This patch adds System z hardware acceleration support for the AES XTS mode.
The hardware support is available beginning with System z196.
Signed-off-by: NJan Glauber <jang@linux.vnet.ibm.com>
Signed-off-by: NGerald Schaefer <gerald.schaefer@de.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This change adds support for AES encrypting and decrypting using
advanced crypto engine found on Samsung S5PV210 and S5PC110 SoCs.
Signed-off-by: NVladimir Zapolskiy <vzapolskiy@gmail.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The SEC4 supercedes the SEC2.x/3.x as Freescale's
Integrated Security Engine.  Its programming model is
incompatible with all prior versions of the SEC (talitos).

The SEC4 is also known as the Cryptographic Accelerator
and Assurance Module (CAAM); this driver is named caam.

This initial submission does not include support for Data Path
mode operation - AEAD descriptors are submitted via the job
ring interface, while the Queue Interface (QI) is enabled
for use by others.  Only AEAD algorithms are implemented
at this time, for use with IPsec.

Many thanks to the Freescale STC team for their contributions
to this driver.
Signed-off-by: NSteve Cornelius <sec@pobox.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Picochip picoXcell devices have two crypto engines, one targeted
at IPSEC offload and the other at WCDMA layer 2 ciphering.
Signed-off-by: NJamie Iles <jamie@jamieiles.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Reported-by: NDennis Gilmore <dennis@ausil.us>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

warning: (ZCRYPT && CRYPTO && CRYPTO_HW && S390 && ZCRYPT=y) selects
ZCRYPT_MONOLITHIC which has unmet direct dependencies (ZCRYPT=m)

ZCRYPT_MONOLITHIC should not depend on ZCRYPT="m" when it gets
selected if ZCRYPT="y".
Signed-off-by: NHeiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: NMartin Schwidefsky <schwidefsky@de.ibm.com>

Current deficiencies:

1) No HMAC hash support yet.

2) Although the algs are registered as ASYNC they always run
   synchronously.
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Earlier kernel contained omap sha1 and md5 driver, which was not maintained,
was not ported to new crypto APIs and removed from the source tree.

- implements async  crypto API using dma and cpu.
- supports multiple sham instances if available
- hmac
- concurrent requests
Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This adds support for Marvell's Cryptographic Engines and Security
Accelerator (CESA) which can be found on a few SoC.
Tested with dm-crypt.
Acked-by: NNicolas Pitre <nico@marvell.com>
Signed-off-by: NSebastian Andrzej Siewior <sebastian@breakpoint.cc>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch converts the padlock-sha implementation to shash.
In doing so the existing mechanism of storing the data until
final is no longer viable as we do not have a way of allocating
data in crypto_shash_init and then reliably freeing it.

This is just as well because a better way of handling the problem
is to hash everything but the last chunk using normal sha code
and then provide the intermediate result to the padlock device.

This is good enough because the primary application of padlock-sha
is IPsec and there the data is laid out in the form of an hmac
header followed by the rest of the packet.  In essence we can
provide all the data to the padlock as the hmac header only needs
to be hashed once.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

.ko is normally not included in Kconfig help, make it consistent.
Signed-off-by: NPavel Machek <pavel@ucw.cz>
Signed-off-by: NJiri Kosina <jkosina@suse.cz>

When we added 64-bit support to padlock the dependency on x86
was lost.  This causes build failures on non-x86 architectures.
Reported-by: NStephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Almost everything stays the same, we need just to use the extended registers
on the bit variant.
Signed-off-by: NSebastian Andrzej Siewior <sebastian@breakpoint.cc>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds support for AMCC ppc4xx security device driver. This is the
initial release that includes the driver framework with AES and SHA1 algorithms
support.

The remaining algorithms will be released in the near future.
Signed-off-by: NJames Hsiao <jhsiao@amcc.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch converts the S390 sha algorithms to the new shash interface.

With fixes by Jan Glauber.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Without CRYPTO_AUTHENC the driver fails to build:
drivers/built-in.o: In function `ixp_module_init':
ixp4xx_crypto.c:(.init.text+0x3250): undefined reference to `crypto_aead_type'
Signed-off-by: NImre Kaloz <kaloz@openwrt.org>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Add support for the hardware crypto engine provided by the NPE C
of the Intel IXP4xx networking processor series.

Supported ciphers: des, des3, aes
and a combination of them with md5 and sha1 hmac
Signed-off-by: NChristian Hohnstaedt <chohnstaedt@innominate.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Add support for the SEC available on a wide range of PowerQUICC devices,
e.g. MPC8349E, MPC8548E.

This initial version supports authenc(hmac(sha1),cbc(aes)) for use with IPsec.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The Padlock AES setkey routine is the same as exported by the generic
implementation. So we could use it.
Signed-off-by: NSebastian Siewior <sebastian@breakpoint.cc>
Cc: Michal Ludvig <michal@logix.cz>
Tested-by: NStefan Hellermann <stefan@the2masters.de>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Exploit the System z10 hardware acceleration for SHA384.
Signed-off-by: NJan Glauber <jang@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Exploit the System z10 hardware acceleration for SHA512.
Signed-off-by: NJan Glauber <jang@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch allows user space applications to access large amounts of
truly random data. The random data source is the build-in hardware
random number generator on the CEX2C cards.
Signed-off-by: NRalph Wuerthner <rwuerthn@de.ibm.com>
Signed-off-by: NMartin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: NHeiko Carstens <heiko.carstens@de.ibm.com>

Move s390 crypto Kconfig options to drivers/crypto/Kconfig to have all
hardware crypto devices in one place.

This also makes messing up the kernel source tree easier for some people.
Signed-off-by: NJan Glauber <jan.glauber@de.ibm.com>
Signed-off-by: NMartin Schwidefsky <schwidefsky@de.ibm.com>

Currently it is possible to select HW_RANDOM as a module and have
hifn795x built-in.  This causes a build problem because hifn795x
will then call hwrng_register which isn't built-in.

This patch introduces a new config option to control the hifn795x
RNG which lets us avoid this problem.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

With the impending addition of the givcipher type, both blkcipher and
ablkcipher algorithms will use it to create givcipher objects.  As such
it no longer makes sense to split the system between ablkcipher and
blkcipher.  In particular, both ablkcipher.c and blkcipher.c would need
to use the givcipher type which has to reside in ablkcipher.c since it
shares much code with it.

This patch merges the two Kconfig options as well as the modules into one.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The HIFN driver is currently selectable on s390 but wont compile.
Since it looks like HIFN needs PCI make the Kconfig dependent on PCI,
which is not available on s390.
Signed-off-by: NJan Glauber <jang@linux.vnet.ibm.com>
Acked-by: NEvgeniy Polyakov <johnpol@2ka.mipt.ru>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

HIFN driver update to use DES weak key checks (exported in this patch).
Signed-off-by: NEvgeniy Polyakov <johnpol@2ka.mipt.ru>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This is a driver for HIFN 795x crypto accelerator chips.

It passed all tests for AES, DES and DES3_EDE except weak test for DES,
since hardware can not determine weak keys.
Signed-off-by: NEvgeniy Polyakov <johnpol@2ka.mipt.ru>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The previous commit ("uml: keep UML Kconfig in sync with x86") is not
enough, unfortunately.  If we go that way, we need to add dependencies
on !UML for several options.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
Signed-off-by: NJeff Dike <jdike@linux.intel.com>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

Hardware drivers shouldn't default to m.
Signed-off-by: NAdrian Bunk <bunk@stusta.de>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NJan Engelhardt <jengelh@gmx.de>
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> (edited MACINTOSH_DRIVERS per Geert Uytterhoeven's remark)
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

Use menuconfigs instead of menus, so the whole menu can be disabled at once
instead of going through all options.
Signed-off-by: NJan Engelhardt <jengelh@gmx.de>
Cc: Michael Buesch <mb@bu3sch.de>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

Turning it into a boolean was unnecessary and caused ALGAPI to be
pinned down as a boolean to.  This patch makes it a tristate again.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Disband drivers/s390/Kconfig, use the common Kconfig files. The s390
specific config options from drivers/s390/Kconfig are moved to the
respective common Kconfig files.
Signed-off-by: NMartin Schwidefsky <schwidefsky@de.ibm.com>

Fix several typos in help text in Kconfig* files.
Signed-off-by: NDavid Sterba <dave@jikos.cz>
Signed-off-by: NAdrian Bunk <bunk@stusta.de>

When this is compiled in it is run too early to do anything useful:
[    6.052000] padlock: No VIA PadLock drivers have been loaded.
[    6.052000] padlock: Using VIA PadLock ACE for AES algorithm.
[    6.052000] padlock: Using VIA PadLock ACE for SHA1/SHA256 algorithms.

When it's a module it isn't doing anything special, the same functionality 
can be provided in userspace by "probeall padlock padlock-aes padlock-sha" 
in modules.conf if it is required.
Signed-off-by: NSimon Arlott <simon@fire.lp0.eu>
Cc: Michal Ludvig <michal@logix.cz>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Starting with the z9 the CPU Cryptographic Assist Facility comes with
an integrated Pseudo Random Number Generator. The generator creates
random numbers by an algorithm similar to the ANSI X9.17 standard.
The pseudo-random numbers can be accessed via a character device driver
node called /dev/prandom. Similar to /dev/urandom any amount of bytes
can be read from the device without blocking.
Signed-off-by: NJan Glauber <jan.glauber@de.ibm.com>
Signed-off-by: NMartin Schwidefsky <schwidefsky@de.ibm.com>

This driver seems to be for a PCI device.

drivers/crypto/geode-aes.c:384: warning: implicit declaration of function 'pci_release_regions'
drivers/crypto/geode-aes.c:397: warning: implicit declaration of function 'pci_request_regions'
Signed-off-by: NRandy Dunlap <randy.dunlap@oracle.com>
Acked-by: NJordan Crouse <jordan.crouse@amd.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

Add a driver to support the AES hardware on the Geode LX processor.
Signed-off-by: NJordan Crouse <jordan.crouse@amd.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>