both SME and TSME at the same time,
detect this scenario and notify the user that enabling TSME and SME at the
same time is unnecessary.
Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccp - Allow PSP driver to load without SEV/TEE support
Previously the PSP probe routine would fail if both SEV and TEE were
missing. This is possibly the case for some client parts.
As capabilities can now be accessed from userspace, it may still be
useful to have the PSP driver finish loading so that those capabilities
can be read.
Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccp - Export PSP security bits to userspace
The PSP sets several pre-defined bits in the capabilities
register to indicate that security attributes of the platform.
Export these attributes into userspace for administrators to
confirm platform is properly locked down.
Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The results of the capability register will be used by future
code at runtime rather than just initialization.
Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Eric Biggers [Sat, 26 Mar 2022 07:11:59 +0000 (00:11 -0700)]
crypto: testmgr - test in-place en/decryption with two sglists
As was established in the thread
https://lore.kernel.org/linux-crypto/20220223080400.139367-1-gilad@benyossef.com/T/#u,
many crypto API users doing in-place en/decryption don't use the same
scatterlist pointers for the source and destination, but rather use
separate scatterlists that point to the same memory. This case isn't
tested by the self-tests, resulting in bugs.
This is the natural usage of the crypto API in some cases, so requiring
API users to avoid this usage is not reasonable.
Therefore, update the self-tests to start testing this case.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Randy Dunlap [Wed, 16 Mar 2022 19:20:09 +0000 (12:20 -0700)]
crypto: x86 - eliminate anonymous module_init & module_exit
Eliminate anonymous module_init() and module_exit(), which can lead to
confusion or ambiguity when reading System.map, crashes/oops/bugs,
or an initcall_debug log.
Give each of these init and exit functions unique driver-specific
names to eliminate the anonymous names.
Yang Li [Wed, 16 Mar 2022 01:03:01 +0000 (09:03 +0800)]
crypto: engine - Add parameter description in crypto_transfer_request() kernel-doc comment
Add the description of @need_pump in crypto_transfer_request() kernel-doc
comment to remove warning found by running scripts/kernel-doc, which is
caused by using 'make W=1'.
crypto/crypto_engine.c:260: warning: Function parameter or member
'need_pump' not described in 'crypto_transfer_request'
Reported-by: Abaci Robot <abaci@linux.alibaba.com> Signed-off-by: Yang Li <yang.lee@linux.alibaba.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This adds ARMv8 implementations of SM4 in ECB, CBC, CFB and CTR
modes using Crypto Extensions, also includes key expansion operations
because the Crypto Extensions instruction is much faster than software
implementations.
The Crypto Extensions for SM4 can only run on ARMv8 implementations
that have support for these optional extensions.
Benchmark on T-Head Yitian-710 2.75 GHz, the data comes from the 218
mode of tcrypt. The abscissas are blocks of different lengths. The
data is tabulated and the unit is Mb/s:
Tianjia Zhang [Tue, 15 Mar 2022 09:44:53 +0000 (17:44 +0800)]
crypto: arm64/sm4 - add ARMv8 NEON implementation
This adds ARMv8 NEON implementations of SM4 in ECB, CBC, CFB and CTR
modes. This implementation uses the plain NEON instruction set, All
S-BOX substitutions uses the tbl/tbx instructions of ARMv8, combined
with the out-of-order execution in CPU, this optimization supports
encryption of up to 8 blocks at the same time.
The performance of encrypting one block is not as good as software
implementation, so the encryption operations of CBC and CFB still
use pure software algorithms.
Benchmark on T-Head Yitian-710 2.75 GHz, the data comes from the 218
mode of tcrypt. The abscissas are blocks of different lengths. The
data is tabulated and the unit is Mb/s:
Tianjia Zhang [Tue, 15 Mar 2022 09:44:52 +0000 (17:44 +0800)]
crypto: arm64/sm4-ce - rename to sm4-ce-cipher
The subsequent patches of the series will have an implementation
of SM4-ECB/CBC/CFB/CTR accelerated by the CE instruction set, which
conflicts with the current module name. In order to keep the naming
rules of the AES algorithm consistent, the sm4-ce algorithm is
renamed to sm4-ce-cipher.
In addition, the speed of sm4-ce-cipher is better than that of SM4
NEON. By the way, the priority of the algorithm is adjusted to 300,
which is also to leave room for the priority of SM4 NEON.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tianjia Zhang [Tue, 15 Mar 2022 09:44:51 +0000 (17:44 +0800)]
crypto: sm4 - export sm4 constant arrays
Export the constant arrays fk, ck, sbox of the SM4 algorithm, and
add the 'crypto_sm4_' prefix, where sbox is used in the SM4 NEON
implementation for the tbl/tbx instruction to replace the S-BOX,
and the fk, ck arrays are used in the SM4 CE implementation. Use
the sm4ekey instruction to speed up key expansion operations.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The lib/crypto libraries live in lib because they are used by various
drivers of the kernel. In contrast, the various helper functions in
crypto are there because they're used exclusively by the crypto API. The
SM3 and SM4 helper functions were erroniously moved into lib/crypto/
instead of crypto/, even though there are no in-kernel users outside of
the crypto API of those functions. This commit moves them into crypto/.
Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Cc: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
projects / thirdparty / linux.git / log
