#
dfe6c5d1 |
|
30-Nov-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: safexcel - Remove cfb and ofb Remove the unused CFB/OFB implementation. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
acc3f550 |
|
30-Jan-2023 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: safexcel - Use crypto_wait_req This patch replaces the custom crypto completion function with crypto_req_done. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
36dd88b1 |
|
26-Sep-2022 |
Peter Harliman Liem <pliem@maxlinear.com> |
crypto: inside-secure - Add MaxLinear platform This is to add MaxLinear platform into compatible id. Firmware endianness option is added since MaxLinear firmware is in little endian format. Signed-off-by: Peter Harliman Liem <pliem@maxlinear.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
594ed3d2 |
|
26-Sep-2022 |
Peter Harliman Liem <pliem@maxlinear.com> |
crypto: inside-secure - Add fw_little_endian option This is to add fw_little_endian option, which can be used for platform which firmware is using little-endian (instead of big-endian). Signed-off-by: Peter Harliman Liem <pliem@maxlinear.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
22044d9b |
|
26-Sep-2022 |
Peter Harliman Liem <pliem@maxlinear.com> |
crypto: inside-secure - Expand soc data structure Currently platform data is assigned directly to version string(instead of struct). To make it more scalable, we move it to use data struct instead. This allows customization for individual platforms other than version string. Signed-off-by: Peter Harliman Liem <pliem@maxlinear.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
932be3e9 |
|
02-Jul-2022 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - fix packed bit-field result descriptor When mixing bit-field and none bit-filed in packed struct the none bit-field starts at a distinct memory location, thus adding an additional byte to the overall structure which is used in memory zero-ing and other configuration calculations. Fix this by removing the none bit-field that has a following bit-field. Signed-off-by: Ofer Heifetz <oferh@marvell.com> Acked-by: Antoine Tenart <atenart@kernel.org> Acked-by: Antoine Tenart <atenart@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a24d22b2 |
|
12-Nov-2020 |
Eric Biggers <ebiggers@google.com> |
crypto: sha - split sha.h into sha1.h and sha2.h Currently <crypto/sha.h> contains declarations for both SHA-1 and SHA-2, and <crypto/sha3.h> contains declarations for SHA-3. This organization is inconsistent, but more importantly SHA-1 is no longer considered to be cryptographically secure. So to the extent possible, SHA-1 shouldn't be grouped together with any of the other SHA versions, and usage of it should be phased out. Therefore, split <crypto/sha.h> into two headers <crypto/sha1.h> and <crypto/sha2.h>, and make everyone explicitly specify whether they want the declarations for SHA-1, SHA-2, or both. This avoids making the SHA-1 declarations visible to files that don't want anything to do with SHA-1. It also prepares for potentially moving sha1.h into a new insecure/ or dangerous/ directory. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
63cdd870 |
|
13-Sep-2020 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: inside-secure - Reuse code in safexcel_hmac_alg_setkey The code in the current implementation of safexcel_hmac_alg_setkey can be reused by safexcel_cipher. This patch does just that by renaming the previous safexcel_hmac_setkey to __safexcel_hmac_setkey. The now-shared safexcel_hmac_alg_setkey becomes safexcel_hmac_setkey and a new safexcel_hmac_alg_setkey has been added for use by ahash transforms. As a result safexcel_aead_setkey's stack frame has been reduced by about half in size, or about 512 bytes. Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
78cf1c8b |
|
13-Sep-2020 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: inside-secure - Move ipad/opad into safexcel_context As both safexcel_ahash_ctx and safexcel_cipher_ctx contain ipad and opad buffers this patch moves them into the common struct safexcel_context. It also adds a union so that they can be accessed in the appropriate endian without crazy casts. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
18e51895 |
|
13-Sep-2020 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: inside-secure - Move priv pointer into safexcel_context This patch moves the priv pointer into struct safexcel_context because both structs that extend safexcel_context have that pointer as well. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
dbc756fc |
|
11-Sep-2020 |
Pascal van Leeuwen <pvanleeuwen@rambus.com> |
crypto: inside-secure - Add support for EIP197 with output classifier This patch adds support for EIP197 instances that include the output classifier (OCE) option, as used by one of our biggest customers. The OCE normally requires initialization and dedicated firmware, but for the simple operations supported by this driver, we just bypass it completely for now (using what is formally a debug feature). Signed-off-by: Pascal van Leeuwen <pvanleeuwen@rambus.com> Acked-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c6720415 |
|
20-Jul-2020 |
Sven Auhagen <Sven.Auhagen@voleatech.de> |
crypto: inside-secure - irq balance Balance the irqs of the inside secure driver over all available cpus. Currently all interrupts are handled by the first CPU. From my testing with IPSec AES-GCM 256 on my MCbin with 4 Cores I get a 50% speed increase: Before the patch: 99.73 Kpps With the patch: 151.25 Kpps Signed-off-by: Sven Auhagen <sven.auhagen@voleatech.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
098e51e5 |
|
11-Dec-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Fix Unable to fit even 1 command desc error w/ EIP97 Due to the additions of support for modes like AES-CCM and AES-GCM, which require large command tokens, the size of the descriptor has grown such that it now does not fit into the descriptor cache of a standard EIP97 anymore. This means that the driver no longer works on the Marvell Armada 3700LP chip (as used on e.g. Espressobin) that it has always supported. Additionally, performance on EIP197's like Marvell A8K may also degrade due to being able to fit less descriptors in the on-chip cache. Putting these tokens into the descriptor was really a hack and not how the design was supposed to be used - resource allocation did not account for it. So what this patch does, is move the command token out of the descriptor. To avoid having to allocate buffers on the fly for these command tokens, they are stuffed in a "shadow ring", which is a circular buffer of fixed size blocks that runs in lock-step with the descriptor ring. i.e. there is one token block per descriptor. The descriptor ring itself is then pre- populated with the pointers to these token blocks so these do not need to be filled in when building the descriptors later. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@rambus.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c3510fec |
|
06-Nov-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Fix hangup during probing for EIP97 engine Fixed mask used for CFSIZE and RFSIZE fields of HIA_OPTIONS register, these were all 1 bit too wide. Which caused the probing of a standard EIP97 to actually hang due to assume way too large descriptor FIFO's. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
13a1bb93 |
|
22-Oct-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Fixed warnings on inconsistent byte order handling This fixes a bunch of endianness related sparse warnings reported by the kbuild test robot as well as Ben Dooks. Credits for the fix to safexcel.c go to Ben Dooks. Reported-by: kbuild test robot <lkp@intel.com> Reported-by: Ben Dooks <ben.dooks@codethink.co.uk> Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
5fd39c4d |
|
17-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add support for the EIP196 This patch adds support for the EIP196, which is an EIP197 derivative that has no classification hardware and a simplified record cache. The patch has been tested with the eip196b-ie and eip197c-iewxkbc configurations on the Xilinx VCU118 development board as well as on the Macchiatobin board (Marvell A8K - EIP197b-ieswx), including the crypto extra tests. Note that this patchset applies on top of the earlier submitted "Add support for eip197f_iewc" series. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
946a4a2a |
|
18-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add support for HW with less ring AIC's than rings The current driver assumes one dedicated ring interrupt controller per ring. However, some existing EIP(1)97 HW has less ring AIC's than rings. This patch allows the driver to work with such HW by detecting how many ring AIC's are present and restricting the number of rings it *uses* by the number of ring AIC's present. This allows it to at least function. (optimization for the future: add ring dispatch functionality in the interrupt service routine such that multiple rings can be supported from one ring AIC, allowing all rings to be used) Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
84ca4e54 |
|
18-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add support for 256 bit wide internal bus This patch adds support for large EIP197's with a 256 bit wide internal bus, which affects the format of the result descriptor due to internal alignment requirements. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a9a89624 |
|
16-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for the rfc4309(ccm(aes)) AEAD This patch adds support for rfc4309(ccm(aes)) for use with IPsec ESP Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
92c60cef |
|
16-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for the rfc4543(gcm(aes)) "AEAD" This patch adds support for rfc4543(gcm(aes)) - i.e. AES-GMAC - for use with IPsec ESP Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a19052d4 |
|
16-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for the rfc4106(gcm(aes)) AEAD This patch adds support for rfc4106(gcm(aes)) for use with IPsec ESP Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
d96cf190 |
|
17-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Fixed corner case TRC admin RAM probing issue This patch fixed a corner case admin RAM probing issue witnessed on the Xilinx VCU118 FPGA development board with an EIP197 configuration with 4096 words of admin RAM, of which only 2050 were recognised. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
457a6fdf |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for authenc HMAC-SHA2/DES-CBC This patch adds support for the authenc(hmac(sha224),cbc(des)), authenc(hmac(sha256),cbc(des)), authenc(hmac(sha384),cbc(des)) and authenc(hmac(sha512),cbc(des)) aead's changes since v1: - nothing Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f0a8bdf0 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for authenc HMAC-SHA2/3DES-CBC This patch adds support for the authenc(hmac(sha224),cbc(des3_ede)), authenc(hmac(sha256),cbc(des3_ede)), authenc(hmac(sha384),cbc(des3_ede)) and authenc(hmac(sha512),cbc(des3_ede)) aead's changes since v1: - nothing Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
bb7679b8 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for authenc HMAC-SHA1/DES-CBC This patch adds support for the authenc(hmac(sha1),cbc(des)) aead changes since v1: - rebased on top of DES changes made to cryptodev/master Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
6c1c09b3 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add HMAC-SHA3 family of authentication algorithms This patch adds support for hmac(sha3-224), hmac(sha3-256), hmac(sha3-384) and hmac(sha3-512) authentication algorithms. The patch has been tested with the eip197c_iewxkbc configuration on the Xilinx VCU118 development board, including the testmgr extra tests. changes since v1: - nothing Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
aaf5a383 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add SHA3 family of basic hash algorithms This patch adds support for sha3-224, sha3-256, sha3-384 and sha3-512 basic hashes. The patch has been tested with the eip197c_iewxkbc configuration on the Xilinx VCU118 development board, including the testmgr extra tests. changes since v1: - nothing Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
1769f704 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add SM4 based authenc AEAD ciphersuites This patch adds support for the authenc(hmac(sha1),cbc(sm4)), authenc(hmac(sm3),cbc(sm4)), authenc(hmac(sha1),rfc3686(ctr(sm4))), and authenc(hmac(sm3),rfc3686(ctr(sm4))) aead ciphersuites. These are necessary to support IPsec according to the Chinese standard GM/T 022-1014 - IPsec VPN specification. Note that there are no testvectors present in testmgr for these ciphersuites. However, considering all building blocks have already been verified elsewhere, it is fair to assume the generic implementation to be correct-by-construction. The hardware implementation has been fuzzed against this generic implementation by means of a locally modified testmgr. The intention is to upstream these testmgr changes but this is pending other testmgr changes being made by Eric Biggers. The patch has been tested with the eip197c_iewxkbc configuration on the Xilinx VCU118 development board, using the abovementioned modified testmgr This patch applies on top of "Add support for SM4 ciphers" and needs to be applied before "Add (HMAC) SHA3 support". Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f77e5dc0 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add support for the rfc3685(ctr(sm4)) skcipher This patch adds support for SM4 in (32 bit) CTR mode, i.e. skcipher rfc3686(ctr(sm4)). changes since v1: - nothing Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
7468ab22 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add support for the cfb(sm4) skcipher This patch adds support for SM4 in CFB mode, i.e. skcipher cfb(sm4). changes since v1: - nothing Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
03a6cfb9 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add support for the ofb(sm4) skcipher This patch adds support for SM4 in OFB mode, i.e. skcipher ofb(sm4). changes since v1: - nothing Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
6f2d1428 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add support for the cbc(sm4) skcipher This patch adds support for SM4 in CBC mode, i.e. skcipher cbc(sm4). changes since v1: - nothing Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
fcca797d |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add support for the ecb(sm4) skcipher This patch adds support for SM4 in ECB mode, i.e. skcipher ecb(sm4). changes since v1: - make SAFEXCEL_SM4 case entry explit, using the proper SM4_BLOCK_SIZE instead of "borrowing" the AES code which "coincidentally" works Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
aa3a43e6 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for HMAC-SM3 ahash Added support for the hmac(sm3) ahash authentication algorithm changes since v1: - added Acked-by tag below, no changes to the source changes since v2: - nothing Acked-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
0f2bc131 |
|
13-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for basic SM3 ahash Added support for the SM3 ahash algorithm changes since v1: - moved definition of CONTEXT_CONTROL_CRYPTO_ALG_SM3 (0x7) up above 0xf changes since v2: - allow compilation if CONFIG_CRYPTO_SM3 is not set Acked-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a6061921 |
|
18-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add support for the Chacha20-Poly1305 AEAD This patch adds support for the Chacha20-Poly1305 cipher suite. It adds both the basic rfc7539(chacha20,poly1305) as well as the rfc7539esp(chacha20,poly1305) variant for IPsec ESP acceleration. changes since v1: - rebased on top of DES library changes done on cryptodev/master - fixed crypto/Kconfig so that generic fallback is compiled as well changes since v2: - nothing changes since v3: - Fixed a problem where the tcrypt performance test would run fully on the fallback cipher instead of the HW due to using an AAD length of 8 for rfc7539esp. While this is not actually legal ESP (which includes SPI and sequence number in the AAD as well), it is both inconvenient and not necessary to run these vectors on the fallback cipher. - Due to above, also realised that for plain (non-ESP) rfc7539, you probably want to be able to run vectors with less than 8 bytes of AAD on the HW, and this is actually possible as long as cryptlen is large enough, so made that possible as well. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
4a593fb3 |
|
18-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for the CHACHA20 skcipher Added support for the CHACHA20 skcipher algorithm. Tested on an eip197c-iesb configuration in the Xilinx VCU118 devboard, passes all testmgr vectors plus the extra fuzzing tests. changes since v1: - rebased on top of DES library changes done on cryptodev/master - fixed crypto/Kconfig so that generic fallback is compiled as well changes since v2: - made switch entry SAFEXCEL_AES explit and added empty default, as requested by Antoine Tenart. Also needed to make SM4 patches apply. changes since v3: - nothing Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
7a627db9 |
|
09-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for the AES-CMAC ahash This patch adds support for the AES-CMAC authentication algorithm. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
38f21b4b |
|
09-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for the AES XCBC ahash This patch adds support for the AES XCBC authentication algorithm Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b98687bb |
|
09-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for the AES CBCMAC ahash This patch adds support for the AES-CBCMAC authentication algorithm. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a7cf8658 |
|
09-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for CRC32 This patch adds support for the CRC32 "hash" algorithm Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
465527bc |
|
06-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Probe transform record cache RAM sizes This patch actually probes the transform record cache data and administration RAM sizes, instead of making assumptions, and then configures the TRC based on the actually probed values. This allows the driver to work with EIP197 HW that has TRC RAM sizes different from those of the Marvell EIP197B/D variants. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b2d92ac1 |
|
06-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Base RD fetchcount on actual RD FIFO size This patch derives the result descriptor fetch count from the actual FIFO size advertised by the hardware. Fetching result descriptors one at a time is a performance bottleneck for small blocks, especially on hardware with multiple pipes. Even moreso if the HW has few rings. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
35c0e6c3 |
|
06-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Base CD fetchcount on actual CD FIFO size This patch derives the command descriptor fetch count from the actual FIFO size advertised by the hardware. Fetching command descriptors one at a time is a performance bottleneck for small blocks, especially on hardware with multiple pipes. Even moreso if the HW has few rings. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
4bdf712c |
|
06-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Enable extended algorithms on newer HW This patch enables algorithms that did not fit the original 32 bit FUNCTION_EN register anymore via the FUNCTION2_EN extension reg. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f9d131d9 |
|
06-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure: Corrected configuration of EIP96_TOKEN_CTRL This patch corrects the configuration of the EIP197_PE_EIP96_TOKEN_CTRL register. Previous value was wrong and potentially dangerous. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
118db42d |
|
06-Sep-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add EIP97/EIP197 and endianness detection This patch adds automatic EIP97/EIP197 detection, so it does not need to rely on any static value from the device table anymore. In particular, the static value from the table won't work for PCI devboards that cannot be further identified save from this direct hardware probing. The patch also adds automatic host xs endianness detection & correction. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
4eb76faf |
|
30-Aug-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for basic AES-CCM This patch adds support for the basic AES-CCM AEAD cipher suite. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
50485dfb |
|
30-Aug-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added AES-OFB support This patch adds support for AES in output feedback mode (AES-OFB). Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
48e97afa |
|
30-Aug-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added AES-CFB support This patch adds support for AES in 128 bit cipher feedback mode (AES-CFB). Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
3e450886 |
|
30-Aug-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Added support for basic AES-GCM This patch adds support for the basic AES-GCM AEAD cipher suite. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
aa88f331 |
|
30-Aug-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Made .cra_priority value a define Instead of having a fixed value (of 300) all over the place, the value for for .cra_priority is now made into a define (SAFEXCEL_CRA_PRIORITY). This makes it easier to play with, e.g. during development. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
062b64ca |
|
30-Aug-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Only enable algorithms advertised by the hardware This patch probes the supported algorithms from the hardware and only registers the ones that the hardware actually supports. This is necessary because this is a generic driver supposed to run on a wide variety of engines, which may or may not implement certain algorithms. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c7da38a7 |
|
30-Aug-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Add support for the AES-XTS algorithm This patch adds support for the AES-XTS skcipher algorithm. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f6cc45c8 |
|
19-Aug-2019 |
Pascal van Leeuwen <pvanleeuwen@insidesecure.com> |
crypto: inside-secure - add support for using the EIP197 without vendor firmware Until now, the inside-secure driver required a set of firmware images supplied by the silicon vendor, typically under NDA, to be present in /lib/firmware/inside-secure in order to be able to function. This patch removes the dependence on this official vendor firmware by falling back to generic "mini" FW - developed specifically for this driver - that can be provided under GPL 2.0 through linux-firmwares. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Acked-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
625f269a |
|
19-Aug-2019 |
Pascal van Leeuwen <pvanleeuwen@insidesecure.com> |
crypto: inside-secure - add support for PCI based FPGA development board This patch adds support for a PCIE development board with FPGA from Xilinx, to facilitate pre-silicon driver development by both Inside Secure and its IP customers. Since Inside Secure neither produces nor has access to actual silicon, this is required functionality to allow us to contribute. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Acked-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
70e39e22 |
|
19-Aug-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - Remove redundant algo to engine mapping code This removes some code determine which engine has which algorithms which was effectively redundant (may have been forward-looking?) due to always enabling all algorithms for all currently supported engines. A future patch will use a different, more scalable approach to achieve this. This is removed now because otherwise the next patch will add new hardware which would otherwise have to be added to all algorithms, so now is a convenient time to just get rid of this. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Acked-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
31fb084c |
|
05-Jul-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure -reduce hash byte counters to 64 bits This patch recognises the fact that the hardware cannot ever process more than 2,199,023,386,111 bytes of hash or HMAC payload, so there is no point in maintaining 128 bit wide byte counters, 64 bits is more than sufficient Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
0e17e362 |
|
05-Jul-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - add support for authenc(hmac(sha*),rfc3686(ctr(aes))) suites This patch adds support for the following AEAD ciphersuites: - authenc(hmac(sha1),rfc3686(ctr(aes))) - authenc(hmac(sha224),rfc3686(ctr(aes))) - authenc(hmac(sha256),rfc3686(ctr(aes))) - authenc(hmac(sha384),rfc3686(ctr(aes))) - authenc(hmac(sha512),rfc3686(ctr(aes))) Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
54f9e8fa |
|
05-Jul-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - added support for rfc3686(ctr(aes)) Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
77cdd4ef |
|
05-Jul-2019 |
Pascal van Leeuwen <pascalvanl@gmail.com> |
crypto: inside-secure - add support for authenc(hmac(sha1),cbc(des3_ede)) Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
41abed7d |
|
02-Jul-2019 |
Pascal van Leeuwen <pvanleeuwen@insidesecure.com> |
crypto: inside-secure - add support for arbitrary size hash/HMAC updates This patch fixes an issue with hash and HMAC operations that perform "large" intermediate updates (i.e. combined size > 2 hash blocks) by actually making use of the hardware's hash continue capabilities. The original implementation would cache these updates in a buffer that was 2 hash blocks in size and fail if all update calls combined would overflow that buffer. Which caused the cryptomgr extra tests to fail. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a74d850f |
|
02-Jul-2019 |
Pascal van Leeuwen <pvanleeuwen@insidesecure.com> |
crypto: inside-secure - fix EINVAL error (buf overflow) for AEAD decrypt This patch fixes a buffer overflow error returning -EINVAL for AEAD decrypt operations by NOT appending the (already verified) ICV to the output packet (which is not expected by the API anyway). With this fix, all testmgr AEAD (extra) tests now pass. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
082ec2d4 |
|
27-May-2019 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - add support for HMAC updates This patch adds support for HMAC updates in the Inside Secure SafeXcel crypto engine driver. Updates were supported for hash algorithms, but were never enabled for HMAC ones. This fixes boot time test issues. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
57660b11 |
|
27-May-2019 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - implement IV retrieval This patch adds support for retrieving intermediate IV from the crypto engine when using the CBC block mode with AES and (3)DES. The retrieved IV is copied to the request IV buffer, as requested by the kernel crypto API. This fix boot tests added by commit 8efd972ef96a ("crypto: testmgr - support checking skcipher output IV"). Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
97a1440d |
|
27-May-2019 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - enable context reuse The context given to the crypto engine can be reused over time. While the driver was designed to allow this, the feature wasn't enabled in the hardware engine. This patch enables it. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
301422e3 |
|
13-Jul-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - switch to SPDX identifiers Use the appropriate SPDX license identifiers and drop the license text. This patch is only cosmetic. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
9744fec9 |
|
28-Jun-2018 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - remove request list to improve performance This patch main goal is to improve driver performance by moving the crypto request from a list to a RDR ring shadow. This is possible since there is one producer and one consume for this RDR request shadow and one ring descriptor is left unused. Doing this change eliminates the use of spinlock when accessing the descriptor ring and the need to dynamicaly allocate memory per crypto request. The crypto request is placed in the first RDR shadow descriptor only if there are enough descriptors, when the result handler is invoked, it fetches the first result descriptor from RDR shadow. Signed-off-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
62469879 |
|
28-Jun-2018 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - ecb(des3_ede) and cbc(des3_ede) support This patch adds support for two new algorithms in the Inside Secure SafeXcel cryptographic engine driver: ecb(des3_ede) and cbc(des3_ede). Signed-off-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
a7dea8c0 |
|
28-Jun-2018 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - ecb(des) and cbc(des) support This patch adds support for two algorithms in the Inside Secure SafeXcel cryptographic engine driver: ecb(des) and cbc(des). Signed-off-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b471e4b9 |
|
28-Jun-2018 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - hmac(md5) support This patch adds support for the hmac(md5) algorithm in the Inside Secure SafeXcel cryptographic engine driver. Signed-off-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
293f89cf |
|
28-Jun-2018 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - md5 support This patch adds the MD5 algorithm support to the Inside Secure SafeXcel cryptographic engine driver. Signed-off-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
63b94278 |
|
28-Jun-2018 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - set tx_max_cmd_queue to 32 The ORO bridge (connected to the EIP197 write channel) does not generate back pressure towards the EIP197 when its internal FIFO is full. It assumes that the EIP will not drive more write transactions than the maximal supported outstanding (32). Hence tx_max_cmd_queue must be configured to 5 (or less). Signed-off-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
fbd0a7c9 |
|
28-Jun-2018 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - adjust the TRC configuration for EIP197D This patch updates the TRC configuration so that the version of the EIP197 engine being used is taken into account, as the configuration differs between the EIP197B and the EIP197D. Signed-off-by: Ofer Heifetz <oferh@marvell.com> [Antoine: commit message] Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
5eb09118 |
|
28-Jun-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - eip197d support This patch adds support for the eip197d engine to the Inside Secure SafeXcel cryptographic driver. This new engine is similar to the eip197b and reuse most of its code. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
367571e4 |
|
28-Jun-2018 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - add multiple processing engine support So far a single processing engine (PE) was configured and used in the Inside Secure SafeXcel cryptographic engine driver. Some versions have more than a single PE. This patch rework the driver's initialization to take this into account and to allow configuring more than one PE. Signed-off-by: Ofer Heifetz <oferh@marvell.com> [Antoine: some reworks and commit message.] Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
18e0e95b |
|
28-Jun-2018 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - dynamic ring configuration allocation The Inside Secure SafeXcel driver currently uses 4 rings, but the eip197d engines has 8 of them. This patch updates the driver so that rings are allocated dynamically based on the number of available rings supported by a given engine. Signed-off-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
53c83e91 |
|
28-Jun-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - add an invalidation flag Add a flags field in the private structure, and a first flag for engines needing context invalidation (currently only the eip197b). The invalidation is needed when the engine includes a TRC cache, which will also be true for the upcoming addition of the eip197d engine. Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
998d2abb |
|
28-Jun-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - filter out the algorithms by engine EIP engines do not support the same set of algorithms. So far the supported engines in the Inside Secure SafeXcel driver support the same set of algorithms, but that won't be true for all engines. This patch adds an 'engines' field in the algorithm definitions so that they only are registered when using a compatible cryptographic engine. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
7d8f52a3 |
|
28-Jun-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - use precise compatibles At first we used two compatibles in the SafeXcel driver, named after the engine revision: eip97 and eip197. However this family of engines has more precise versions and in fact we're supporting the eip97ies and eip197b. More versions will be supported in the future, such as the eip197d, and we'll need to differentiate them. This patch fixes the compatibles used in the driver, to now use precise ones. The two historical compatibles are kept for backward compatibility. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
ea23cb53 |
|
29-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - authenc(hmac(sha384), cbc(aes)) support This patch adds the authenc(hmac(sha384),cbc(aes)) algorithm support to the Inside Secure SafeXcel driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
1f5d5d98 |
|
29-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - hmac(sha384) support This patch adds the hmac(sha384) algorithm support to the Inside Secure SafeXcel driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
9e46eafd |
|
29-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - sha384 support This patch adds the sha384 algorithm support to the Inside Secure SafeXcel driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
87eee125 |
|
29-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - authenc(hmac(sha512), cbc(aes)) support This patch adds the authenc(hmac(sha512),cbc(aes)) algorithm support to the Inside Secure SafeXcel driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
0de54fb1 |
|
29-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - hmac(sha512) support This patch adds the hmac(sha512) algorithm support to the Inside Secure SafeXcel driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b460edb6 |
|
29-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - sha512 support This patch adds the sha512 algorithm support to the Inside Secure SafeXcel driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
25bc9551 |
|
29-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - improve the counter computation A counter is given to the engine when finishing hash computation. It currently uses the blocksize while it counts the number of 64 bytes blocks given to the engine. This works well for all algorithms so far, as SHA1, SHA224 and SHA256 all have a blocksize of 64 bytes, but others algorithms such as SHA512 wouldn't work. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
01ba061d |
|
14-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - authenc(hmac(sha1), cbc(aes)) support This patch adds the authenc(hmac(sha1),cbc(aes)) AEAD algorithm support to the Inside Secure SafeXcel driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
678b2878 |
|
14-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - authenc(hmac(sha224), cbc(aes)) support This patch adds the authenc(hmac(sha224),cbc(aes)) AEAD algorithm support to the Inside Secure SafeXcel driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f6beaea3 |
|
14-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - authenc(hmac(sha256), cbc(aes)) support This patch adds support for the first AEAD algorithm in the Inside Secure SafeXcel driver, authenc(hmac(sha256),cbc(aes)). As this is the first AEAD algorithm added to this driver, common AEAD functions are added as well. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
bdfd1909 |
|
14-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - improve error reporting This patch improves the error reporting from the Inside Secure driver to the upper layers and crypto consumers. All errors reported by the engine aren't fatal, and some may be genuine. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
8a21f067 |
|
14-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - fix the hash then encrypt/decrypt types This commit fixes the CONTEXT_CONTROL_TYPE_HASH_ENCRYPT_OUT and CONTEXT_CONTROL_TYPE_HASH_DECRYPT_OUT types by assigning the right value, and by renaming CONTEXT_CONTROL_TYPE_HASH_DECRYPT_OUT to CONTEXT_CONTROL_TYPE_HASH_DECRYPT_IN. This is not submitted as a fix for older kernel versions as these two defines weren't used back then. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
61824806 |
|
14-May-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - remove VLAs This patch removes the use of VLAs to allocate requests on the stack, by removing both SKCIPHER_REQUEST_ON_STACK and AHASH_REQUEST_ON_STACK. As we still need to allocate requests on the stack to ease the creation of invalidation requests a new, non-VLA, definition is used: EIP197_REQUEST_ON_STACK. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
3ad618d8 |
|
19-Mar-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - hmac(sha224) support This patch adds the hmac(sha224) support to the Inside Secure cryptographic engine driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
73f36ea7 |
|
19-Mar-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - hmac(sha256) support This patch adds the hmac(sha256) support to the Inside Secure cryptographic engine driver. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
d9107087 |
|
19-Mar-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - fix a typo in a register name This patch fixes a typo in the EIP197_HIA_xDR_WR_CTRL_BUG register name, as it should be EIP197_HIA_xDR_WR_CTRL_BUF. This is a cosmetic only change. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c2c55404 |
|
19-Mar-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - fix typo s/allways/always/ in a define Small cosmetic patch fixing one typo in the EIP197_HIA_DSE_CFG_ALLWAYS_BUFFERABLE macro, it should be _ALWAYS_. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
1d17cbfb |
|
13-Mar-2018 |
Gregory CLEMENT <gregory.clement@bootlin.com> |
crypto: inside-secure - fix clock resource by adding a register clock On Armada 7K/8K we need to explicitly enable the register clock. This clock is optional because not all the SoCs using this IP need it but at least for Armada 7K/8K it is actually mandatory. The binding documentation is updated accordingly. Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
cff9a175 |
|
26-Feb-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - move cache result dma mapping to request In heavy traffic the DMA mapping is overwritten by multiple requests as the DMA address is stored in a global context. This patch moves this information to the per-hash request context so that it can't be overwritten. Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
b8592027 |
|
26-Feb-2018 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - move hash result dma mapping to request In heavy traffic the DMA mapping is overwritten by multiple requests as the DMA address is stored in a global context. This patch moves this information to the per-hash request context so that it can't be overwritten. Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") Signed-off-by: Ofer Heifetz <oferh@marvell.com> [Antoine: rebased the patch, small fixes, commit message.] Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
f7268c53 |
|
13-Feb-2018 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - keep the requests push/pop synced This patch updates the Inside Secure SafeXcel driver to avoid being out-of-sync between the number of requests sent and the one being completed. The number of requests acknowledged by the driver can be different than the threshold that was configured if new requests were being pushed to the h/w in the meantime. The driver wasn't taking those into account, and the number of remaining requests to handled (to reconfigure the interrupt threshold) could be out-of sync. This patch fixes it by not taking in account the number of requests left, but by taking in account the total number of requests being sent to the hardware, so that new requests are being taken into account. Fixes: dc7e28a3286e ("crypto: inside-secure - dequeue all requests at once") Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
871df319 |
|
14-Dec-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - EIP97 support The Inside Secure SafeXcel driver was firstly designed to support the EIP197 cryptographic engine which is an evolution (with much more feature, better performances) of the EIP97 cryptographic engine. This patch convert the Inside Secure SafeXcel driver to support both engines (EIP97 + EIP197). The main differences are the register offsets and the context invalidation process which is EIP197 specific. This patch adds an indirection on the register offsets and adds checks not to send any invalidation request when driving the EIP97. A new compatible is added as well to bind the driver from device trees. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
8732b298 |
|
14-Dec-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - retry to proceed the request later on fail The dequeueing function was putting back a request in the crypto queue on failure (when not enough resources are available) which is not perfect as the request will be handled much later. This patch updates this logic by keeping a reference on the failed request to try proceeding it later when enough resources are available. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
7f77f5a4 |
|
14-Dec-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - handle more result requests when counter is full This patch modifies the result handling logic to continue handling results when the completed requests counter is full and not showing the actual number of requests to handle. Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
fc8c72b2 |
|
14-Dec-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - increase the ring size Increase the ring size to handle more requests in parallel, while keeping the batch size (for interrupt coalescing) to its previous value. The ring size and batch size are now unlinked. Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
dc7e28a3 |
|
14-Dec-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - dequeue all requests at once This patch updates the dequeueing logic to dequeue all requests at once. Since we can have many requests in the queue, the interrupt coalescing is kept so that the ring interrupt fires every EIP197_MAX_BATCH_SZ at most. To allow dequeueing all requests at once while still using reasonable settings for the interrupt coalescing, the result handling function was updated to setup the threshold interrupt when needed (i.e. when more requests than EIP197_MAX_BATCH_SZ are in the queue). When using this capability the ring is marked as busy so that the dequeue function enqueue new requests without setting the threshold interrupt. Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
69ee4dd5 |
|
14-Dec-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - use threaded IRQs for result handling This patch moves the result handling from an IRQ handler to a threaded IRQ handler, to improve the number of complete requests being handled at once. Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
8472e778 |
|
14-Dec-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - move request dequeueing into a workqueue This patch moves the request dequeueing into a workqueue to improve the coalescing of interrupts when sending requests to the engine; as the engine is capable of having one single interrupt for n requests sent. Using a workqueue allows to send more request at once. Suggested-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
5290ad6e |
|
14-Dec-2017 |
Ofer Heifetz <oferh@marvell.com> |
crypto: inside-secure - remove unused parameter in invalidate_cache The SafeXcel context isn't used in the cache invalidation function. This cosmetic patch removes it (as well as from the function prototype in the header file and when the function is called). Signed-off-by: Ofer Heifetz <oferh@marvell.com> [Antoine: commit message] Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
e826934e |
|
15-Jun-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - increase the batch size Increase the batch size to the maximum number of requests a ring can handle at a time (its size). This is possible now that the request queues are per hw ring. This improves performances. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
86671abb |
|
15-Jun-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - use one queue per hw ring Update the inside-secure safexcel driver from using one global queue to one queue per hw ring. This ease the request management and keep the hw in sync with what's done in sw. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
ee1fd870 |
|
15-Jun-2017 |
Igal Liberman <igall@marvell.com> |
crypto: inside-secure - optimize DSE bufferability control Configure the data write bufferability to always buffer packets in the DSE. This change slightly improves performance. Signed-off-by: Igal Liberman <igall@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
c87925bf |
|
15-Jun-2017 |
Igal Liberman <igall@marvell.com> |
crypto: inside-secure - enable single WR in DSE configuration When enable_single_wr is not enabled, the DSE will only write those parts of a result descriptor that need updating, which means a final result descriptor will be written in 2 or 3 smaller transfers. When enable_single_wr is enabled the DSE will combine these 2-3 updates into one large write transfer, generally improving performance. Signed-off-by: Igal Liberman <igall@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
aefa794e |
|
15-Jun-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - fix the ring wr_cache offset The EIP197_HIA_xDR_CFG_WR_CACHE macro was defined to use an offset of 23, which is wrong as it's actually 25. Fix this. Reported-by: Igal Liberman <igall@marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
#
1b44c5a6 |
|
24-May-2017 |
Antoine Tenart <atenart@kernel.org> |
crypto: inside-secure - add SafeXcel EIP197 crypto engine driver Add support for Inside Secure SafeXcel EIP197 cryptographic engine, which can be found on Marvell Armada 7k and 8k boards. This driver currently implements: ecb(aes), cbc(aes), sha1, sha224, sha256 and hmac(sah1) algorithms. Two firmwares are needed for this engine to work. Their are mostly used for more advanced operations than the ones supported (as of now), but we still need them to pass the data to the internal cryptographic engine. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|