- 04 Nov, 2022 5 commits
-
-
Tianjia Zhang authored
Raise the priority of the sm3-ce algorithm from 200 to 400, this is to make room for the implementation of sm3-neon. Signed-off-by:
Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Anirudh Venkataramanan authored
The top level print banners have a leading newline. It's not entirely clear why this exists, but it makes it harder to parse tcrypt test output using a script. Drop said newlines. tcrypt output before this patch: [...] testing speed of rfc4106(gcm(aes)) (rfc4106-gcm-aesni) encryption [...] test 0 (160 bit key, 16 byte blocks): 1 operation in 2320 cycles (16 bytes) tcrypt output with this patch: [...] testing speed of rfc4106(gcm(aes)) (rfc4106-gcm-aesni) encryption [...] test 0 (160 bit key, 16 byte blocks): 1 operation in 2320 cycles (16 bytes) Signed-off-by:Anirudh Venkataramanan <anirudh.venkataramanan@intel.com> Signed-off-by:
-
Anirudh Venkataramanan authored
The pr_fmt() define includes KBUILD_MODNAME, and so there's no need for pr_err() to also print it. Drop module name from the print string. Signed-off-by:
-
Anirudh Venkataramanan authored
Currently, there's mixed use of printk() and pr_info()/pr_err(). The latter prints the module name (because pr_fmt() is defined so) but the former does not. As a result there's inconsistency in the printed output. For example: modprobe mode=211: [...] test 0 (160 bit key, 16 byte blocks): 1 operation in 2320 cycles (16 bytes) [...] test 1 (160 bit key, 64 byte blocks): 1 operation in 2336 cycles (64 bytes) modprobe mode=215: [...] tcrypt: test 0 (160 bit key, 16 byte blocks): 1 operation in 2173 cycles (16 bytes) [...] tcrypt: test 1 (160 bit key, 64 byte blocks): 1 operation in 2241 cycles (64 bytes) Replace all instances of printk() with pr_info()/pr_err() so that the module name is printed consistently. Signed-off-by:
-
Anirudh Venkataramanan authored
For some test cases, a line break gets inserted between the test banner and the results. For example, with mode=211 this is the output: [...] testing speed of rfc4106(gcm(aes)) (rfc4106-gcm-aesni) encryption [...] test 0 (160 bit key, 16 byte blocks): [...] 1 operation in 2373 cycles (16 bytes) --snip-- [...] testing speed of gcm(aes) (generic-gcm-aesni) encryption [...] test 0 (128 bit key, 16 byte blocks): [...] 1 operation in 2338 cycles (16 bytes) Similar behavior is seen in the following cases as well: modprobe tcrypt mode=212 modprobe tcrypt mode=213 modprobe tcrypt mode=221 modprobe tcrypt mode=300 sec=1 modprobe tcrypt mode=400 sec=1 This doesn't happen with mode=215: [...] tcrypt: testing speed of multibuffer rfc4106(gcm(aes)) (rfc4106-gcm-aesni) encryption [...] tcrypt: test 0 (160 bit key, 16 byte blocks): 1 operation in 2215 cycles (16 bytes) --snip-- [...] tcrypt: testing speed of multibuffer gcm(aes) (generic-gcm-aesni) encryption [...] tcrypt: test 0 (128 bit key, 16 byte blocks): 1 operation in 2191 cycles (16 bytes) This print inconsistency is because printk() is used instead of pr_cont() in a few places. Change these to be pr_cont(). checkpatch warns that pr_cont() shouldn't be used. This can be ignored in this context as tcrypt already uses pr_cont(). Signed-off-by:
-
- 28 Oct, 2022 35 commits
-
-
wangjianli authored
Delete the redundant word 'the'. Signed-off-by:
wangjianli <wangjianli@cdjrlc.com> Signed-off-by:
-
Kai Ye authored
Because the permission on the VF debugfs file is "0444". So the VF function checking is redundant in qos writing api. Signed-off-by:
Kai Ye <yekai13@huawei.com> Signed-off-by:
-
Kai Ye authored
The pci bdf number check is added for qos written by using the pci api. Directly get the devfn by pci_dev, so delete some redundant code. And use the kstrtoul instead of sscanf to simplify code. Signed-off-by:
-
Kai Ye authored
Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' is only 32 bytes. The sscanf does not check the dest memory length. So the 'val buffer' may stack overflow. Signed-off-by:
-
Frederick Lawler authored
We want to leverage keyring to store sensitive keys, and then use those keys for symmetric encryption via the crypto API. Among the key types we wish to support are: user, logon, encrypted, and trusted. User key types are already able to have their data copied to user space, but logon does not support this. Further, trusted and encrypted keys will return their encrypted data back to user space on read, which does not make them ideal for symmetric encryption. To support symmetric encryption for these key types, add a new ALG_SET_KEY_BY_KEY_SERIAL setsockopt() option to the crypto API. This allows users to pass a key_serial_t to the crypto API to perform symmetric encryption. The behavior is the same as ALG_SET_KEY, but the crypto key data is copied in kernel space from a keyring key, which allows for the support of logon, encrypted, and trusted key types. Keyring keys must have the KEY_(POS|USR|GRP|OTH)_SEARCH permission set to leverage this feature. This follows the asymmetric_key type where key lookup calls eventually lead to keyring_search_rcu() without the KEYRING_SEARCH_NO_CHECK_PERM flag set. Signed-off-by:
Frederick Lawler <fred@cloudflare.com> Signed-off-by:
-
Corentin Labbe authored
The RK3399 has 2 rk3288 compatible crypto device named crypto0 and crypto1. The only difference is lack of RSA in crypto1. We need to add driver support for 2 parallel instance as only one need to register crypto algorithms. Then the driver will round robin each request on each device. For avoiding complexity (device bringup after a TFM is created), PM is modified to be handled per request. Signed-off-by:
Corentin Labbe <clabbe@baylibre.com> Signed-off-by:
-
Corentin Labbe authored
The RK3399 has 3 resets, so the driver to handle multiple resets. This is done by using devm_reset_control_array_get_exclusive(). Signed-off-by:
-
Corentin Labbe authored
rk_ahash_reg_init() use crypto_info from TFM context, since we will remove it, let's take if from parameters. Signed-off-by:
-
Corentin Labbe authored
Add the number of clocks needed for each compatible. Rockchip's datasheet give maximum frequencies for some clocks, so add checks for verifying they are within limits. Let's start with rk3288 for clock frequency check, other will came later. Signed-off-by:
-
Corentin Labbe authored
The crypto_info to use must be stored in the request context. This will help when 2 crypto_info will be available on rk3399. Signed-off-by:
-
Corentin Labbe authored
Since driver support new compatible, we need to update the driver bindings. Signed-off-by:
Rob Herring <robh@kernel.org> Signed-off-by:
-
Corentin Labbe authored
Convert rockchip-crypto to YAML. Reviewed-by:
John Keeping <john@metanate.com> Reviewed-by:
Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Signed-off-by:
-
Corentin Labbe authored
Instead of using the crypto_info from TFM ctx, use the one given as parameter. Reviewed-by:
-
Corentin Labbe authored
Instead of using lot of ctx->dev->xx indirections, use an intermediate variable for rk_crypto_info. This will help later, when 2 different rk_crypto_info would be used. Reviewed-by:
-
Corentin Labbe authored
This patch rework the rk_handle_req(), simply removing the rk_crypto_info parameter. Reviewed-by:
-
Corentin Labbe authored
Some functions have still ablk in their name even if there are not handling ablk_cipher anymore. So let's rename them. Reviewed-by:
-
Corentin Labbe authored
The rk3328 could be used as-is by the rockchip driver. Reviewed-by:
-
Corentin Labbe authored
This patch fixes some warning reported by checkpatch Reviewed-by:
-
Corentin Labbe authored
Use read_poll_timeout instead of open coding it. In the same time, fix indentation of related comment. Reviewed-by:
-
Corentin Labbe authored
Nobody is set as maintainer of rockchip crypto, I propose to do it as I have already reworked lot of this code. Reviewed-by:
-
Corentin Labbe authored
rk3328 does not have the same clock names than rk3288, instead of using a complex clock management, let's use clk_bulk to simplify their handling. Reviewed-by:
-
Corentin Labbe authored
reset could be handled by PM functions. We keep the initial reset pulse to be sure the hw is a know device state after probe. Signed-off-by:
-
Corentin Labbe authored
Add runtime PM support for rockchip crypto. Reviewed-by:
-
Corentin Labbe authored
This patch enable to access usage stats for each algorithm. Reviewed-by:
-
Corentin Labbe authored
Instead of using a custom type for classify algorithms, let's just use already defined ones. And let's made a bit more verbose about what is registered. Reviewed-by:
-
Corentin Labbe authored
Instead of doing manual queue management, let's use the crypto/engine for that. In the same time, rework the requests handling to be easier to understand (and fix all bugs related to them). Fixes: ce0183cb ("crypto: rockchip - switch to skcipher API") Reviewed-by:
-
Corentin Labbe authored
Now driver have fallback for un-aligned cases, remove all code handling those cases. Fixes: ce0183cb ("crypto: rockchip - switch to skcipher API") Reviewed-by:
-
Corentin Labbe authored
The key should not be set in hardware too much in advance, this will fail it 2 TFM with different keys generate alternative requests. The key should be stored and used just before doing cipher operations. Fixes: ce0183cb ("crypto: rockchip - switch to skcipher API") Reviewed-by:
-
Corentin Labbe authored
Adds a fallback for all case hardware cannot handle. Fixes: ce0183cb ("crypto: rockchip - switch to skcipher API") Reviewed-by:
-
Corentin Labbe authored
The hardware does not handle 0 size length request, let's add a fallback. Furthermore fallback will be used for all unaligned case the hardware cannot handle. Fixes: ce0183cb ("crypto: rockchip - switch to skcipher API") Reviewed-by:
-
Corentin Labbe authored
Storing the mode globally does not work if 2 requests are handled in the same time. We should store it in a request context. Fixes: ce0183cb ("crypto: rockchip - switch to skcipher API") Reviewed-by:
-
Corentin Labbe authored
This fix a simple typo on private word. Reviewed-by:
-
Corentin Labbe authored
The clock enable/disable at tfm init/exit is fragile, if 2 tfm are init in the same time and one is removed just after, it will leave the hardware uncloked even if a user remains. Instead simply enable clocks at probe time. We will do PM later. Fixes: ce0183cb ("crypto: rockchip - switch to skcipher API") Reviewed-by:
-
Corentin Labbe authored
crypto_info->dev is not yet set, so use pdev->dev instead. Reviewed-by:
-
Corentin Labbe authored
Interrupt is mandatory so the message should be printed as error. Reviewed-by:
-
