Fixes a bug in the CAAM probe on i.MX8ULP.
Due to the change of device-tree node name of secure-enclave,
was not updated in CAAM driver.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Issue:
-- Memory corruption issue on CAAM tagged key driver when
used CONFIG_FORTIFY_SOURCE to harden memory/str functions.
Fix:
-- Updated object field in struct tagged_object from
char variable to flexible char array to resolve overflow error.
-- Updated address reference to the object field accordingly.
Signed-off-by: Nikhil Singla <nikhil.singla@nxp.com>
This commit adds CRYPTO_ALG_KERN_DRIVER_ONLY flag which offloads hash
operations on CAAM hardware.
Signed-off-by: Kshitiz Varshney <kshitiz.varshney@nxp.com>
The ele compatible string has been changed since the commit 99c79d49cb
("LF-10329: arm64: dts: imx8ulp-evk: added nxp secure enclave firmware")
So need update the driver accordingly.
Reviewed-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Signed-off-by: Dong Aisheng <aisheng.dong@nxp.com>
key buffer is not copied in chachapoly_setkey function,
results in wrong output for encryption/decryption operation.
fix this by memcpy the key in caam_ctx key arrary
Fixes: d6bbd4eea2 ("crypto: caam/jr - add support for Chacha20 + Poly1305")
Signed-off-by: Gaurav Jain <gaurav.jain@nxp.com>
key buffer is not copied in chachapoly_setkey function,
results in wrong output for encryption/decryption operation.
fix this by memcpy the key in caam_ctx key arrary
Fixes: c10a533679 ("crypto: caam/qi2 - add support for Chacha20 + Poly1305")
Signed-off-by: Gaurav Jain <gaurav.jain@nxp.com>
Fix PM resume issue on imx8ulp board
Add check for scu_en which will bypass the save/restore
caam state in kernel
Signed-off-by: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
SNVS HP state is read incorrectly because there is Software dependency
between SECVIO and CAAM driver.
Added code to read SNVS version ID register which contain non-zero
constants to identify the endianness of the device. This register includes
a 16-bit field called IP_ID, and seems to have one of four different values
0x003A, 0x003C, 0x003E or 0x003F.
Signed-off-by: Vabhav Sharma <vabhav.sharma@nxp.com>
Reviewed-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Reviewed-by: Horia Geanta <horia.geanta@nxp.com>
Read entropy-delay property from device tree for
TRNG configuration.
update the value if entry is missing in DT.
Signed-off-by: Vabhav Sharma <vabhav.sharma@nxp.com>
Reviewed-by: Gaurav Jain <gaurav.jain@nxp.com>
Reviewed-by: Horia Geanta <horia.geanta@nxp.com>
Update caam/qi to work with QBMan from NXP SDK.
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Squashed "crypto: caam/qi - fix FD congestion weight" fix.
Signed-off-by: Vlad Pelin <vlad.pelin@nxp.com>
Solved rebase conflicts.
CAAM QI : Reverting the NAPI changes to work with SDK QI:
- Changes from f84754dbc5
Author: Sebastian Andrzej Siewior bigeasy@linutronix.de
Date: Mon Nov 2 00:22:55 2020 +0100
soc/fsl/qbman: Add an argument to signal if NAPI processing is required.
typedef enum qman_cb_dqrr_result (*qman_cb_dqrr)(struct qman_portal *qm,
struct qman_fq *fq,
- const struct qm_dqrr_entry *dqrr);
+ const struct qm_dqrr_entry *dqrr,
+ bool sched_napi);
- reverting the complet commit de3f5d9e27.
Author: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Date: Mon Nov 2 00:22:57 2020 +0100
crypto: caam: Replace in_irq() usage.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Reviewed-by: Leo Li <leoyang.li@nxp.com>
iMX8ULP have a EdgeLock Enclave(ELE) that control access to
caam controller's register page.
At all, if the ELE release access to CAAM controller's register page,
it will release to secure-world only.
caam driver needs to be aware of ELE f/w presence, since some things
are done differently:
1. clocks are turned on automatically for iMX8ULP.
there exists the caam clock gating bit,
but it is not advised to gate the clock at linux,
as optee-os or any other entity might be using it.
2. there is no access to caam controller's register page
3. as a consequence of "2.", part of the initialization is moved
in f/w (TF-A etc.), e.g. RNG initialization
Signed-off-by: Varun Sethi <v.sethi@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Acked-by: Peng Fan <peng.fan@nxp.com>
Caam-keygen application is passing key value in uint8_t array (in case of
hex input) but kernel is calculating length with the help of strlen()
function.
Hence, replaced strlen() function with actual key_value_len which is a
member variable of structure caam_keygen_cmd (passed by user-space
application to kernel).
Fixes: 3af836d4b3 ("MLK-24420-3 crypto: caam - add ioctl calls for black keys and blobs generation")
Signed-off-by: Kshitiz Varshney <kshitiz.varshney@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
issue:
when bus frequency set to low, error reported duing hwrng operation.
"Busfreq OPTEE set from 533000000 to 24000000 start..."
"Busfreq OPTEE set to 24000000 done! cpu=0"
"caam_jr 30902000.jr: 2000005b: CCB: desc idx 0: RNG: Hardware error"
fix:
TRNG configuration fails to work with low bus frequency(24Mhz).
so request high bus frequency before hwrng operation start
and release high bus frequency after completion of hwrng operation.
Signed-off-by: Gaurav Jain <gaurav.jain@nxp.com>
Signed-off-by: Varun Sethi <V.Sethi@nxp.com>
Signed-off-by: Horia Geanta <horia.geanta@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
For iMX8ULP, Nomenclature changes for Secure Enclave
driver, from imx8ulp-s400 to imx-sentnl.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Enabled the support for TLS1.2 algorithms offload
- aes-128-cbc-hmac-sha256
- aes-256-cbc-hmac-sha256
Enabled the support of TLS1.1 algorithms offload
- aes-128-cbc-hmac-sha1
- aes-256-cbc-hmac-sha1
Support for the obsolete TLS1.0 is removed from the caam
driver.
Signed-off-by: Arun Pathak <arun.pathak@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
iMX8ULP have a S400 that control access to caam controller's register
page.
At all, if the S400 release access to CAAM controller's register page,
it will release to secure-world only.
caam driver needs to be aware of S400 f/w presence, since some things
are done differently:
1. clocks are turned on automatically for iMX8ULP.
there exists the caam clock gating bit, but it is not advised to gate the clock
at linux, as optee-os or any other entity might be using it.
2. there is no access to caam controller's register page
3. as a consequence of "2.", part of the initialization is moved
in f/w (TF-A etc.), e.g. RNG initialization
Signed-off-by: Varun Sethi <v.sethi@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
In case no job rings are available, secure memory structures are not
initialized, since caam_jr_probe()->init_misc_func()->caam_sm_startup()
is not called.
This could happen if all job ring devices bind to the jr uio driver
instead of the caam/jr driver.
Running sm_test in this case will lead to a crash.
Add a check to verify that SM has been initialized - if not the tests
will be skipped.
Reported-by: Gaurav Jain <gaurav.jain@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Reviewed-by: Gaurav Jain <gaurav.jain@nxp.com>
Introduction
===
Currently we are facing some limitations in the caam/jr module lifecycle.
There are some discussion in upstream:
Link: https://lore.kernel.org/linux-crypto/20190904023515.7107-13-andrew.smirnov@gmail.com
Link: https://lore.kernel.org/linux-crypto/20191105151353.6522-1-andrew.smirnov@gmail.com
but in the end it all seems to get down to implementations not being able
to gracefully unregister crypto algorithms from crypto API while there are
users / allocated tfms (cra_refcnt > 1).
[*] OTOH functionalities in caam/jr that don't interact with crypto API
(like Secure Memory or black keys / blobs generation) don't face this
limitation.
Issue at hand
===
When unloading the caam_jr module, the .remove callback for the last JR
device exits with -EBUSY (see "Introduction" above) and doesn't perform
the clean-up (crypto algorithms unregistering etc.).
One side effect of this is leeding to an oops, which occurs due to a
corruption in the linked list of "misc devices"
(drivers/char/misc.c - misc_list):
1. caam_jr module is unloaded without calling unregister_algs()->
caam_keygen_exit()->misc_deregister() for the last job ring device;
this leaves a dangling entry in the misc_list double-linked list
2. rng_core module is unloaded and calls misc_deregister(); this implies
removing the corresponding entry in the misc_list; while doing this the
dangling entry is accessed - which leads to an oops since the address is
no longer valid (address points to the caam_jr module address space,
but caam_jr has been previously unloaded).
Fix this by moving the clean-up of non-crypto related functionalities [*]
before crypto related ones.
Fixes: 3af836d4b3 ("MLK-24420-3 crypto: caam - add ioctl calls for black keys and blobs generation")
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Reviewed-by: Gaurav Jain <gaurav.jain@nxp.com>
This patch adds the Kernel support for the caam-keygen user-space
application. It has two IOCTL calls for key and blob generation and
import a black key from a blob.
This support is included in CRYPTO_DEV_FSL_CAAM_TK_API (tagged key
support).
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
(cherry picked from commit 60baeafa83)
Squashed fixes:
dd746ff046 ("MLK-24496 crypto: caam - add tag object header to blob")
b8c49eddfd ("MLK-24517-3 crypto: caam - add null terminator to temporary buffer")
d7c41169bc ("MLK-24517-4 crypto: caam - validate arguments received from user-space")
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
CAAM's Black Key mechanism is intended for protection
of user keys against bus snooping. This automatically
encapsulates and decapsulates cryptographic keys ''on-the-fly''
in an encrypted data structure called a Black Key.
Before a value is copied from a Key Register to memory,
CAAM will automatically encrypt the key as a Black Key
(encrypted key) using the current value in the JDKEKR or
TDKEKR as the encryption key.
CAAM's built-in Blob Protocol provides a method for protecting
user-defined data across system power cycles. CAAM protects data
in a data structure called a Blob, which provides both confidentiality
and integrity protection. The data to be protected is encrypted so that
it can be safely placed into non-volatile storage before the SoC is
powered down.
This patch includes the support to generate a black key from random or
from a plaintext. Also one can encapsulate it into a blob or decapsulate
a black key from a blob.
The key and blob generation descriptors are exported into a separate file,
such that they could be shared with other interfaces (qi, qi2).
This feature has support only for black keys, encapsulated in
black blobs in General Memory.
In caamkeyblob_test.c file is a test that validates the above
operations: create a black key from plaintext or from random,
encapsulate and decapsulate a blob and compare the obtained black key.
This test is configured as a kernel module.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
(cherry picked from commit 84287c5d3b)
Squashed fixes:
9c24012e6b ("MLK-24496 crypto: caam - fix blob encapsulation/decapsulation")
cd078fac33 ("MLK-24517-1 crypto: caam - removed unnecessary validation of black key for blob decapsulation")
8888926c54 ("MLK-24517-2 crypto: caam - removed unnecessary validation of black key for blob encapsulation")
e4b484ce2d ("MLK-24497 crypto: caam - update job descriptor with inline commands")
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Squashed LF commit (rebase-v5.10-rc2/crypto/caam):
035f5933cc45 ("crypto: caam: change kzfree to kfree_sensitive")
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Tagged keys are keys that contain metadata indicating what
they are and how to handle them using the new added tag_object API.
A tag object represents the metadata (or simply a header/configuration)
and the actual data (e.g. black key) obtained from hardware.
The support, for tagged keys, to skcipher algorithms, is done by
adding new transformations, with tk prefix to distinguish
between plaintext and tagged keys.
The tk_ transformations can be used directly by their name:
struct sockaddr_alg sa = {
.salg_family = AF_ALG,
.salg_type = "skcipher", /* this selects the symmetric cipher */
.salg_name = "tk(cbc(aes))" /* this is the cipher name */
};
or for dm-crypt, e.g. using dmsetup:
dmsetup -v create encrypted --table "0 $(blockdev --getsz /dev/mmcblk2p10)
crypt capi:tk(cbc(aes))-plain :32:logon:seckey 0 /dev/mmcblk2p10 0 1
sector_size:512".
tk_ transformations will know how to handle tagged keys, by loading the
proper settings for KEY command.
The API expects that the object (the actual data) from a tag object
to be a buffer (defined by address and size).
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
(cherry picked from commit 04cab5a13d)
Squashed fix:
9ca04c0a00 ("MLK-24497 crypto: caam - update tagged object functionality by adding red key length")
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
This patch add the support for job ring UIO so
that userspace drivers can have access to the
caam job rings
Signed-off-by: Sandeep Malik <Sandeep.Malik@nxp.com>
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
crypto: caam - build config changes (squash to UIO)
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Dynamically create a platform device for the caam_dma driver
at caam_probe() time.
Signed-off-by: Radu Alexe <radu.alexe@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Use devres for caam_dma platform device unregistering.
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
The caam_dma is a memcpy DMA driver based on the DMA functionality of
the CAAM hardware block. It creates a DMA channel for each JR of the
CAAM. This patch adds functionality that is used by the caam_dma that is
not yet part of the JR driver.
Signed-off-by: Radu Alexe <radu.alexe@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
TLS 1.0 descriptors run on SEC 4.x or higher. For now, only
tls10(hmac(sha1),cbc(aes)) algorithm is registered by the driver.
Known limitations:
- when src == dst - there should be no element in the src scatterlist
array that contains both associated data and message data.
- when src != dst - associated data is not copied from source into
destination.
- for decryption when src != dst the size of the destination should be
large enough so that the buffer may contain the decrypted authenc and
padded data.
Signed-off-by: Radu Alexe <radu.alexe@nxp.com>
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
TLS 1.0 descriptors run on SEC 4.x or higher.
For now, only tls10(hmac(sha1),cbc(aes)) algorithm
is registered by the driver.
Known limitations:
- when src == dst - there should be no element in the src scatterlist array
that contains both associated data and message data.
- when src != dst - associated data is not copied from source into
destination.
- for decryption when src != dst the size of the destination should be
large enough so that the buffer may contain the decrypted authenc and
padded data.
Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com>
Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Radu Alexe <radu.alexe@nxp.com>
CHAs of SEC work natively in BE mode. When moving
data to the alignment blocks, swapping is needed
for LE platforms. This is done by means of the MOVEB
command. This patch adds support
to DCL for this command.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Signed-off-by: Radu Alexe <radu.alexe@nxp.com>
During driver upstreaming OPR was removed due to lacking users.
Add OPR back, since in LSDK / LSDK-based ADKs there is at least
one user (ASF / VortiQa IPsec).
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
During driver upstreaming all unused dpseci API was trimmed down.
Add the API back to be in sync with files provided by MC f/w release.
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
A tagged key is a key which has been tagged with metadata
using tag_object.h API.
We add the support for these keys to caamalg.
For each algo of caamalg which supports tagged keys , it is done by:
- Creating a modified version of the algo
- Registering the modified version
- When the modified transform is used, it gets
the load parameter of the key.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
(cherry picked from commit 88dee97d985890dbf37cafa7934c476d0ecfd0b3)
(Vipul: Fixed merge conflicts)
Conflicts:
drivers/crypto/caam/caamalg.c
Signed-off-by: Vipul Kumar <vipul_kumar@mentor.com>
(cherry picked from commit 5adebac40a)
-port from ablkcipher to current skcipher implementation
-since in linux-imx true key_inline was always true: a. simplify
the descriptors and b. use key_cmd_opt to differentiate b/w tk and non-tk
cases
-change commit headline prefix
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Add functions to tag an object with metadata(configuration).
It is possible to:
- create metadata:
- init_tag_object_header
- init_blackey_conf
- set_tag_object_conf
- retrieve metadata:
- get_tag_object_conf
- get_blackey_conf
The API expects an object to be a space a memory
with an address and a size.
The implementation of the tag is currently exposed
but users shouldn't access it directly, they should
use the functions provided.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
(cherry picked from commit ebbb132da8e7f9de7f3d375eff8d87f684feb1eb)
Signed-off-by: Vipul Kumar <vipul_kumar@mentor.com>
(cherry picked from commit 8b6f6b4474)
-make tag functionality depend on JR
-change commit headline prefix
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Some i.MX8 processors, e.g. i.MX8QM (QM, QP), i.MX8QX (QXP, DX) have a
System Controller Firmware (SCFW) running on a dedicated Cortex-M core
that provides power, clock, and resource management.
caam driver needs to be aware of SCU f/w presence, since some things
are done differently:
1. clocks are under SCU f/w control and are turned on automatically
2. there is no access to controller's register page (note however that
some registers are aliased in job rings' register pages)
It's worth mentioning that due to this, MCFGR[PS] cannot be read
and driver assumes MCFGR[PS] = b'0 - engine using 32-bit address pointers.
This is in sync with the limitation imposed by the
SECO (Security Controller) ROM and f/w running on a dedicated Cortex-M.
3. as a consequence of "2.", part of the initialization is moved in
other f/w (SCU, TF-A etc.), e.g. RNG initialization
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Commit 1984aaeec3 ("crypto: caam - fix return code in completion callbacks")
made changes in the skcipher and aead *_done() callbacks,
practically the *_encrypt_done() and *_decrypt_done() being the same.
Refactor code such that identical code is removed.
After this it makes sense to refactor also skipcher, aead {en,de}crypt ops.
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Reviewed-by: Iuliana Prodan <iuliana.prodan@nxp.com>
API:
- Move crypto engine callback from tfm ctx into algorithm object.
- Fix atomic sleep bug in crypto_destroy_instance.
- Move lib/mpi into lib/crypto.
Algorithms:
- Add chacha20 and poly1305 implementation for powerpc p10.
Drivers:
- Add AES skcipher and aead support to starfive.
- Add Dynamic Boost Control support to ccp.
- Add support for STM32P13 platform to stm32.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEn51F/lCuNhUwmDeSxycdCkmxi6cFAmTsZkMACgkQxycdCkmx
i6furw//e6kYK1CTOqidPM6nI0KK1Ok204VXu56H0wM4THZ09ZwcbDNKpvI6vjMi
XZkKthiayl/1okmpRVP0rPqMWDtxajeu6IUAQqqFGUFU8R7AqCDrOd+te+zlSFWG
16ySNQO47RND0OzNqZ4ojgCC0n9RpP+zOfndmderZ4EnfXSbodwGUwkcuE7Z96cP
jNoainO2iwlyMZPlVynrw61O3RxGu/s/ch+uY1mV+TyvAAWoOlzt57gYUs3eGduz
4Ky+0Ubctg3sfBaqA2Hg6GjtAqG/QUssRyj8YgsFMrgXPHDTbLh6abej39wWo4gz
ZdC7Bm47hV/yfVdWe2iq3/5iqdILEdPBh3fDh6NNsZ1Jlm3aEZpH9rEXm0k4X2MJ
A9NDAFVj8dAYVZza7+Y8jPc8FNe+HqN9HYip/2K7g68WAJGWnMc9lq9qGwGmg1Gl
dn6yM27AgH8B+UljWYM9FS1ZFsc8KCudJavRZqA2d0W3rbXVWAoBBp83ii0yX1Nm
ZPAblAYMZCDeCtrVrDYKLtGn566rfpCrv3R5cppwHLksGJsDxgWrjG47l9uy5HXI
u05jiXT11R+pjIU2Wv5qsiUIhyvli6AaiFYHIdZ8fWaovPAOdhrCrN3IryvUVHj/
LqMcnmW1rWGNYN9pqHn0sQZ730ZJIma0klhTZOn8HPJNbiK68X0=
=LbcA
-----END PGP SIGNATURE-----
Merge tag 'v6.6-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu:
"API:
- Move crypto engine callback from tfm ctx into algorithm object
- Fix atomic sleep bug in crypto_destroy_instance
- Move lib/mpi into lib/crypto
Algorithms:
- Add chacha20 and poly1305 implementation for powerpc p10
Drivers:
- Add AES skcipher and aead support to starfive
- Add Dynamic Boost Control support to ccp
- Add support for STM32P13 platform to stm32"
* tag 'v6.6-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (149 commits)
Revert "dt-bindings: crypto: qcom,prng: Add SM8450"
crypto: chelsio - Remove unused declarations
X.509: if signature is unsupported skip validation
crypto: qat - fix crypto capability detection for 4xxx
crypto: drivers - Explicitly include correct DT includes
crypto: engine - Remove crypto_engine_ctx
crypto: zynqmp - Use new crypto_engine_op interface
crypto: virtio - Use new crypto_engine_op interface
crypto: stm32 - Use new crypto_engine_op interface
crypto: jh7110 - Use new crypto_engine_op interface
crypto: rk3288 - Use new crypto_engine_op interface
crypto: omap - Use new crypto_engine_op interface
crypto: keembay - Use new crypto_engine_op interface
crypto: sl3516 - Use new crypto_engine_op interface
crypto: caam - Use new crypto_engine_op interface
crypto: aspeed - Remove non-standard sha512 algorithms
crypto: aspeed - Use new crypto_engine_op interface
crypto: amlogic - Use new crypto_engine_op interface
crypto: sun8i-ss - Use new crypto_engine_op interface
crypto: sun8i-ce - Use new crypto_engine_op interface
...
The DT of_device.h and of_platform.h date back to the separate
of_platform_bus_type before it as merged into the regular platform bus.
As part of that merge prepping Arm DT support 13 years ago, they
"temporarily" include each other. They also include platform_device.h
and of.h. As a result, there's a pretty much random mix of those include
files used throughout the tree. In order to detangle these headers and
replace the implicit includes with struct declarations, users need to
explicitly include the correct includes.
Signed-off-by: Rob Herring <robh@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
There are cases when the interrupt status register (JRINTR) is non-zero,
even though:
1. An interrupt was generated, but it was masked OR
2. There was no interrupt generated at all
for the corresponding job ring.
1. The case when interrupt is masked (JRCFGR_LS[IMSK]=1b'1)
while other events have happened and are being accounted for, e.g.
-JRINTR[HALT]=2b'10 - input job ring underwent a flush of all on-going
jobs and processing of still-existing jobs (sitting in the ring) has been
halted
-JRINTR[HALT]=2b'01 - input job ring is currently undergoing a flush
-JRINTR[ENTER_FAIL]=1b'1 - SecMon / SNVS transitioned to FAIL MODE
It doesn't matter whether these events would assert the interrupt signal
or not, interrupt is anyhow masked.
2. The case when interrupt is not masked (JRCFGR_LS[IMSK]=1b'0), however
the events accounted for in JRINTR do not generate interrupts, e.g.:
-JRINTR[HALT]=2b'01
-JRINTR[ENTER_FAIL]=1b'1 and JRCFGR_MS[FAIL_MODE]=1b'0
Currently in these cases, when the JR interrupt handler is invoked (as a
consequence of JR sharing the interrupt line with other devices - e.g.
the two JRs on i.MX7ULP) it continues execution instead of returning
IRQ_NONE.
This could lead to situations like interrupt handler clearing JRINTR (and
thus also the JRINTR[HALT] field) while corresponding job ring is
suspended and then that job ring failing on resume path, due to expecting
JRINTR[HALT]=b'10 and reading instead JRINTR[HALT]=b'00.
Fix this by checking status of JRINTR[JRI] in the JR interrupt handler.
If JRINTR[JRI]=1b'0, there was no interrupt generated for this JR and
handler must return IRQ_NONE.
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
Reviewed-by: Gaurav Jain <gaurav.jain@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
In caam_jr_enqueue, under heavy DDR load, smp_wmb() or dma_wmb()
fail to make the input ring be updated before the CAAM starts
reading it. So, CAAM will process, again, an old descriptor address
and will put it in the output ring. This will make caam_jr_dequeue()
to fail, since this old descriptor is not in the software ring.
To fix this, use wmb() which works on the full system instead of
inner/outer shareable domains.
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Signed-off-by: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
Reviewed-by: Gaurav Jain <gaurav.jain@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The newly added PM operations use the deprecated SIMPLE_DEV_PM_OPS() macro,
causing a warning in some configurations:
drivers/crypto/caam/ctrl.c:828:12: error: 'caam_ctrl_resume' defined but not used [-Werror=unused-function]
828 | static int caam_ctrl_resume(struct device *dev)
| ^~~~~~~~~~~~~~~~
drivers/crypto/caam/ctrl.c:818:12: error: 'caam_ctrl_suspend' defined but not used [-Werror=unused-function]
818 | static int caam_ctrl_suspend(struct device *dev)
| ^~~~~~~~~~~~~~~~~
drivers/crypto/caam/jr.c:732:12: error: 'caam_jr_resume' defined but not used [-Werror=unused-function]
732 | static int caam_jr_resume(struct device *dev)
| ^~~~~~~~~~~~~~
drivers/crypto/caam/jr.c:687:12: error: 'caam_jr_suspend' defined but not used [-Werror=unused-function]
687 | static int caam_jr_suspend(struct device *dev)
| ^~~~~~~~~~~~~~~
Use the normal DEFINE_SIMPLE_DEV_PM_OPS() variant now, and use pm_ptr() to
completely eliminate the structure in configs without CONFIG_PM.
Fixes: 322d74752c ("crypto: caam - add power management support")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Add support for suspend and resume operation for PM in CAAM driver.
When the CAAM goes in suspend, the hardware is considered to do nothing.
On some platforms, the power of the CAAM is not turned off so it keeps
its configuration.
On other platforms, it doesn't so it is necessary to save the state of
the CAAM:
- JRs MID
- Address of input and output rings
Signed-off-by: Horia Geanta <horia.geanta@nxp.com>
Signed-off-by: Victoria Milhoan <vicki.milhoan@freescale.com>
Signed-off-by: Dan Douglass <dan.douglass@nxp.com>
Signed-off-by: Vipul Kumar <vipul_kumar@mentor.com>
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Signed-off-by: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
Reviewed-by: Gaurav Jain <gaurav.jain@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The structure partid is not suitable to represent the DECO MID register.
This patch replace partid by masterid which is more appropriate.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
Reviewed-by: Gaurav Jain <gaurav.jain@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
