hifn_795x works only on 32 bit, remove the detection while loading
the module and catch non-32 bit systems at build time.
Signed-off-by: NRichard Weinberger <richard@nod.at>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The picoxcell crypto driver requires the clk API, but the platform in
mainline does not currently support it.  Add an explicit dependency on
HAVE_CLK to avoid build breakage.
Signed-off-by: NJamie Iles <jamie@jamieiles.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Fix a get/put_cpu() imbalance in the error case when qp == NULL
Signed-off-by: NThomas Meyer <thomas@m3y3r.de>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The completion callback will free the request so we must remove it from
the completion list before calling the callback.

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NJamie Iles <jamie@jamieiles.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Allow the crypto engines to be matched from device tree bindings.

Cc: devicetree-discuss@lists.ozlabs.org
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NJamie Iles <jamie@jamieiles.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

For using the device tree probing we use a connection ID for the
clk_get() operation.

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NJamie Iles <jamie@jamieiles.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Use a platform ID table and a single platform_driver.  It's neater and
makes the device tree addition easier and more consistent.  Rename the
match values to be inline with what they'll be in the device tree
bindings.  There aren't any current in-tree users of the existing device
names.

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NJamie Iles <jamie@jamieiles.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

When loading aes via the module alias, a padlock module failing to
load due to missing hardware is not particularly notable.  With
v2.6.27-rc1~1107^2~14 (crypto: padlock - Make module loading quieter
when hardware isn't available, 2008-07-03), the padlock-aes module
suppresses the relevant messages when the "quiet" flag is in use; but
better to suppress this particular message completely, since the
administrator can already distinguish such errors by the absence of a
message indicating initialization failing or succeeding.

This avoids occasional messages in syslog of the form

	padlock_aes: VIA PadLock not detected.
Signed-off-by: NJonathan Nieder <jrnieder@gmail.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

A small modification was necessary since in the machine description
for 'n2cp' and 'ncp' nodes, there no longer is an 'intr' property.

That's OK because this property was always nothing more than an
array of integers '1' ... 'nr_inos + 1' so we can just compute it
in-place.
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

it will be replaced with S_IFREG anyway
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

caam now supports encrypt and decrypt
for aes, des and 3des
Signed-off-by: NYuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Job descriptors only contain header and seq pointers.

Other commands are stored in separate shared descriptors
for encrypt, decrypt and givencrypt, stored as arrays
in caam_ctx.

This requires additional macros to create math commands
to calculate assoclen and cryptlen.
Signed-off-by: NYuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

caam_ctx.key_phys to key_dma

caam_alg_template supports multiple algorithm types
listed in union, which requires cases for
different types in function caam_alg_alloc
Signed-off-by: NYuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

"aead_authenc" and "ipsec_esp" changed to "aead,"
except for function "ipsec_esp," which is changed
to "init_aead_job."

Variable name of aead_request structures changed
to "req" and name of aead_givcrypt_request structure
changed to "areq"
Signed-off-by: NYuan Kang <Yuan.Kang@freescale.com>
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

crypto/ablkcipher.c's setkey() has already checked against the min, max
key sizes before it calls here, and all max_keysize assignments in the
algorithm template array do not exceed TALITOS_MAX_KEY_SIZE.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

IRQ done notification is always set.  Remove its explicit
assignment from the hot path by including it in the
descriptor header template assignment in talitos_cra_init.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Assign single target channel per tfm in talitos_cra_init instead of
performing channel scheduling dynamically during the encryption request.
This changes the talitos_submit interface to accept a new channel
number argument.  Without this, rapid bursts of misc. sized requests
could make it possible for IPsec packets to be encrypted out-of-order,
which would result in packet drops due to sequence numbers falling
outside the anti-reply window on a peer gateway.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The Security function on the AMCC SoCs has multiple engines within a
single MMIO range.  The crypto driver currently enables the 3DES
functionality by doing a blind write to the device control register.
This can unintentionally disable other functions like the PKA or TRNG
when the driver is loaded.

Perform a read/modify/write to enable the 3DES function instead.
Signed-off-by: NJosh Boyer <jwboyer@linux.vnet.ibm.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

drivers/crypto/caam/ctrl.c: In function 'caam_probe':
drivers/crypto/caam/ctrl.c:55:23: warning: unused variable 'perfmon'
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

It could be a situation, that tasklet is executed twice because of
certain delay between dma callback and irq handler execution.
In that case, second tasklet execution could actually corrupt the data
of the new started dma transactions.

This patch improves tasklet logic and prevents above described cases.
Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Calling omap_sham_handle_queue from "done" tasklet should be done
after irq scheduled tasklet completes.
Having additional tasklet does not solve that issue because it might
be execute before.
So queue handling tasklet has been removed and functionality integrated
into single tasklet.
Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Couple of context flags have been moved to device flags.
IRQ and tasklet handlers does not need to access request
context anymore.
Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Some flags are changed in interrupt handlers and verified in the tasklet.
There might be a race condition when tasklet is interrupted or another
cpu/core will run IRQ handler and tasklet in parallel.
Atomic bitops functions are now used instead of bitmask operations.
Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Flags mask cannot be used with atomic bit operations.
This patch changes masks to bit numbers.
Atomic bit operations will be used by following patches.
Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Request pointer is already available in the function.
Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

setkey allocates 16 bytes (CAAM_CMD_SZ *
DESC_AEAD_SHARED_TEXT_LEN) shy of what is needed to
store the shared descriptor, resulting in memory
corruption.  Fix this.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

The registration of an ap device will be skipped, if the device type
probing fails.
Add names of current crypto adapters to the Kconfig help.
Signed-off-by: NHolger Dengler <hd@linux.vnet.ibm.com>
Signed-off-by: NMartin Schwidefsky <schwidefsky@de.ibm.com>

In doing so, sha512 sized keys would not fit with the current
descriptor inlining mechanism, so we now calculate whether keys
should be referenced instead by pointers in the shared descriptor.

also, use symbols for descriptor text lengths, and, ahem, unmap and
free key i/o memory in cra_exit.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Key sharing is enabled by default in the shared descriptor.

Using CBC decrypt, AES has to alter the key in order to decrypt.
During high traffic decryption rates, i.e, when sharing starts to
take place, we need to use a different OPERATION option to tell AES
that the key was already altered by the PRIOR descriptor - we need
the following kind of logic:

if ( shared )
    operation where AES uses decryption key (DK=1)
else
    operation where AES uses encryption key (DK=0)

this patch implements this logic using a conditional and
a non-conditional local jump within the decryption job
descriptor.
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

this fixes a build error since cryptodev-2.6 got rebased
to include commit d714d197
"dt: eliminate of_platform_driver shim code".
Signed-off-by: NKim Phillips <kim.phillips@freescale.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This also makes the dummy scatterlist in mv_hash_final() needless, so
drop it.

XXX: should this routine be made pulicly available? There are probably
other users with their own implementations.
Signed-off-by: NPhil Sutter <phil.sutter@viprinet.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Signed-off-by: NPhil Sutter <phil.sutter@viprinet.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

On one hand, the digest state registers need to be set only when
actually using the crypto engine. On the other hand, there is a check
for ctx->first_hash in mv_process_hash_current() already, so use that.
Signed-off-by: NPhil Sutter <phil.sutter@viprinet.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>