The Security System is an hardware cryptographic offloader present
on Allwinner SoCs A80 and A83T.
It is different from the previous sun4i-ss.
This driver supports AES cipher in CBC and ECB mode.
Acked-by: Maxime Ripard <mripard@kernel.org>
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Test vectors for blake2b with various digest sizes. As the algorithm is
the same up to the digest calculation, the key and input data length is
distributed in a way that tests all combinanions of the two over the
digest sizes.
Based on the suggestion from Eric, the following input sizes are tested
[0, 1, 7, 15, 64, 247, 256], where blake2b blocksize is 128, so the
padded and the non-padded input buffers are tested.
blake2b-160 blake2b-256 blake2b-384 blake2b-512
---------------------------------------------------
len=0 | klen=0 klen=1 klen=32 klen=64
len=1 | klen=32 klen=64 klen=0 klen=1
len=7 | klen=64 klen=0 klen=1 klen=32
len=15 | klen=1 klen=32 klen=64 klen=0
len=64 | klen=0 klen=1 klen=32 klen=64
len=247 | klen=32 klen=64 klen=0 klen=1
len=256 | klen=64 klen=0 klen=1 klen=32
Where key:
- klen=0: empty key
- klen=1: 1 byte value 0x42, 'B'
- klen=32: first 32 bytes of the default key, sequence 00..1f
- klen=64: default key, sequence 00..3f
The unkeyed vectors are ordered before keyed, as this is required by
testmgr.
CC: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The patch brings support of several BLAKE2 variants (2b with various
digest lengths). The keyed digest is supported, using tfm->setkey call.
The in-tree user will be btrfs (for checksumming), we're going to use
the BLAKE2b-256 variant.
The code is reference implementation taken from the official sources and
modified in terms of kernel coding style (whitespace, comments, uintXX_t
-> uXX types, removed unused prototypes and #ifdefs, removed testing
code, changed secure_zero_memory -> memzero_explicit, used own helpers
for unaligned reads/writes and rotations).
Further changes removed sanity checks of key length or output size,
these values are verified in the crypto API callbacks or hardcoded in
shash_alg and not exposed to users.
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Since we have a dedicated Allwinner directory for crypto driver, move
the sun4i-ss driver in it.
Acked-by: Maxime Ripard <mripard@kernel.org>
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The Crypto Engine is an hardware cryptographic offloader present
on all recent Allwinner SoCs H2+, H3, R40, A64, H5, H6
This driver supports AES cipher in CBC/ECB mode.
Acked-by: Maxime Ripard <mripard@kernel.org>
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Since a second Allwinner crypto driver will be added, it is better to
create a dedicated subdirectory.
Acked-by: Maxime Ripard <mripard@kernel.org>
Signed-off-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Bitwise-or'ing 0xffffffff with the u32 variable ctr is the same result
as assigning the value to ctr. Remove the redundant bitwise-or and
just use an assignment.
Addresses-Coverity: ("Suspicious &= or |= constant expression")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The elliptic curve arithmetic library used by the EC-DH KPP implementation
assumes big endian byte order, and unconditionally reverses the byte
and word order of multi-limb quantities. On big endian systems, the byte
reordering is not necessary, while the word ordering needs to be retained.
So replace the __swab64() invocation with a call to be64_to_cpu() which
should do the right thing for both little and big endian builds.
Fixes: 3c4b23901a ("crypto: ecdh - Add ECDH software support")
Cc: <stable@vger.kernel.org> # v4.9+
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Move the call to devm_of_platform_populate() at the end of
caam_probe(), so we won't try to add any child devices until all of
the initialization is finished successfully.
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Cc: Chris Healy <cphealy@gmail.com>
Cc: Lucas Stach <l.stach@pengutronix.de>
Cc: Horia Geantă <horia.geanta@nxp.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Iuliana Prodan <iuliana.prodan@nxp.com>
Cc: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devres to de-initialize the RNG and drop explicit de-initialization
code in caam_remove().
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Cc: Chris Healy <cphealy@gmail.com>
Cc: Lucas Stach <l.stach@pengutronix.de>
Cc: Horia Geantă <horia.geanta@nxp.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Iuliana Prodan <iuliana.prodan@nxp.com>
Cc: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devres to de-initialize the QI and drop explicit de-initialization
code in caam_remove().
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Cc: Chris Healy <cphealy@gmail.com>
Cc: Lucas Stach <l.stach@pengutronix.de>
Cc: Horia Geantă <horia.geanta@nxp.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Iuliana Prodan <iuliana.prodan@nxp.com>
Cc: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devres to de-initialize the RNG and drop explicit de-initialization
code in caam_remove().
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Cc: Chris Healy <cphealy@gmail.com>
Cc: Lucas Stach <l.stach@pengutronix.de>
Cc: Horia Geantă <horia.geanta@nxp.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Iuliana Prodan <iuliana.prodan@nxp.com>
Cc: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
When runtime-pm is disabled, we get a few harmless warnings:
drivers/char/hw_random/omap3-rom-rng.c:65:12: error: unused function 'omap_rom_rng_runtime_suspend' [-Werror,-Wunused-function]
drivers/char/hw_random/omap3-rom-rng.c:81:12: error: unused function 'omap_rom_rng_runtime_resume' [-Werror,-Wunused-function]
Mark these functions as __maybe_unused so gcc can drop them
silently.
Fixes: 8d9d4bdc49 ("hwrng: omap3-rom - Use runtime PM instead of custom functions")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Sebastian Reichel <sebastian.reichel@collabora.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This fixes a bunch of endianness related sparse warnings reported by the
kbuild test robot as well as Ben Dooks.
Credits for the fix to safexcel.c go to Ben Dooks.
Reported-by: kbuild test robot <lkp@intel.com>
Reported-by: Ben Dooks <ben.dooks@codethink.co.uk>
Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
A warning is found by the static code analysis tool:
"Identical condition 'err', second condition is always false"
Fix this by adding return value of skcipher_walk_done().
Fixes: 67cfa5d3b7 ("crypto: arm64/aes-neonbs - implement ciphertext stealing for XTS")
Signed-off-by: Yunfeng Ye <yeyunfeng@huawei.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Variables of type atomic{,64}_t can be used fine with
debugfs_create_u{32,64}, when passing a pointer to the embedded counter.
This allows to get rid of the casts, which prevented compiler checks.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Check early whether device registers can be accessed. Some BIOSes have
a broken security policy that prevents access to the device registers,
and return values from ioread() can be misinterpreted. If a read of
a feature register returns a -1, we may not be able to access
any device register, so report the problem and suggestion, and return.
For the PSP, the feature register is checked. For the CCP, the queue
register is checked.
Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
If an AMD BIOS makes zero CCP queues available to the driver, the
device is unavailable and therefore can't be activated. When this
happens, report the status but don't report a (non-existent)
failure. The CCP will be unactivated.
Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This patch fixes following sparse warning:
qm.c:345:33: warning: cast removes address space '<asn:2>' of expression
qm.c:359:20: warning: incorrect type in assignment (different base types)
qm.c:359:20: expected restricted __le16 [usertype] w0
qm.c:359:20: got int
qm.c:362:27: warning: incorrect type in assignment (different base types)
qm.c:362:27: expected restricted __le16 [usertype] queue_num
qm.c:362:27: got unsigned short [usertype] queue
qm.c:363:24: warning: incorrect type in assignment (different base types)
qm.c:363:24: expected restricted __le32 [usertype] base_l
qm.c:363:24: got unsigned int [usertype]
qm.c:364:24: warning: incorrect type in assignment (different base types)
qm.c:364:24: expected restricted __le32 [usertype] base_h
qm.c:364:24: got unsigned int [usertype]
qm.c:451:22: warning: restricted __le32 degrades to integer
qm.c:471:24: warning: restricted __le16 degrades to integer
......
qm.c:1617:19: warning: incorrect type in assignment (different base types)
qm.c:1617:19: expected restricted __le32 [usertype] dw6
qm.c:1617:19: got int
qm.c:1891:24: warning: incorrect type in return expression (different base types)
qm.c:1891:24: expected int
qm.c:1891:24: got restricted pci_ers_result_t
qm.c:1894:40: warning: incorrect type in return expression (different base types)
qm.c:1894:40: expected int
qm.c:1894:40: got restricted pci_ers_result_t
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This patch fixes following sparse warning:
zip_main.c:87:1: warning: symbol 'hisi_zip_list' was not declared.
Should it be static?
zip_main.c:88:1: warning: symbol 'hisi_zip_list_lock' was not declared.
Should it be static?
zip_main.c:948:68: warning: Using plain integer as NULL pointer
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This patch fix sparse warning:
zip_crypto.c:425:26: warning: Using plain integer as NULL pointer
Replaces assignment of 0 to pointer with NULL assignment.
Signed-off-by: Shukun Tan <tanshukun1@huawei.com>
Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tiny fix to make QM/ZIP error callback print clear and right. If one version
hardware does not support error handling, we directly print this.
And QM is embedded in ZIP, we can use ZIP print only, so remove unnecessary
QM print.
Signed-off-by: Zhou Wang <wangzhou1@hisilicon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This patch fixes the following warnings:
drivers/crypto/ccree/cc_aead.c:630:5-12: WARNING: Unsigned expression
compared with zero: seq_len > 0
Signed-off-by: Tian Tao <tiantao6@huawei.com>
v2:
change hmac_setkey() return type to unsigned int to fix the warning.
Acked-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
SEV INIT command loads the SEV related persistent data from NVS
and initializes the platform context. The firmware validates the
persistent state. If validation fails, the firmware will reset
the persisent state and return an integrity check failure status.
At this point, a subsequent INIT command should succeed, so retry
the command. The INIT command retry is only done during driver
initialization.
Additional enums along with SEV_RET_SECURE_DATA_INVALID are added
to sev_ret_code to maintain continuity and relevance of enum values.
Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
Acked-by: David Rientjes <rientjes@google.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This patch adds support for the amlogic GXL cryptographic offloader present
on GXL SoCs.
This driver supports AES cipher in CBC/ECB mode.
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Reviewed-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This patch adds documentation for Device-Tree bindings for the
Amlogic GXL cryptographic offloader driver.
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The driver uses a couple of buffers that seem to
be __be32 or __be64 fields, but declares them as
u32. This means there are a number of warnings
from sparse due to casting to/from __beXXX.
Fix these by changing the types of the buffer
and the associated variables.
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1023:15: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1059:28: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1059:28: expected unsigned int
drivers/crypto/atmel-aes.c:1059:28: got restricted __be32 [usertype]
drivers/crypto/atmel-aes.c:1550:28: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1550:28: expected unsigned int
drivers/crypto/atmel-aes.c:1550:28: got restricted __be32 [usertype]
drivers/crypto/atmel-aes.c:1561:39: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1561:39: expected unsigned long long [usertype]
drivers/crypto/atmel-aes.c:1561:39: got restricted __be64 [usertype]
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:17: warning: cast to restricted __be32
drivers/crypto/atmel-aes.c:1599:15: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1599:15: expected unsigned int [usertype]
drivers/crypto/atmel-aes.c:1599:15: got restricted __be32 [usertype]
drivers/crypto/atmel-aes.c:1692:17: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1692:17: expected unsigned long long [usertype]
drivers/crypto/atmel-aes.c:1692:17: got restricted __be64 [usertype]
drivers/crypto/atmel-aes.c:1693:17: warning: incorrect type in assignment (different base types)
drivers/crypto/atmel-aes.c:1693:17: expected unsigned long long [usertype]
drivers/crypto/atmel-aes.c:1693:17: got restricted __be64 [usertype]
drivers/crypto/atmel-aes.c:1888:63: warning: incorrect type in initializer (different base types)
drivers/crypto/atmel-aes.c:1888:63: expected unsigned int
drivers/crypto/atmel-aes.c:1888:63: got restricted __le32 [usertype]
Signed-off-by: Ben Dooks <ben.dooks@codethink.co.uk>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Reviewed-by: Kevin Hilman <khilman@baylibre.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Acked-by: Łukasz Stelmach <l.stelmach@samsung.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Use devm_platform_ioremap_resource() to simplify the code a bit.
This is detected by coccinelle.
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Acked-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Add the logic to deal with input sizes that are not a round multiple
of the AES block size, as described by the XTS spec. This brings the
SPE implementation in line with other kernel drivers that have been
updated recently to take this into account.
Cc: Eric Biggers <ebiggers@google.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Convert the glue code for the PowerPC SPE implementations of AES-ECB,
AES-CBC, AES-CTR, and AES-XTS from the deprecated "blkcipher" API to the
"skcipher" API. This is needed in order for the blkcipher API to be
removed.
Tested with:
export ARCH=powerpc CROSS_COMPILE=powerpc-linux-gnu-
make mpc85xx_defconfig
cat >> .config << EOF
# CONFIG_MODULES is not set
# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
CONFIG_DEBUG_KERNEL=y
CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y
CONFIG_CRYPTO_AES=y
CONFIG_CRYPTO_CBC=y
CONFIG_CRYPTO_CTR=y
CONFIG_CRYPTO_ECB=y
CONFIG_CRYPTO_XTS=y
CONFIG_CRYPTO_AES_PPC_SPE=y
EOF
make olddefconfig
make -j32
qemu-system-ppc -M mpc8544ds -cpu e500 -nographic \
-kernel arch/powerpc/boot/zImage \
-append cryptomgr.fuzz_iterations=1000
Note that xts-ppc-spe still fails the comparison tests due to the lack
of ciphertext stealing support. This is not addressed by this patch.
This patch also cleans up the code by making ->encrypt() and ->decrypt()
call a common function for each of ECB, CBC, and XTS, and by using a
clearer way to compute the length to process at each step.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Set the ivsize for the "ecb-ppc-spe" algorithm to 0, since ECB mode
doesn't take an IV.
This fixes a failure in the extra crypto self-tests:
alg: skcipher: ivsize for ecb-ppc-spe (16) doesn't match generic impl (0)
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The PowerPC SPE implementations of AES modes only disable preemption
during the actual encryption/decryption, not during the scatterwalk
functions. It's therefore unnecessary to request an atomic scatterwalk.
So don't do so.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
In order to speed up aegis128 processing even more, duplicate the init()
and final() routines as SIMD versions in their entirety. This results
in a 2x speedup on ARM Cortex-A57 for ~1500 byte packets (using AES
instructions).
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
