History log of /drivers/crypto/talitos.c
Revision Date Author Comments
511d63cb19329235bc9298b64010ec494b5e1408 30-Mar-2012 Horia Geanta <horia.geanta@freescale.com> crypto: talitos - properly lock access to global talitos registers

Access to global talitos registers must be protected for the case when
affinities are configured such that primary and secondary talitos irqs
run on different cpus.

Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
d912bb7677f46d78a3cde8a4afd45a3fca4b34e9 01-Nov-2011 Nikos Mavrogiannopoulos <nmav@gnutls.org> crypto: Add CRYPTO_ALG_KERN_DRIVER_ONLY flag

The added CRYPTO_ALG_KERN_DRIVER_ONLY indicates whether a cipher
is only available via a kernel driver. If the cipher implementation
might be available by using an instruction set or by porting the
kernel code, then it must not be set.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5e718a09e5cafc8922f3fe22206423449a2801c9 12-Dec-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - convert talitos_error to struct device

SEC2/3 h/w doesn't have a dedicated interrupt for errors,
and the only callsite for talitos_error has already done
the type conversion, so simplify talitos_error to take a
pointer to a struct device.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2cdba3cf6ffc1fbf880a6fbfa9e7bb757e3d6526 12-Dec-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - remove NO_IRQ references

As prescribed by Linus:

https://lkml.org/lkml/2011/12/2/290

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
0b2730d8d8b38e009607d5a094d48fcce73af547 12-Dec-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - fix bad kfree

Fix a kfree to an invalid address which causes an oops when running
on SEC v2.0 h/w (introduced in commit 702331b "crypto: talitos - add
hmac algorithms").

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
741e8c2d8177eca656bc015ef83ab84d817edf8c 26-Nov-2011 Axel Lin <axel.lin@gmail.com> crypto: convert drivers/crypto/* to use module_platform_driver()

This patch converts the drivers in drivers/crypto/* to use the
module_platform_driver() macro which makes the code smaller and a bit
simpler.

Cc: James Hsiao <jhsiao@amcc.com>
Cc: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Cc: Kim Phillips <kim.phillips@freescale.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Axel Lin <axel.lin@gmail.com>
Acked-by: Vladimir Zapolskiy <vzapolskiy@gmail.com>
Acked-by: Jamie Iles <jamie@jamieiles.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
c3e337f88a5b3784cb3c806ffd650d06adff1ea5 21-Nov-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - support for channel remap and 2nd IRQ

Some later SEC v3.x are equipped with a second IRQ line.
By correctly assigning IRQ affinity, this feature can be
used to increase performance on dual core parts, like the
MPC8572E and P2020E.

The existence of the 2nd IRQ is determined from the device
node's interrupt property. If present, the driver remaps
two of four channels, which in turn makes those channels
trigger their interrupts on the 2nd line instead of the first.
To handle single- and dual-IRQ combinations efficiently,
talitos gets two new interrupt handlers and back-half workers.

[includes a fix to MCR_LO's address.]

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
ad42d5fc85383278663ecb58a24f6547ad0ba735 21-Nov-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - prepare driver for channel remap support

Add a reg member to the channel struct and use it to
access channels.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5b859b6ebb18b37244d44b5300bf765694b7303c 21-Nov-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - be less noisy on startup

talitos prints every algorithm it registers at module load time.
Algorithms are being added that make for an excessively noisy console
(latest HMACs patch makes an SEC 3.1 print 20 lines).
Instead, display the SEC h/w version number, and inform the
user of algorithm registration status in /proc/crypto, like so:

talitos ffe30000.crypto: fsl,sec3.1 algorithms registered in /proc/crypto

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
79b3a418e090248d00ceba40b81da9dfac753367 21-Nov-2011 Lee Nipper <lee.nipper@gmail.com> crypto: talitos - add hmac algorithms

Add these hmac algorithms to talitos:
hmac(md5),
hmac(sha1),
hmac(sha224),
hmac(sha256),
hmac(sha384),
hmac(sha512).
These are all type ahash.

Signed-off-by: Lee Nipper <lee.nipper@gmail.com>

Fixed up to not register HMAC algorithms on sec2.0 devices.
Rationale (from Lee):

on an 8349E Rev1.1, there's a problem with hmac for any talitos
hmac sequence requiring an intermediate hash context (Pointer
DWORD 1); the result is an incorrect hmac. An intermediate hash
context is required for something longer than (65536-blocksize),
and for other cases when update/finup/final are used inefficiently.
Interestingly, a normal hash (without hmac) works perfectly
when using an intermediate context.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
3e721aeb3df3816e283ab18e327cd4652972e213 21-Oct-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - handle descriptor not found in error path

The CDPR (Current Descriptor Pointer Register) can be unreliable
when trying to locate an offending descriptor. Handle that case by
(a) not OOPSing, and (b) reverting to the machine internal copy of
the descriptor header in order to report the correct execution unit
error.

Note: printing all execution units' ISRs is not effective because it
results in an internal time out (ITO) error and the EU resetting its
ISR value (at least when specifying an invalid key length on an SEC
2.2/MPC8313E).

Reported-by: Sven Schnelle <svens@stackframe.org>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
1c2b4abb19285368808f303ad61e17b172f1a108 15-Jul-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - don't bad_key in ablkcipher setkey

crypto/ablkcipher.c's setkey() has already checked against the min, max
key sizes before it calls here, and all max_keysize assignments in the
algorithm template array do not exceed TALITOS_MAX_KEY_SIZE.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
febec54286623a540cbe483a5d471ff6576a6e2e 15-Jul-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - remove unused giv from ablkcipher methods

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
602dba5a81790375f364e484cbc439f17157752e 15-Jul-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - don't set done notification in hot path

IRQ done notification is always set. Remove its explicit
assignment from the hot path by including it in the
descriptor header template assignment in talitos_cra_init.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5228f0f79e983c2b39c202c75af901ceb0003fc1 15-Jul-2011 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - ensure request ordering within a single tfm

Assign single target channel per tfm in talitos_cra_init instead of
performing channel scheduling dynamically during the encryption request.
This changes the talitos_submit interface to accept a new channel
number argument. Without this, rapid bursts of misc. sized requests
could make it possible for IPsec packets to be encrypted out-of-order,
which would result in packet drops due to sequence numbers falling
outside the anti-reply window on a peer gateway.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
1c48a5c93da63132b92c4bbcd18e690c51539df6 17-Feb-2011 Grant Likely <grant.likely@secretlab.ca> dt: Eliminate of_platform_{,un}register_driver

Final step to eliminate of_platform_bus_type. They're all just
platform drivers now.

v2: fix type in pasemi_nand.c (thanks to Stephen Rothwell)

Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
a752447af5b61f19e9c50322d9b07cea9a086084 23-Sep-2010 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - sparse check endian fixes

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
0b798247453299c895e3fa1629101dd5e94901b2 23-Sep-2010 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - fix checkpatch warning

WARNING: kfree(NULL) is safe this check is probably not required
+ if (priv->chan[i].fifo)
+ kfree(priv->chan[i].fifo);

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
1d11911a8c572041880c8d86229f6ed971f6f7e2 23-Sep-2010 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - fix warning: 'alg' may be used uninitialized in this function

drivers/crypto/talitos.c: In function 'talitos_probe':
drivers/crypto/talitos.c:2363: warning: 'alg' may be used uninitialized in this function
drivers/crypto/talitos.c:2363: note: 'alg' was declared here

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2dc11581376829303b98eadb2de253bee065a56a 06-Aug-2010 Grant Likely <grant.likely@secretlab.ca> of/device: Replace struct of_device with struct platform_device

of_device is just an alias for platform_device, so remove it entirely. Also
replace to_of_device() with to_platform_device() and update comment blocks.

This patch was initially generated from the following semantic patch, and then
edited by hand to pick up the bits that coccinelle didn't catch.

@@
@@
-struct of_device
+struct platform_device

Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
Reviewed-by: David S. Miller <davem@davemloft.net>
7260042b2d0397e7a8735ca47cd7839a5bb1210b 19-Jul-2010 Lee Nipper <lee.nipper@gmail.com> crypto: talitos - fix bug in sg_copy_end_to_buffer

In function sg_copy_end_to_buffer, too much data
is copied when a segment in the scatterlist
has .length greater than the requested copy length.

This patch adds the limit checks to fix this bug of over copying,
which affected only the ahash algorithms.

Signed-off-by: Lee Nipper <lee.nipper@gmail.com>
Acked-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
5e833bc4166ea524c00a95e777e4344844ed189f 16-Jun-2010 Lee Nipper <lee.nipper@gmail.com> crypto: talitos - fix ahash for multiple of blocksize

Correct ahash_process_req() to properly handle cases
where the total hash amount is a multiple of the blocksize.
The SEC must have some data to hash during the very last
descriptor operation; so up to one whole blocksize
of data is buffered until the final hash.

Signed-off-by: Lee Nipper <lee.nipper@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4018294b53d1dae026880e45f174c1cc63b5d435 14-Apr-2010 Grant Likely <grant.likely@secretlab.ca> of: Remove duplicate fields from of_platform_driver

.name, .match_table and .owner are duplicated in both of_platform_driver
and device_driver. This patch is a removes the extra copies from struct
of_platform_driver and converts all users to the device_driver members.

This patch is a pretty mechanical change. The usage model doesn't change
and if any drivers have been missed, or if anything has been fixed up
incorrectly, then it will fail with a compile time error, and the fixup
will be trivial. This patch looks big and scary because it touches so
many files, but it should be pretty safe.

Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
Acked-by: Sean MacLennan <smaclennan@pikatech.com>
60f208d7836216885cdcd6f77a02f31dbc66f169 19-May-2010 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - add support for sha224

SEC h/w versions 2.1 and above support sha224 via explicit instruction.

Performing sha224 ahashes on earlier versions is still possible because
they support sha256 (sha224 is sha256 with different initial constants
and a different truncation length). We do this by overriding hardware
context self-initialization, and perform it manually in s/w instead.

Thanks to Lee for his fixes for correct execution on actual sec2.0 h/w.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off by: Lee Nipper <lee.nipper@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
497f2e6b8b21407625a4fb34bc04b50eff098085 19-May-2010 Lee Nipper <lee.nipper@gmail.com> crypto: talitos - add hash algorithms

Add the following alorithms to talitos:
md5,
sha1,
sha256,
sha384,
sha512.
These are all type ahash.

Signed-off-by: Lee Nipper <lee.nipper@gmail.com>
Acked-By: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
acbf7c627fb59dfea975f7aafeaba97921085061 19-May-2010 Lee Nipper <lee.nipper@gmail.com> crypto: talitos - second prepare step for adding ahash algorithms

Used talitos_alg_template in talitos_crypto_alg
so that it will accommodate ahash algorithms.
Added some preparation code for ahash allocation and removal.
No actual algorithms yet.

Signed-off-by: Lee Nipper <lee.nipper@gmail.com>
Acked-By: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
d5e4aaefd99797929e4455db48d8f9a8728f05f4 19-May-2010 Lee Nipper <lee.nipper@gmail.com> crypto: talitos - prepare for adding ahash algorithms

No functional changes.
Use a union in talitos_alg_template for the crypto_alg
so that we can add a member later for ahash_alg.

Signed-off-by: Lee Nipper <lee.nipper@gmail.com>
Acked-By: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
61c7a080a5a061c976988fd4b844dfb468dda255 14-Apr-2010 Grant Likely <grant.likely@secretlab.ca> of: Always use 'struct device.of_node' to get device node pointer.

The following structure elements duplicate the information in
'struct device.of_node' and so are being eliminated. This patch
makes all readers of these elements use device.of_node instead.

(struct of_device *)->node
(struct dev_archdata *)->prom_node (sparc)
(struct dev_archdata *)->of_node (powerpc & microblaze)

Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
5a0e3ad6af8660be21ca98a971cd00f331318c05 24-Mar-2010 Tejun Heo <tj@kernel.org> include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h

percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.

percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.

http://userweb.kernel.org/~tj/misc/slabh-sweep.py

The script does the followings.

* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.

* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.

* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.

The conversion was done in the following steps.

1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.

2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.

3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.

4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.

5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.

6. percpu.h was updated not to include slab.h.

7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).

* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig

8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.

Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.

Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
6c3f975a4cafaf4dcc9795385da6d42caa37ddeb 17-Jan-2010 Márton Németh <nm127@freemail.hu> crypto: Make Open Firmware device id constant

From: Márton Németh <nm127@freemail.hu>

The match_table field of the struct of_device_id is constant in <linux/of_platform.h>
so it is worth to make the initialization data also constant.

The semantic match that finds this kind of pattern is as follows:
(http://coccinelle.lip6.fr/)

// <smpl>
@r@
disable decl_init,const_decl_init;
identifier I1, I2, x;
@@
struct I1 {
...
const struct I2 *x;
...
};
@s@
identifier r.I1, y;
identifier r.x, E;
@@
struct I1 y = {
.x = E,
};
@c@
identifier r.I2;
identifier s.E;
@@
const struct I2 E[] = ... ;
@depends on !c@
identifier r.I2;
identifier s.E;
@@
+ const
struct I2 E[] = ...;
// </smpl>

Signed-off-by: Márton Németh <nm127@freemail.hu>
Cc: Julia Lawall <julia@diku.dk>
Cc: cocci@diku.dk
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
81eb024c7e63f53b871797f6e2defccfd008dcd4 13-Aug-2009 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - add support for 36 bit addressing

Enabling extended addressing in the h/w requires we always assign the
extended address component (eptr) of the talitos h/w pointer. This is
for e500 based platforms with large memories.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4b992628812137e30cda3510510cf3c052345b30 13-Aug-2009 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - align locks on cache lines

align channel access locks onto separate cache lines (for performance
reasons). This is done by placing per-channel variables into their own
private struct, and using the cacheline_aligned attribute within that
struct.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
e41256f139b9148cfa12d2d057fec39e3d181ff0 13-Aug-2009 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - simplify hmac data size calculation

don't do request->src vs. assoc pointer math - it's the same as adding
assoclen and ivsize (just with more effort).

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
962a9c99496f98041d14d64a9fdcf58050fefb4d 29-Mar-2009 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - Avoid unnecessary decrypt check

the ICV check bit only gets set in decrypt entry points

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
19bbbc635523703ece28409e59694d5b512b819e 29-Mar-2009 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - containerof related codingstyle

no functional changes.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
e938e4656b3ee32e046ee8293411a07be9d72eb8 29-Mar-2009 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - Whitespace/codingstyle/overrun lines cleanup

no functional changes.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4de9d0b547b97e40c93a885ac6246c2c5fef05cb 29-Mar-2009 Lee Nipper <lee.nipper@gmail.com> crypto: talitos - Add ablkcipher algorithms

Add these ablkcipher algorithms:
cbc(aes),
cbc(des3_ede).

Added handling of chained scatterlists with zero length entry
because eseqiv uses it.
Added new map and unmap routines.

Signed-off-by: Lee Nipper <lee.nipper@gmail.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
56af8cd44b05bd9649103b76a6e1e575682990e4 29-Mar-2009 Lee Nipper <lee.nipper@gmail.com> crypto: talitos - scaffolding for new algorithm types

This patch is preparation for adding new algorithm types.

Some elements which are AEAD specific were renamed.
The algorithm template structure was changed to
use crypto_alg, and talitos_alg_alloc was made
more general with respect to algorithm types.
ipsec_esp_edesc is renamed to talitos_edesc
to use it in the upcoming ablkcipher routines.

Signed-off-by: Lee Nipper <lee.nipper@gmail.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
ca38a814c6f86db0aa58884a31093d4f096e20aa 20-Dec-2008 Lee Nipper <lee.nipper@freescale.com> crypto: talitos - Ack done interrupt in isr instead of tasklet

Previous commit for interrupt mitigation moved the done interrupt
acknowlegement from the isr to the talitos_done tasklet.
This patch moves the done interrupt acknowledgement back
into the isr so that done interrupts will always be acknowledged.
This covers the case for acknowledging interrupts for channel done processing
that has actually already been completed by the tasklet prior to fielding
a pending interrupt.

Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4b24ea971a93f5d0bec34bf7bfd0939f70cfaae6 20-Oct-2008 Vishnu Suresh <Vishnu@freescale.com> crypto: talitos - Preempt overflow interrupts off-by-one fix

In commit ec6644d6325b5a38525f1d5b20fd4bf7db05cf2a "crypto: talitos - Preempt
overflow interrupts", the test in atomic_inc_not_zero was interpreted by the
author to be applied after the increment operation (not before). This off-by-one
fix prevents overflow error interrupts from occurring when requests are frequent
and large enough to do so.

Signed-off-by: Vishnu Suresh <Vishnu@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
fe5720e2b7c1e8ff95d4bf18329517cf64ad1d70 12-Oct-2008 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - Perform auth check in h/w if on sec 2.1 and above

SEC version 2.1 and above adds the capability to do the IPSec ICV
memcmp in h/w. Results of the cmp are written back in the descriptor
header, along with the done status. A new callback is added that
checks these ICCR bits instead of performing the memcmp on the core,
and is enabled by h/w capability.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>

After testing on different parts, another condition was added
before using h/w auth check because different
SEC revisions require different handling.

The SEC 3.0 allows a more flexible link table where
the auth data can span separate link table entries.
The SEC 2.4/2.1 does not support this case.
So a test was added in the decrypt routine
for a fragmented case; the h/w auth check is disallowed for
revisions not having the extent in the link table;
in this case the hw auth check is done by software.

A portion of a previous change for SEC 3.0 link table handling
was removed since it became dead code with the hw auth check supported.

This seems to be the best compromise for using hw auth check
on supporting SEC revisions; it keeps the link table logic
simpler for the fragmented cases.

Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
1c2e8811eea5f0c5da3213ea206c2864fa4614fd 12-Oct-2008 Lee Nipper <lee.nipper@freescale.com> crypto: talitos - Implement done interrupt mitigation

In talitos_interrupt, upon one done interrupt, mask further done interrupts,
and ack only any error interrupt.
In talitos_done, unmask done interrupts after completing processing.
In flush_channel, ack each done channel processed.
Keep done overflow interrupts masked because even though each pkt
is ack'ed, a few done overflows still occur.

Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
40405f10b853ef404b395c6febca71b0de185490 12-Oct-2008 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - Pass correct interrupt status to error handler

Since we ack early, the re-read interrupt status in talitos_error
may be already updated with a new value. Pass the error ISR value
directly in order to report and handle the error based on the correct
error status.

Also remove unused error tasklet.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
596f1034190565529e507e1eb8df6def1c9f5560 22-Nov-2008 Al Viro <viro@ftp.linux.org.uk> fix talitos

talitos_remove() can be called from talitos_probe() on failure
exit path, so it can't be __devexit.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
ba95487df97f9c45cfdae2a47de56235e7a13dc5 14-Sep-2008 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - Avoid consecutive packets going out with same IV

The SEC's h/w IV out implementation DMAs the trailing encrypted payload
block of the last encryption to ctx->iv. Since the last encryption may
still be pending completion, we can sufficiently prevent successive
packets from being transmitted with the same IV by xoring with sequence
number.

Also initialize alg_list earlier to prevent oopsing on a failed probe.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
f3c85bc1bc72b4cc8d58664a490a9d42bdb6565a 30-Jul-2008 Lee Nipper <lee.nipper@freescale.com> crypto: talitos - Add handling for SEC 3.x treatment of link table

Later SEC revision requires the link table (used for scatter/gather)
to have an extra entry to account for the total length in descriptor [4],
which contains cipher Input and ICV.
This only applies to decrypt, not encrypt.
Without this change, on 837x, a gather return/length error results
when a decryption uses a link table to gather the fragments.
This is observed by doing a ping with size of 1447 or larger with AES,
or a ping with size 1455 or larger with 3des.

So, add check for SEC compatible "fsl,3.0" for using extra link table entry.

Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
c0e741d47859fcabb84a37589a4f49801ca8590a 17-Jul-2008 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - sparse fix

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
fa86a26795b850cdf4e557898457a63e241c1aa1 17-Jul-2008 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - Stop leaking memory in error path

free edescriptor when returning error (such as -EAGAIN).

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Acked-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
586725f8604ef16ebbfdd66e73036e162ae00135 17-Jul-2008 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - Fix GFP flag usage

use GFP_ATOMIC when necessary; use atomic_t when allocating submit_count.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Acked-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
ec6644d6325b5a38525f1d5b20fd4bf7db05cf2a 17-Jul-2008 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - Preempt overflow interrupts

add requests pending/submit count to prevent request queue full
condition by preempting h/w overflow interrupts in software.
We do this due to the delay in the delivery and handling of the
channel overflow error interrupt.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Acked-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
695ad589698571046d42a4450c2d801486905535 17-Jul-2008 Lee Nipper <lee.nipper@freescale.com> crypto: talitos - Correct dst != src case handling

Seems that dst == src, but this fixes the logic in case it's not.

Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
4aaf087846f9a1f1ec272393f5cd78f713e24f37 17-Jul-2008 Lee Nipper <lee.nipper@freescale.com> crypto: talitos - Remove calls to of_node_put

Remove of_node_put calls since there is no corresponding of_node_get.
This patch prevents an exception when talitos is loaded a 2nd time.
This sequence: modprobe talitos; rmmod talitos; modprobe talitos
causes this message: "WARNING: Bad of_node_put() on /soc8349@e0000000/crypto@30000".

Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
3952f17ed63434cc2154c3765ff97e1d4adab042 10-Jul-2008 Lee Nipper <lee.nipper@freescale.com> crypto: talitos - Add support for sha256 and md5 variants

This patch adds support for:
authenc(hmac(sha256),cbc(aes)),
authenc(hmac(sha256),cbc(des3_ede)),
authenc(hmac(md5),cbc(aes)),
authenc(hmac(md5),cbc(des3_ede)).
Some constant usage was changed to use aes, des, and sha include files.

Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
ebbcf3369224ae7d23bfee06d8c5ea87a9541db5 03-Jul-2008 Herbert Xu <herbert@gondor.apana.org.au> crypto: talitos - Use proper form for algorithm driver names

The name authenc(hmac(sha1-talitos),cbc(aes-talitos)) is potentially
ambiguous since it could also mean using the generic authenc template
on hmac(sha1-talitos) and cbc(aes-talitos). In general, parentheses
should be reserved for templates that spawn algorithms.

This patches changes it to the form authenc-hmac-sha1-cbc-aes-talitos.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
70bcaca75389a6c011ddc866eb1743b070a838b0 03-Jul-2008 Lee Nipper <lee.nipper@freescale.com> crypto: talitos - Add support for 3des

This patch adds support for authenc(hmac(sha1),cbc(des3_ede))
to the talitos crypto driver for the Freescale Security Engine.
Some adjustments were made to the scatterlist to link table conversion
to make 3des work for ping -s 1439..1446.

Signed-off-by: Lee Nipper <lee.nipper@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9c4a79653b35efc9d6790c295e22f79f4b361125 23-Jun-2008 Kim Phillips <kim.phillips@freescale.com> crypto: talitos - Freescale integrated security engine (SEC) driver

Add support for the SEC available on a wide range of PowerQUICC devices,
e.g. MPC8349E, MPC8548E.

This initial version supports authenc(hmac(sha1),cbc(aes)) for use with IPsec.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>