Signed-off-by: NDevendra Naga <develkernel412222@gmail.com>
Acked-by: NLinus Walleij <linus.walleij@linaro.org>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Support for ESNs (extended sequence numbers).
Tested with strongswan on a P2020RDB back-to-back setup.
Extracted from /etc/ipsec.conf:
esp=aes-sha1-esn-modp4096!
Signed-off-by: NHoria Geanta <horia.geanta@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Generate a link table in case assoc data is a scatterlist.
While at it, add support for handling non-contiguous assoc data and iv.
Signed-off-by: NHoria Geanta <horia.geanta@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

It's more natural to think of these vars as bool rather than int.
Signed-off-by: NHoria Geanta <horia.geanta@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

talitos_edesc_alloc does not need hash_result param.
Checking whether dst scatterlist is NULL or not is all that is required.
Signed-off-by: NHoria Geanta <horia.geanta@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

For IPsec encryption, in the case when:
-the input buffer is fragmented (edesc->src_nents > 0)
-the output buffer is not fragmented (edesc->dst_nents = 0)
the ICV is not output in the link table, but after the encrypted payload.

Copying the ICV must be avoided in this case; consequently the condition
edesc->dma_len > 0 must be more specific, i.e. must depend on the type
of the output buffer - fragmented or not.

Testing was performed by modifying testmgr to support src != dst,
since currently native kernel IPsec does in-place encryption
(src == dst).
Signed-off-by: NHoria Geanta <horia.geanta@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

the entry points and geniv definitions for all aead,
ablkcipher, and hash algorithms are all common; move them to a
single assignment in talitos_alg_alloc().

This assumes it's ok to assign a setkey() on non-hmac algs.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

lighten driver_algs[] by moving them to talitos_alg_alloc().
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Commit bd3c7b5c ("crypto: atmel - add Atmel AES driver") possibly
has a typo error of adding an extra CONFIG_.

CC: Nicolas Royer <nicolas@eukrea.com>
Signed-off-by: NTushar Behera <tushar.behera@linaro.org>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

virt_to_abs() is just a wrapper around __pa(), use __pa() directly.

We should be including <asm/page.h> to get __pa(). abs_addr.h will be
removed shortly so drop that.

We were getting of.h via abs_addr.h so we need to include that directly.

Having done all that, clean up the ordering of the includes.
Signed-off-by: NMichael Ellerman <michael@ellerman.id.au>
Acked-by: NSeth Jennings <sjenning@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds the driver for interacting with the 842
compression accelerator on IBM Power7+ systems.

The device is a child of the Platform Facilities Option (PFO)
and shows up as a child of the IBM VIO bus.

The compression/decompression API takes the same arguments
as existing compression methods like lzo and deflate.  The 842
hardware operates on 4K hardware pages and the driver breaks up
input on 4K boundaries to submit it to the hardware accelerator.
Signed-off-by: NRobert Jennings <rcj@linux.vnet.ibm.com>
Signed-off-by: NSeth Jennings <sjenning@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch creates a new submenu for the NX cryptographic
hardware accelerator and breaks the NX options into their own
Kconfig file under drivers/crypto/nx/Kconfig.

This will permit additional NX functionality to be easily
and more cleanly added in the future without touching
drivers/crypto/Makefile|Kconfig.
Signed-off-by: NSeth Jennings <sjenning@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

SHARE_WAIT, whilst more optimal for association-less crypto,
has the ability to start thrashing the CCB descriptor/key
caches, given high levels of traffic across multiple security
associations (and thus keys).

Switch to using the SERIAL sharing type, which prefers
the last used CCB for the SA.  On a 2-DECO platform
such as the P3041, this can improve performance by
about 3.7%.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

In some device trees of previous version, there were string "fsl,sec4.0".
To be backward compatible with device trees, we first check "fsl,sec-v4.0",
if it fails, then check for "fsl,sec4.0".
Signed-off-by: NShengzhou Liu <Shengzhou.Liu@freescale.com>

extended to include new hash and rng code, which was omitted from
the previous version of this patch during a rebase of the SDK
version.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

commit "crypto: caam - use non-irq versions of spinlocks for job rings"
made two bad assumptions:

(a) The caam_jr_enqueue lock isn't used in softirq context.
Not true: jr_enqueue can be interrupted by an incoming net
interrupt and the received packet may be sent for encryption,
via caam_jr_enqueue in softirq context, thereby inducing a
deadlock.

This is evidenced when running netperf over an IPSec tunnel
between two P4080's, with spinlock debugging turned on:

[  892.092569] BUG: spinlock lockup on CPU#7, netperf/10634, e8bf5f70
[  892.098747] Call Trace:
[  892.101197] [eff9fc10] [c00084c0] show_stack+0x48/0x15c (unreliable)
[  892.107563] [eff9fc50] [c0239c2c] do_raw_spin_lock+0x16c/0x174
[  892.113399] [eff9fc80] [c0596494] _raw_spin_lock+0x3c/0x50
[  892.118889] [eff9fc90] [c0445e74] caam_jr_enqueue+0xf8/0x250
[  892.124550] [eff9fcd0] [c044a644] aead_decrypt+0x6c/0xc8
[  892.129625] BUG: spinlock lockup on CPU#5, swapper/5/0, e8bf5f70
[  892.129629] Call Trace:
[  892.129637] [effa7c10] [c00084c0] show_stack+0x48/0x15c (unreliable)
[  892.129645] [effa7c50] [c0239c2c] do_raw_spin_lock+0x16c/0x174
[  892.129652] [effa7c80] [c0596494] _raw_spin_lock+0x3c/0x50
[  892.129660] [effa7c90] [c0445e74] caam_jr_enqueue+0xf8/0x250
[  892.129666] [effa7cd0] [c044a644] aead_decrypt+0x6c/0xc8
[  892.129674] [effa7d00] [c0509724] esp_input+0x178/0x334
[  892.129681] [effa7d50] [c0519778] xfrm_input+0x77c/0x818
[  892.129688] [effa7da0] [c050e344] xfrm4_rcv_encap+0x20/0x30
[  892.129697] [effa7db0] [c04b90c8] ip_local_deliver+0x190/0x408
[  892.129703] [effa7de0] [c04b966c] ip_rcv+0x32c/0x898
[  892.129709] [effa7e10] [c048b998] __netif_receive_skb+0x27c/0x4e8
[  892.129715] [effa7e80] [c048d744] netif_receive_skb+0x4c/0x13c
[  892.129726] [effa7eb0] [c03c28ac] _dpa_rx+0x1a8/0x354
[  892.129732] [effa7ef0] [c03c2ac4] ingress_rx_default_dqrr+0x6c/0x108
[  892.129742] [effa7f10] [c0467ae0] qman_poll_dqrr+0x170/0x1d4
[  892.129748] [effa7f40] [c03c153c] dpaa_eth_poll+0x20/0x94
[  892.129754] [effa7f60] [c048dbd0] net_rx_action+0x13c/0x1f4
[  892.129763] [effa7fa0] [c003d1b8] __do_softirq+0x108/0x1b0
[  892.129769] [effa7ff0] [c000df58] call_do_softirq+0x14/0x24
[  892.129775] [ebacfe70] [c0004868] do_softirq+0xd8/0x104
[  892.129780] [ebacfe90] [c003d5a4] irq_exit+0xb8/0xd8
[  892.129786] [ebacfea0] [c0004498] do_IRQ+0xa4/0x1b0
[  892.129792] [ebacfed0] [c000fad8] ret_from_except+0x0/0x18
[  892.129798] [ebacff90] [c0009010] cpu_idle+0x94/0xf0
[  892.129804] [ebacffb0] [c059ff88] start_secondary+0x42c/0x430
[  892.129809] [ebacfff0] [c0001e28] __secondary_start+0x30/0x84
[  892.281474]
[  892.282959] [eff9fd00] [c0509724] esp_input+0x178/0x334
[  892.288186] [eff9fd50] [c0519778] xfrm_input+0x77c/0x818
[  892.293499] [eff9fda0] [c050e344] xfrm4_rcv_encap+0x20/0x30
[  892.299074] [eff9fdb0] [c04b90c8] ip_local_deliver+0x190/0x408
[  892.304907] [eff9fde0] [c04b966c] ip_rcv+0x32c/0x898
[  892.309872] [eff9fe10] [c048b998] __netif_receive_skb+0x27c/0x4e8
[  892.315966] [eff9fe80] [c048d744] netif_receive_skb+0x4c/0x13c
[  892.321803] [eff9feb0] [c03c28ac] _dpa_rx+0x1a8/0x354
[  892.326855] [eff9fef0] [c03c2ac4] ingress_rx_default_dqrr+0x6c/0x108
[  892.333212] [eff9ff10] [c0467ae0] qman_poll_dqrr+0x170/0x1d4
[  892.338872] [eff9ff40] [c03c153c] dpaa_eth_poll+0x20/0x94
[  892.344271] [eff9ff60] [c048dbd0] net_rx_action+0x13c/0x1f4
[  892.349846] [eff9ffa0] [c003d1b8] __do_softirq+0x108/0x1b0
[  892.355338] [eff9fff0] [c000df58] call_do_softirq+0x14/0x24
[  892.360910] [e7169950] [c0004868] do_softirq+0xd8/0x104
[  892.366135] [e7169970] [c003d5a4] irq_exit+0xb8/0xd8
[  892.371101] [e7169980] [c0004498] do_IRQ+0xa4/0x1b0
[  892.375979] [e71699b0] [c000fad8] ret_from_except+0x0/0x18
[  892.381466] [e7169a70] [c0445e74] caam_jr_enqueue+0xf8/0x250
[  892.387127] [e7169ab0] [c044ad4c] aead_givencrypt+0x6ac/0xa70
[  892.392873] [e7169b20] [c050a0b8] esp_output+0x2b4/0x570
[  892.398186] [e7169b80] [c0519b9c] xfrm_output_resume+0x248/0x7c0
[  892.404194] [e7169bb0] [c050e89c] xfrm4_output_finish+0x18/0x28
[  892.410113] [e7169bc0] [c050e8f4] xfrm4_output+0x48/0x98
[  892.415427] [e7169bd0] [c04beac0] ip_local_out+0x48/0x98
[  892.420740] [e7169be0] [c04bec7c] ip_queue_xmit+0x16c/0x490
[  892.426314] [e7169c10] [c04d6128] tcp_transmit_skb+0x35c/0x9a4
[  892.432147] [e7169c70] [c04d6f98] tcp_write_xmit+0x200/0xa04
[  892.437808] [e7169cc0] [c04c8ccc] tcp_sendmsg+0x994/0xcec
[  892.443213] [e7169d40] [c04eebfc] inet_sendmsg+0xd0/0x164
[  892.448617] [e7169d70] [c04792f8] sock_sendmsg+0x8c/0xbc
[  892.453931] [e7169e40] [c047aecc] sys_sendto+0xc0/0xfc
[  892.459069] [e7169f10] [c047b934] sys_socketcall+0x110/0x25c
[  892.464729] [e7169f40] [c000f480] ret_from_syscall+0x0/0x3c

(b) since the caam_jr_dequeue lock is only used in bh context,
then semantically it should use _bh spin_lock types.  spin_lock_bh
semantics are to disable back-halves, and used when a lock is shared
between softirq (bh) context and process and/or h/w IRQ context.
Since the lock is only used within softirq context, and this tasklet
is atomic, there is no need to do the additional work to disable
back halves.

This patch adds back-half disabling protection to caam_jr_enqueue
spin_locks to fix (a), and drops it from caam_jr_dequeue to fix (b).
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Initialization of cra_list is currently mixed, most ciphers initialize this
field and most shashes do not. Initialization however is not needed at all
since cra_list is initialized/overwritten in __crypto_register_alg() with
list_add(). Therefore perform cleanup to remove all unneeded initializations
of this field in 'crypto/drivers/'.

Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: linux-geode@lists.infradead.org
Cc: Michal Ludvig <michal@logix.cz>
Cc: Dmitry Kasatkin <dmitry.kasatkin@nokia.com>
Cc: Varun Wadekar <vwadekar@nvidia.com>
Cc: Eric Bénard <eric@eukrea.com>
Signed-off-by: NJussi Kivilinna <jussi.kivilinna@mbnet.fi>
Acked-by: NKent Yoder <key@linux.vnet.ibm.com>
Acked-by: NVladimir Zapolskiy <vladimir_zapolskiy@mentor.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The clk patches added code to get and enable clocks in the
respective driver probe functions.  If the probe function failed
for some reason after enabling the clock, the clock was not
disabled again in many cases.
Signed-off-by: NSimon Baatz <gmbnomis@gmail.com>
Signed-off-by: NAndrew Lumm <andrew@lunn.ch>

With the changes in the random tree, IRQF_SAMPLE_RANDOM is now a
no-op; interrupt randomness is now collected unconditionally in a very
low-overhead fashion; see commit 775f4b29.  The IRQF_SAMPLE_RANDOM
flag was scheduled to be removed in 2009 on the
feature-removal-schedule, so this patch is preparation for the final
removal of this flag.
Signed-off-by: N"Theodore Ts'o" <tytso@mit.edu>
Acked-by: NHerbert Xu <herbert@gondor.apana.org.au>

With this, now all combinations of
CBC: AES, 3DES-EDE
with
HMAC: SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
are supported.
Signed-off-by: NHoria Geanta <horia.geanta@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch exports the talitos_submit function so that on
need basis same can be used by other entities.
Signed-off-by: NSandeep Malik <Sandeep.Malik@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHoria Geanta <horia.geanta@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch moves the talitos structure definitions from c file to its
header file so that the same can be shared on need basis.
Signed-off-by: NSandeep Malik <Sandeep.Malik@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHoria Geanta <horia.geanta@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NNicolas Royer <nicolas@eukrea.com>
Acked-by: NNicolas Ferre <nicolas.ferre@atmel.com>
Acked-by: NEric Bénard <eric@eukrea.com>
Tested-by: NEric Bénard <eric@eukrea.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NNicolas Royer <nicolas@eukrea.com>
Acked-by: NNicolas Ferre <nicolas.ferre@atmel.com>
Acked-by: NEric Bénard <eric@eukrea.com>
Tested-by: NEric Bénard <eric@eukrea.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NNicolas Royer <nicolas@eukrea.com>
Acked-by: NNicolas Ferre <nicolas.ferre@atmel.com>
Acked-by: NEric Bénard <eric@eukrea.com>
Tested-by: NEric Bénard <eric@eukrea.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds support for retrieving and printing of
SEC ERA information. It is useful for knowing beforehand
what features exist from the SEC point of view on a
certain SoC. Only era-s 1 to 4 are currently supported;
other eras will appear as unknown.
Signed-off-by: NAlex Porosanu <alexandru.porosanu@freescale.com>

- rebased onto current cryptodev master
- made caam_eras static
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The caam job rings (input/output job ring) are allocated using
dma_map_single(). These job rings can be visualized as the ring
buffers in which the jobs are en-queued/de-queued. The s/w enqueues
the jobs in input job ring which h/w dequeues and after processing
it copies the jobs in output job ring. Software then de-queues the
job from output ring. Using dma_map/unmap_single() is not preferred
way to allocate memory for this type of requirements because this
adds un-necessary complexity.

Example, if bounce buffer (SWIOTLB) will get used then to make any
change visible in this memory to other processing unit requires
dmap_unmap_single() or dma_sync_single_for_cpu/device(). The
dma_unmap_single() can not be used as this will free the bounce
buffer, this will require changing the job rings on running system
and I seriously doubt that it will be not possible or very complex
to implement. Also using dma_sync_single_for_cpu/device() will also
add unnecessary complexity.

The simple and preferred way is using dma_alloc_coherent() for these
type of memory requirements.

This resolves the Linux boot crash issue when "swiotlb=force" is set
in bootargs on systems which have memory more than 4G.
Signed-off-by: NBharat Bhushan <bharat.bhushan@freescale.com>
Acked-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Make the ux500 crypto driver define its PM callbacks through
struct dev_pm_ops objects rather than by using legacy PM hooks
in struct platform_driver.
Signed-off-by: NRafael J. Wysocki <rjw@sisk.pl>
Acked-by: NLinus Walleij <linus.walleij@linaro.org>

there is no noticeable benefit for multiple cores to process one
job ring's output ring: in fact, we can benefit from cache effects
of having the back-half stay on the core that receives a particular
ring's interrupts, and further relax general contention and the
locking involved with reading outring_used, since tasklets run
atomically.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Memory barriers are implied by the i/o register write implementation
(at least on Power).  So we can remove the redundant wmb() in
caam_jr_enqueue, and, in dequeue(), hoist the h/w done notification
write up to before we need to increment the head of the ring, and
save an smp_mb.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Code was needlessly checking the s/w job ring when there
would be nothing to process if the h/w's output completion
ring were empty anyway.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The enqueue lock isn't used in any interrupt context, and
the dequeue lock isn't used in the h/w interrupt context,
only in bh context.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

It has been observed that in zero-loss benchmarks, when a
slow traffic rate is being tested, the IRQ timer coalescing
parameter was set too high, and the ethernet controller
would start dropping packets because the job ring back half
wouldn't be executed in time before the ethernet controller
would fill its buffers, thereby significantly reducing the
zero-loss performance figures.

Empirical testing has shown that the best zero-loss performance
is achieved when IRQ coalescing is set to minimum values and/or
turned off, since apparently the job ring driver already implements
an adequately-performing general-purpose IRQ mitigation strategy
in software.

Whilst we could go with minimal count (2-8) and timing settings
(192-256), we prefer just turning h/w coalescing altogether off
to minimize setkey latency (due to split key generation), and
for consistent cross-SoC performance (the SEC vs. core clock
ratio changes).
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The SEC v4.x' RNGB h/w block self-initialized.  RNG4, available
on SEC versions 5 and beyond, is based on a different standard
that requires manual initialization.

Also update any new errors From the SEC v5.2 reference manual:
The SEC v5.2's RNG4 unit reuses some error IDs, thus the addition
of rng_err_id_list over the CHA-independent err_id_list.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

SEC v4.x were only 36-bit, SEC v5+ are 40-bit capable.
Also set a DMA mask for any job ring devices created.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

caam_read copies random bytes from two buffers into output.

caam rng can fill empty buffer 0xffff bytes at a time,
but the buffer sizes are rounded down to multiple of cacheline size.
Signed-off-by: NYuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

support chained scatterlists for aead, ablkcipher and ahash.
Signed-off-by: NYuan Kang <Yuan.Kang@freescale.com>

- fix dma unmap leak
- un-unlikely src == dst, due to experience with AF_ALG
Signed-off-by: NKudupudi Ugendreshwar <B38865@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

caam supports and registers unkeyed sha algorithms and md5.
Signed-off-by: NYuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

caam supports ahash hmac with sha algorithms and md5.
Signed-off-by: NYuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

- rename scatterlist and link_tbl functions
- link_tbl changed to sec4_sg
- sg_to_link_tbl_one changed to dma_to_sec4_sg_one,
  since no scatterlist is use
Signed-off-by: NYuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

create separate files for split key generation and scatterlist functions.
Signed-off-by: NYuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>